diff options
| author | Niels Möller <nisse@lysator.liu.se> | 2022-01-17 21:03:10 +0100 |
|---|---|---|
| committer | Niels Möller <nisse@lysator.liu.se> | 2022-01-17 21:03:10 +0100 |
| commit | 7926debeeefe2bf8509d9bc95caf95555bf2bf5d (patch) | |
| tree | 7c1d97b0edbd103012bec4cac0c9b8fd2574def6 /testsuite | |
| parent | 25f7300409976876925d54ea64ab7920598b40ba (diff) | |
| download | nettle-7926debeeefe2bf8509d9bc95caf95555bf2bf5d.tar.gz | |
Share ecc point validation function in testutils.c.
* testsuite/testutils.c (test_ecc_point_valid_p): New function,
moved from...
* testsuite/ecdsa-keygen-test.c (ecc_valid_p): ... old copy.
* testsuite/gostdsa-keygen-test.c (ecc_valid_p): ... old copy.
* testsuite/testutils.h: Declare it.
Diffstat (limited to 'testsuite')
| -rw-r--r-- | testsuite/ecdsa-keygen-test.c | 73 | ||||
| -rw-r--r-- | testsuite/gostdsa-keygen-test.c | 73 | ||||
| -rw-r--r-- | testsuite/testutils.c | 70 | ||||
| -rw-r--r-- | testsuite/testutils.h | 4 |
4 files changed, 76 insertions, 144 deletions
diff --git a/testsuite/ecdsa-keygen-test.c b/testsuite/ecdsa-keygen-test.c index 2e1b7caa..f2837ea8 100644 --- a/testsuite/ecdsa-keygen-test.c +++ b/testsuite/ecdsa-keygen-test.c @@ -1,77 +1,6 @@ #include "testutils.h" #include "knuth-lfib.h" -/* Check if y^2 = x^3 - 3x + b */ -static int -ecc_valid_p (struct ecc_point *pub) -{ - mpz_t t, x, y; - mpz_t lhs, rhs; - int res; - mp_size_t size; - - size = pub->ecc->p.size; - - /* First check range */ - if (mpn_cmp (pub->p, pub->ecc->p.m, size) >= 0 - || mpn_cmp (pub->p + size, pub->ecc->p.m, size) >= 0) - return 0; - - mpz_init (lhs); - mpz_init (rhs); - - mpz_roinit_n (x, pub->p, size); - mpz_roinit_n (y, pub->p + size, size); - - mpz_mul (lhs, y, y); - - if (pub->ecc->p.bit_size == 255) - { - /* Check that - 121666 (1 + x^2 - y^2) = 121665 x^2 y^2 */ - mpz_t x2; - mpz_init (x2); - mpz_mul (x2, x, x); /* x^2 */ - mpz_mul (rhs, x2, lhs); /* x^2 y^2 */ - mpz_sub (lhs, x2, lhs); /* x^2 - y^2 */ - mpz_add_ui (lhs, lhs, 1); /* 1 + x^2 - y^2 */ - mpz_mul_ui (lhs, lhs, 121666); - mpz_mul_ui (rhs, rhs, 121665); - - mpz_clear (x2); - } - else if (pub->ecc->p.bit_size == 448) - { - /* Check that - x^2 + y^2 = 1 - 39081 x^2 y^2 */ - mpz_t x2, d; - mpz_init (x2); - mpz_init_set_ui (d, 39081); - mpz_mul (x2, x, x); /* x^2 */ - mpz_mul (d, d, x2); /* 39081 x^2 */ - mpz_set_ui (rhs, 1); - mpz_submul (rhs, d, lhs); /* 1 - 39081 x^2 y^2 */ - mpz_add (lhs, x2, lhs); /* x^2 + y^2 */ - - mpz_clear (d); - mpz_clear (x2); - } - else - { - /* Check y^2 = x^3 - 3 x + b */ - mpz_mul (rhs, x, x); - mpz_sub_ui (rhs, rhs, 3); - mpz_mul (rhs, rhs, x); - mpz_add (rhs, rhs, mpz_roinit_n (t, pub->ecc->b, size)); - } - res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, pub->ecc->p.m, size)); - - mpz_clear (lhs); - mpz_clear (rhs); - - return res; -} - void test_main (void) { @@ -118,7 +47,7 @@ test_main (void) write_mpn (stderr, 16, key.p, ecc->p.size); fprintf (stderr, "\n"); } - if (!ecc_valid_p (&pub)) + if (!test_ecc_point_valid_p (&pub)) die ("ecdsa_generate_keypair produced an invalid point.\n"); ecdsa_sign (&key, diff --git a/testsuite/gostdsa-keygen-test.c b/testsuite/gostdsa-keygen-test.c index 67459182..48299cc6 100644 --- a/testsuite/gostdsa-keygen-test.c +++ b/testsuite/gostdsa-keygen-test.c @@ -2,77 +2,6 @@ #include "gostdsa.h" #include "knuth-lfib.h" -/* Check if y^2 = x^3 - 3x + b */ -static int -ecc_valid_p (struct ecc_point *pub) -{ - mpz_t t, x, y; - mpz_t lhs, rhs; - int res; - mp_size_t size; - - size = pub->ecc->p.size; - - /* First check range */ - if (mpn_cmp (pub->p, pub->ecc->p.m, size) >= 0 - || mpn_cmp (pub->p + size, pub->ecc->p.m, size) >= 0) - return 0; - - mpz_init (lhs); - mpz_init (rhs); - - mpz_roinit_n (x, pub->p, size); - mpz_roinit_n (y, pub->p + size, size); - - mpz_mul (lhs, y, y); - - if (pub->ecc->p.bit_size == 255) - { - /* Check that - 121666 (1 + x^2 - y^2) = 121665 x^2 y^2 */ - mpz_t x2; - mpz_init (x2); - mpz_mul (x2, x, x); /* x^2 */ - mpz_mul (rhs, x2, lhs); /* x^2 y^2 */ - mpz_sub (lhs, x2, lhs); /* x^2 - y^2 */ - mpz_add_ui (lhs, lhs, 1); /* 1 + x^2 - y^2 */ - mpz_mul_ui (lhs, lhs, 121666); - mpz_mul_ui (rhs, rhs, 121665); - - mpz_clear (x2); - } - else if (pub->ecc->p.bit_size == 448) - { - /* Check that - x^2 + y^2 = 1 - 39081 x^2 y^2 */ - mpz_t x2, d; - mpz_init (x2); - mpz_init_set_ui (d, 39081); - mpz_mul (x2, x, x); /* x^2 */ - mpz_mul (d, d, x2); /* 39081 x^2 */ - mpz_set_ui (rhs, 1); - mpz_submul (rhs, d, lhs); /* 1 - 39081 x^2 y^2 */ - mpz_add (lhs, x2, lhs); /* x^2 + y^2 */ - - mpz_clear (d); - mpz_clear (x2); - } - else - { - /* Check y^2 = x^3 - 3 x + b */ - mpz_mul (rhs, x, x); - mpz_sub_ui (rhs, rhs, 3); - mpz_mul (rhs, rhs, x); - mpz_add (rhs, rhs, mpz_roinit_n (t, pub->ecc->b, size)); - } - res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, pub->ecc->p.m, size)); - - mpz_clear (lhs); - mpz_clear (rhs); - - return res; -} - void test_main (void) { @@ -119,7 +48,7 @@ test_main (void) write_mpn (stderr, 16, key.p, ecc->p.size); fprintf (stderr, "\n"); } - if (!ecc_valid_p (&pub)) + if (!test_ecc_point_valid_p (&pub)) die ("gostdsa_generate_keypair produced an invalid point.\n"); gostdsa_sign (&key, diff --git a/testsuite/testutils.c b/testsuite/testutils.c index 9bb250b4..b3ca8043 100644 --- a/testsuite/testutils.c +++ b/testsuite/testutils.c @@ -1745,6 +1745,76 @@ const struct ecc_curve * const ecc_curves[] = { NULL }; +int +test_ecc_point_valid_p (struct ecc_point *pub) +{ + mpz_t t, x, y; + mpz_t lhs, rhs; + int res; + mp_size_t size; + + size = pub->ecc->p.size; + + /* First check range */ + if (mpn_cmp (pub->p, pub->ecc->p.m, size) >= 0 + || mpn_cmp (pub->p + size, pub->ecc->p.m, size) >= 0) + return 0; + + mpz_init (lhs); + mpz_init (rhs); + + mpz_roinit_n (x, pub->p, size); + mpz_roinit_n (y, pub->p + size, size); + + mpz_mul (lhs, y, y); + + if (pub->ecc->p.bit_size == 255) + { + /* Check that + 121666 (1 + x^2 - y^2) = 121665 x^2 y^2 */ + mpz_t x2; + mpz_init (x2); + mpz_mul (x2, x, x); /* x^2 */ + mpz_mul (rhs, x2, lhs); /* x^2 y^2 */ + mpz_sub (lhs, x2, lhs); /* x^2 - y^2 */ + mpz_add_ui (lhs, lhs, 1); /* 1 + x^2 - y^2 */ + mpz_mul_ui (lhs, lhs, 121666); + mpz_mul_ui (rhs, rhs, 121665); + + mpz_clear (x2); + } + else if (pub->ecc->p.bit_size == 448) + { + /* Check that + x^2 + y^2 = 1 - 39081 x^2 y^2 */ + mpz_t x2, d; + mpz_init (x2); + mpz_init_set_ui (d, 39081); + mpz_mul (x2, x, x); /* x^2 */ + mpz_mul (d, d, x2); /* 39081 x^2 */ + mpz_set_ui (rhs, 1); + mpz_submul (rhs, d, lhs); /* 1 - 39081 x^2 y^2 */ + mpz_add (lhs, x2, lhs); /* x^2 + y^2 */ + + mpz_clear (d); + mpz_clear (x2); + } + else + { + /* Check y^2 = x^3 - 3 x + b */ + mpz_mul (rhs, x, x); + mpz_sub_ui (rhs, rhs, 3); + mpz_mul (rhs, rhs, x); + mpz_add (rhs, rhs, mpz_roinit_n (t, pub->ecc->b, size)); + } + res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, pub->ecc->p.m, size)); + + mpz_clear (lhs); + mpz_clear (rhs); + + return res; +} + static int test_mpn (const char *ref, const mp_limb_t *xp, mp_size_t n) { diff --git a/testsuite/testutils.h b/testsuite/testutils.h index b220dde1..385b9abc 100644 --- a/testsuite/testutils.h +++ b/testsuite/testutils.h @@ -240,6 +240,10 @@ test_dsa_key(const struct dsa_params *params, extern const struct ecc_curve * const ecc_curves[]; +/* Check that given point satisfyes curve equation. */ +int +test_ecc_point_valid_p (struct ecc_point *pub); + struct ecc_ref_point { const char *x; |