curve25519-add-test.c 3.47 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#include "testutils.h"

static int
point_zero_p (const struct ecc_curve *ecc, const mp_limb_t *p)
{  
  mp_limb_t *d;
  int ret;
  mp_size_t i;
  d = xalloc_limbs (ecc->size);
  ecc_modp_sub (ecc, d, p + ecc->size, p + 2*ecc->size);
  while (mpn_cmp (d, ecc->p, ecc->size) >= 0)
    mpn_sub_n (d, d, ecc->p, ecc->size);

  for (i = 0, ret = 1; i < ecc->size; i++)
    if (d[i])
      {
	ret = 0;
	break;
      }
  
  free (d);
  return ret;
}

void
test_main (void)
{
  const struct ecc_curve *ecc = &nettle_curve25519;
  mp_limb_t *g;
  mp_limb_t *z;
31
32
33
  mp_limb_t *g2;
  mp_limb_t *g3;
  mp_limb_t *g4;
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
  mp_limb_t *pe;
  mp_limb_t *pa;
  mp_limb_t *scratch;
  const struct ecc_ref_point rg =
    {
      "9",
      "20ae19a1b8a086b4e01edd2c7748d14c923d4d7e6d7c61b229e9c5a27eced3d9"
    };
  const struct ecc_ref_point rg2 = 
    { /* In Edwards coordinates:
	 x = 0x1a1c31f8665368131698fecfd54233fcdc638bb46d25cc61d8bc4bcdbfbb4459,
	 y = 0x2260cdf3092329c21da25ee8c9a21f5697390f51643851560e5f46ae6af8a3c9
      */
      "20d342d51873f1b7d9750c687d157114"
      "8f3f5ced1e350b5c5cae469cdd684efb",
      "13b57e011700e8ae050a00945d2ba2f3"
      "77659eb28d8d391ebcd70465c72df563"
    };
  const struct ecc_ref_point rg3 = 
    {
      "1c12bc1a6d57abe645534d91c21bba64"
      "f8824e67621c0859c00a03affb713c12",
      "2986855cbe387eaeaceea446532c338c"
      "536af570f71ef7cf75c665019c41222b"
    };
  const struct ecc_ref_point rg4 =    
    {
      "79ce98b7e0689d7de7d1d074a15b315f"
      "fe1805dfcd5d2a230fee85e4550013ef",
      "075af5bf4ebdc75c8fe26873427d275d"
      "73c0fb13da361077a565539f46de1c30"
    };
  
  g = xalloc_limbs (ecc_size_j (ecc));
  z = xalloc_limbs (ecc_size_j (ecc));
69
70
71
  g2 = xalloc_limbs (ecc_size_j (ecc));
  g3 = xalloc_limbs (ecc_size_j (ecc));
  g4 = xalloc_limbs (ecc_size_j (ecc));
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
  pe = xalloc_limbs (ecc_size_j (ecc));
  pa = xalloc_limbs (ecc_size_j (ecc));
  scratch = xalloc_limbs (ECC_ADD_EHH_ITCH(ecc->size));

  mpn_copyi (g, ecc->g, 2*ecc->size);
  g[2*ecc->size] = 1;
  mpn_zero (g+2*ecc->size + 1, ecc->size - 1);

  /* Zero point has x = 0, y = 1, z = 1 */
  mpn_zero (z, 3*ecc->size);
  z[ecc->size] = z[2*ecc->size] = 1;

  ecc_add_ehh (ecc, pe, z, z, scratch);
  if (!point_zero_p (ecc, pe))
    die ("dup of zero point failed.\n");

Niels Möller's avatar
Niels Möller committed
88
89
90
91
  ecc_add_eh (ecc, pe, z, z, scratch);
  if (!point_zero_p (ecc, pe))
    die ("dup of zero point failed.\n");

92
  ecc_add_ehh (ecc, pe, g, pe, scratch);
Niels Möller's avatar
Niels Möller committed
93
94
  ecc_eh_to_a (ecc, 0, pa, pe, scratch);
  test_ecc_point (ecc, &rg, pa);
95

Niels Möller's avatar
Niels Möller committed
96
  ecc_add_eh (ecc, pe, z, g, scratch);
97
98
99
  ecc_eh_to_a (ecc, 0, pa, pe, scratch);
  test_ecc_point (ecc, &rg, pa);

100
  ecc_add_ehh (ecc, g2, g, pe, scratch);
Niels Möller's avatar
Niels Möller committed
101
102
  ecc_eh_to_a (ecc, 0, pa, g2, scratch);
  test_ecc_point (ecc, &rg2, pa);
103

Niels Möller's avatar
Niels Möller committed
104
  ecc_add_eh (ecc, g2, g, g, scratch);
105
  ecc_eh_to_a (ecc, 0, pa, g2, scratch);
106
107
  test_ecc_point (ecc, &rg2, pa);

108
  ecc_add_ehh (ecc, g3, g, g2, scratch);
Niels Möller's avatar
Niels Möller committed
109
110
  ecc_eh_to_a (ecc, 0, pa, g3, scratch);
  test_ecc_point (ecc, &rg3, pa);
111

Niels Möller's avatar
Niels Möller committed
112
  ecc_add_eh (ecc, g3, g2, g, scratch);
113
  ecc_eh_to_a (ecc, 0, pa, g3, scratch);
114
115
  test_ecc_point (ecc, &rg3, pa);

116
  ecc_add_ehh (ecc, g4, g, g3, scratch);
Niels Möller's avatar
Niels Möller committed
117
118
  ecc_eh_to_a (ecc, 0, pa, g4, scratch);
  test_ecc_point (ecc, &rg4, pa);
119

Niels Möller's avatar
Niels Möller committed
120
  ecc_add_eh (ecc, g4, g3, g, scratch);
121
  ecc_eh_to_a (ecc, 0, pa, g4, scratch);
122
  test_ecc_point (ecc, &rg4, pa);
123
124
125
126
127
128
129
130
131
132
133
134
135

  ecc_add_ehh (ecc, g4, g2, g2, scratch);
  ecc_eh_to_a (ecc, 0, pa, g4, scratch);
  test_ecc_point (ecc, &rg4, pa);

  free (g);
  free (z);
  free (g2);
  free (g3);
  free (g4);
  free (pe);
  free (pa);
  free (scratch);
136
}