diff options
author | Niels Möller <nisse@lysator.liu.se> | 2020-01-28 16:51:29 +0100 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2020-01-28 16:51:29 +0100 |
commit | bbed494d439a3f45026c63af57ae969713bd3e0a (patch) | |
tree | 480a8ff42fab1f7a4c39b0535c423ce41f57dbfb | |
parent | ee28a24cd3cbd1796a62a9437089ed7b09f953ed (diff) | |
parent | 358eabb1e59e4e6e1367568503a124f0be7bdcae (diff) | |
download | nettle-bbed494d439a3f45026c63af57ae969713bd3e0a.tar.gz |
Merge branch 'delete-ecc-g'
-rw-r--r-- | ChangeLog | 20 | ||||
-rw-r--r-- | ecc-curve25519.c | 1 | ||||
-rw-r--r-- | ecc-curve448.c | 1 | ||||
-rw-r--r-- | ecc-gost-gc256b.c | 1 | ||||
-rw-r--r-- | ecc-gost-gc512a.c | 1 | ||||
-rw-r--r-- | ecc-internal.h | 3 | ||||
-rw-r--r-- | ecc-secp192r1.c | 1 | ||||
-rw-r--r-- | ecc-secp224r1.c | 1 | ||||
-rw-r--r-- | ecc-secp256r1.c | 1 | ||||
-rw-r--r-- | ecc-secp384r1.c | 1 | ||||
-rw-r--r-- | ecc-secp521r1.c | 1 | ||||
-rw-r--r-- | eccdata.c | 13 | ||||
-rw-r--r-- | testsuite/ecc-add-test.c | 2 | ||||
-rw-r--r-- | testsuite/ecc-dup-test.c | 2 | ||||
-rw-r--r-- | testsuite/ecc-mul-a-test.c | 25 | ||||
-rw-r--r-- | testsuite/ecc-mul-g-test.c | 13 | ||||
-rw-r--r-- | testsuite/testutils.c | 207 | ||||
-rw-r--r-- | testsuite/testutils.h | 13 |
18 files changed, 180 insertions, 127 deletions
@@ -1,5 +1,25 @@ 2020-01-26 Niels Möller <nisse@lysator.liu.se> + * ecc-internal.h (struct ecc_curve): Delete g, the curve + generator, since it was used only by tests. Update all curve + instances. + + * eccdata.c (output_curve): Delete output of ecc_g. + (output_point): Delete name argument, and update callers. + + * testsuite/testutils.c (ecc_ref): Table of reference points moved + out of test_ecc_mul_a. Add generator to the list of points. + (test_ecc_mul_a): Use ecc_ref table also for the n == 1 case. + (test_ecc_ga, test_ecc_get_g, test_ecc_get_ga): New functions, + using the tabulated generator. + + * testsuite/ecc-add-test.c: Use test_ecc_get_g, instead of + accessing ecc->g. + * testsuite/ecc-dup-test.c: Likewise. + * testsuite/ecc-mul-a-test.c: Use test_ecc_get_ga and test_ecc_ga. + Delete special case for n == 1. + * testsuite/ecc-mul-g-test.c: Use test_ecc_ga. + Support for GOST DSA, contributed by Dmitry Baryshkov. * gostdsa-verify.c (gostdsa_verify): New file and function. * gostdsa-sign.c (gostdsa_sign): New file and function. diff --git a/ecc-curve25519.c b/ecc-curve25519.c index 0ad3017c..f8f2c64a 100644 --- a/ecc-curve25519.c +++ b/ecc-curve25519.c @@ -350,7 +350,6 @@ const struct ecc_curve _nettle_curve25519 = ecc_eh_to_a, ecc_b, /* Edwards curve constant. */ - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-curve448.c b/ecc-curve448.c index c31a0eb2..484b7d1e 100644 --- a/ecc-curve448.c +++ b/ecc-curve448.c @@ -328,7 +328,6 @@ const struct ecc_curve _nettle_curve448 = ecc_eh_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-gost-gc256b.c b/ecc-gost-gc256b.c index 8adc8e17..a23d46fc 100644 --- a/ecc-gost-gc256b.c +++ b/ecc-gost-gc256b.c @@ -117,7 +117,6 @@ const struct ecc_curve _nettle_gost_gc256b = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-gost-gc512a.c b/ecc-gost-gc512a.c index 6d210925..398762c3 100644 --- a/ecc-gost-gc512a.c +++ b/ecc-gost-gc512a.c @@ -117,7 +117,6 @@ const struct ecc_curve _nettle_gost_gc512a = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-internal.h b/ecc-internal.h index 0022e0ab..5d58cbe8 100644 --- a/ecc-internal.h +++ b/ecc-internal.h @@ -205,9 +205,6 @@ struct ecc_curve /* Curve constant */ const mp_limb_t *b; - /* Generator, x coordinate followed by y (affine coordinates). - Currently used only by the test suite. */ - const mp_limb_t *g; /* For redc, same as B mod p, otherwise 1. */ const mp_limb_t *unit; diff --git a/ecc-secp192r1.c b/ecc-secp192r1.c index 094074d7..046026f3 100644 --- a/ecc-secp192r1.c +++ b/ecc-secp192r1.c @@ -170,7 +170,6 @@ const struct ecc_curve _nettle_secp_192r1 = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-secp224r1.c b/ecc-secp224r1.c index e6b43fa6..05d84017 100644 --- a/ecc-secp224r1.c +++ b/ecc-secp224r1.c @@ -122,7 +122,6 @@ const struct ecc_curve _nettle_secp_224r1 = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-secp256r1.c b/ecc-secp256r1.c index 6c776a72..d3996424 100644 --- a/ecc-secp256r1.c +++ b/ecc-secp256r1.c @@ -299,7 +299,6 @@ const struct ecc_curve _nettle_secp_256r1 = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-secp384r1.c b/ecc-secp384r1.c index c4a75564..54bcd112 100644 --- a/ecc-secp384r1.c +++ b/ecc-secp384r1.c @@ -207,7 +207,6 @@ const struct ecc_curve _nettle_secp_384r1 = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; diff --git a/ecc-secp521r1.c b/ecc-secp521r1.c index 74688008..776f7ae0 100644 --- a/ecc-secp521r1.c +++ b/ecc-secp521r1.c @@ -135,7 +135,6 @@ const struct ecc_curve _nettle_secp_521r1 = ecc_j_to_a, ecc_b, - ecc_g, ecc_unit, ecc_table }; @@ -1111,7 +1111,7 @@ output_bignum (const char *name, const mpz_t x, } static void -output_point (const char *name, const struct ecc_curve *ecc, +output_point (const struct ecc_curve *ecc, const struct ecc_point *p, int use_redc, unsigned size, unsigned bits_per_limb) { @@ -1121,9 +1121,6 @@ output_point (const char *name, const struct ecc_curve *ecc, mpz_init (y); mpz_init (t); - if (name) - printf("static const mp_limb_t %s[%u] = {", name, 2*size); - mpz_set (x, p->x); mpz_set (y, p->y); @@ -1138,9 +1135,6 @@ output_point (const char *name, const struct ecc_curve *ecc, output_digits (x, size, bits_per_limb); output_digits (y, size, bits_per_limb); - if (name) - printf("\n};\n"); - mpz_clear (x); mpz_clear (y); mpz_clear (t); @@ -1185,7 +1179,6 @@ output_curve (const struct ecc_curve *ecc, unsigned bits_per_limb) output_bignum ("ecc_p", ecc->p, limb_size, bits_per_limb); output_bignum ("ecc_b", ecc->b, limb_size, bits_per_limb); output_bignum ("ecc_q", ecc->q, limb_size, bits_per_limb); - output_point ("ecc_g", ecc, &ecc->g, 0, limb_size, bits_per_limb); bits = output_modulo ("ecc_Bmodp", ecc->p, limb_size, bits_per_limb); printf ("#define ECC_BMODP_SIZE %u\n", @@ -1359,7 +1352,7 @@ output_curve (const struct ecc_curve *ecc, unsigned bits_per_limb) printf ("static const mp_limb_t ecc_table[%lu] = {", (unsigned long) (2*ecc->table_size * limb_size)); for (i = 0; i < ecc->table_size; i++) - output_point (NULL, ecc, &ecc->table[i], 1, limb_size, bits_per_limb); + output_point (ecc, &ecc->table[i], 1, limb_size, bits_per_limb); printf("\n};\n"); @@ -1371,7 +1364,7 @@ output_curve (const struct ecc_curve *ecc, unsigned bits_per_limb) printf ("static const mp_limb_t ecc_table[%lu] = {", (unsigned long) (2*ecc->table_size * limb_size)); for (i = 0; i < ecc->table_size; i++) - output_point (NULL, ecc, &ecc->table[i], 0, limb_size, bits_per_limb); + output_point (ecc, &ecc->table[i], 0, limb_size, bits_per_limb); printf("\n};\n"); printf ("#endif\n"); diff --git a/testsuite/ecc-add-test.c b/testsuite/ecc-add-test.c index 84e4aaa6..3e14b30e 100644 --- a/testsuite/ecc-add-test.c +++ b/testsuite/ecc-add-test.c @@ -17,7 +17,7 @@ test_main (void) ASSERT (ecc->dup_itch <= ecc->add_hhh_itch); - ecc_a_to_j (ecc, g, ecc->g); + test_ecc_get_g (i, g); if (ecc->p.bit_size == 255 || ecc->p.bit_size == 448) { diff --git a/testsuite/ecc-dup-test.c b/testsuite/ecc-dup-test.c index 2a2179ac..500826ac 100644 --- a/testsuite/ecc-dup-test.c +++ b/testsuite/ecc-dup-test.c @@ -12,7 +12,7 @@ test_main (void) mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc)); mp_limb_t *scratch = xalloc_limbs (ecc->dup_itch); - ecc_a_to_j (ecc, g, ecc->g); + test_ecc_get_g (i, g); if (ecc->p.bit_size == 255 || ecc->p.bit_size == 448) { diff --git a/testsuite/ecc-mul-a-test.c b/testsuite/ecc-mul-a-test.c index 0e1457bd..a865d487 100644 --- a/testsuite/ecc-mul-a-test.c +++ b/testsuite/ecc-mul-a-test.c @@ -14,30 +14,25 @@ test_main (void) { const struct ecc_curve *ecc = ecc_curves[i]; mp_size_t size = ecc_size (ecc); + mp_limb_t *g = xalloc_limbs (ecc_size_a (ecc)); mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc)); mp_limb_t *q = xalloc_limbs (ecc_size_j (ecc)); mp_limb_t *n = xalloc_limbs (size); mp_limb_t *scratch = xalloc_limbs (ecc->mul_itch); unsigned j; + test_ecc_get_ga (i, g); mpn_zero (n, size); - n[0] = 1; - ecc->mul (ecc, p, n, ecc->g, scratch); - ecc->h_to_a (ecc, 0, p, p, scratch); - - if (mpn_cmp (p, ecc->g, 2*size) != 0) - die ("curve %d: ecc->mul with n = 1 failed.\n", ecc->p.bit_size); - - for (n[0] = 2; n[0] <= 4; n[0]++) + for (n[0] = 1; n[0] <= 4; n[0]++) { - ecc->mul (ecc, p, n, ecc->g, scratch); + ecc->mul (ecc, p, n, g, scratch); test_ecc_mul_h (i, n[0], p); } /* (order - 1) * g = - g */ mpn_sub_1 (n, ecc->q.m, size, 1); - ecc->mul (ecc, p, n, ecc->g, scratch); + ecc->mul (ecc, p, n, g, scratch); ecc->h_to_a (ecc, 0, p, p, scratch); if (ecc->p.bit_size == 255 || ecc->p.bit_size == 448) /* For edwards curves, - (x,y ) == (-x, y). FIXME: Swap x and @@ -45,11 +40,8 @@ test_main (void) mpn_sub_n (p, ecc->p.m, p, size); else mpn_sub_n (p + size, ecc->p.m, p + size, size); - if (mpn_cmp (p, ecc->g, 2*size) != 0) - { - fprintf (stderr, "ecc->mul with n = order - 1 failed.\n"); - abort (); - } + + test_ecc_ga (i, p); mpn_zero (n, size); @@ -64,7 +56,7 @@ test_main (void) mpz_limbs_copy (n, r, size); n[size - 1] %= ecc->q.m[size - 1]; - ecc->mul (ecc, p, n, ecc->g, scratch); + ecc->mul (ecc, p, n, g, scratch); ecc->h_to_a (ecc, 0, p, p, scratch); ecc->mul_g (ecc, q, n, scratch); @@ -92,6 +84,7 @@ test_main (void) abort (); } } + free (g); free (n); free (p); free (q); diff --git a/testsuite/ecc-mul-g-test.c b/testsuite/ecc-mul-g-test.c index 04501b38..461901af 100644 --- a/testsuite/ecc-mul-g-test.c +++ b/testsuite/ecc-mul-g-test.c @@ -25,11 +25,7 @@ test_main (void) ecc->mul_g (ecc, p, n, scratch); ecc->h_to_a (ecc, 0, p, p, scratch); - if (mpn_cmp (p, ecc->g, 2*size) != 0) - { - fprintf (stderr, "ecc->mul_g with n = 1 failed.\n"); - abort (); - } + test_ecc_ga (i, p); for (n[0] = 2; n[0] <= 4; n[0]++) { @@ -47,11 +43,8 @@ test_main (void) mpn_sub_n (p, ecc->p.m, p, size); else mpn_sub_n (p + size, ecc->p.m, p + size, size); - if (mpn_cmp (p, ecc->g, 2*size) != 0) - { - fprintf (stderr, "ecc->mul_g with n = order - 1 failed.\n"); - abort (); - } + + test_ecc_ga (i, p); free (n); free (p); diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 61d52d92..bb6ad54b 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -1726,100 +1726,133 @@ test_ecc_point (const struct ecc_curve *ecc, } } -void -test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) -{ - /* For each curve, the points 2 g, 3 g and 4 g */ - static const struct ecc_ref_point ref[9][3] = { - { { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", +/* For each curve, the points g, 2 g, 3 g and 4 g */ +static const struct ecc_ref_point ecc_ref[9][4] = { + { { "188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", + "07192b95ffc8da78631011ed6b24cdd573f977a11e794811" }, + { "dafebf5828783f2ad35534631588a3f629a70fb16982a888", "dd6bda0d993da0fa46b27bbc141b868f59331afa5c7e93ab" }, - { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", + { "76e32a2557599e6edcd283201fb2b9aadfd0d359cbb263da", "782c37e372ba4520aa62e0fed121d49ef3b543660cfd05fd" }, - { "35433907297cc378b0015703374729d7a4fe46647084e4ba", + { "35433907297cc378b0015703374729d7a4fe46647084e4ba", "a2649984f2135c301ea3acb0776cd4f125389b311db3be32" } - }, - { { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", + }, + { { "b70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21", + "bd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34" }, + { "706a46dc76dcb76798e60e6d89474788d16dc18032d268fd1a704fa6", "1c2b76a7bc25e7702a704fa986892849fca629487acf3709d2e4e8bb" }, - { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", + { "df1b1d66a551d0d31eff822558b9d2cc75c2180279fe0d08fd896d04", "a3f7f03cadd0be444c0aa56830130ddf77d317344e1af3591981a925" }, - { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", + { "ae99feebb5d26945b54892092a8aee02912930fa41cd114e40447301", "482580a0ec5bc47e88bc8c378632cd196cb3fa058a7114eb03054c9" }, - }, - { { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", + }, + { { "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", + "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" }, + { "7cf27b188d034f7e8a52380304b51ac3c08969e277f21b35a60b48fc47669978", "7775510db8ed040293d9ac69f7430dbba7dade63ce982299e04b79d227873d1" }, - { "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c", + { "5ecbe4d1a6330a44c8f7ef951d4bf165e6c6b721efada985fb41661bc6e7fd6c", "8734640c4998ff7e374b06ce1a64a2ecd82ab036384fb83d9a79b127a27d5032" }, - { "e2534a3532d08fbba02dde659ee62bd0031fe2db785596ef509302446b030852", + { "e2534a3532d08fbba02dde659ee62bd0031fe2db785596ef509302446b030852", "e0f1575a4c633cc719dfee5fda862d764efc96c3f30ee0055c42c23f184ed8c6" }, - }, - { { "8d999057ba3d2d969260045c55b97f089025959a6f434d651d207d19fb96e9e" + }, + { { "aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a38" + "5502f25dbf55296c3a545e3872760ab7", + "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c0" + "0a60b1ce1d7e819d7a431d7c90ea0e5f" }, + { "8d999057ba3d2d969260045c55b97f089025959a6f434d651d207d19fb96e9e" "4fe0e86ebe0e64f85b96a9c75295df61", "8e80f1fa5b1b3cedb7bfe8dffd6dba74b275d875bc6cc43e904e505f256ab425" "5ffd43e94d39e22d61501e700a940e80" }, - { "77a41d4606ffa1464793c7e5fdc7d98cb9d3910202dcd06bea4f240d3566da6" + { "77a41d4606ffa1464793c7e5fdc7d98cb9d3910202dcd06bea4f240d3566da6" "b408bbae5026580d02d7e5c70500c831", "c995f7ca0b0c42837d0bbe9602a9fc998520b41c85115aa5f7684c0edc111eac" "c24abd6be4b5d298b65f28600a2f1df1" }, - { "138251cd52ac9298c1c8aad977321deb97e709bd0b4ca0aca55dc8ad51dcfc9d" + { "138251cd52ac9298c1c8aad977321deb97e709bd0b4ca0aca55dc8ad51dcfc9d" "1589a1597e3a5120e1efd631c63e1835", "cacae29869a62e1631e8a28181ab56616dc45d918abc09f3ab0e63cf792aa4dc" "ed7387be37bba569549f1c02b270ed67" }, - }, - { { "43" + }, + { { "c6" + "858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dba" + "a14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", + "118" + "39296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c" + "97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650" }, + { "43" "3c219024277e7e682fcb288148c282747403279b1ccc06352c6e5505d769be97" "b3b204da6ef55507aa104a3a35c5af41cf2fa364d60fd967f43e3933ba6d783d", "f4" "bb8cc7f86db26700a7f3eceeeed3f0b5c6b5107c4da97740ab21a29906c42dbb" "b3e377de9f251f6b93937fa99a3248f4eafcbe95edc0f4f71be356d661f41b02" - }, - { "1a7" + }, + { "1a7" "3d352443de29195dd91d6a64b5959479b52a6e5b123d9ab9e5ad7a112d7a8dd1" "ad3f164a3a4832051da6bd16b59fe21baeb490862c32ea05a5919d2ede37ad7d", "13e" "9b03b97dfa62ddd9979f86c6cab814f2f1557fa82a9d0317d2f8ab1fa355ceec" "2e2dd4cf8dc575b02d5aced1dec3c70cf105c9bc93a590425f588ca1ee86c0e5" }, - { "35" + { "35" "b5df64ae2ac204c354b483487c9070cdc61c891c5ff39afc06c5d55541d3ceac" "8659e24afe3d0750e8b88e9f078af066a1d5025b08e5a5e2fbc87412871902f3", "82" "096f84261279d2b673e0178eb0b4abb65521aef6e6e32e1b5ae63fe2f19907f2" "79f283e54ba385405224f750a95b85eebb7faef04699d1d9e21f47fc346e4d0d" }, - }, - { { "36ab384c9f5a046c3d043b7d1833e7ac080d8e4515d7a45f83c5a14e2843ce0e", + }, + { { "216936d3cd6e53fec0a4e231fdd6dc5c692cc7609525a7b2c9562d608f25d51a", + "6666666666666666666666666666666666666666666666666666666666666658" }, + { "36ab384c9f5a046c3d043b7d1833e7ac080d8e4515d7a45f83c5a14e2843ce0e", "2260cdf3092329c21da25ee8c9a21f5697390f51643851560e5f46ae6af8a3c9" }, - { "67ae9c4a22928f491ff4ae743edac83a6343981981624886ac62485fd3f8e25c", + { "67ae9c4a22928f491ff4ae743edac83a6343981981624886ac62485fd3f8e25c", "1267b1d177ee69aba126a18e60269ef79f16ec176724030402c3684878f5b4d4" }, - { "203da8db56cff1468325d4b87a3520f91a739ec193ce1547493aa657c4c9f870", + { "203da8db56cff1468325d4b87a3520f91a739ec193ce1547493aa657c4c9f870", "47d0e827cb1595e1470eb88580d5716c4cf22832ea2f0ff0df38ab61ca32112f" }, - }, - { { "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa955555555555555555555555555555555555555555555555555555555", + }, + { { "4f1970c66bed0ded221d15a622bf36da9e146570470f1767ea6de324a3d3a46412ae1af72ab66511433b80e18b00938e2626a82bc70cc05e", + "693f46716eb6bc248876203756c9c7624bea73736ca3984087789c1e05a0c2d73ad3ff1ce67c39c4fdbd132c4ed7c8ad9808795bf230fa14" }, + { "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa955555555555555555555555555555555555555555555555555555555", "ae05e9634ad7048db359d6205086c2b0036ed7a035884dd7b7e36d728ad8c4b80d6565833a2a3098bbbcb2bed1cda06bdaeafbcdea9386ed" }, - { "865886b9108af6455bd64316cb6943332241b8b8cda82c7e2ba077a4a3fcfe8daa9cbf7f6271fd6e862b769465da8575728173286ff2f8f", + { "865886b9108af6455bd64316cb6943332241b8b8cda82c7e2ba077a4a3fcfe8daa9cbf7f6271fd6e862b769465da8575728173286ff2f8f", "e005a8dbd5125cf706cbda7ad43aa6449a4a8d952356c3b9fce43c82ec4e1d58bb3a331bdb6767f0bffa9a68fed02dafb822ac13588ed6fc" }, - { "49dcbc5c6c0cce2c1419a17226f929ea255a09cf4e0891c693fda4be70c74cc301b7bdf1515dd8ba21aee1798949e120e2ce42ac48ba7f30", + { "49dcbc5c6c0cce2c1419a17226f929ea255a09cf4e0891c693fda4be70c74cc301b7bdf1515dd8ba21aee1798949e120e2ce42ac48ba7f30", "d49077e4accde527164b33a5de021b979cb7c02f0457d845c90dc3227b8a5bc1c0d8f97ea1ca9472b5d444285d0d4f5b32e236f86de51839" }, - }, - { { "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd95", - "726e1b8e1f676325d820afa5bac0d489cad6b0d220dc1c4edd5336636160df83" }, - { "8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38d2c", - "76bcd1ca9a23b041d4d9baf507a6cd821267a94c838768e8486117796b788a51" }, - { "f7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e4b7", - "83ccf17ba6706d73625cc3534c7a2b9d6ec1ee6a9a7e07c10d84b388de59f741" }, - }, - { { "3b89dcfc622996ab97a5869dbff15cf51db00954f43a58a5e5f6b0470a132b2f" - "4434bbcd405d2a9516151d2a6a04f2e4375bf48de1fdb21fb982afd9d2ea137c", - "c813c4e2e2e0a8a391774c7903da7a6f14686e98e183e670ee6fb784809a3e92" - "ca209dc631d85b1c7534ed3b37fddf64d854d7e01f91f18bb3fd307591afc051" }, - { "a1ff1ab2712a267eb53935ddb5a567f84db156cc096168a1174291d5f488fba5" - "43d2840b4d2dd35d764b2f57b308907aec55cfba10544e8416e134687ccb87c3", - "3cb5c4417ec4637f30374f189bb5b984c41e3a48d7f84fbfa3819e3f333f7eb3" - "11d3af7e67c4c16eeacfac2fe94c6dd4c6366f711a4fb6c7125cd7ec518d90d6" }, - { "b7bfb80956c8670031ba191929f64e301d681634236d47a60e571a4bedc0ef25" - "7452ef78b5b98dbb3d9f3129d9349433ce2a3a35cb519c91e2d633d7b373ae16", - "3bee95e29eecc5d5ad2beba941abcbf9f1cad478df0fecf614f63aeebef77850" - "da7efdb93de8f3df80bc25eac09239c14175f5c29704ce9a3e383f1b3ec0e929" }, - } - }; + }, + { { "0000000000000000000000000000000000000000000000000000000000000001", + "8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b122acc99c9e9f1e14" }, + { "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd95", + "726e1b8e1f676325d820afa5bac0d489cad6b0d220dc1c4edd5336636160df83" }, + { "8e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38e38d2c", + "76bcd1ca9a23b041d4d9baf507a6cd821267a94c838768e8486117796b788a51" }, + { "f7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e7063e4b7", + "83ccf17ba6706d73625cc3534c7a2b9d6ec1ee6a9a7e07c10d84b388de59f741" }, + }, + { { "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000003", + "7503cfe87a836ae3a61b8816e25450e6ce5e1c93acf1abc1778064fdcbefa921" + "df1626be4fd036e93d75e6a50e3a41e98028fe5fc235f5b889a589cb5215f2a4" }, + { "3b89dcfc622996ab97a5869dbff15cf51db00954f43a58a5e5f6b0470a132b2f" + "4434bbcd405d2a9516151d2a6a04f2e4375bf48de1fdb21fb982afd9d2ea137c", + "c813c4e2e2e0a8a391774c7903da7a6f14686e98e183e670ee6fb784809a3e92" + "ca209dc631d85b1c7534ed3b37fddf64d854d7e01f91f18bb3fd307591afc051" }, + { "a1ff1ab2712a267eb53935ddb5a567f84db156cc096168a1174291d5f488fba5" + "43d2840b4d2dd35d764b2f57b308907aec55cfba10544e8416e134687ccb87c3", + "3cb5c4417ec4637f30374f189bb5b984c41e3a48d7f84fbfa3819e3f333f7eb3" + "11d3af7e67c4c16eeacfac2fe94c6dd4c6366f711a4fb6c7125cd7ec518d90d6" }, + { "b7bfb80956c8670031ba191929f64e301d681634236d47a60e571a4bedc0ef25" + "7452ef78b5b98dbb3d9f3129d9349433ce2a3a35cb519c91e2d633d7b373ae16", + "3bee95e29eecc5d5ad2beba941abcbf9f1cad478df0fecf614f63aeebef77850" + "da7efdb93de8f3df80bc25eac09239c14175f5c29704ce9a3e383f1b3ec0e929" }, + } +}; + +void +test_ecc_ga (unsigned curve, const mp_limb_t *p) +{ + return test_ecc_point (ecc_curves[curve], &ecc_ref[curve][0], p); +} + +void +test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) +{ assert (curve < 9); assert (n <= 4); if (n == 0) @@ -1840,29 +1873,8 @@ test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p) abort(); } } - else if (n == 1) - { - const struct ecc_curve *ecc = ecc_curves[curve]; - if (mpn_cmp (p, ecc->g, 2*ecc->p.size) != 0) - { - fprintf (stderr, "Incorrect point (expected g)!\n" - "got: x = "); - write_mpn (stderr, 16, p, ecc->p.size); - fprintf (stderr, "\n" - " y = "); - write_mpn (stderr, 16, p + ecc->p.size, ecc->p.size); - fprintf (stderr, "\n" - "ref: x = "); - write_mpn (stderr, 16, ecc->g, ecc->p.size); - fprintf (stderr, "\n" - " y = "); - write_mpn (stderr, 16, ecc->g + ecc->p.size, ecc->p.size); - fprintf (stderr, "\n"); - abort(); - } - } else - test_ecc_point (ecc_curves[curve], &ref[curve][n-2], p); + test_ecc_point (ecc_curves[curve], &ecc_ref[curve][n-1], p); } void @@ -1879,5 +1891,46 @@ test_ecc_mul_h (unsigned curve, unsigned n, const mp_limb_t *p) free (scratch); } +void +test_ecc_get_g (unsigned curve, mp_limb_t *rp) +{ + const struct ecc_curve *ecc = ecc_curves[curve]; + mpz_t x; + mpz_t y; + mpz_init_set_str (x, ecc_ref[curve][0].x, 16); + mpz_init_set_str (y, ecc_ref[curve][0].y, 16); + + if (ecc->use_redc) + { + mpz_t t; + mpz_mul_2exp (x, x, ecc->p.size * GMP_NUMB_BITS); + mpz_mod (x, x, mpz_roinit_n (t, ecc->p.m, ecc->p.size)); + mpz_mul_2exp (y, y, ecc->p.size * GMP_NUMB_BITS); + mpz_mod (y, y, mpz_roinit_n (t, ecc->p.m, ecc->p.size)); + } + mpz_limbs_copy (rp, x, ecc->p.size); + mpz_limbs_copy (rp + ecc->p.size, y, ecc->p.size); + mpn_copyi (rp + 2*ecc->p.size, ecc->unit, ecc->p.size); + + mpz_clear (x); + mpz_clear (y); +} + +void +test_ecc_get_ga (unsigned curve, mp_limb_t *rp) +{ + const struct ecc_curve *ecc = ecc_curves[curve]; + mpz_t x; + mpz_t y; + mpz_init_set_str (x, ecc_ref[curve][0].x, 16); + mpz_init_set_str (y, ecc_ref[curve][0].y, 16); + + mpz_limbs_copy (rp, x, ecc->p.size); + mpz_limbs_copy (rp + ecc->p.size, y, ecc->p.size); + + mpz_clear (x); + mpz_clear (y); +} + #endif /* WITH_HOGWEED */ diff --git a/testsuite/testutils.h b/testsuite/testutils.h index f4ea38da..899f9851 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -291,6 +291,19 @@ test_ecc_mul_a (unsigned curve, unsigned n, const mp_limb_t *p); void test_ecc_mul_h (unsigned curve, unsigned n, const mp_limb_t *p); +/* Checks that p == g (affine coordinates) */ +void +test_ecc_ga (unsigned curve, const mp_limb_t *p); + +/* Gets the curve generator, with coordinates in redc form, if + appropriate, and with an appended z = 1 coordinate. */ +void +test_ecc_get_g (unsigned curve, mp_limb_t *rp); + +/* Variant with only two coordinates, and no redc. */ +void +test_ecc_get_ga (unsigned curve, mp_limb_t *rp); + #endif /* WITH_HOGWEED */ /* String literal of type unsigned char. The GNUC version is safer. */ |