Mercurial > dropbear

comparison libtomcrypt/testprof/ecc_test.c @ 389:5ff8218bcee9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
propagate from branch 'au.asn.ucc.matt.ltm.dropbear' (head 2af95f00ebd5bb7a28b3817db1218442c935388e) to branch 'au.asn.ucc.matt.dropbear' (head ecd779509ef23a8cdf64888904fc9b31d78aa933)
author Matt Johnston <matt@ucc.asn.au>
date Thu, 11 Jan 2007 03:14:55 +0000
parents 0cbe8f6dbf9e
children f849a5ca2efc
comparison
equal deleted inserted replaced
388:fb54020f78e1 389:5ff8218bcee9
1 #include <tomcrypt_test.h>
2
3 #ifdef MECC
4
5 static int sizes[] = {
6 #ifdef ECC112
7 14,
8 #endif
9 #ifdef ECC128
10 16,
11 #endif
12 #ifdef ECC160
13 20,
14 #endif
15 #ifdef ECC192
16 24,
17 #endif
18 #ifdef ECC224
19 28,
20 #endif
21 #ifdef ECC256
22 32,
23 #endif
24 #ifdef ECC384
25 48,
26 #endif
27 #ifdef ECC521
28 65
29 #endif
30 };
31
32 #ifdef LTC_ECC_SHAMIR
33 int ecc_test_shamir(void)
34 {
35 void *modulus, *mp, *kA, *kB, *rA, *rB;
36 ecc_point *G, *A, *B, *C1, *C2;
37 int x, y, z;
38 unsigned char buf[ECC_BUF_SIZE];
39
40 DO(mp_init_multi(&kA, &kB, &rA, &rB, &modulus, NULL));
41 LTC_ARGCHK((G = ltc_ecc_new_point()) != NULL);
42 LTC_ARGCHK((A = ltc_ecc_new_point()) != NULL);
43 LTC_ARGCHK((B = ltc_ecc_new_point()) != NULL);
44 LTC_ARGCHK((C1 = ltc_ecc_new_point()) != NULL);
45 LTC_ARGCHK((C2 = ltc_ecc_new_point()) != NULL);
46
47 for (x = 0; x < (int)(sizeof(sizes)/sizeof(sizes[0])); x++) {
48 /* get the base point */
49 for (z = 0; ltc_ecc_sets[z].name; z++) {
50 if (sizes[z] < ltc_ecc_sets[z].size) break;
51 }
52 LTC_ARGCHK(ltc_ecc_sets[z].name != NULL);
53
54 /* load it */
55 DO(mp_read_radix(G->x, ltc_ecc_sets[z].Gx, 16));
56 DO(mp_read_radix(G->y, ltc_ecc_sets[z].Gy, 16));
57 DO(mp_set(G->z, 1));
58 DO(mp_read_radix(modulus, ltc_ecc_sets[z].prime, 16));
59 DO(mp_montgomery_setup(modulus, &mp));
60
61 /* do 100 random tests */
62 for (y = 0; y < 100; y++) {
63 /* pick a random r1, r2 */
64 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
65 DO(mp_read_unsigned_bin(rA, buf, sizes[x]));
66 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
67 DO(mp_read_unsigned_bin(rB, buf, sizes[x]));
68
69 /* compute rA * G = A */
70 DO(ltc_mp.ecc_ptmul(rA, G, A, modulus, 1));
71
72 /* compute rB * G = B */
73 DO(ltc_mp.ecc_ptmul(rB, G, B, modulus, 1));
74
75 /* pick a random kA, kB */
76 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
77 DO(mp_read_unsigned_bin(kA, buf, sizes[x]));
78 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
79 DO(mp_read_unsigned_bin(kB, buf, sizes[x]));
80
81 /* now, compute kA*A + kB*B = C1 using the older method */
82 DO(ltc_mp.ecc_ptmul(kA, A, C1, modulus, 0));
83 DO(ltc_mp.ecc_ptmul(kB, B, C2, modulus, 0));
84 DO(ltc_mp.ecc_ptadd(C1, C2, C1, modulus, mp));
85 DO(ltc_mp.ecc_map(C1, modulus, mp));
86
87 /* now compute using mul2add */
88 DO(ltc_mp.ecc_mul2add(A, kA, B, kB, C2, modulus));
89
90 /* is they the sames? */
91 if ((mp_cmp(C1->x, C2->x) != LTC_MP_EQ) || (mp_cmp(C1->y, C2->y) != LTC_MP_EQ) || (mp_cmp(C1->z, C2->z) != LTC_MP_EQ)) {
92 fprintf(stderr, "ECC failed shamir test: size=%d, testno=%d\n", sizes[x], y);
93 return 1;
94 }
95 }
96 mp_montgomery_free(mp);
97 }
98 ltc_ecc_del_point(C2);
99 ltc_ecc_del_point(C1);
100 ltc_ecc_del_point(B);
101 ltc_ecc_del_point(A);
102 ltc_ecc_del_point(G);
103 mp_clear_multi(kA, kB, rA, rB, modulus, NULL);
104 return 0;
105 }
106 #endif
107
108 int ecc_tests (void)
109 {
110 unsigned char buf[4][4096];
111 unsigned long x, y, z, s;
112 int stat, stat2;
113 ecc_key usera, userb, pubKey, privKey;
114
115 DO(ecc_test ());
116 DO(ecc_test ());
117 DO(ecc_test ());
118 DO(ecc_test ());
119 DO(ecc_test ());
120
121 for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {
122 /* make up two keys */
123 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
124 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb));
125
126 /* make the shared secret */
127 x = sizeof(buf[0]);
128 DO(ecc_shared_secret (&usera, &userb, buf[0], &x));
129
130 y = sizeof(buf[1]);
131 DO(ecc_shared_secret (&userb, &usera, buf[1], &y));
132
133 if (y != x) {
134 fprintf(stderr, "ecc Shared keys are not same size.");
135 return 1;
136 }
137
138 if (memcmp (buf[0], buf[1], x)) {
139 fprintf(stderr, "ecc Shared keys not same contents.");
140 return 1;
141 }
142
143 /* now export userb */
144 y = sizeof(buf[0]);
145 DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb));
146 ecc_free (&userb);
147
148 /* import and make the shared secret again */
149 DO(ecc_import (buf[1], y, &userb));
150
151 z = sizeof(buf[0]);
152 DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
153
154 if (z != x) {
155 fprintf(stderr, "failed. Size don't match?");
156 return 1;
157 }
158 if (memcmp (buf[0], buf[2], x)) {
159 fprintf(stderr, "Failed. Contents didn't match.");
160 return 1;
161 }
162
163 /* export with ANSI X9.63 */
164 y = sizeof(buf[1]);
165 DO(ecc_ansi_x963_export(&userb, buf[1], &y));
166 ecc_free (&userb);
167
168 /* now import the ANSI key */
169 DO(ecc_ansi_x963_import(buf[1], y, &userb));
170
171 /* shared secret */
172 z = sizeof(buf[0]);
173 DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
174
175 if (z != x) {
176 fprintf(stderr, "failed. Size don't match?");
177 return 1;
178 }
179 if (memcmp (buf[0], buf[2], x)) {
180 fprintf(stderr, "Failed. Contents didn't match.");
181 return 1;
182 }
183
184 ecc_free (&usera);
185 ecc_free (&userb);
186
187 /* test encrypt_key */
188 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
189
190 /* export key */
191 x = sizeof(buf[0]);
192 DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera));
193 DO(ecc_import(buf[0], x, &pubKey));
194 x = sizeof(buf[0]);
195 DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera));
196 DO(ecc_import(buf[0], x, &privKey));
197
198 for (x = 0; x < 32; x++) {
199 buf[0][x] = x;
200 }
201 y = sizeof (buf[1]);
202 DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey));
203 zeromem (buf[0], sizeof (buf[0]));
204 x = sizeof (buf[0]);
205 DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey));
206 if (x != 32) {
207 fprintf(stderr, "Failed (length)");
208 return 1;
209 }
210 for (x = 0; x < 32; x++) {
211 if (buf[0][x] != x) {
212 fprintf(stderr, "Failed (contents)");
213 return 1;
214 }
215 }
216 /* test sign_hash */
217 for (x = 0; x < 16; x++) {
218 buf[0][x] = x;
219 }
220 x = sizeof (buf[1]);
221 DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey));
222 DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey));
223 buf[0][0] ^= 1;
224 DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey));
225 if (!(stat == 1 && stat2 == 0)) {
226 fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2);
227 return 1;
228 }
229 ecc_free (&usera);
230 ecc_free (&pubKey);
231 ecc_free (&privKey);
232 }
233 #ifdef LTC_ECC_SHAMIR
234 return ecc_test_shamir();
235 #else
236 return 0;
237 #endif
238 }
239
240 #else
241
242 int ecc_tests(void)
243 {
244 fprintf(stderr, "NOP");
245 return 0;
246 }
247
248 #endif
249
250 /* $Source: /cvs/libtom/libtomcrypt/testprof/ecc_test.c,v $ */
251 /* $Revision: 1.21 $ */
252 /* $Date: 2006/12/04 03:21:03 $ */