New test case for ecc_dup_jj and ecc_dup_eh (latter test currently not exercised).

diff --git a/testsuite/.test-rules.make b/testsuite/.test-rules.make
index 59a9c0fa70c8d0445fb4c24c82fbbe48d7b88e03..7a88d23575c41af872e80a9c87530084475154c8 100644 (file)
--- a/testsuite/.test-rules.make
+++ b/testsuite/.test-rules.make
@@ -205,6 +205,9 @@ ecc-modinv-test$(EXEEXT): ecc-modinv-test.$(OBJEXT)
 ecc-redc-test$(EXEEXT): ecc-redc-test.$(OBJEXT)
        $(LINK) ecc-redc-test.$(OBJEXT) $(TEST_OBJS) -o ecc-redc-test$(EXEEXT)
 
+ecc-dup-test$(EXEEXT): ecc-dup-test.$(OBJEXT)
+       $(LINK) ecc-dup-test.$(OBJEXT) $(TEST_OBJS) -o ecc-dup-test$(EXEEXT)
+
 ecc-mul-g-test$(EXEEXT): ecc-mul-g-test.$(OBJEXT)
        $(LINK) ecc-mul-g-test.$(OBJEXT) $(TEST_OBJS) -o ecc-mul-g-test$(EXEEXT)
 

diff --git a/testsuite/Makefile.in b/testsuite/Makefile.in
index 6109a669cc0dd6c5226fb678f4c236ff7dd5d093..0fff4222e23c05d56881ac26413f953092a5f972 100644 (file)
--- a/testsuite/Makefile.in
+++ b/testsuite/Makefile.in
@@ -41,7 +41,7 @@ TS_HOGWEED_SOURCES = sexp-test.c sexp-format-test.c \
                     curve25519-dup-test.c curve25519-add-test.c \
                     curve25519-dh-test.c \
                     ecc-mod-test.c ecc-modinv-test.c ecc-redc-test.c \
-                    ecc-mul-g-test.c ecc-mul-a-test.c \
+                    ecc-dup-test.c ecc-mul-g-test.c ecc-mul-a-test.c \
                     ecdsa-sign-test.c ecdsa-verify-test.c \
                     ecdsa-keygen-test.c ecdh-test.c
 

diff --git a/testsuite/ecc-dup-test.c b/testsuite/ecc-dup-test.c
new file mode 100644 (file)
index 0000000..4f426f8
--- /dev/null
+++ b/testsuite/ecc-dup-test.c
@@ -0,0 +1,75 @@
+#include "testutils.h"
+
+/* For curve25519 (or other edwards curves) only. */
+static int
+point_zero_p (const struct ecc_curve *ecc, const mp_limb_t *p)
+{  
+  mp_limb_t *d;
+  int ret;
+  mp_size_t i;
+
+  /* Zero point has Y = Z (mod p), or y = Y/Z = 1, which also implies
+     x == 0. */
+  d = xalloc_limbs (ecc->size);
+  ecc_modp_sub (ecc, d, p + ecc->size, p + 2*ecc->size);
+  while (mpn_cmp (d, ecc->p, ecc->size) >= 0)
+    mpn_sub_n (d, d, ecc->p, ecc->size);
+
+  for (i = 0, ret = 1; i < ecc->size; i++)
+    if (d[i])
+      {
+       ret = 0;
+       break;
+      }
+  
+  free (d);
+  return ret;
+}
+
+void
+test_main (void)
+{
+  unsigned i;
+
+  for (i = 0; ecc_curves[i]; i++)
+    {
+      const struct ecc_curve *ecc = ecc_curves[i];
+      mp_limb_t *g = xalloc_limbs (ecc_size_j (ecc));
+      mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc));
+      mp_limb_t *scratch = xalloc_limbs (ECC_DUP_EH_ITCH(ecc->size));;
+
+      if (ecc->bit_size == 255)
+       {
+         mp_limb_t *z = xalloc_limbs (ecc_size_j (ecc));
+         /* Zero point has x = 0, y = 1, z = 1 */
+         mpn_zero (z, 3*ecc->size);
+         z[ecc->size] = z[2*ecc->size] = 1;
+         
+         ecc_a_to_j (ecc, g, ecc->g);
+
+         ecc_dup_eh (ecc, p, z, scratch);
+         if (!point_zero_p (ecc, p))
+           die ("dup of zero point failed.\n");
+
+         ecc_dup_eh (ecc, p, g, scratch);
+         test_ecc_mul_h (i, 2, p);
+
+         ecc_dup_eh (ecc, p, p, scratch);
+         test_ecc_mul_h (i, 4, p);
+         free (z);
+       }
+      else
+       {
+         ecc_a_to_j (ecc, g, ecc->g);
+
+         ecc_dup_jj (ecc, p, g, scratch);
+         test_ecc_mul_h (i, 2, p);
+
+         ecc_dup_jj (ecc, p, p, scratch);
+         test_ecc_mul_h (i, 4, p);
+       }
+      free (p);
+      free (g);
+      free (scratch);
+    }
+}