From 6e79fdb3b6b6739fc7797d47e55a7691306cf736 Mon Sep 17 00:00:00 2001 From: vnugent Date: Wed, 31 Jan 2024 21:30:49 -0500 Subject: move validation macros, and optionally disable them --- CMakeLists.txt | 1 + src/noscrypt.c | 29 +++++++++++++++++++ src/noscrypt.h | 21 -------------- tests/test.c | 89 +++++++++++++++++++++++++++++----------------------------- 4 files changed, 74 insertions(+), 66 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 847f9fe..2504480 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -122,6 +122,7 @@ add_executable(nctest tests/test.c) target_link_libraries(nctest ${CMAKE_PROJECT_NAME}) #link mbedtls crypto sahred library target_link_libraries(nctest ${MBEDCRYPTO_LIB} ${MBEDTLS_LIB}) +target_include_directories(nctest PRIVATE "src") endif() diff --git a/src/noscrypt.c b/src/noscrypt.c index 55a098e..5c4691f 100644 --- a/src/noscrypt.c +++ b/src/noscrypt.c @@ -44,6 +44,35 @@ #include #define MEMMOV(dst, src, size) memmove(dst, src, size) +/* +* Validation macros +*/ + +#ifdef NC_INPUT_VALIDATION_OFF + #define CHECK_NULL_PTR(ptr) if(ptr == NULL) return E_NULL_PTR; + #define CHECK_INVALID_ARG(x) if(x == NULL) return E_INVALID_ARG; + #define CHECK_NULL_ARG(x, argPos) if(x == NULL) return NCResultWithArgPosition(E_NULL_PTR, argPos); + #define CHECK_ARG_RANGE(x, min, max, argPos) if(x < min || x > max) return NCResultWithArgPosition(E_ARGUMENT_OUT_OF_RANGE, argPos); +#else + //empty macros + #define CHECK_NULL_PTR(ptr) + #define CHECK_INVALID_ARG(x) + #define CHECK_NULL_ARG(x, argPos) + #define CHECK_ARG_RANGE(x, min, max, argPos) +#endif // !NC_DISABLE_INPUT_VALIDATION + + +#ifdef DEBUG + /* Must include assert.h for assertions */ + #include + #define DEBUG_ASSERT(x) assert(x); + #define DEBUG_ASSERT2(x, message) assert(x && message); +#else + #define DEBUG_ASSERT(x) + #define DEBUG_ASSERT2(x, message) +#endif + + struct nc_expand_keys { uint8_t chacha_key[CHACHA_KEY_SIZE]; uint8_t chacha_nonce[CHACHA_NONCE_SIZE]; diff --git a/src/noscrypt.h b/src/noscrypt.h index 2a2d051..6b4886e 100644 --- a/src/noscrypt.h +++ b/src/noscrypt.h @@ -123,27 +123,6 @@ static const uint8_t Nip44ConstantSalt[8] = { 0x6e, 0x69, 0x70, 0x34, 0x34, 0x2d #define E_ARGUMENT_OUT_OF_RANGE -4 #define E_OPERATION_FAILED -5 -/* -* Validation macros -*/ - -#define CHECK_NULL_PTR(ptr) if(ptr == NULL) return E_NULL_PTR; -#define CHECK_INVALID_ARG(x) if(x == NULL) return E_INVALID_ARG; -#define CHECK_NULL_ARG(x, argPos) if(x == NULL) return NCResultWithArgPosition(E_NULL_PTR, argPos); -#define CHECK_ARG_RANGE(x, min, max, argPos) if(x < min || x > max) return NCResultWithArgPosition(E_ARGUMENT_OUT_OF_RANGE, argPos); - -#ifdef DEBUG - -//Must include assert.h for assertions -#include - -#define DEBUG_ASSERT(x) assert(x); -#define DEBUG_ASSERT2(x, message) assert(x && message); -#else -#define DEBUG_ASSERT(x) -#define DEBUG_ASSERT2(x, message) -#endif - /* A compressed resul/return value, negative values are failure, 0 is success and positive values are defined by the operation. diff --git a/tests/test.c b/tests/test.c index b44f820..4b33df8 100644 --- a/tests/test.c +++ b/tests/test.c @@ -24,15 +24,16 @@ #include #include -#include "../src/noscrypt.h" -#include "../include/mbedtls/sha256.h" -#include "../include/mbedtls/platform_util.h" +#include +#include +#include #if defined(_MSC_VER) || defined(WIN32) || defined(_WIN32) #define IS_WINDOWS #endif #ifdef IS_WINDOWS + #define WIN32_LEAN_AND_MEAN #include #include #endif @@ -41,14 +42,14 @@ //Prints a string literal to the console #define PRINTL(x) printf(x); printf("\r\n"); - #define TEST(x) printf("Testing %s\n", #x); if(!(x)) { printf("Test failed!\n"); return 1; } else { printf("Test passed\n\n"); } + #define TEST(x) printf("\tTesting %s\n", #x); if(!(x)) { printf("TEST FAILED!\n"); return 1; } else { printf("\tTest passed\n\n"); } #define TASSERT(x) if(!(x)) { printf("ERROR! Internal test assumption failed: %s.\n Aborting tests...\n", #x); ExitProcess(1); } - #define ENSURE(x) if(!(x)) { printf("Assumption failed!\n"); return 1; } + #define ENSURE(x) if(!(x)) { printf("Assumption failed! %s\n", #x); return 1; } #else //Prints a string literal to the console #define PRINTL(x) printf(x); printf("\n"); - #define TEST(x) printf("Testing %s\n", #x); if(!(x)) { printf("Test failed!\n"); return 1; } else { printf("Test passed\n\n"); } + #define TEST(x) printf("\tTesting %s\n", #x); if(!(x)) { printf("TEST FAILED!\n"); return 1; } else { printf("\tTest passed\n\n"); } #define TASSERT(x) if(!(x)) { printf("Internal assumption failed: %s\n", #x); exit(1); } #define ENSURE(x) if(!(x)) { printf("Assumption failed!\n"); return 1; } #endif @@ -59,13 +60,19 @@ #define ZERO_FILL(x, size) memset(x, 0, size) #endif -static void FillRandomData(uint8_t* pbBuffer, size_t length); -static int TestEcdsa(NCContext* context); +static void FillRandomData(void* pbBuffer, size_t length); +static int TestEcdsa(NCContext* context, NCSecretKey* secKey, NCPublicKey* pubKey); +static int InitKepair(NCContext* context, NCSecretKey* secKey, NCPublicKey* pubKey); -int main(char* argv[], int argc) +static const uint8_t zero32[32] = { 0 }; +static const uint8_t zero64[64] = { 0 }; + +int main(void) { NCContext ctx; uint8_t ctxRandom[32]; + NCSecretKey secKey; + NCPublicKey pubKey; PRINTL("Begining basic noscrypt tests\n") @@ -75,8 +82,13 @@ int main(char* argv[], int argc) TEST(NCGetContextStructSize() == sizeof(NCContext)) TEST(NCInitContext(&ctx, ctxRandom) == NC_SUCCESS) + + if (InitKepair(&ctx, &secKey, &pubKey) != 0) + { + return 1; + } - if (TestEcdsa(&ctx) != 0) + if (TestEcdsa(&ctx, &secKey, &pubKey) != 0) { return 1; } @@ -99,50 +111,44 @@ static void _sha256(const uint8_t* data, size_t length, uint8_t digest[32]) } static const char* message = "Test message to sign"; -static const uint8_t zero32[32] = { 0 }; -static const uint8_t zero64[64] = { 0 }; -static int TestEcdsa(NCContext* context) +static int InitKepair(NCContext* context, NCSecretKey* secKey, NCPublicKey* pubKey) { - - uint8_t secretKey[NC_SEC_KEY_SIZE]; - uint8_t publicKey[NC_PUBKEY_SIZE]; + PRINTL("TEST: Keypair") + + //Get random private key + FillRandomData(secKey, sizeof(NCSecretKey)); + + //Ensure not empty + ENSURE(memcmp(zero32, secKey, 32) != 0); + + //Ensure the key is valid + TEST(NCValidateSecretKey(context, secKey) == NC_SUCCESS); + + //Generate a public key from the secret key + TEST(NCGetPublicKey(context, secKey, pubKey) == NC_SUCCESS); + + return 0; +} + +static int TestEcdsa(NCContext* context, NCSecretKey* secKey, NCPublicKey* pubKey) +{ uint8_t digestToSign[32]; uint8_t sigEntropy[32]; uint8_t invalidSig[64]; - NCSecretKey* secKey; - NCPublicKey* pubKey; - - PRINTL("Begining basic Nostr ECDSA tests") - - //Convert to internal key structs - secKey = NCToSecKey(secretKey); - pubKey = NCToPubKey(publicKey); - TEST((&secKey->key) == &secretKey); + PRINTL("TEST: Ecdsa") //Init a new secret key with random data - FillRandomData(secretKey, sizeof(secretKey)); FillRandomData(invalidSig, sizeof(invalidSig)); FillRandomData(sigEntropy, sizeof(sigEntropy)); //compute sha256 of the test string _sha256((uint8_t*)message, strlen(message), digestToSign); - //Verify that the secret key is valid for the curve - TEST(NCValidateSecretKey(context, secKey) == NC_SUCCESS); - - //Generate a public key from the secret key - TEST(NCGetPublicKey(context, secKey, pubKey) == NC_SUCCESS); - - //Ensure not empty - TEST(memcmp(zero32, secretKey, 32) != 0); - TEST(memcmp(zero32, publicKey, 32) != 0); - //Sign and verify digest { uint8_t sig[64]; - TEST(NCSignDigest(context, secKey, sigEntropy, digestToSign, sig) == NC_SUCCESS); TEST(NCVerifyDigest(context, pubKey, digestToSign, sig) == NC_SUCCESS); } @@ -190,14 +196,7 @@ static int TestEcdsa(NCContext* context) return 0; } -static const char* encMessage = "Test message to encrypt"; - -static int TestEcdh(NCContext* ctx) -{ - PRINTL("Begining basic Nostr Encryption tests") -} - -static void FillRandomData(uint8_t* pbBuffer, size_t length) +static void FillRandomData(void* pbBuffer, size_t length) { #ifdef IS_WINDOWS -- cgit