New test case for ecc_add_jj, ecc_add_eh and ecc_add_ehh (latter tests currently not exercised).

ChangeLog

+2014-09-16  Niels Möller  <nisse@lysator.liu.se>
+
+	* testsuite/ecc-add-test.c: New generalized testcase, to replace
+	curve25519-add-test.c.
+	* testsuite/ecc-dup-test.c: New generalized testcase, to replace
+	curve25519-dup-test.c.
+	* testsuite/Makefile.in (TS_HOGWEED_SOURCES): Added ecc-add-test.c
+	and ecc-dup-test.c.
+
 2014-09-14  Niels Möller  <nisse@lysator.liu.se>
 
 	* testsuite/ecc-mul-a-test.c (test_main): Use struct ecc_curve

testsuite/.test-rules.make

@@ -208,6 +208,9 @@ ecc-redc-test$(EXEEXT): ecc-redc-test.$(OBJEXT)
 ecc-dup-test$(EXEEXT): ecc-dup-test.$(OBJEXT)
 	$(LINK) ecc-dup-test.$(OBJEXT) $(TEST_OBJS) -o ecc-dup-test$(EXEEXT)
 
+ecc-add-test$(EXEEXT): ecc-add-test.$(OBJEXT)
+	$(LINK) ecc-add-test.$(OBJEXT) $(TEST_OBJS) -o ecc-add-test$(EXEEXT)
+
 ecc-mul-g-test$(EXEEXT): ecc-mul-g-test.$(OBJEXT)
 	$(LINK) ecc-mul-g-test.$(OBJEXT) $(TEST_OBJS) -o ecc-mul-g-test$(EXEEXT)
 

testsuite/Makefile.in

@@ -41,7 +41,8 @@ TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \
 		     curve25519-dup-test.c curve25519-add-test.c \
 		     curve25519-dh-test.c \
 		     ecc-mod-test.c ecc-modinv-test.c ecc-redc-test.c \
-		     ecc-dup-test.c ecc-mul-g-test.c ecc-mul-a-test.c \
+		     ecc-dup-test.c ecc-add-test.c \
+		     ecc-mul-g-test.c ecc-mul-a-test.c \
 		     ecdsa-sign-test.c ecdsa-verify-test.c \
 		     ecdsa-keygen-test.c ecdh-test.c
 

testsuite/ecc-add-test.c

+#include "testutils.h"
+
+/* For curve25519 (or other edwards curves) only. */
+static int
+point_zero_p (const struct ecc_curve *ecc, const mp_limb_t *p)
+{  
+  mp_limb_t *d;
+  int ret;
+  mp_size_t i;
+
+  /* Zero point has Y = Z (mod p), or y = Y/Z = 1, which also implies
+     x == 0. */
+  d = xalloc_limbs (ecc->size);
+  ecc_modp_sub (ecc, d, p + ecc->size, p + 2*ecc->size);
+  while (mpn_cmp (d, ecc->p, ecc->size) >= 0)
+    mpn_sub_n (d, d, ecc->p, ecc->size);
+
+  for (i = 0, ret = 1; i < ecc->size; i++)
+    if (d[i])
+      {
+	ret = 0;
+	break;
+      }
+  
+  free (d);
+  return ret;
+}
+
+void
+test_main (void)
+{
+  unsigned i;
+
+  for (i = 0; ecc_curves[i]; i++)
+    {
+      const struct ecc_curve *ecc = ecc_curves[i];
+      mp_limb_t *g = xalloc_limbs (ecc_size_j (ecc));
+      mp_limb_t *g2 = xalloc_limbs (ecc_size_j (ecc));
+      mp_limb_t *g3 = xalloc_limbs (ecc_size_j (ecc));
+      mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc));
+      mp_limb_t *scratch = xalloc_limbs (ECC_ADD_JJJ_ITCH(ecc->size));
+
+      if (ecc->bit_size == 255)
+	{
+	  mp_limb_t *z = xalloc_limbs (ecc_size_j (ecc));
+	  /* Zero point has x = 0, y = 1, z = 1 */
+	  mpn_zero (z, 3*ecc->size);
+	  z[ecc->size] = z[2*ecc->size] = 1;
+	  
+	  ecc_a_to_j (ecc, g, ecc->g);
+
+	  ecc_add_ehh (ecc, p, z, z, scratch);
+	  if (!point_zero_p (ecc, p))
+	    die ("dup of zero point failed.\n");
+
+	  ecc_add_eh (ecc, p, z, z, scratch);
+	  if (!point_zero_p (ecc, p))
+	    die ("dup of zero point failed.\n");
+
+	  ecc_add_ehh (ecc, p, g, p, scratch);
+	  test_ecc_mul_h (i, 1, p);
+
+	  ecc_add_eh (ecc, p, z, g, scratch);
+	  test_ecc_mul_h (i, 1, p);
+
+	  ecc_add_ehh (ecc, g2, g, p, scratch);
+	  test_ecc_mul_h (i, 2, g2);
+
+	  ecc_add_eh (ecc, g2, g, g, scratch);
+	  test_ecc_mul_h (i, 2, g2);
+
+	  ecc_add_ehh (ecc, g3, g, g2, scratch);
+	  test_ecc_mul_h (i, 3, g3);
+
+	  ecc_add_eh (ecc, g3, g2, g, scratch);
+	  test_ecc_mul_h (i, 3, g3);
+
+	  ecc_add_ehh (ecc, p, g, g3, scratch);
+	  test_ecc_mul_h (i, 4, p);
+
+	  ecc_add_eh (ecc, p, g3, g, scratch);
+	  test_ecc_mul_h (i, 4, p);
+
+	  ecc_add_ehh (ecc, p, g2, g2, scratch);
+	  test_ecc_mul_h (i, 4, p);
+
+	  free (z);
+	}
+      else
+	{
+	  ecc_a_to_j (ecc, g, ecc->g);
+
+	  ecc_dup_jj (ecc, g2, g, scratch);
+	  test_ecc_mul_h (i, 2, g2);
+
+	  ecc_add_jjj (ecc, g3, g, g2, scratch);
+	  test_ecc_mul_h (i, 3, g3);
+
+	  ecc_add_jjj (ecc, g3, g2, g, scratch);
+	  test_ecc_mul_h (i, 3, g3);
+
+	  ecc_add_jjj (ecc, p, g, g3, scratch);
+	  test_ecc_mul_h (i, 4, p);
+
+	  ecc_add_jjj (ecc, p, g3, g, scratch);
+	  test_ecc_mul_h (i, 4, p);
+
+	  ecc_dup_jj (ecc, p, g2, scratch);
+	  test_ecc_mul_h (i, 4, p);
+	}
+      free (g);
+      free (g2);
+      free (g3);
+      free (p);
+      free (scratch);
+    }
+}