Mercurial > dropbear

comparison libtomcrypt/testprof/ecc_test.c @ 399:a707e6148060

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge of '5fdf69ca60d1683cdd9f4c2595134bed26394834' and '6b61c50f4cf888bea302ac8fcf5dbb573b443251'
author Matt Johnston <matt@ucc.asn.au>
date Sat, 03 Feb 2007 08:20:34 +0000
parents 0cbe8f6dbf9e
children f849a5ca2efc
comparison
equal deleted inserted replaced
394:17d097fc111c 399:a707e6148060
1 #include <tomcrypt_test.h>
2
3 #ifdef MECC
4
5 static int sizes[] = {
6 #ifdef ECC112
7 14,
8 #endif
9 #ifdef ECC128
10 16,
11 #endif
12 #ifdef ECC160
13 20,
14 #endif
15 #ifdef ECC192
16 24,
17 #endif
18 #ifdef ECC224
19 28,
20 #endif
21 #ifdef ECC256
22 32,
23 #endif
24 #ifdef ECC384
25 48,
26 #endif
27 #ifdef ECC521
28 65
29 #endif
30 };
31
32 #ifdef LTC_ECC_SHAMIR
33 int ecc_test_shamir(void)
34 {
35 void *modulus, *mp, *kA, *kB, *rA, *rB;
36 ecc_point *G, *A, *B, *C1, *C2;
37 int x, y, z;
38 unsigned char buf[ECC_BUF_SIZE];
39
40 DO(mp_init_multi(&kA, &kB, &rA, &rB, &modulus, NULL));
41 LTC_ARGCHK((G = ltc_ecc_new_point()) != NULL);
42 LTC_ARGCHK((A = ltc_ecc_new_point()) != NULL);
43 LTC_ARGCHK((B = ltc_ecc_new_point()) != NULL);
44 LTC_ARGCHK((C1 = ltc_ecc_new_point()) != NULL);
45 LTC_ARGCHK((C2 = ltc_ecc_new_point()) != NULL);
46
47 for (x = 0; x < (int)(sizeof(sizes)/sizeof(sizes[0])); x++) {
48 /* get the base point */
49 for (z = 0; ltc_ecc_sets[z].name; z++) {
50 if (sizes[z] < ltc_ecc_sets[z].size) break;
51 }
52 LTC_ARGCHK(ltc_ecc_sets[z].name != NULL);
53
54 /* load it */
55 DO(mp_read_radix(G->x, ltc_ecc_sets[z].Gx, 16));
56 DO(mp_read_radix(G->y, ltc_ecc_sets[z].Gy, 16));
57 DO(mp_set(G->z, 1));
58 DO(mp_read_radix(modulus, ltc_ecc_sets[z].prime, 16));
59 DO(mp_montgomery_setup(modulus, &mp));
60
61 /* do 100 random tests */
62 for (y = 0; y < 100; y++) {
63 /* pick a random r1, r2 */
64 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
65 DO(mp_read_unsigned_bin(rA, buf, sizes[x]));
66 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
67 DO(mp_read_unsigned_bin(rB, buf, sizes[x]));
68
69 /* compute rA * G = A */
70 DO(ltc_mp.ecc_ptmul(rA, G, A, modulus, 1));
71
72 /* compute rB * G = B */
73 DO(ltc_mp.ecc_ptmul(rB, G, B, modulus, 1));
74
75 /* pick a random kA, kB */
76 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
77 DO(mp_read_unsigned_bin(kA, buf, sizes[x]));
78 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
79 DO(mp_read_unsigned_bin(kB, buf, sizes[x]));
80
81 /* now, compute kA*A + kB*B = C1 using the older method */
82 DO(ltc_mp.ecc_ptmul(kA, A, C1, modulus, 0));
83 DO(ltc_mp.ecc_ptmul(kB, B, C2, modulus, 0));
84 DO(ltc_mp.ecc_ptadd(C1, C2, C1, modulus, mp));
85 DO(ltc_mp.ecc_map(C1, modulus, mp));
86
87 /* now compute using mul2add */
88 DO(ltc_mp.ecc_mul2add(A, kA, B, kB, C2, modulus));
89
90 /* is they the sames? */
91 if ((mp_cmp(C1->x, C2->x) != LTC_MP_EQ) || (mp_cmp(C1->y, C2->y) != LTC_MP_EQ) || (mp_cmp(C1->z, C2->z) != LTC_MP_EQ)) {
92 fprintf(stderr, "ECC failed shamir test: size=%d, testno=%d\n", sizes[x], y);
93 return 1;
94 }
95 }
96 mp_montgomery_free(mp);
97 }
98 ltc_ecc_del_point(C2);
99 ltc_ecc_del_point(C1);
100 ltc_ecc_del_point(B);
101 ltc_ecc_del_point(A);
102 ltc_ecc_del_point(G);
103 mp_clear_multi(kA, kB, rA, rB, modulus, NULL);
104 return 0;
105 }
106 #endif
107
108 int ecc_tests (void)
109 {
110 unsigned char buf[4][4096];
111 unsigned long x, y, z, s;
112 int stat, stat2;
113 ecc_key usera, userb, pubKey, privKey;
114
115 DO(ecc_test ());
116 DO(ecc_test ());
117 DO(ecc_test ());
118 DO(ecc_test ());
119 DO(ecc_test ());
120
121 for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {
122 /* make up two keys */
123 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
124 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb));
125
126 /* make the shared secret */
127 x = sizeof(buf[0]);
128 DO(ecc_shared_secret (&usera, &userb, buf[0], &x));
129
130 y = sizeof(buf[1]);
131 DO(ecc_shared_secret (&userb, &usera, buf[1], &y));
132
133 if (y != x) {
134 fprintf(stderr, "ecc Shared keys are not same size.");
135 return 1;
136 }
137
138 if (memcmp (buf[0], buf[1], x)) {
139 fprintf(stderr, "ecc Shared keys not same contents.");
140 return 1;
141 }
142
143 /* now export userb */
144 y = sizeof(buf[0]);
145 DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb));
146 ecc_free (&userb);
147
148 /* import and make the shared secret again */
149 DO(ecc_import (buf[1], y, &userb));
150
151 z = sizeof(buf[0]);
152 DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
153
154 if (z != x) {
155 fprintf(stderr, "failed. Size don't match?");
156 return 1;
157 }
158 if (memcmp (buf[0], buf[2], x)) {
159 fprintf(stderr, "Failed. Contents didn't match.");
160 return 1;
161 }
162
163 /* export with ANSI X9.63 */
164 y = sizeof(buf[1]);
165 DO(ecc_ansi_x963_export(&userb, buf[1], &y));
166 ecc_free (&userb);
167
168 /* now import the ANSI key */
169 DO(ecc_ansi_x963_import(buf[1], y, &userb));
170
171 /* shared secret */
172 z = sizeof(buf[0]);
173 DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
174
175 if (z != x) {
176 fprintf(stderr, "failed. Size don't match?");
177 return 1;
178 }
179 if (memcmp (buf[0], buf[2], x)) {
180 fprintf(stderr, "Failed. Contents didn't match.");
181 return 1;
182 }
183
184 ecc_free (&usera);
185 ecc_free (&userb);
186
187 /* test encrypt_key */
188 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
189
190 /* export key */
191 x = sizeof(buf[0]);
192 DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera));
193 DO(ecc_import(buf[0], x, &pubKey));
194 x = sizeof(buf[0]);
195 DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera));
196 DO(ecc_import(buf[0], x, &privKey));
197
198 for (x = 0; x < 32; x++) {
199 buf[0][x] = x;
200 }
201 y = sizeof (buf[1]);
202 DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey));
203 zeromem (buf[0], sizeof (buf[0]));
204 x = sizeof (buf[0]);
205 DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey));
206 if (x != 32) {
207 fprintf(stderr, "Failed (length)");
208 return 1;
209 }
210 for (x = 0; x < 32; x++) {
211 if (buf[0][x] != x) {
212 fprintf(stderr, "Failed (contents)");
213 return 1;
214 }
215 }
216 /* test sign_hash */
217 for (x = 0; x < 16; x++) {
218 buf[0][x] = x;
219 }
220 x = sizeof (buf[1]);
221 DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey));
222 DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey));
223 buf[0][0] ^= 1;
224 DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey));
225 if (!(stat == 1 && stat2 == 0)) {
226 fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2);
227 return 1;
228 }
229 ecc_free (&usera);
230 ecc_free (&pubKey);
231 ecc_free (&privKey);
232 }
233 #ifdef LTC_ECC_SHAMIR
234 return ecc_test_shamir();
235 #else
236 return 0;
237 #endif
238 }
239
240 #else
241
242 int ecc_tests(void)
243 {
244 fprintf(stderr, "NOP");
245 return 0;
246 }
247
248 #endif
249
250 /* $Source: /cvs/libtom/libtomcrypt/testprof/ecc_test.c,v $ */
251 /* $Revision: 1.21 $ */
252 /* $Date: 2006/12/04 03:21:03 $ */