Delete tests and code for ecdsa over curve25519.

* ecc-eh-to-a.c (ecc_eh_to_a): Require op == 0, delete code only used for non-standard ecdsa over curve25519. * testsuite/ecdsa-sign-test.c (test_main): Delete test of ecdsa over curve25519. * testsuite/ecdsa-verify-test.c (test_main): Likewise. * testsuite/ecdsa-keygen-test.c (test_main): Exclude curve25519 from test.
author: Niels Möller <nisse@lysator.liu.se> 2019-12-07 08:14:21 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2019-12-07 08:14:21 +0100
commit: bfe24f5880b4637c24e4219024114cdd5a2d4c72 (patch)
tree: eac948b68ef4e01233e3f86384fb13fe944c3be4
parent: 9f4180d6f41889c8b42a70fc5b6a73c6055006fb (diff)
download: nettle-bfe24f5880b4637c24e4219024114cdd5a2d4c72.tar.gz
5 files changed, 16 insertions, 46 deletions
diff --git a/ChangeLog b/ChangeLog
index 41dab74f..05bac6a7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2019-12-07  Niels Möller  <nisse@lysator.liu.se>
+
+	* ecc-eh-to-a.c (ecc_eh_to_a): Require op == 0, delete code only
+	used for non-standard ecdsa over curve25519.
+	* testsuite/ecdsa-sign-test.c (test_main): Delete test of ecdsa
+	over curve25519.
+	* testsuite/ecdsa-verify-test.c (test_main): Likewise.
+	* testsuite/ecdsa-keygen-test.c (test_main): Exclude curve25519
+	from test.
+
 2019-12-05  Niels Möller  <nisse@lysator.liu.se>
 
 	* configure.ac: Use AC_TRY_LINK rather than AC_TRY_COMPILE to
diff --git a/ecc-eh-to-a.c b/ecc-eh-to-a.c
index 8173b887..89d2b6e3 100644
--- a/ecc-eh-to-a.c
+++ b/ecc-eh-to-a.c
@@ -56,6 +56,8 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
 
   mp_limb_t cy;
 
+  assert(op == 0);
+
   /* Needs 2*size + scratch for the invert call. */
   ecc->p.invert (&ecc->p, izp, zp, tp + ecc->p.size);
 
@@ -63,25 +65,6 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
   cy = mpn_sub_n (r, tp, ecc->p.m, ecc->p.size);
   cnd_copy (cy, r, tp, ecc->p.size);
 
-  if (op)
-    {
-      /* Skip y coordinate */
-      if (op > 1)
-	{
-	  /* Reduce modulo q. Hardcoded for curve25519, duplicates end
-	     of ecc_25519_modq. FIXME: Is this needed at all? op > 0
-	     is only used by ecdsa code, and ecdsa on Edwards curves
-	     makes little sense and is is only used by tests. */
-	  unsigned shift;
-	  assert (ecc->p.bit_size == 255);
-	  shift = ecc->q.bit_size - 1 - GMP_NUMB_BITS * (ecc->p.size - 1);
-	  cy = mpn_submul_1 (r, ecc->q.m, ecc->p.size,
-			     r[ecc->p.size-1] >> shift);
-	  assert (cy < 2);
-	  cnd_add_n (cy, r, ecc->q.m, ecc->p.size);
-	}
-      return;
-    }
   ecc_modp_mul (ecc, tp, yp, izp);
   cy = mpn_sub_n (r + ecc->p.size, tp, ecc->p.m, ecc->p.size);
   cnd_copy (cy, r + ecc->p.size, tp, ecc->p.size);
diff --git a/testsuite/ecdsa-keygen-test.c b/testsuite/ecdsa-keygen-test.c
index a96c09ef..0deb7214 100644
--- a/testsuite/ecdsa-keygen-test.c
+++ b/testsuite/ecdsa-keygen-test.c
@@ -78,6 +78,10 @@ test_main (void)
       struct ecc_point pub;
       struct ecc_scalar key;
 
+      if (ecc->p.bit_size == 255)
+	/* Exclude curve25519, which isn't supported with ECDSA. */
+	continue;
+
       if (verbose)
 	fprintf (stderr, "Curve %d\n", ecc->p.bit_size);
 
diff --git a/testsuite/ecdsa-sign-test.c b/testsuite/ecdsa-sign-test.c
index 23275357..b240a31b 100644
--- a/testsuite/ecdsa-sign-test.c
+++ b/testsuite/ecdsa-sign-test.c
@@ -156,18 +156,4 @@ test_main (void)
 	      "97536710 1F67D1CF 9BCCBF2F 3D239534"
 	      "FA509E70 AAC851AE 01AAC68D 62F86647"
 	      "2660"); /* s */
-
-  /* Non-standard ecdsa using curve25519. Not interop-tested with
-     anything else. */
-  test_ecdsa (&_nettle_curve25519,
-	      "1db511101b8fd16f e0212c5679ef53f3"
-	      "323bde77f9efa442 617314d576d1dbcb", /* z */
-	      "aa2fa8facfdc3a99 ec466d41a2c9211c"
-	      "e62e1706f54037ff 8486e26153b0fa79", /* k */
-	      SHEX("e99df2a098c3c590 ea1e1db6d9547339"
-		   "ae760d5331496119 5d967fd881e3b0f5"), /* h */
-	      " 515c3a485f57432 0daf3353a0d08110"
-	      "64157c556296de09 4132f74865961b37", /* r */
-	      "  78f23367291b01 3fc430fb09322d95"
-	      "4384723649868d8e 88effc7ac8b141d7"); /* s */
 }
diff --git a/testsuite/ecdsa-verify-test.c b/testsuite/ecdsa-verify-test.c
index 971988c3..6a593d6f 100644
--- a/testsuite/ecdsa-verify-test.c
+++ b/testsuite/ecdsa-verify-test.c
@@ -145,17 +145,4 @@ test_main (void)
 	      "97536710 1F67D1CF 9BCCBF2F 3D239534" 
 	      "FA509E70 AAC851AE 01AAC68D 62F86647"
 	      "2660"); /* s */
-
-  test_ecdsa (&_nettle_curve25519,
-	      /* Public key corresponding to the key in ecdsa-sign-test */
-	      "59f8f317fd5f4e82 c02f8d4dec665fe1"
-	      "230f83b8572638e1 b2ac34a30028e24d", /* x */
-	      "1902a72dc1a6525a 811b9c1845978d56"
-	      "fd97dce5e278ebdd ec695349d7e41498", /* y */
-	      SHEX("e99df2a098c3c590 ea1e1db6d9547339"
-		   "ae760d5331496119 5d967fd881e3b0f5"), /* h */
-	      " 515c3a485f57432 0daf3353a0d08110"
-	      "64157c556296de09 4132f74865961b37", /* r */
-	      "  78f23367291b01 3fc430fb09322d95"
-	      "4384723649868d8e 88effc7ac8b141d7"); /* s */
 }
author	Niels Möller <nisse@lysator.liu.se>	2019-12-07 08:14:21 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2019-12-07 08:14:21 +0100
commit	bfe24f5880b4637c24e4219024114cdd5a2d4c72 (patch)
tree	eac948b68ef4e01233e3f86384fb13fe944c3be4
parent	9f4180d6f41889c8b42a70fc5b6a73c6055006fb (diff)
download	nettle-bfe24f5880b4637c24e4219024114cdd5a2d4c72.tar.gz