xcrypt 0.1.0

data/ext/libxcrypt/test/TestCommon.pm

@@ -0,0 +1,326 @@
+# Written by Zack Weinberg <zackw at panix.com> in 2020.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Code shared among all of the Perl-language tests in this directory.
+
+package TestCommon;
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:utf8);
+
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use Cwd qw(realpath);
+use File::Spec::Functions qw(
+    catdir
+    catpath
+    splitpath
+);
+use FindBin ();
+use POSIX   ();
+
+use lib "$FindBin::Bin/../build-aux/scripts";
+## ProhibitUnusedImport does not notice uses from @EXPORT_OK.
+## no critic (TooMuchCode::ProhibitUnusedImport)
+use BuildCommon qw(
+    ensure_C_locale
+    error
+    popen
+    sh_split
+    sh_quote
+    subprocess_error
+    which
+);
+## use critic
+
+our @EXPORT_OK;
+use Exporter qw(import);
+
+BEGIN {
+    # Re-export all the subprocess handling routines from BuildCommon
+    # as a convenience for individual tests.
+    @EXPORT_OK = qw(
+        compare_symbol_lists
+        ensure_C_locale
+        error
+        fail
+        find_real_library
+        get_symbols
+        popen
+        sh_quote
+        sh_split
+        skip
+        subprocess_error
+        which
+    );
+}
+
+# Diagnostics: report that the test has failed.
+sub fail {    ## no critic (Subroutines::RequireArgUnpacking)
+    my $msg = join q{ }, @_;
+    print {*STDERR} $FindBin::Script, ': FAIL: ', $msg, "\n";
+    exit 1;
+}
+
+# Diagnostics: report that the test should be 'skipped' because
+# some piece of infrastructure we need is missing.
+sub skip {    ## no critic (Subroutines::RequireArgUnpacking)
+    my $msg = join q{ }, @_;
+    print {*STDERR} $FindBin::Script, ': skipping test: ', $msg, "\n";
+    exit 77;
+}
+
+# Parse a .la file (arg 1) and determine the name of the actual .a or
+# .so file it refers to (arg 2: 'static' for .a, 'shared' for .so)
+sub find_real_library {
+    my ($lib_la, $type) = @_;
+
+    state @SH;
+    if (!@SH) {
+        @SH = which($ENV{SHELL} || $ENV{CONFIG_SHELL} || '/bin/sh');
+        error('no shell available???') if !@SH;
+    }
+
+    my $param;
+    if ($type eq 'shared') {
+        $param = 'dlname';
+    } elsif ($type eq 'static') {
+        $param = 'old_library';
+    } else {
+        error("unknown library type: '$type'");
+    }
+
+    # We're going to interpolate $lib_la into a shell command.
+    # Save the unmangled directory part first, then quote it.
+    my ($vol, $dir, undef) = splitpath($lib_la);
+    $lib_la = sh_quote($lib_la);
+
+    # .la files are shell script fragments.  The easiest way to learn
+    # the name of the actual library is to ask a shell to parse the
+    # fragment for us.
+    my $fh = popen('-|', @SH, '-c', ". $lib_la; printf %s \"\$$param\"");
+    my $real_library;
+    {
+        local $/ = undef;    # slurp
+        $real_library = <$fh>;
+    }
+    close $fh or subprocess_error($SH[0]);
+
+    chomp $real_library;
+    $real_library = catpath($vol, catdir($dir, '.libs'), $real_library);
+    error("'$real_library' does not exist") unless -f $real_library;
+    return realpath($real_library);
+}
+
+# In some object file formats, all symbols defined in C have an
+# underscore prepended to their names.  The configure script detects
+# this and the Makefiles set this environment variable appropriately.
+my $symbol_prefix = $ENV{SYMBOL_PREFIX} || q{};
+
+# Return a hashset of symbols exported by the library $_[0], using readelf.
+# If it is a dynamic library, annotate each symbol with its version tag.
+sub get_symbols_readelf {
+    my $lib    = shift;
+    my $filter = shift // sub { 1 };
+
+    state $readelf_works = 1;
+    die "readelf doesn't work\n" unless $readelf_works;
+
+    state @READELF;
+    if (!@READELF) {
+        @READELF = which($ENV{READELF} || 'readelf');
+        die "readelf not available\n" unless @READELF;
+    }
+
+    my @opts              = ('--wide');
+    my $want_version_tags = 0;
+    if ($lib =~ /\.(?:a|lib)$/) {
+        push @opts, '--syms';
+    } else {
+        push @opts, '--dyn-syms';
+        $want_version_tags = 1;
+    }
+
+    my $fh = popen('-|', @READELF, @opts, $lib);
+
+    local $_;
+    my %symbols;
+    my $saw_version_tags = 0;
+    while (<$fh>) {
+        chomp;
+        s/\s+$//;
+        next if /^(?:$|File:|Symbol table)/;
+        next if /^\s*Num:\s+Value\s+Size\s+Type\s+Bind\s+Vis\s+Ndx\s+Name$/;
+
+        my ($num, $value, $size, $type, $bind, $vis, $ndx, $name) = split;
+
+        # We are only interested in globally visible, defined,
+        # non-absolute symbols.
+        next
+            if $ndx eq 'UND'
+            || $ndx eq 'ABS'
+            || $bind eq 'LOCAL';
+
+        # Strip the symbol prefix, if any, from each symbol.
+        $name =~ s/^$symbol_prefix// if $symbol_prefix ne q{};
+
+        $saw_version_tags = 1 if $name =~ /@[A-Z_]+[0-9]/;
+
+        if (&{$filter}($name)) {
+            print {*STDERR} "|+ $name\n";
+            $symbols{$name} = 1;
+        } else {
+            print {*STDERR} "|- $name\n";
+        }
+    }
+    if (!close $fh) {
+        # If it ran but exited 1 or 2, don't give up yet, we still
+        # have nm to try.
+        if ($! == 0 && ($? == 256 || $? == 512)) {
+            $readelf_works = 0;
+            die "$READELF[0] exited " . ($? >> 2) . "\n";
+        }
+        subprocess_error($READELF[0]);
+    }
+    if ($want_version_tags && !$saw_version_tags) {
+        $readelf_works = 0;
+        die "$READELF[0] did not print version tags\n";
+    }
+    return \%symbols;
+}
+
+# Return a hashset of symbols exported by the library $_[0], using nm.
+# If it is a dynamic library, annotate each symbol with its version tag.
+sub get_symbols_nm {
+    my $lib    = shift;
+    my $filter = shift // sub { 1 };
+
+    state $nm_works = 1;
+    die "nm doesn't work\n" unless $nm_works;
+
+    state @NM;
+    if (!@NM) {
+        @NM = which($ENV{NM} || 'nm');
+        die "nm not available\n" unless @NM;
+    }
+
+    my @opts              = qw(--format=bsd --extern-only --defined-only);
+    my $want_version_tags = 0;
+    if ($lib !~ /\.(?:a|lib)$/) {
+        push @opts, qw(--dynamic --with-symbol-versions);
+        $want_version_tags = 1;
+    }
+
+    my $fh = popen('-|', @NM, @opts, $lib);
+    local $_;
+    my %symbols;
+    my $saw_version_tags = 0;
+    while (<$fh>) {
+        chomp;
+        s/\s+$//;
+        next unless $_;
+
+        # BSD-format nm output, when restricted to external, defined
+        # symbols, has three fields per line: address type name.
+        # We shouldn't ever see symbols with the address field blank,
+        # but just in case, discard them.
+        next unless /^([0-9a-fA-F]+)\s+([A-Za-z])\s+(\S+)$/;
+        my $addr = $1;
+        my $type = $2;
+        my $name = $3;
+
+        # Symbols whose address is 0 and type is A are uninteresting;
+        # they define the set of symbol version tags.
+        next if $addr =~ /^0+$/ && $type eq 'A';
+
+        # Strip the symbol prefix, if any, from each symbol.
+        $name =~ s/^$symbol_prefix// if $symbol_prefix;
+
+        # Compensate for a bug in some versions of GNU nm
+        # where the symbol version is printed twice.
+        $name =~ s/(@+[A-Z0-9_.]+)\1$/$1/;
+
+        $saw_version_tags = 1 if $name =~ /@[A-Z_]+[0-9]/;
+
+        if (&{$filter}($name)) {
+            print {*STDERR} "|+ $name\n";
+            $symbols{$name} = 1;
+        } else {
+            print {*STDERR} "|- $name\n";
+        }
+    }
+    if (!close $fh) {
+        # If it ran but exited 1 or 2, don't give up yet, we still
+        # have readelf to try.
+        if ($! == 0 && ($? == 256 || $? == 512)) {
+            $nm_works = 0;
+            die "$NM[0] exited " . ($? >> 8) . "\n";
+        }
+        subprocess_error($NM[0]);
+    }
+    if ($want_version_tags && !$saw_version_tags) {
+        $nm_works = 0;
+        die "$NM[0] did not print version tags\n";
+    }
+    return \%symbols;
+}
+
+# Return a hashset of symbols exported by the library $_[0], using
+# readelf or nm, whichever works on this system.  If it is a dynamic
+# library, annotate each symbol with its version tag.  If $_[1] is
+# defined, it is a filter procedure; only symbols for which the filter
+# returns true are included in the hashset.
+sub get_symbols {    ## no critic (Subroutines::RequireArgUnpacking)
+    my $result;
+
+    $result = eval { get_symbols_nm(@_); };
+    return $result if $result;
+    print {*STDERR} "get_symbols_nm: $@";
+
+    $result = eval { get_symbols_readelf(@_); };
+    return $result if $result;
+    print {*STDERR} "get_symbols_readelf: $@";
+
+    skip('cannot get symbols using either readelf or nm');
+}
+
+sub compare_symbol_lists {
+    my ($found, $expected, $tag, $extra_allowed) = @_;
+    my @extra;
+    my @missing;
+    local $_;
+    for (keys %{$expected}) {
+        push @missing, $_ unless exists $found->{$_};
+    }
+    for (keys %{$found}) {
+        push @extra, $_ unless exists $expected->{$_};
+    }
+
+    my $error = 0;
+    if (@extra) {
+        $error = 1 unless $extra_allowed;
+        print {*STDERR} "*** Extra $tag:\n";
+        for (sort @extra) {
+            s/^_crypt_//;
+            print {*STDERR} "  $_\n";
+        }
+    }
+    if (@missing) {
+        $error = 1;
+        print {*STDERR} "*** Missing $tag:\n";
+        for (sort @missing) {
+            s/^_crypt_//;
+            print {*STDERR} "  $_\n";
+        }
+    }
+    return $error;
+}
+
+1;

data/ext/libxcrypt/test/alg-des.c

@@ -0,0 +1,80 @@
+/*
+ * This crypt(3) validation program shipped with UFC-crypt
+ * is derived from one distributed with Phil Karns PD DES package.
+ *
+ * @(#)cert.c   1.8 11 Aug 1996
+ */
+
+#include "crypt-port.h"
+#include "alg-des.h"
+#include "des-cases.h"
+
+#include <stdio.h>
+
+#if INCLUDE_descrypt || INCLUDE_bsdicrypt || INCLUDE_bigcrypt
+
+static void
+v_print (const unsigned char v[8])
+{
+  for (int i = 0; i < 8; i++)
+    printf ("%02x", (unsigned int)v[i]);
+}
+
+static void
+report_failure (size_t n, bool decrypt,
+                const struct des_testcase *tc, const unsigned char got[8])
+{
+  printf ("FAIL: %zu/%s: k=", n, decrypt ? "de" : "en");
+  v_print (tc->key);
+  fputs ("  exp ", stdout);
+  if (decrypt)
+    v_print (tc->plain);
+  else
+    v_print (tc->answer);
+  fputs ("  got ", stdout);
+  v_print (got);
+  putchar ('\n');
+}
+
+int
+main (void)
+{
+  struct des_ctx ctx;
+  const struct des_testcase *tc;
+  unsigned char got[8];
+  size_t t;
+  int status = 0;
+
+  des_set_salt (&ctx, 0);
+
+  for (t = 0; t < N_DES_TESTCASES; t++)
+    {
+      tc = &des_testcases[t];
+      des_set_key (&ctx, tc->key);
+      des_crypt_block (&ctx, got, tc->plain, 0, false);
+      if (memcmp (got, tc->answer, 8) != 0)
+        {
+          status = 1;
+          report_failure (t, false, tc, got);
+        }
+
+      des_crypt_block (&ctx, got, tc->answer, 0, true);
+      if (memcmp (got, tc->plain, 8) != 0)
+        {
+          status = 1;
+          report_failure (t, true, tc, got);
+        }
+    }
+
+  return status;
+}
+
+#else
+
+int
+main (void)
+{
+  return 77; /* UNSUPPORTED */
+}
+
+#endif

data/ext/libxcrypt/test/alg-gost3411-2012-hmac.c

@@ -0,0 +1,90 @@
+/* Copyright (C) 2018 vt@altlinux.org
+ * Copyright (C) 2018 Björn Esser besser82@fedoraproject.org
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "crypt-port.h"
+
+#if INCLUDE_gost_yescrypt
+
+#include "alg-gost3411-2012-hmac.h"
+
+#include <stdio.h>
+
+static void
+dumphex(const void *ptr, size_t size)
+{
+  size_t i;
+
+  for (i = 0; i < size; i++)
+    printf("%02x", ((const unsigned char *)ptr)[i]);
+  printf("\n");
+}
+
+static int
+test_gost2012_hmac(const char *subject, const char *k, size_t ksize,
+                   const char *t, size_t tlen, const char *match)
+{
+  uint8_t digest[32];
+  gost_hmac_256_t gostbuf;
+
+  gost_hmac256((const uint8_t *)k, ksize,
+               (const uint8_t *)t, tlen, digest, &gostbuf);
+
+  if (memcmp(digest, match, sizeof(digest)))
+    {
+      fprintf(stderr, "ERROR: %s\n", subject);
+      printf("   key: ");
+      dumphex(k, ksize);
+      printf("   t:   ");
+      dumphex(t, tlen);
+      printf("   hmac=");
+      dumphex(digest, sizeof(digest));
+      return 1;
+    }
+  else
+    fprintf(stderr, "   ok: %s\n", subject);
+
+  return 0;
+}
+
+int
+main (void)
+{
+  int result = 0;
+
+  result |= test_gost2012_hmac(
+              "HMAC_GOSTR3411_2012_256 test vector from P 50.1.113-2016",
+              "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f"
+              "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", 32,
+              "\x01\x26\xbd\xb8\x78\x00\xaf\x21\x43\x41\x45\x65\x63\x78\x01\x00", 16,
+              "\xa1\xaa\x5f\x7d\xe4\x02\xd7\xb3\xd3\x23\xf2\x99\x1c\x8d\x45\x34"
+              "\x01\x31\x37\x01\x0a\x83\x75\x4f\xd0\xaf\x6d\x7c\xd4\x92\x2e\xd9"
+            );
+
+  return result;
+}
+
+#else
+
+int
+main (void)
+{
+  return 77; /* UNSUPPORTED */
+}
+
+#endif /* INCLUDE_gost_yescrypt */

data/ext/libxcrypt/test/alg-gost3411-2012.c

@@ -0,0 +1,191 @@
+/* Copyright (C) 2018 vt@altlinux.org
+ * Copyright (C) 2018 Björn Esser besser82@fedoraproject.org
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "crypt-port.h"
+
+#if INCLUDE_gost_yescrypt
+
+#include "alg-gost3411-2012-hmac.h"
+
+#include <stdio.h>
+
+static void
+dumphex(const void *ptr, size_t size)
+{
+  size_t i;
+
+  for (i = 0; i < size; i++)
+    printf("%02x", ((const unsigned char *)ptr)[i]);
+  printf("\n");
+}
+
+static int
+test_gost2012_hash(const char *subject, const char *t, const char *match)
+{
+  size_t i;
+  uint8_t digest[32];
+  GOST34112012Context ctx;
+
+  gost_hash256((const uint8_t *)t, strlen(t), digest, &ctx);
+
+  char dgt[32 * 2 + 1];
+  for (i = 0; i < sizeof(digest); i++)
+    sprintf(&dgt[i * 2], "%02x", digest[i]);
+
+  if (strcmp(dgt, match) != 0)
+    {
+      fprintf(stderr, "ERROR: %s\n", subject);
+      printf("   t[%zu] = ", strlen(t));
+      dumphex(t, strlen(t));
+      printf("   digest(%zu) = %s",
+             sizeof(digest), dgt);
+      printf("   expected(%zu) = %s\n",
+             strlen(match) / 2, match);
+      return 1;
+    }
+  else
+    fprintf(stderr, "   ok: %s\n", subject);
+
+  return 0;
+}
+
+static int
+test_gost2012_hash512(const char *subject, const char *t, const char *match)
+{
+  size_t i;
+  size_t len = strlen(t);
+  size_t lh = len / 2;
+  uint8_t digest[64];
+  GOST34112012Context ctx;
+
+  GOST34112012Init(&ctx, GOSTR3411_2012_BITS * 2);
+
+  /* Operate on len < 64 for coverage */
+  GOST34112012Update(&ctx, (const uint8_t *)t, lh);
+  GOST34112012Update(&ctx, (const uint8_t *)t + lh, len - lh);
+
+  GOST34112012Final(&ctx, digest);
+
+  char dgt[64 * 2 + 1];
+  for (i = 0; i < sizeof(digest); i++)
+    sprintf(&dgt[i * 2], "%02x", digest[i]);
+
+  if (strcmp(dgt, match) != 0)
+    {
+      fprintf(stderr, "ERROR: %s\n", subject);
+      printf("   t[%zu] = ", strlen(t));
+      dumphex(t, strlen(t));
+      printf("   digest(%zu) = %s",
+             sizeof(digest), dgt);
+      printf("   expected(%zu) = %s\n",
+             strlen(match) / 2, match);
+      return 1;
+    }
+  else
+    fprintf(stderr, "   ok: %s\n", subject);
+
+  return 0;
+}
+
+int
+main (void)
+{
+  int result = 0;
+
+  result |= test_gost2012_hash(
+              "test vector from example A.1 from GOST-34.11-2012 (256 Bit)",
+              "012345678901234567890123456789012345678901234567890123456789012",
+              "9d151eefd8590b89daa6ba6cb74af9275dd051026bb149a452fd84e5e57b5500");
+
+  result |= !test_gost2012_hash(
+              "false positive test vector (256 Bit)",
+              "012345678901234567890123456789012345678901234567890123456789012",
+              "012345678901234567890123456789012345678901234567890123456789012");
+
+  result |= test_gost2012_hash(
+              "test vector from example A.2 from GOST-34.11-2012 (256 Bit)",
+              "\xD1\xE5\x20\xE2\xE5\xF2\xF0\xE8\x2C\x20\xD1\xF2\xF0\xE8\xE1\xEE"
+              "\xE6\xE8\x20\xE2\xED\xF3\xF6\xE8\x2C\x20\xE2\xE5\xFE\xF2\xFA\x20"
+              "\xF1\x20\xEC\xEE\xF0\xFF\x20\xF1\xF2\xF0\xE5\xEB\xE0\xEC\xE8\x20"
+              "\xED\xE0\x20\xF5\xF0\xE0\xE1\xF0\xFB\xFF\x20\xEF\xEB\xFA\xEA\xFB"
+              "\x20\xC8\xE3\xEE\xF0\xE5\xE2\xFB",
+              "9dd2fe4e90409e5da87f53976d7405b0c0cac628fc669a741d50063c557e8f50");
+
+  /* carry test */
+  result |= test_gost2012_hash(
+              "carry test vector from gost-engine (256 Bit)",
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\x16\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11"
+              "\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11"
+              "\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11"
+              "\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x16",
+              "81bb632fa31fcc38b4c379a662dbc58b9bed83f50d3a1b2ce7271ab02d25babb");
+
+  /* 512 bit hash test for completeness */
+  result |= test_gost2012_hash512(
+              "test vector from example A.1 from GOST-34.11-2012 (512 bit)",
+              "012345678901234567890123456789012345678901234567890123456789012",
+              "1b54d01a4af5b9d5cc3d86d68d285462b19abc2475222f35c085122be4ba1ffa"
+              "00ad30f8767b3a82384c6574f024c311e2a481332b08ef7f41797891c1646f48");
+
+  result |= !test_gost2012_hash512(
+              "false positive test vector (512 bit)",
+              "012345678901234567890123456789012345678901234567890123456789012",
+              "0123456789012345678901234567890123456789012345678901234567890120"
+              "1234567890123456789012345678901234567890123456789012345678901234");
+
+  result |= test_gost2012_hash512(
+              "test vector from example A.2 from GOST-34.11-2012 (512 bit)",
+              "\xD1\xE5\x20\xE2\xE5\xF2\xF0\xE8\x2C\x20\xD1\xF2\xF0\xE8\xE1\xEE"
+              "\xE6\xE8\x20\xE2\xED\xF3\xF6\xE8\x2C\x20\xE2\xE5\xFE\xF2\xFA\x20"
+              "\xF1\x20\xEC\xEE\xF0\xFF\x20\xF1\xF2\xF0\xE5\xEB\xE0\xEC\xE8\x20"
+              "\xED\xE0\x20\xF5\xF0\xE0\xE1\xF0\xFB\xFF\x20\xEF\xEB\xFA\xEA\xFB"
+              "\x20\xC8\xE3\xEE\xF0\xE5\xE2\xFB",
+              "1e88e62226bfca6f9994f1f2d51569e0daf8475a3b0fe61a5300eee46d961376"
+              "035fe83549ada2b8620fcd7c496ce5b33f0cb9dddc2b6460143b03dabac9fb28");
+
+  /* carry test */
+  result |= test_gost2012_hash512(
+              "carry test vector from gost-engine (512 Bit)",
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE\xEE"
+              "\x16\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11"
+              "\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11"
+              "\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11"
+              "\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x11\x16",
+              "8b06f41e59907d9636e892caf5942fcdfb71fa31169a5e70f0edb873664df41c"
+              "2cce6e06dc6755d15a61cdeb92bd607cc4aaca6732bf3568a23a210dd520fd41");
+
+  return result;
+}
+
+#else
+
+int
+main (void)
+{
+  return 77; /* UNSUPPORTED */
+}
+
+#endif /* INCLUDE_gost_yescrypt */