From 12199f55eb93e8970b783ba1eb073ac370775ab7 Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Fri, 17 Jan 2020 00:52:37 +0300
Subject: [PATCH] hogweed-benchmark: enable testing of GOST DSA

Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
 examples/hogweed-benchmark.c | 104 +++++++++++++++++++++++++++++++++++
 1 file changed, 104 insertions(+)

diff --git a/examples/hogweed-benchmark.c b/examples/hogweed-benchmark.c
index 11393df0..bceed77e 100644
--- a/examples/hogweed-benchmark.c
+++ b/examples/hogweed-benchmark.c
@@ -48,6 +48,7 @@
 #include "dsa.h"
 #include "rsa.h"
 #include "eddsa.h"
+#include "gostdsa.h"
 #include "curve25519.h"
 #include "curve448.h"
 
@@ -591,6 +592,107 @@ bench_eddsa_clear (void *p)
   free (p);
 }
 
+static void *
+bench_gostdsa_init (unsigned size)
+{
+  struct ecdsa_ctx *ctx;
+  const struct ecc_curve *ecc;
+
+  const char *xs;
+  const char *ys;
+  const char *zs;
+  mpz_t x, y, z;
+
+  ctx = xalloc (sizeof(*ctx));
+
+  dsa_signature_init (&ctx->s);
+  knuth_lfib_init (&ctx->lfib, 17);
+
+  switch (size)
+    {
+    case 256:
+      ecc = &_nettle_gost_gc256b;
+      xs = "971566ceda436ee7678f7e07e84ebb7217406c0b4747aa8fd2ab1453c3d0dfba";
+      ys = "ad58736965949f8e59830f8de20fc6c0d177f6ab599874f1e2e24ff71f9ce643";
+      zs = "bfcf1d623e5cdd3032a7c6eabb4a923c46e43d640ffeaaf2c3ed39a8fa399924";
+      ctx->digest = hash_string (&nettle_sha256, "abc");
+      ctx->digest_size = 32;
+      break;
+
+    case 512:
+      ecc = &_nettle_gost_gc512a;
+      xs = "03A36340A95BB5F93D131961B5B1C1B3213DF7FF3B5A30376407E2A65C441BC6"
+	   "D1B34662317083243F007B15A8512B526606D3B172B606DCE86DBD6F82DA3D40";
+      ys = "DEAD76318012FED79507809C89CC44848743640EAC9A3C847DA9082E050760A1"
+	   "0679F4B707ABC1872640AD20D7441F66C7A8B3BFF1B8E11B4A076F0A86749F73";
+      zs = "3FC01CDCD4EC5F972EB482774C41E66DB7F380528DFE9E67992BA05AEE462435"
+	   "757530E641077CE587B976C8EEB48C48FD33FD175F0C7DE6A44E014E6BCB074B";
+      ctx->digest = hash_string (&nettle_sha512, "abc");
+      ctx->digest_size = 64;
+      break;
+
+    default:
+      die ("Internal error.\n");
+    }
+  ecc_point_init (&ctx->pub, ecc);
+  ecc_scalar_init (&ctx->key, ecc);
+
+  mpz_init_set_str (x, xs, 16);
+  mpz_init_set_str (y, ys, 16);
+  mpz_init_set_str (z, zs, 16);
+
+  ecc_point_set (&ctx->pub, x, y);
+  ecc_scalar_set (&ctx->key, z);
+
+  mpz_clear (x);
+  mpz_clear (y);
+  mpz_clear (z);
+
+  gostdsa_sign (&ctx->key,
+		&ctx->lfib, (nettle_random_func *) knuth_lfib_random,
+		ctx->digest_size, ctx->digest,
+		&ctx->s);
+
+  return ctx;
+}
+
+static void
+bench_gostdsa_sign (void *p)
+{
+  struct ecdsa_ctx *ctx = p;
+  struct dsa_signature s;
+
+  dsa_signature_init (&s);
+  gostdsa_sign (&ctx->key,
+		&ctx->lfib, (nettle_random_func *) knuth_lfib_random,
+		ctx->digest_size, ctx->digest,
+		&s);
+  dsa_signature_clear (&s);
+}
+
+static void
+bench_gostdsa_verify (void *p)
+{
+  struct ecdsa_ctx *ctx = p;
+  if (! gostdsa_verify (&ctx->pub,
+			ctx->digest_size, ctx->digest,
+			&ctx->s))
+    die ("Internal error, _gostdsa_verify failed.\n");
+}
+
+static void
+bench_gostdsa_clear (void *p)
+{
+  struct ecdsa_ctx *ctx = p;
+
+  ecc_point_clear (&ctx->pub);
+  ecc_scalar_clear (&ctx->key);
+  dsa_signature_clear (&ctx->s);
+  free (ctx->digest);
+
+  free (ctx);
+}
+
 #if WITH_OPENSSL
 struct openssl_rsa_ctx
 {
@@ -838,6 +940,8 @@ struct alg alg_list[] = {
   { "eddsa", 448, bench_eddsa_init, bench_eddsa_sign, bench_eddsa_verify, bench_eddsa_clear },
   { "curve", 255, bench_curve_init, bench_curve_mul_g, bench_curve_mul, bench_curve_clear},
   { "curve", 448, bench_curve_init, bench_curve_mul_g, bench_curve_mul, bench_curve_clear },
+  { "gostdsa",  256, bench_gostdsa_init, bench_gostdsa_sign, bench_gostdsa_verify, bench_gostdsa_clear },
+  { "gostdsa",  512, bench_gostdsa_init, bench_gostdsa_sign, bench_gostdsa_verify, bench_gostdsa_clear },
 };
 
 #define numberof(x)  (sizeof (x) / sizeof ((x)[0]))
-- 
2.24.1