Add libsodium to the tree and build what's needed from source.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3859 ed5197a5-7fde-0310-b194-c3ffbd925b24

deps/libsodium/test/default/metamorphic.c

@@ -0,0 +1,187 @@
+
+#define TEST_NAME "metamorphic"
+#include "cmptest.h"
+
+#define MAXLEN 512
+#define MAX_ITER 1000
+
+static void
+mm_generichash(void)
+{
+    crypto_generichash_state st;
+    unsigned char *h, *h2;
+    unsigned char *k;
+    unsigned char *m;
+    size_t         hlen;
+    size_t         klen;
+    size_t         mlen;
+    size_t         l1, l2;
+    int            i;
+
+    for (i = 0; i < MAX_ITER; i++) {
+        mlen = randombytes_uniform(MAXLEN);
+        m = (unsigned char *) sodium_malloc(mlen);
+        klen = randombytes_uniform(crypto_generichash_KEYBYTES_MAX -
+                                   crypto_generichash_KEYBYTES_MIN + 1U)
+            + crypto_generichash_KEYBYTES_MIN;
+        k = (unsigned char *) sodium_malloc(klen);
+        hlen = randombytes_uniform(crypto_generichash_BYTES_MAX -
+                                   crypto_generichash_BYTES_MIN + 1U)
+            + crypto_generichash_BYTES_MIN;
+        h = (unsigned char *) sodium_malloc(hlen);
+        h2 = (unsigned char *) sodium_malloc(hlen);
+
+        randombytes_buf(k, klen);
+        randombytes_buf(m, mlen);
+
+        crypto_generichash_init(&st, k, klen, hlen);
+        l1 = randombytes_uniform((uint32_t) mlen);
+        l2 = randombytes_uniform((uint32_t) (mlen - l1));
+        crypto_generichash_update(&st, m, l1);
+        crypto_generichash_update(&st, m + l1, l2);
+        crypto_generichash_update(&st, m + l1 + l2, mlen - l1 - l2);
+        crypto_generichash_final(&st, h, hlen);
+
+        crypto_generichash(h2, hlen, m, mlen, k, klen);
+
+        assert(memcmp(h, h2, hlen) == 0);
+
+        sodium_free(h2);
+        sodium_free(h);
+        sodium_free(k);
+        sodium_free(m);
+    }
+}
+
+static void
+mm_onetimeauth(void)
+{
+    crypto_onetimeauth_state st;
+    unsigned char *h, *h2;
+    unsigned char *k;
+    unsigned char *m;
+    size_t         mlen;
+    size_t         l1, l2;
+    int            i;
+
+    for (i = 0; i < MAX_ITER; i++) {
+        mlen = randombytes_uniform(MAXLEN);
+        m = (unsigned char *) sodium_malloc(mlen);
+        k = (unsigned char *) sodium_malloc(crypto_onetimeauth_KEYBYTES);
+        h = (unsigned char *) sodium_malloc(crypto_onetimeauth_BYTES);
+        h2 = (unsigned char *) sodium_malloc(crypto_onetimeauth_BYTES);
+
+        crypto_onetimeauth_keygen(k);
+        randombytes_buf(m, mlen);
+
+        crypto_onetimeauth_init(&st, k);
+        l1 = randombytes_uniform((uint32_t) mlen);
+        l2 = randombytes_uniform((uint32_t) (mlen - l1));
+        crypto_onetimeauth_update(&st, m, l1);
+        crypto_onetimeauth_update(&st, m + l1, l2);
+        crypto_onetimeauth_update(&st, m + l1 + l2, mlen - l1 - l2);
+        crypto_onetimeauth_final(&st, h);
+
+        crypto_onetimeauth(h2, m, mlen, k);
+
+        assert(memcmp(h, h2, crypto_onetimeauth_BYTES) == 0);
+
+        sodium_free(h2);
+        sodium_free(h);
+        sodium_free(k);
+        sodium_free(m);
+    }
+}
+
+static void
+mm_hmacsha256(void)
+{
+    crypto_auth_hmacsha256_state st;
+    unsigned char *h, *h2;
+    unsigned char *k;
+    unsigned char *m;
+    size_t         mlen;
+    size_t         l1, l2;
+    int            i;
+
+    for (i = 0; i < MAX_ITER; i++) {
+        mlen = randombytes_uniform(MAXLEN);
+        m = (unsigned char *) sodium_malloc(mlen);
+        k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_KEYBYTES);
+        h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
+        h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha256_BYTES);
+
+        crypto_auth_hmacsha256_keygen(k);
+        randombytes_buf(m, mlen);
+
+        crypto_auth_hmacsha256_init(&st, k, crypto_auth_hmacsha256_KEYBYTES);
+        l1 = randombytes_uniform((uint32_t) mlen);
+        l2 = randombytes_uniform((uint32_t) (mlen - l1));
+        crypto_auth_hmacsha256_update(&st, m, l1);
+        crypto_auth_hmacsha256_update(&st, m + l1, l2);
+        crypto_auth_hmacsha256_update(&st, m + l1 + l2, mlen - l1 - l2);
+        crypto_auth_hmacsha256_final(&st, h);
+
+        crypto_auth_hmacsha256(h2, m, mlen, k);
+
+        assert(memcmp(h, h2, crypto_auth_hmacsha256_BYTES) == 0);
+
+        sodium_free(h2);
+        sodium_free(h);
+        sodium_free(k);
+        sodium_free(m);
+    }
+}
+
+static void
+mm_hmacsha512(void)
+{
+    crypto_auth_hmacsha512_state st;
+    unsigned char *h, *h2;
+    unsigned char *k;
+    unsigned char *m;
+    size_t         mlen;
+    size_t         l1, l2;
+    int            i;
+
+    for (i = 0; i < MAX_ITER; i++) {
+        mlen = randombytes_uniform(MAXLEN);
+        m = (unsigned char *) sodium_malloc(mlen);
+        k = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_KEYBYTES);
+        h = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
+        h2 = (unsigned char *) sodium_malloc(crypto_auth_hmacsha512_BYTES);
+
+        crypto_auth_hmacsha512_keygen(k);
+        randombytes_buf(m, mlen);
+
+        crypto_auth_hmacsha512_init(&st, k, crypto_auth_hmacsha512_KEYBYTES);
+        l1 = randombytes_uniform((uint32_t) mlen);
+        l2 = randombytes_uniform((uint32_t) (mlen - l1));
+        crypto_auth_hmacsha512_update(&st, m, l1);
+        crypto_auth_hmacsha512_update(&st, m + l1, l2);
+        crypto_auth_hmacsha512_update(&st, m + l1 + l2, mlen - l1 - l2);
+        crypto_auth_hmacsha512_final(&st, h);
+
+        crypto_auth_hmacsha512(h2, m, mlen, k);
+
+        assert(memcmp(h, h2, crypto_auth_hmacsha512_BYTES) == 0);
+
+        sodium_free(h2);
+        sodium_free(h);
+        sodium_free(k);
+        sodium_free(m);
+    }
+}
+
+int
+main(void)
+{
+    mm_generichash();
+    mm_onetimeauth();
+    mm_hmacsha256();
+    mm_hmacsha512();
+
+    printf("OK\n");
+
+    return 0;
+}