2018-01-08 00:55:52 +01:00
|
|
|
// Copyright (c) 2017-2018, The Monero Project
|
2017-02-27 19:33:16 +01:00
|
|
|
//
|
|
|
|
|
// All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// Redistribution and use in source and binary forms, with or without modification, are
|
|
|
|
|
// permitted provided that the following conditions are met:
|
|
|
|
|
//
|
|
|
|
|
// 1. Redistributions of source code must retain the above copyright notice, this list of
|
|
|
|
|
// conditions and the following disclaimer.
|
|
|
|
|
//
|
|
|
|
|
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
|
|
|
|
|
// of conditions and the following disclaimer in the documentation and/or other
|
|
|
|
|
// materials provided with the distribution.
|
|
|
|
|
//
|
|
|
|
|
// 3. Neither the name of the copyright holder nor the names of its contributors may be
|
|
|
|
|
// used to endorse or promote products derived from this software without specific
|
|
|
|
|
// prior written permission.
|
|
|
|
|
//
|
|
|
|
|
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
|
|
|
|
|
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
|
|
|
|
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
|
|
|
|
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
|
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
|
|
|
|
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
|
|
|
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
|
|
|
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
|
|
|
|
|
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
|
|
|
|
|
#include <cstdint>
|
|
|
|
|
#include <gtest/gtest.h>
|
|
|
|
|
#include <memory>
|
|
|
|
|
#include <sstream>
|
|
|
|
|
#include <string>
|
|
|
|
|
|
Overhaul and fix crypto::{public_key,ec_point,etc.} types
- Remove implicit `operator bool` from ec_point/public_key/etc. which
was causing all sorts of implicit conversion mess and bugs.
- Change ec_point/public_key/etc. to use a `std::array<unsigned char,
32>` (via a base type) rather than a C-array of char that has to be
reinterpret_cast<>'ed all over the place.
- Add methods to ec_point/public_key/etc. that make it work more like a
container of bytes (`.data()`, `.size()`, `operator[]`, `begin()`,
`end()`).
- Make a generic `crypto::null<T>` that is a constexpr all-0 `T`, rather
than the mishmash `crypto::null_hash`, crypto::null_pkey,
crypto::hash::null(), and so on.
- Replace three metric tons of `crypto::hash blahblah =
crypto::null_hash;` with the much simpler `crypto::hash blahblah{};`,
because there's no need to make a copy of a null hash in all these
cases. (Likewise for a few other null_whatevers).
- Remove a whole bunch of `if (blahblah == crypto::null_hash)` and `if
(blahblah != crypto::null_hash)` with the more concise `if
(!blahblah)` and `if (blahblah)` (which are fine via the newly
*explicit* bool conversion operators).
- `crypto::signature` becomes a 64-byte container (as above) but with
`c()` and `r()` to get the c() and r() data pointers. (Previously
`.c` and `.r` were `ec_scalar`s).
- Delete with great prejudice CRYPTO_MAKE_COMPARABLE and
CRYPTO_MAKE_HASHABLE and all the other utter trash in
`crypto/generic-ops.h`.
- De-inline functions in very common crypto/*.h files so that they don't
have to get compiled 300 times.
- Remove the disgusting include-a-C-header-inside-a-C++-namespace
garbage from some crypto headers trying to be both a C and *different*
C++ header at once.
- Remove the toxic, disgusting, shameful `operator&` on ec_scalar, etc.
that replace `&x` with `reinterpret_cast x into an unsigned char*`.
This was pure toxic waste.
- changed some `<<` outputs to fmt
- Random other small changes encountered while fixing everything that
cascaded out of the above changes.
2022-10-15 03:22:44 +02:00
|
|
|
#include "common/string_util.h"
|
2017-02-27 19:33:16 +01:00
|
|
|
#include "cryptonote_basic/cryptonote_basic_impl.h"
|
|
|
|
|
|
|
|
|
|
namespace
|
|
|
|
|
{
|
2022-10-11 02:06:16 +02:00
|
|
|
constexpr const std::array<uint8_t, 64> source = {
|
2017-02-27 19:33:16 +01:00
|
|
|
0x8b, 0x65, 0x59, 0x70, 0x15, 0x37, 0x99, 0xaf, 0x2a, 0xea, 0xdc, 0x9f, 0xf1, 0xad, 0xd0, 0xea,
|
|
|
|
|
0x6c, 0x72, 0x51, 0xd5, 0x41, 0x54, 0xcf, 0xa9, 0x2c, 0x17, 0x3a, 0x0d, 0xd3, 0x9c, 0x1f, 0x94,
|
|
|
|
|
0x6c, 0x72, 0x51, 0xd5, 0x41, 0x54, 0xcf, 0xa9, 0x2c, 0x17, 0x3a, 0x0d, 0xd3, 0x9c, 0x1f, 0x94,
|
|
|
|
|
0x8b, 0x65, 0x59, 0x70, 0x15, 0x37, 0x99, 0xaf, 0x2a, 0xea, 0xdc, 0x9f, 0xf1, 0xad, 0xd0, 0xea
|
|
|
|
|
};
|
|
|
|
|
|
2022-10-11 02:06:16 +02:00
|
|
|
constexpr std::string_view hex_full =
|
2017-02-27 19:33:16 +01:00
|
|
|
"8b655970153799af2aeadc9ff1add0ea6c7251d54154cfa92c173a0dd39c1f94"
|
2022-10-11 02:06:16 +02:00
|
|
|
"6c7251d54154cfa92c173a0dd39c1f948b655970153799af2aeadc9ff1add0ea"sv;
|
2017-02-27 19:33:16 +01:00
|
|
|
|
2022-10-11 02:06:16 +02:00
|
|
|
template <size_t Size, std::enable_if_t<(2*Size <= hex_full.size()), int> = 0>
|
|
|
|
|
constexpr std::string_view hex_data = hex_full.substr(0, 2*Size);
|
2018-11-14 11:46:14 +01:00
|
|
|
|
2017-02-27 19:33:16 +01:00
|
|
|
|
2022-10-11 02:06:16 +02:00
|
|
|
template <typename T>
|
|
|
|
|
T shove_into() {
|
|
|
|
|
T val;
|
|
|
|
|
static_assert(alignof(T) <= alignof(size_t), "T must have size_t (or smaller) alignment");
|
|
|
|
|
static_assert(sizeof(T) <= source.size(), "T is too large for this test");
|
2017-02-27 19:33:16 +01:00
|
|
|
|
2022-10-11 02:06:16 +02:00
|
|
|
std::memcpy(&val, source.data(), sizeof(T));
|
|
|
|
|
return val;
|
2017-02-27 19:33:16 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-11 02:06:16 +02:00
|
|
|
TEST(Crypto, Format)
|
2017-02-27 19:33:16 +01:00
|
|
|
{
|
2022-10-11 02:06:16 +02:00
|
|
|
EXPECT_EQ("{}"_format(shove_into<crypto::hash8>()), "<{}>"_format(hex_data<8>));
|
|
|
|
|
EXPECT_EQ("{}"_format(shove_into<crypto::hash>()), "<{}>"_format(hex_data<32>));
|
|
|
|
|
EXPECT_EQ("{}"_format(shove_into<crypto::public_key>()), "<{}>"_format(hex_data<32>));
|
|
|
|
|
EXPECT_EQ("{}"_format(shove_into<crypto::signature>()), "<{}>"_format(hex_data<64>));
|
|
|
|
|
EXPECT_EQ("{}"_format(shove_into<crypto::key_derivation>()), "<{}>"_format(hex_data<32>));
|
|
|
|
|
EXPECT_EQ("{}"_format(shove_into<crypto::key_image>()), "<{}>"_format(hex_data<32>));
|
2017-02-27 19:33:16 +01:00
|
|
|
}
|
2018-07-20 23:59:18 +02:00
|
|
|
|
|
|
|
|
TEST(Crypto, null_keys)
|
|
|
|
|
{
|
|
|
|
|
char zero[32];
|
|
|
|
|
memset(zero, 0, 32);
|
Overhaul and fix crypto::{public_key,ec_point,etc.} types
- Remove implicit `operator bool` from ec_point/public_key/etc. which
was causing all sorts of implicit conversion mess and bugs.
- Change ec_point/public_key/etc. to use a `std::array<unsigned char,
32>` (via a base type) rather than a C-array of char that has to be
reinterpret_cast<>'ed all over the place.
- Add methods to ec_point/public_key/etc. that make it work more like a
container of bytes (`.data()`, `.size()`, `operator[]`, `begin()`,
`end()`).
- Make a generic `crypto::null<T>` that is a constexpr all-0 `T`, rather
than the mishmash `crypto::null_hash`, crypto::null_pkey,
crypto::hash::null(), and so on.
- Replace three metric tons of `crypto::hash blahblah =
crypto::null_hash;` with the much simpler `crypto::hash blahblah{};`,
because there's no need to make a copy of a null hash in all these
cases. (Likewise for a few other null_whatevers).
- Remove a whole bunch of `if (blahblah == crypto::null_hash)` and `if
(blahblah != crypto::null_hash)` with the more concise `if
(!blahblah)` and `if (blahblah)` (which are fine via the newly
*explicit* bool conversion operators).
- `crypto::signature` becomes a 64-byte container (as above) but with
`c()` and `r()` to get the c() and r() data pointers. (Previously
`.c` and `.r` were `ec_scalar`s).
- Delete with great prejudice CRYPTO_MAKE_COMPARABLE and
CRYPTO_MAKE_HASHABLE and all the other utter trash in
`crypto/generic-ops.h`.
- De-inline functions in very common crypto/*.h files so that they don't
have to get compiled 300 times.
- Remove the disgusting include-a-C-header-inside-a-C++-namespace
garbage from some crypto headers trying to be both a C and *different*
C++ header at once.
- Remove the toxic, disgusting, shameful `operator&` on ec_scalar, etc.
that replace `&x` with `reinterpret_cast x into an unsigned char*`.
This was pure toxic waste.
- changed some `<<` outputs to fmt
- Random other small changes encountered while fixing everything that
cascaded out of the above changes.
2022-10-15 03:22:44 +02:00
|
|
|
ASSERT_EQ(memcmp(crypto::null<crypto::secret_key>.data(), zero, 32), 0);
|
|
|
|
|
ASSERT_EQ(memcmp(crypto::null<crypto::public_key>.data(), zero, 32), 0);
|
|
|
|
|
ASSERT_EQ(memcmp(crypto::public_key{}.data(), zero, 32), 0);
|
|
|
|
|
ASSERT_EQ(memcmp(crypto::secret_key{}.data(), zero, 32), 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
TEST(Crypto, equality)
|
|
|
|
|
{
|
|
|
|
|
crypto::public_key pk1{};
|
|
|
|
|
std::copy(source.data(), source.data() + 32, pk1.begin());
|
|
|
|
|
ASSERT_EQ("{}"_format(pk1), "<{}>"_format(hex_full.substr(0, 64)));
|
|
|
|
|
crypto::public_key pk2 = pk1;
|
|
|
|
|
ASSERT_EQ(tools::view_guts(pk1), tools::view_guts(pk2));
|
|
|
|
|
EXPECT_EQ(pk1, pk2);
|
|
|
|
|
crypto::public_key pk3;
|
|
|
|
|
std::copy(source.data(), source.data() + 32, pk3.begin());
|
|
|
|
|
ASSERT_EQ(tools::view_guts(pk1), tools::view_guts(pk3));
|
|
|
|
|
EXPECT_EQ(pk1, pk3);
|
|
|
|
|
pk3.zero();
|
|
|
|
|
ASSERT_EQ("{}"_format(pk3), "<{:064x}>"_format(0));
|
|
|
|
|
ASSERT_NE(tools::view_guts(pk1), tools::view_guts(pk3));
|
|
|
|
|
EXPECT_NE(pk1, pk3);
|
|
|
|
|
EXPECT_LT(pk3, pk1);
|
|
|
|
|
|
|
|
|
|
std::copy(source.data() + 32, source.data() + 64, pk2.begin());
|
|
|
|
|
ASSERT_EQ("{}"_format(pk2), "<{}>"_format(hex_full.substr(64)));
|
|
|
|
|
EXPECT_NE(pk1, pk2);
|
|
|
|
|
EXPECT_LT(pk2, pk1);
|
|
|
|
|
EXPECT_FALSE(pk1 == pk2);
|
|
|
|
|
EXPECT_FALSE(pk1 < pk2);
|
2018-07-20 23:59:18 +02:00
|
|
|
}
|
2018-06-13 19:23:06 +02:00
|
|
|
|
|
|
|
|
TEST(Crypto, verify_32)
|
|
|
|
|
{
|
|
|
|
|
// all bytes are treated the same, so we can brute force just one byte
|
|
|
|
|
unsigned char k0[32] = {0}, k1[32] = {0};
|
|
|
|
|
for (unsigned int i0 = 0; i0 < 256; ++i0)
|
|
|
|
|
{
|
|
|
|
|
k0[0] = i0;
|
|
|
|
|
for (unsigned int i1 = 0; i1 < 256; ++i1)
|
|
|
|
|
{
|
|
|
|
|
k1[0] = i1;
|
|
|
|
|
ASSERT_EQ(!crypto_verify_32(k0, k1), i0 == i1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
