From d81592ba7123c0cc5c51b6280a9705ea219b8693 Mon Sep 17 00:00:00 2001
From: Michael Hamburg <mike@shiftleft.org>
Date: Sat, 23 Jan 2016 16:50:16 -0800
Subject: [PATCH] make test_ct, except it probably doesnt work; definitely not
 on a mac with no memcheck.h installed

---
 Makefile                           |  13 +++-
 src/public_include/decaf/shake.hxx |  10 +++
 test/test_ct.cxx                   | 113 +++++++++++++++++++++++++++++
 3 files changed, 135 insertions(+), 1 deletion(-)
 create mode 100644 test/test_ct.cxx

diff --git a/Makefile b/Makefile
index bb75045..cc9a5e0 100644
--- a/Makefile
+++ b/Makefile
@@ -66,7 +66,7 @@ SAGE ?= sage
 SAGES= $(shell ls test/*.sage)
 BUILDPYS= $(SAGES:test/%.sage=$(BUILD_PY)/%.py)
 
-.PHONY: clean all test bench todo doc lib bat sage sagetest gen_headers
+.PHONY: clean all test test_ct bench todo doc lib bat sage sagetest gen_headers
 .PRECIOUS: $(BUILD_ASM)/%.s $(BUILD_C)/%.c $(BUILD_IBIN)/%
 
 GEN_HEADERS=\
@@ -99,6 +99,14 @@ else
 	$(LDXX) $(LDFLAGS) -Wl,-rpath,`pwd`/$(BUILD_LIB) -o $@ $< -L$(BUILD_LIB) -ldecaf
 endif
 
+# Internal test programs, which are not part of the final build/bin directory.
+$(BUILD_IBIN)/test_ct: $(BUILD_OBJ)/test_ct.o lib
+ifeq ($(UNAME),Darwin)
+	$(LDXX) $(LDFLAGS) -o $@ $< -L$(BUILD_LIB) -ldecaf
+else
+	$(LDXX) $(LDFLAGS) -Wl,-rpath,`pwd`/$(BUILD_LIB) -o $@ $< -L$(BUILD_LIB) -ldecaf
+endif
+
 $(BUILD_IBIN)/bench: $(BUILD_OBJ)/bench_decaf.o lib
 ifeq ($(UNAME),Darwin)
 	$(LDXX) $(LDFLAGS) -o $@ $< -L$(BUILD_LIB) -ldecaf
@@ -287,6 +295,9 @@ bench: $(BUILD_IBIN)/bench
 
 test: $(BUILD_IBIN)/test
 	./$<
+
+test_ct: $(BUILD_IBIN)/test_ct
+	valgrind ./$<
 	
 microbench: $(BUILD_IBIN)/bench
 	./$< --micro
diff --git a/src/public_include/decaf/shake.hxx b/src/public_include/decaf/shake.hxx
index 595070c..eeb356b 100644
--- a/src/public_include/decaf/shake.hxx
+++ b/src/public_include/decaf/shake.hxx
@@ -181,6 +181,16 @@ public:
         }
     }
     
+    /** Stir in new data */
+    inline void stir( const std::string &data ) NOEXCEPT {
+        spongerng_stir(sp,(const unsigned char *__restrict__)data.data(),data.size());
+    }
+    
+    /** Stir in new data */
+    inline void stir( const Block &data ) NOEXCEPT {
+        spongerng_stir(sp,data.data(),data.size());
+    }
+    
     /** Securely destroy by overwriting state. */
     inline ~SpongeRng() NOEXCEPT { spongerng_destroy(sp); }
     
diff --git a/test/test_ct.cxx b/test/test_ct.cxx
new file mode 100644
index 0000000..9bb091d
--- /dev/null
+++ b/test/test_ct.cxx
@@ -0,0 +1,113 @@
+/**
+ * @file test_decaf.cxx
+ * @author Mike Hamburg
+ *
+ * @copyright
+ *   Copyright (c) 2015 Cryptography Research, Inc.  \n
+ *   Released under the MIT License.  See LICENSE.txt for license information.
+ *
+ * @brief C++ tests, because that's easier.
+ */
+
+#include <decaf.hxx>
+#include <decaf/shake.hxx>
+#include <decaf/crypto.h>
+#include <decaf/crypto.hxx>
+#include <stdio.h>
+#include <memcheck.h>
+
+using namespace decaf;
+
+static const long NTESTS = 100;
+
+const char *undef_str = "Valgrind thinks this string is undefined."
+const Block undef_block(undef_str);
+
+template<typename Group> struct Tests {
+
+typedef typename Group::Scalar Scalar;
+typedef typename Group::Point Point;
+typedef typename Group::Precomputed Precomputed;
+
+static void test_arithmetic() {
+    SpongeRng rng(Block("test_arithmetic"));
+    rng.stir(undef_str);
+    
+    Test test("Arithmetic");
+    Scalar x(rng),y(rng),z;
+    FixedBlock<Group::Scalar::SER_BYTES> Ser;
+        
+    for (int i=0; i<NTESTS; i++) {
+        (void)(x+y);
+        (void)(x-y);
+        (void)(x*y);
+        (void)(x/y); // Probably fails?
+        (void)(x==y);
+        (void)(z=y);
+        x.serialize(ser);
+        x = y;
+    }
+}
+
+static void test_elligator() {
+    SpongeRng rng(Block("test_elligator"));
+    rng.stir(undef_str);
+        
+    for (int i=0; i<NTESTS; i++) {
+        Point x(rng);
+        (void)x;
+        /* TODO: uniform, nonuniform... */
+    }
+}
+
+static void test_ec() {
+    SpongeRng rng(Block("test_ec"));
+    rng.stir(undef_str);
+
+    for (int i=0; i<NTESTS; i++) {
+        Scalar y(rng),z(rng);
+        Point p(rng),q(rng),r;
+        
+        (void)(p*y);
+        (void)(p+q);
+        (void)(p-q);
+        (void)(-p);
+        (void)(p.times_two());
+        (void)(p==q);
+        (void)(p.debugging_torque());
+        (void)(p.non_secret_combo_with_base(y,z)); // Should fail
+        (void)(Precomputed(p)*y);
+        p.dual_scalarmul(q,r,y,z);
+        p.double_scalarmul(q,r,y,z);
+        
+    }
+}
+
+static void test_crypto() {
+    /* TODO */
+}
+
+}; // template<GroupId GROUP>
+
+int main(int argc, char **argv) {
+    (void) argc; (void) argv;
+    
+    VALGRIND_MAKE_MEM_UNDEFINED(undef_str, strlen(undef_str));
+    
+    printf("Testing %s:\n",IsoEd25519::name());
+    Tests<IsoEd25519>::test_arithmetic();
+    Tests<IsoEd25519>::test_elligator();
+    Tests<IsoEd25519>::test_ec();
+    Tests<IsoEd25519>::test_crypto();
+    
+    printf("\n");
+    printf("Testing %s:\n", Ed448Goldilocks::name());
+    Tests<Ed448Goldilocks>::test_arithmetic();
+    Tests<Ed448Goldilocks>::test_elligator();
+    Tests<Ed448Goldilocks>::test_ec();
+    Tests<Ed448Goldilocks>::test_crypto();
+    
+    if (passing) printf("Passed all tests.\n");
+    
+    return passing ? 0 : 1;
+}