ecc-mod-test.c 3.21 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
#include "testutils.h"

3
4
5
6
7
8
9
10
#if NETTLE_USE_MINI_GMP
void
test_main (void)
{
  SKIP();
}
#else /* ! NETTLE_USE_MINI_GMP */

Niels Möller's avatar
Niels Möller committed
11
12
13
14
15
16
17
18
19
static void
ref_mod (mp_limb_t *rp, const mp_limb_t *ap, const mp_limb_t *mp, mp_size_t mn)
{
  mp_limb_t q[mn + 1];
  mpn_tdiv_qr (q, rp, 0, ap, 2*mn, mp, mn);
}

#define MAX_ECC_SIZE (1 + 521 / GMP_NUMB_BITS)
#define MAX_SIZE (2*MAX_ECC_SIZE)
20
#define COUNT 50000
Niels Möller's avatar
Niels Möller committed
21

22
23
static void
test_curve (gmp_randstate_t rands, const struct ecc_curve *ecc)
Niels Möller's avatar
Niels Möller committed
24
25
26
27
28
{
  mp_limb_t a[MAX_SIZE];
  mp_limb_t m[MAX_SIZE];
  mp_limb_t ref[MAX_SIZE];
  mpz_t r;
29
  unsigned j;
Niels Möller's avatar
Niels Möller committed
30
31
32

  mpz_init (r);
  
33
  for (j = 0; j < COUNT; j++)
Niels Möller's avatar
Niels Möller committed
34
    {
35
      if (j & 1)
Niels Möller's avatar
Niels Möller committed
36
	mpz_rrandomb (r, rands, 2*ecc->p.size * GMP_NUMB_BITS);
37
      else
Niels Möller's avatar
Niels Möller committed
38
	mpz_urandomb (r, rands, 2*ecc->p.size * GMP_NUMB_BITS);
39

Niels Möller's avatar
Niels Möller committed
40
      mpz_limbs_copy (a, r, 2*ecc->p.size);
41

Niels Möller's avatar
Niels Möller committed
42
      ref_mod (ref, a, ecc->p.m, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
43

Niels Möller's avatar
Niels Möller committed
44
      mpn_copyi (m, a, 2*ecc->p.size);
45
      ecc->p.mod (&ecc->p, m);
Niels Möller's avatar
Niels Möller committed
46
47
      if (mpn_cmp (m, ecc->p.m, ecc->p.size) >= 0)
	mpn_sub_n (m, m, ecc->p.m, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
48

Niels Möller's avatar
Niels Möller committed
49
      if (mpn_cmp (m, ref, ecc->p.size))
50
51
	{
	  fprintf (stderr, "ecc->modp failed: bit_size = %u\n",
Niels Möller's avatar
Niels Möller committed
52
53
54
55
		   ecc->p.bit_size);
	  gmp_fprintf (stderr, "a   = %Nx\n", a, 2*ecc->p.size);
	  gmp_fprintf (stderr, "m   = %Nx (bad)\n", m, ecc->p.size);
	  gmp_fprintf (stderr, "ref = %Nx\n", ref, ecc->p.size);
56
57
	  abort ();
	}
Niels Möller's avatar
Niels Möller committed
58

Niels Möller's avatar
Niels Möller committed
59
      if (ecc->p.B_size < ecc->p.size)
60
	{
Niels Möller's avatar
Niels Möller committed
61
	  mpn_copyi (m, a, 2*ecc->p.size);
62
	  ecc_mod (&ecc->p, m);
Niels Möller's avatar
Niels Möller committed
63
64
	  if (mpn_cmp (m, ecc->p.m, ecc->p.size) >= 0)
	    mpn_sub_n (m, m, ecc->p.m, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
65

Niels Möller's avatar
Niels Möller committed
66
	  if (mpn_cmp (m, ref, ecc->p.size))
Niels Möller's avatar
Niels Möller committed
67
	    {
68
	      fprintf (stderr, "ecc_generic_modp failed: bit_size = %u\n",
Niels Möller's avatar
Niels Möller committed
69
70
71
72
		       ecc->p.bit_size);
	      gmp_fprintf (stderr, "a   = %Nx\n", a, 2*ecc->p.size);
	      gmp_fprintf (stderr, "m   = %Nx (bad)\n", m, ecc->p.size);
	      gmp_fprintf (stderr, "ref = %Nx\n", ref, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
73
74
	      abort ();
	    }
75
	}
Niels Möller's avatar
Niels Möller committed
76

Niels Möller's avatar
Niels Möller committed
77
      ref_mod (ref, a, ecc->q.m, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
78

Niels Möller's avatar
Niels Möller committed
79
      mpn_copyi (m, a, 2*ecc->p.size);
80
      ecc->q.mod (&ecc->q, m);
Niels Möller's avatar
Niels Möller committed
81
82
      if (mpn_cmp (m, ecc->q.m, ecc->p.size) >= 0)
	mpn_sub_n (m, m, ecc->q.m, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
83

Niels Möller's avatar
Niels Möller committed
84
      if (mpn_cmp (m, ref, ecc->p.size))
85
86
	{
	  fprintf (stderr, "ecc->modq failed: bit_size = %u\n",
Niels Möller's avatar
Niels Möller committed
87
88
89
90
		   ecc->p.bit_size);
	  gmp_fprintf (stderr, "a   = %Nx\n", a, 2*ecc->p.size);
	  gmp_fprintf (stderr, "m   = %Nx (bad)\n", m, ecc->p.size);
	  gmp_fprintf (stderr, "ref = %Nx\n", ref, ecc->p.size);
91
	  abort ();
92
	}
Niels Möller's avatar
Niels Möller committed
93
      if (ecc->q.B_size < ecc->p.size)
94
	{
Niels Möller's avatar
Niels Möller committed
95
	  mpn_copyi (m, a, 2*ecc->p.size);
96
	  ecc_mod (&ecc->q, m);
Niels Möller's avatar
Niels Möller committed
97
98
	  if (mpn_cmp (m, ecc->q.m, ecc->p.size) >= 0)
	    mpn_sub_n (m, m, ecc->q.m, ecc->p.size);
Niels Möller's avatar
Niels Möller committed
99

Niels Möller's avatar
Niels Möller committed
100
	  if (mpn_cmp (m, ref, ecc->p.size))
Niels Möller's avatar
Niels Möller committed
101
	    {
Niels Möller's avatar
Niels Möller committed
102
103
104
105
106
	      fprintf (stderr, "ecc_generic_modq failed: bit_size = %u\n",
		       ecc->q.bit_size);
	      gmp_fprintf (stderr, "a   = %Nx\n", a, 2*ecc->p.size);
	      gmp_fprintf (stderr, "m   = %Nx (bad)\n", m, ecc->p.size);
	      gmp_fprintf (stderr, "ref = %Nx\n", ref, ecc->p.size);
107
	      abort ();
Niels Möller's avatar
Niels Möller committed
108
109
110
111
	    }
	}
    }
  mpz_clear (r);
112
113
114
115
116
117
118
119
120
121
122
123
124
125
}

void
test_main (void)
{
  gmp_randstate_t rands;
  unsigned i;

  gmp_randinit_default (rands);
  
  for (i = 0; ecc_curves[i]; i++)
    test_curve (rands, ecc_curves[i]);

  test_curve (rands, &nettle_curve25519);
126
  gmp_randclear (rands);
Niels Möller's avatar
Niels Möller committed
127
}
128
#endif /* ! NETTLE_USE_MINI_GMP */