xcrypt 0.1.0

data/ext/libxcrypt/test/alg-sm3.c

@@ -0,0 +1,168 @@
+/*
+ * Copyright (C) 2024 Tianjia Zhang
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the author nor the names of other contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "crypt-port.h"
+#include "alg-sm3.h"
+
+#include <stdio.h>
+
+#if INCLUDE_sm3crypt
+
+static const struct
+{
+  const char *input;
+  const char result[33];
+} tests[] =
+{
+  /* Test vectors from OSCCA GM/T 0004-2012: appendix A.  */
+  {
+    "abc",
+    "\x66\xc7\xf0\xf4\x62\xee\xed\xd9\xd1\xf2\xd4\x6b\xdc\x10\xe4\xe2"
+    "\x41\x67\xc4\x87\x5c\xf2\xf7\xa2\x29\x7d\xa0\x2b\x8f\x4b\xa8\xe0"
+  },
+  {
+    "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+    "\x63\x9b\x6c\xc5\xe6\x4d\x9e\x37\xa3\x90\xb1\x92\xdf\x4f\xa1\xea"
+    "\x07\x20\xab\x74\x7f\xf6\x92\xb9\xf3\x8c\x4e\x66\xad\x7b\x8c\x05"
+  },
+  {
+    "",
+    "\x1a\xb2\x1d\x83\x55\xcf\xa1\x7f\x8E\x61\x19\x48\x31\xe8\x1a\x8f"
+    "\x22\xbe\xc8\xc7\x28\xfe\xfb\x74\x7e\xd0\x35\xeb\x50\x82\xaa\x2b"
+  },
+  {
+    "a",
+    "\x62\x34\x76\xac\x18\xf6\x5a\x29\x09\xe4\x3c\x7f\xec\x61\xb4\x9c"
+    "\x7e\x76\x4a\x91\xa1\x8c\xcb\x82\xf1\x91\x7a\x29\xc8\x6c\x5e\x88"
+  },
+  {
+    "message digest",
+    "\xc5\x22\xa9\x42\xe8\x9b\xd8\x0d\x97\xdd\x66\x6e\x7a\x55\x31\xb3"
+    "\x61\x88\xc9\x81\x71\x49\xe9\xb2\x58\xdf\xe5\x1e\xce\x98\xed\x77"
+  },
+  {
+    "abcdefghijklmnopqrstuvwxyz",
+    "\xb8\x0f\xe9\x7a\x4d\xa2\x4a\xfc\x27\x75\x64\xf6\x6a\x35\x9e\xf4"
+    "\x40\x46\x2a\xd2\x8d\xcc\x6d\x63\xad\xb2\x4d\x5c\x20\xa6\x15\x95"
+  },
+  {
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+    "\x29\x71\xd1\x0c\x88\x42\xb7\x0c\x97\x9e\x55\x06\x34\x80\xc5\x0b"
+    "\xac\xff\xd9\x0e\x98\xe2\xe6\x0d\x25\x12\xab\x8a\xbf\xdf\xce\xc5"
+  },
+  {
+    "123456789012345678901234567890123456789012345678901234567890"
+    "12345678901234567890",
+    "\xad\x81\x80\x53\x21\xf3\xe6\x9d\x25\x12\x35\xbf\x88\x6a\x56\x48"
+    "\x44\x87\x3b\x56\xdd\x7d\xde\x40\x0f\x05\x5b\x7d\xde\x39\x30\x7a"
+  }
+};
+
+
+static void
+report_failure(int n, const char *tag,
+               const char expected[32], uint8_t actual[32])
+{
+  int i;
+  printf ("FAIL: test %d (%s):\n  exp:", n, tag);
+  for (i = 0; i < 32; i++)
+    {
+      if (i % 4 == 0)
+        putchar (' ');
+      printf ("%02x", (unsigned int)(unsigned char)expected[i]);
+    }
+  printf ("\n  got:");
+  for (i = 0; i < 32; i++)
+    {
+      if (i % 4 == 0)
+        putchar (' ');
+      printf ("%02x", (unsigned int)(unsigned char)actual[i]);
+    }
+  putchar ('\n');
+  putchar ('\n');
+}
+
+int
+main (void)
+{
+  sm3_ctx ctx;
+  uint8_t sum[32];
+  int result = 0;
+  int cnt;
+  int i;
+
+  for (cnt = 0; cnt < (int) ARRAY_SIZE (tests); ++cnt)
+    {
+      sm3_buf (tests[cnt].input, strlen (tests[cnt].input), sum);
+      if (memcmp (tests[cnt].result, sum, 32) != 0)
+        {
+          report_failure (cnt, "all at once", tests[cnt].result, sum);
+          result = 1;
+        }
+
+      sm3_init (&ctx);
+      for (i = 0; tests[cnt].input[i] != '\0'; ++i)
+        sm3_update (&ctx, &tests[cnt].input[i], 1);
+      sm3_final (sum, &ctx);
+      if (memcmp (tests[cnt].result, sum, 32) != 0)
+        {
+          report_failure (cnt, "byte by byte", tests[cnt].result, sum);
+          result = 1;
+        }
+    }
+
+  /* Test vector from FIPS 180-2: appendix B.3.  */
+  char buf[1000];
+  memset (buf, 'a', sizeof (buf));
+  sm3_init (&ctx);
+  for (i = 0; i < 1000; ++i)
+    sm3_update (&ctx, buf, sizeof (buf));
+  sm3_final (sum, &ctx);
+  static const char expected[33] =
+    "\xc8\xaa\xf8\x94\x29\x55\x40\x29\xe2\x31\x94\x1a\x2a\xcc\x0a\xd6"
+    "\x1f\xf2\xa5\xac\xd8\xfa\xdd\x25\x84\x7a\x3a\x73\x2b\x3b\x02\xc3";
+
+  if (memcmp (expected, sum, 32) != 0)
+    {
+      report_failure (cnt, "block by block", expected, sum);
+      result = 1;
+    }
+
+  return result;
+}
+
+#else
+
+int
+main (void)
+{
+  return 77; /* UNSUPPORTED */
+}
+
+#endif

data/ext/libxcrypt/test/alg-yescrypt.c

@@ -0,0 +1,466 @@
+/*-
+ * Copyright 2013-2018 Alexander Peslyak
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "crypt-port.h"
+
+#if INCLUDE_yescrypt || INCLUDE_scrypt || INCLUDE_gost_yescrypt || \
+    INCLUDE_sm3_yescrypt
+
+#pragma GCC diagnostic ignored "-Wconversion"
+#pragma GCC diagnostic ignored "-Wsign-conversion"
+#pragma GCC diagnostic ignored "-Wcast-qual"
+
+#include <stdio.h>
+#include <string.h>
+
+#define YESCRYPT_FLAGS YESCRYPT_DEFAULTS
+#if 1
+#define YESCRYPT_P 11
+#define YESCRYPT_PROM 8
+#else
+#define YESCRYPT_P 1
+#define YESCRYPT_PROM 1
+#endif
+
+#undef  TEST_PBKDF2_SHA256
+#define TEST_SCRYPT
+#define TEST_YESCRYPT_KDF
+#define TEST_YESCRYPT_ENCODING
+#define TEST_ROM
+#define TEST_ROM_PREALLOC
+
+static int retval = 0;
+
+#ifdef TEST_ROM_PREALLOC
+#include <stdlib.h> /* for malloc() */
+#endif
+
+#ifdef TEST_PBKDF2_SHA256
+#include <assert.h>
+
+#include "alg-sha256.h"
+
+static void print_PBKDF2_SHA256_raw(const char *passwd, size_t passwdlen,
+    const char *salt, size_t saltlen, uint64_t c, size_t dkLen)
+{
+	uint8_t dk[64];
+	size_t i;
+
+	assert(dkLen <= sizeof(dk));
+
+	/* XXX This prints the strings truncated at first NUL */
+	printf("PBKDF2_SHA256(\"%s\", \"%s\", %llu, %llu) =",
+	    passwd, salt, (unsigned long long)c, (unsigned long long)dkLen);
+
+	PBKDF2_SHA256((const uint8_t *) passwd, passwdlen,
+	    (const uint8_t *) salt, saltlen, c, dk, dkLen);
+
+	for (i = 0; i < dkLen; i++)
+		printf(" %02x", dk[i]);
+	puts("");
+}
+
+static void print_PBKDF2_SHA256(const char *passwd,
+    const char *salt, uint64_t c, size_t dkLen)
+{
+	print_PBKDF2_SHA256_raw(passwd, strlen(passwd), salt, strlen(salt), c,
+	    dkLen);
+}
+#endif
+
+#if defined(TEST_SCRYPT) || defined(TEST_YESCRYPT_ENCODING)
+#include "alg-yescrypt.h"
+#endif
+
+#ifdef TEST_SCRYPT
+static void print_scrypt(const char *passwd, const char *salt,
+    uint64_t N, uint32_t r, uint32_t p)
+{
+	uint8_t dk[64];
+	size_t i;
+
+	printf("scrypt(\"%s\", \"%s\", %llu, %u, %u) =",
+	    passwd, salt, (unsigned long long)N, r, p);
+
+	if (crypto_scrypt((const uint8_t *) passwd, strlen(passwd),
+	    (const uint8_t *) salt, strlen(salt), N, r, p, dk, sizeof(dk))) {
+		puts(" FAILED");
+		retval = 1;
+		return;
+	}
+
+	for (i = 0; i < sizeof(dk); i++)
+		printf(" %02x", dk[i]);
+	puts("");
+}
+#endif
+
+#ifdef TEST_YESCRYPT_KDF
+static void print_yescrypt(const char *passwd, const char *salt,
+    yescrypt_flags_t flags,
+    uint64_t N, uint32_t r, uint32_t p, uint32_t t, uint32_t g,
+    uint32_t dklen)
+{
+	yescrypt_local_t local;
+	yescrypt_params_t params = {flags, N, r, p, t, g, 0};
+	uint8_t dk[64];
+	uint32_t i;
+
+#if 1
+	/* Don't test hash upgrades */
+	if (g)
+		return;
+#endif
+
+	if (dklen > sizeof(dk) || yescrypt_init_local(&local)) {
+		puts("FAILED");
+		retval = 1;
+		return;
+	}
+
+	printf("yescrypt(\"%s\", \"%s\", %u, %llu, %u, %u, %u, %u) =",
+	    passwd, salt, flags, (unsigned long long)N, r, p, t, g);
+
+	if (yescrypt_kdf(NULL, &local,
+	    (const uint8_t *) passwd, strlen(passwd),
+	    (const uint8_t *) salt, strlen(salt), &params, dk, dklen)) {
+		yescrypt_free_local(&local);
+		puts(" FAILED");
+		retval = 1;
+		return;
+	}
+
+	yescrypt_free_local(&local);
+
+	for (i = 0; i < dklen; i++)
+		printf(" %02x", dk[i]);
+	puts("");
+}
+#endif
+
+int main(void)
+{
+	int i;
+
+	setvbuf(stdout, NULL, _IOLBF, 0);
+
+#ifdef TEST_PBKDF2_SHA256
+	print_PBKDF2_SHA256("password", "salt", 1, 20);
+	print_PBKDF2_SHA256("password", "salt", 2, 20);
+	print_PBKDF2_SHA256("password", "salt", 4096, 20);
+	print_PBKDF2_SHA256("password", "salt", 16777216, 20);
+	print_PBKDF2_SHA256("passwordPASSWORDpassword",
+	    "saltSALTsaltSALTsaltSALTsaltSALTsalt", 4096, 25);
+	print_PBKDF2_SHA256_raw("pass\0word", 9, "sa\0lt", 5, 4096, 16);
+#if 0
+	print_PBKDF2_SHA256("password", "salt", 1, 32);
+	print_PBKDF2_SHA256("password", "salt", 2, 32);
+	print_PBKDF2_SHA256("password", "salt", 4096, 32);
+	print_PBKDF2_SHA256("password", "salt", 16777216, 32);
+	print_PBKDF2_SHA256("passwordPASSWORDpassword",
+	    "saltSALTsaltSALTsaltSALTsaltSALTsalt", 4096, 40);
+	print_PBKDF2_SHA256("password", "salt", 4096, 16);
+	print_PBKDF2_SHA256("password", "salt", 1, 20);
+	print_PBKDF2_SHA256("password", "salt", 2, 20);
+	print_PBKDF2_SHA256("password", "salt", 4096, 20);
+	print_PBKDF2_SHA256("password", "salt", 16777216, 20);
+	print_PBKDF2_SHA256("password", "salt", 4096, 25);
+	print_PBKDF2_SHA256("password", "salt", 4096, 16);
+#endif
+#endif
+
+#ifdef TEST_SCRYPT
+	print_scrypt("", "", 16, 1, 1);
+	print_scrypt("password", "NaCl", 1024, 8, 16);
+	print_scrypt("pleaseletmein", "SodiumChloride", 16384, 8, 1);
+	print_scrypt("pleaseletmein", "SodiumChloride", 1048576, 8, 1);
+#endif
+
+#ifdef TEST_YESCRYPT_KDF
+	print_yescrypt("", "", 0, 16, 1, 1, 0, 0, 64);
+	print_yescrypt("", "", 0, 16, 1, 1, 0, 0, 8);
+	print_yescrypt("", "", 0, 4, 1, 1, 0, 0, 64);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 0, 0, 64);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 0, 0, 8);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 1, 0, 64);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 2, 0, 64);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 3, 0, 64);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 3, 0, 33);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 3, 0, 32);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 3, 0, 31);
+	print_yescrypt("", "", YESCRYPT_WORM, 4, 1, 1, 3, 0, 1);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 0, 0, 64);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 0, 0, 4);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 1, 0, 64);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 1, 0, 33);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 1, 0, 32);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 1, 0, 31);
+	print_yescrypt("", "", YESCRYPT_DEFAULTS, 4, 1, 1, 1, 0, 1);
+	for (i = 0; i <= 6; i++)
+		print_yescrypt("p", "s", YESCRYPT_DEFAULTS, 16, 8, 1, i + 10, i, 40);
+	for (i = 0; i <= 6; i++)
+		print_yescrypt("p", "s", YESCRYPT_WORM, 16, 8, 1, i + 10, i, 40);
+	for (i = 0; i <= 6; i++)
+		print_yescrypt("p", "s", YESCRYPT_DEFAULTS, 16, 8, 1, 0, i, 40);
+	for (i = 0; i <= 6; i++)
+		print_yescrypt("p", "s", YESCRYPT_WORM, 16, 8, 1, 0, i, 40);
+	for (i = 0; i <= 2; i++)
+		print_yescrypt("p", "s", YESCRYPT_DEFAULTS, 16, 8, 1, 0, i, 32);
+	for (i = 0; i <= 2; i++)
+		print_yescrypt("p", "s", YESCRYPT_DEFAULTS, 16, 8, 1, 0, i, 8);
+#endif
+
+#ifdef TEST_YESCRYPT_ENCODING
+	{
+		uint8_t *setting;
+		yescrypt_binary_t key = {.uc={
+		    1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,
+		    17,18,19,20,21,22,23,24,25,26,27,28,255,128,64,32}};
+
+		for (i = 0; i < 18; i++) {
+			uint32_t N_log2 = (i < 14) ? (16 - i) : 2;
+			uint32_t r = (i < 8) ? (8 - i) : (1 + (i & 1));
+			uint32_t p = (i & 1) ? 1 : YESCRYPT_P;
+			yescrypt_flags_t flags = YESCRYPT_DEFAULTS;
+			if ((int)p - (i / 2) > 1)
+				p -= i / 2;
+			if (i & 2) {
+				flags = YESCRYPT_WORM;
+			} else {
+				while ((1ULL << N_log2) / p <= 3)
+					N_log2++;
+			}
+			yescrypt_params_t params =
+			    {flags, (uint64_t)1 << N_log2, r, p, 0, 0, 0};
+			setting = yescrypt_encode_params(&params,
+			    (const uint8_t *)"WZaPV7LSUEKMo34.", 16 - (i & 15));
+			if (setting && i == 0)
+				printf("'%s'\n", (char *)setting);
+			if (!setting) {
+				printf("%d yescrypt_encode_params() = NULL\n", i);
+				retval = 1;
+			}
+			if (setting) {
+				uint8_t *hash = yescrypt(
+				    (const uint8_t *)"pleaseletmein", setting);
+				printf("Plaintext: '%s'\n", (char *)hash);
+				hash = (uint8_t *)strdup((char *)hash);
+				if (!hash || strcmp(
+				    (char *)hash, (char *)yescrypt(
+				    (const uint8_t *)"pleaseletmein", hash))) {
+					puts("Validation FAILED");
+					retval = 1;
+				}
+				uint8_t *orig = (uint8_t *)strdup((char *)hash);
+				if (!yescrypt_reencrypt(hash, NULL, &key)) {
+					printf("%d yescrypt_reencrypt() = NULL\n", i);
+					retval = 1;
+				}
+				printf("Encrypted: '%s'\n", (char *)hash);
+				yescrypt_local_t local;
+				if (yescrypt_init_local(&local)) {
+					puts("yescrypt_init_local() FAILED");
+					retval = 1;
+				}
+				uint8_t buf[128];
+				if (strcmp((char *)hash, (char *)yescrypt_r(
+				    NULL, &local,
+				    (const uint8_t *)"pleaseletmein", 13,
+				    hash, &key, buf, sizeof(buf)))) {
+					puts("Validation of encrypted FAILED");
+					retval = 1;
+				}
+				if (!strcmp((char *)hash, (char *)yescrypt_r(
+				    NULL, &local,
+				    (const uint8_t *)"pleaseletmein", 13,
+				    hash, NULL, buf, sizeof(buf)))) {
+					puts("Validation of encrypted "
+					"unexpectedly succeeded");
+					retval = 1;
+				}
+				if (!strcmp((char *)orig, (char *)yescrypt_r(
+				    NULL, &local,
+				    (const uint8_t *)"pleaseletmein", 13,
+				    orig, &key, buf, sizeof(buf)))) {
+					puts("Validation of unencrypted "
+					"unexpectedly succeeded");
+					retval = 1;
+				}
+				yescrypt_free_local(&local);
+				if (!yescrypt_reencrypt(hash, &key, NULL)) {
+					printf("%d yescrypt_reencrypt() = NULL\n", i);
+					retval = 1;
+				}
+				if (strcmp((char *)hash, (char *)orig)) {
+					puts("Decryption FAILED");
+					retval = 1;
+				}
+				free(orig);
+				free(hash);
+			}
+		}
+
+		printf("'%s'\n", (char *)yescrypt(
+		    (const uint8_t *)"pleaseletmein",
+		    (const uint8_t *)"$7$C6..../....SodiumChloride"));
+
+		printf("'%s'\n", (char *)yescrypt(
+		    (const uint8_t *)"pleaseletmein",
+		    (const uint8_t *)"$7$06..../....SodiumChloride"));
+
+#ifdef TEST_ROM
+		uint64_t rom_bytes = 256 * (1024ULL*1024);
+		uint64_t ram_bytes = 2 * (1024ULL*1024);
+		uint32_t r;
+		uint64_t NROM_log2, N_log2;
+		yescrypt_shared_t shared;
+		yescrypt_local_t local;
+
+		NROM_log2 = 0;
+		while (((rom_bytes >> NROM_log2) & 0xff) == 0)
+			NROM_log2++;
+		r = rom_bytes >> (7 + NROM_log2);
+		while (r < 5 && NROM_log2 > 0) {
+			r <<= 1;
+			NROM_log2--;
+		}
+		rom_bytes = (uint64_t)r << (7 + NROM_log2);
+
+		N_log2 = 0;
+		while (((uint64_t)r << (7 + N_log2)) < ram_bytes)
+			N_log2++;
+		ram_bytes = (uint64_t)r << (7 + N_log2);
+
+		printf("r=%u N=2^%u NROM=2^%u\n", r,
+		    (unsigned int)N_log2, (unsigned int)NROM_log2);
+
+		printf("Will use %.2f KiB ROM\n", rom_bytes / 1024.0);
+		printf("         %.2f KiB RAM\n", ram_bytes / 1024.0);
+
+		printf("Initializing ROM ...");
+		fflush(stdout);
+		yescrypt_params_t rom_params = { YESCRYPT_DEFAULTS,
+		    0, r, YESCRYPT_PROM, 0, 0, (uint64_t)1 << NROM_log2 };
+		if (yescrypt_init_shared(&shared,
+		    (uint8_t *)"local param", 12, &rom_params)) {
+			puts(" FAILED");
+			retval = 1;
+		}
+		yescrypt_binary_t *digest = yescrypt_digest_shared(&shared);
+		printf(" DONE (%02x%02x%02x%02x)\n",
+		    digest->uc[0], digest->uc[1], digest->uc[2], digest->uc[3]);
+
+		if (yescrypt_init_local(&local)) {
+			puts("FAILED");
+			retval = 1;
+		}
+
+		yescrypt_params_t params = rom_params;
+		params.flags = YESCRYPT_FLAGS;
+		params.N = (uint64_t)1 << N_log2;
+		params.p = YESCRYPT_P;
+		setting = yescrypt_encode_params(&params,
+		    (const uint8_t *)"WZaPV7LSUEKMo34.", 16);
+		printf("'%s'\n", (char *)setting);
+
+		uint8_t hash[128];
+
+		printf("'%s'\n", (char *)yescrypt_r(&shared, &local,
+		    (const uint8_t *)"pleaseletmein", 13, setting, NULL,
+		    hash, sizeof(hash)));
+
+#ifdef TEST_ROM_PREALLOC
+		yescrypt_free_shared(&shared);
+
+		shared.aligned_size = ((uint64_t)1 << NROM_log2) * 128 * r;
+		shared.base_size = shared.aligned_size + 63;
+		uint8_t *where = shared.base = malloc(shared.base_size);
+		where += 63;
+		where = shared.aligned = where - ((uintptr_t)where & 63);
+
+		printf("Initializing ROM in preallocated memory ...");
+		fflush(stdout);
+		rom_params.flags |= YESCRYPT_SHARED_PREALLOCATED;
+		if (yescrypt_init_shared(&shared,
+		    (uint8_t *)"local param", 12, &rom_params)) {
+			puts(" FAILED");
+			retval = 1;
+		}
+		digest = yescrypt_digest_shared(&shared);
+		printf(" DONE (%02x%02x%02x%02x)\n",
+		    digest->uc[0], digest->uc[1], digest->uc[2], digest->uc[3]);
+
+		if ((void *)where != shared.aligned) {
+			puts("YESCRYPT_SHARED_PREALLOCATED failed");
+			retval = 1;
+		}
+
+#endif
+
+		printf("'%s'\n", (char *)yescrypt_r(&shared, &local,
+		    (const uint8_t *)"pleaseletmein", 13, setting, NULL,
+		    hash, sizeof(hash)));
+
+		printf("'%s'\n", (char *)yescrypt_r(&shared, &local,
+		    (const uint8_t *)"pleaseletmeIn", 13, setting, NULL,
+		    hash, sizeof(hash)));
+
+		setting = yescrypt_encode_params(&params,
+		    (const uint8_t *)"WZaPV7LSUEIMo34.", 16);
+
+		printf("'%s'\n", (char *)yescrypt_r(&shared, &local,
+		    (const uint8_t *)"pleaseletmein", 13, setting, NULL,
+		    hash, sizeof(hash)));
+
+		printf("'%s'\n", (char *)yescrypt_r(&shared, &local,
+		    (const uint8_t *)"pleaseletmeIn", 13, setting, NULL,
+		    hash, sizeof(hash)));
+
+		params.N = 4;
+		params.NROM *= params.r;
+		params.r = 1;
+		params.p = 1;
+		setting = yescrypt_encode_params(&params,
+		    (const uint8_t *)"WZaPV7LSUEKMo34.", 16);
+
+		printf("'%s'\n", (char *)yescrypt_r(&shared, &local,
+		    (const uint8_t *)"pleaseletmein", 13, setting, NULL,
+		    hash, sizeof(hash)));
+
+		free(shared.base); /* has been malloc'ed */
+		shared.base = NULL;
+		yescrypt_free_shared(&shared);
+#endif
+	}
+#endif
+
+	return retval;
+}
+
+#else
+
+int
+main (void)
+{
+	return 77; /* UNSUPPORTED */
+}
+
+#endif /* INCLUDE_yescrypt || INCLUDE_scrypt || INCLUDE_gost_yescrypt ||
+          INCLUDE_sm3_yescrypt */