Commit bfe24f58 authored by Niels Möller's avatar Niels Möller

Delete tests and code for ecdsa over curve25519.

* ecc-eh-to-a.c (ecc_eh_to_a): Require op == 0, delete code only
used for non-standard ecdsa over curve25519.
* testsuite/ecdsa-sign-test.c (test_main): Delete test of ecdsa
over curve25519.
* testsuite/ecdsa-verify-test.c (test_main): Likewise.
* testsuite/ecdsa-keygen-test.c (test_main): Exclude curve25519
from test.
parent 9f4180d6
2019-12-07 Niels Möller <nisse@lysator.liu.se>
* ecc-eh-to-a.c (ecc_eh_to_a): Require op == 0, delete code only
used for non-standard ecdsa over curve25519.
* testsuite/ecdsa-sign-test.c (test_main): Delete test of ecdsa
over curve25519.
* testsuite/ecdsa-verify-test.c (test_main): Likewise.
* testsuite/ecdsa-keygen-test.c (test_main): Exclude curve25519
from test.
2019-12-05 Niels Möller <nisse@lysator.liu.se>
* configure.ac: Use AC_TRY_LINK rather than AC_TRY_COMPILE to
......
......@@ -56,6 +56,8 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
mp_limb_t cy;
assert(op == 0);
/* Needs 2*size + scratch for the invert call. */
ecc->p.invert (&ecc->p, izp, zp, tp + ecc->p.size);
......@@ -63,25 +65,6 @@ ecc_eh_to_a (const struct ecc_curve *ecc,
cy = mpn_sub_n (r, tp, ecc->p.m, ecc->p.size);
cnd_copy (cy, r, tp, ecc->p.size);
if (op)
{
/* Skip y coordinate */
if (op > 1)
{
/* Reduce modulo q. Hardcoded for curve25519, duplicates end
of ecc_25519_modq. FIXME: Is this needed at all? op > 0
is only used by ecdsa code, and ecdsa on Edwards curves
makes little sense and is is only used by tests. */
unsigned shift;
assert (ecc->p.bit_size == 255);
shift = ecc->q.bit_size - 1 - GMP_NUMB_BITS * (ecc->p.size - 1);
cy = mpn_submul_1 (r, ecc->q.m, ecc->p.size,
r[ecc->p.size-1] >> shift);
assert (cy < 2);
cnd_add_n (cy, r, ecc->q.m, ecc->p.size);
}
return;
}
ecc_modp_mul (ecc, tp, yp, izp);
cy = mpn_sub_n (r + ecc->p.size, tp, ecc->p.m, ecc->p.size);
cnd_copy (cy, r + ecc->p.size, tp, ecc->p.size);
......
......@@ -78,6 +78,10 @@ test_main (void)
struct ecc_point pub;
struct ecc_scalar key;
if (ecc->p.bit_size == 255)
/* Exclude curve25519, which isn't supported with ECDSA. */
continue;
if (verbose)
fprintf (stderr, "Curve %d\n", ecc->p.bit_size);
......
......@@ -156,18 +156,4 @@ test_main (void)
"97536710 1F67D1CF 9BCCBF2F 3D239534"
"FA509E70 AAC851AE 01AAC68D 62F86647"
"2660"); /* s */
/* Non-standard ecdsa using curve25519. Not interop-tested with
anything else. */
test_ecdsa (&_nettle_curve25519,
"1db511101b8fd16f e0212c5679ef53f3"
"323bde77f9efa442 617314d576d1dbcb", /* z */
"aa2fa8facfdc3a99 ec466d41a2c9211c"
"e62e1706f54037ff 8486e26153b0fa79", /* k */
SHEX("e99df2a098c3c590 ea1e1db6d9547339"
"ae760d5331496119 5d967fd881e3b0f5"), /* h */
" 515c3a485f57432 0daf3353a0d08110"
"64157c556296de09 4132f74865961b37", /* r */
" 78f23367291b01 3fc430fb09322d95"
"4384723649868d8e 88effc7ac8b141d7"); /* s */
}
......@@ -145,17 +145,4 @@ test_main (void)
"97536710 1F67D1CF 9BCCBF2F 3D239534"
"FA509E70 AAC851AE 01AAC68D 62F86647"
"2660"); /* s */
test_ecdsa (&_nettle_curve25519,
/* Public key corresponding to the key in ecdsa-sign-test */
"59f8f317fd5f4e82 c02f8d4dec665fe1"
"230f83b8572638e1 b2ac34a30028e24d", /* x */
"1902a72dc1a6525a 811b9c1845978d56"
"fd97dce5e278ebdd ec695349d7e41498", /* y */
SHEX("e99df2a098c3c590 ea1e1db6d9547339"
"ae760d5331496119 5d967fd881e3b0f5"), /* h */
" 515c3a485f57432 0daf3353a0d08110"
"64157c556296de09 4132f74865961b37", /* r */
" 78f23367291b01 3fc430fb09322d95"
"4384723649868d8e 88effc7ac8b141d7"); /* s */
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment