+2022-01-17 Niels Möller <nisse@lysator.liu.se>
+
+ * testsuite/testutils.c (test_ecc_point_valid_p): New function,
+ moved from...
+ * testsuite/ecdsa-keygen-test.c (ecc_valid_p): ... old copy.
+ * testsuite/gostdsa-keygen-test.c (ecc_valid_p): ... old copy.
+ * testsuite/testutils.h: Declare it.
+
2022-01-10 Niels Möller <nisse@lysator.liu.se>
* powerpc64/ecc-secp256r1-redc.asm: Reduce number of registers
#include "testutils.h"
#include "knuth-lfib.h"
-/* Check if y^2 = x^3 - 3x + b */
-static int
-ecc_valid_p (struct ecc_point *pub)
-{
- mpz_t t, x, y;
- mpz_t lhs, rhs;
- int res;
- mp_size_t size;
-
- size = pub->ecc->p.size;
-
- /* First check range */
- if (mpn_cmp (pub->p, pub->ecc->p.m, size) >= 0
- || mpn_cmp (pub->p + size, pub->ecc->p.m, size) >= 0)
- return 0;
-
- mpz_init (lhs);
- mpz_init (rhs);
-
- mpz_roinit_n (x, pub->p, size);
- mpz_roinit_n (y, pub->p + size, size);
-
- mpz_mul (lhs, y, y);
-
- if (pub->ecc->p.bit_size == 255)
- {
- /* Check that
- 121666 (1 + x^2 - y^2) = 121665 x^2 y^2 */
- mpz_t x2;
- mpz_init (x2);
- mpz_mul (x2, x, x); /* x^2 */
- mpz_mul (rhs, x2, lhs); /* x^2 y^2 */
- mpz_sub (lhs, x2, lhs); /* x^2 - y^2 */
- mpz_add_ui (lhs, lhs, 1); /* 1 + x^2 - y^2 */
- mpz_mul_ui (lhs, lhs, 121666);
- mpz_mul_ui (rhs, rhs, 121665);
-
- mpz_clear (x2);
- }
- else if (pub->ecc->p.bit_size == 448)
- {
- /* Check that
- x^2 + y^2 = 1 - 39081 x^2 y^2 */
- mpz_t x2, d;
- mpz_init (x2);
- mpz_init_set_ui (d, 39081);
- mpz_mul (x2, x, x); /* x^2 */
- mpz_mul (d, d, x2); /* 39081 x^2 */
- mpz_set_ui (rhs, 1);
- mpz_submul (rhs, d, lhs); /* 1 - 39081 x^2 y^2 */
- mpz_add (lhs, x2, lhs); /* x^2 + y^2 */
-
- mpz_clear (d);
- mpz_clear (x2);
- }
- else
- {
- /* Check y^2 = x^3 - 3 x + b */
- mpz_mul (rhs, x, x);
- mpz_sub_ui (rhs, rhs, 3);
- mpz_mul (rhs, rhs, x);
- mpz_add (rhs, rhs, mpz_roinit_n (t, pub->ecc->b, size));
- }
- res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, pub->ecc->p.m, size));
-
- mpz_clear (lhs);
- mpz_clear (rhs);
-
- return res;
-}
-
void
test_main (void)
{
write_mpn (stderr, 16, key.p, ecc->p.size);
fprintf (stderr, "\n");
}
- if (!ecc_valid_p (&pub))
+ if (!test_ecc_point_valid_p (&pub))
die ("ecdsa_generate_keypair produced an invalid point.\n");
ecdsa_sign (&key,
#include "gostdsa.h"
#include "knuth-lfib.h"
-/* Check if y^2 = x^3 - 3x + b */
-static int
-ecc_valid_p (struct ecc_point *pub)
-{
- mpz_t t, x, y;
- mpz_t lhs, rhs;
- int res;
- mp_size_t size;
-
- size = pub->ecc->p.size;
-
- /* First check range */
- if (mpn_cmp (pub->p, pub->ecc->p.m, size) >= 0
- || mpn_cmp (pub->p + size, pub->ecc->p.m, size) >= 0)
- return 0;
-
- mpz_init (lhs);
- mpz_init (rhs);
-
- mpz_roinit_n (x, pub->p, size);
- mpz_roinit_n (y, pub->p + size, size);
-
- mpz_mul (lhs, y, y);
-
- if (pub->ecc->p.bit_size == 255)
- {
- /* Check that
- 121666 (1 + x^2 - y^2) = 121665 x^2 y^2 */
- mpz_t x2;
- mpz_init (x2);
- mpz_mul (x2, x, x); /* x^2 */
- mpz_mul (rhs, x2, lhs); /* x^2 y^2 */
- mpz_sub (lhs, x2, lhs); /* x^2 - y^2 */
- mpz_add_ui (lhs, lhs, 1); /* 1 + x^2 - y^2 */
- mpz_mul_ui (lhs, lhs, 121666);
- mpz_mul_ui (rhs, rhs, 121665);
-
- mpz_clear (x2);
- }
- else if (pub->ecc->p.bit_size == 448)
- {
- /* Check that
- x^2 + y^2 = 1 - 39081 x^2 y^2 */
- mpz_t x2, d;
- mpz_init (x2);
- mpz_init_set_ui (d, 39081);
- mpz_mul (x2, x, x); /* x^2 */
- mpz_mul (d, d, x2); /* 39081 x^2 */
- mpz_set_ui (rhs, 1);
- mpz_submul (rhs, d, lhs); /* 1 - 39081 x^2 y^2 */
- mpz_add (lhs, x2, lhs); /* x^2 + y^2 */
-
- mpz_clear (d);
- mpz_clear (x2);
- }
- else
- {
- /* Check y^2 = x^3 - 3 x + b */
- mpz_mul (rhs, x, x);
- mpz_sub_ui (rhs, rhs, 3);
- mpz_mul (rhs, rhs, x);
- mpz_add (rhs, rhs, mpz_roinit_n (t, pub->ecc->b, size));
- }
- res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, pub->ecc->p.m, size));
-
- mpz_clear (lhs);
- mpz_clear (rhs);
-
- return res;
-}
-
void
test_main (void)
{
write_mpn (stderr, 16, key.p, ecc->p.size);
fprintf (stderr, "\n");
}
- if (!ecc_valid_p (&pub))
+ if (!test_ecc_point_valid_p (&pub))
die ("gostdsa_generate_keypair produced an invalid point.\n");
gostdsa_sign (&key,
NULL
};
+int
+test_ecc_point_valid_p (struct ecc_point *pub)
+{
+ mpz_t t, x, y;
+ mpz_t lhs, rhs;
+ int res;
+ mp_size_t size;
+
+ size = pub->ecc->p.size;
+
+ /* First check range */
+ if (mpn_cmp (pub->p, pub->ecc->p.m, size) >= 0
+ || mpn_cmp (pub->p + size, pub->ecc->p.m, size) >= 0)
+ return 0;
+
+ mpz_init (lhs);
+ mpz_init (rhs);
+
+ mpz_roinit_n (x, pub->p, size);
+ mpz_roinit_n (y, pub->p + size, size);
+
+ mpz_mul (lhs, y, y);
+
+ if (pub->ecc->p.bit_size == 255)
+ {
+ /* Check that
+ 121666 (1 + x^2 - y^2) = 121665 x^2 y^2 */
+ mpz_t x2;
+ mpz_init (x2);
+ mpz_mul (x2, x, x); /* x^2 */
+ mpz_mul (rhs, x2, lhs); /* x^2 y^2 */
+ mpz_sub (lhs, x2, lhs); /* x^2 - y^2 */
+ mpz_add_ui (lhs, lhs, 1); /* 1 + x^2 - y^2 */
+ mpz_mul_ui (lhs, lhs, 121666);
+ mpz_mul_ui (rhs, rhs, 121665);
+
+ mpz_clear (x2);
+ }
+ else if (pub->ecc->p.bit_size == 448)
+ {
+ /* Check that
+ x^2 + y^2 = 1 - 39081 x^2 y^2 */
+ mpz_t x2, d;
+ mpz_init (x2);
+ mpz_init_set_ui (d, 39081);
+ mpz_mul (x2, x, x); /* x^2 */
+ mpz_mul (d, d, x2); /* 39081 x^2 */
+ mpz_set_ui (rhs, 1);
+ mpz_submul (rhs, d, lhs); /* 1 - 39081 x^2 y^2 */
+ mpz_add (lhs, x2, lhs); /* x^2 + y^2 */
+
+ mpz_clear (d);
+ mpz_clear (x2);
+ }
+ else
+ {
+ /* Check y^2 = x^3 - 3 x + b */
+ mpz_mul (rhs, x, x);
+ mpz_sub_ui (rhs, rhs, 3);
+ mpz_mul (rhs, rhs, x);
+ mpz_add (rhs, rhs, mpz_roinit_n (t, pub->ecc->b, size));
+ }
+ res = mpz_congruent_p (lhs, rhs, mpz_roinit_n (t, pub->ecc->p.m, size));
+
+ mpz_clear (lhs);
+ mpz_clear (rhs);
+
+ return res;
+}
+
static int
test_mpn (const char *ref, const mp_limb_t *xp, mp_size_t n)
{
extern const struct ecc_curve * const ecc_curves[];
+/* Check that given point satisfyes curve equation. */
+int
+test_ecc_point_valid_p (struct ecc_point *pub);
+
struct ecc_ref_point
{
const char *x;
projects / thirdparty / nettle.git / commitdiff
