From: Niels Möller Date: Wed, 8 Oct 2014 20:46:38 +0000 (+0200) Subject: Use _eddsa_expand_key in the tests. X-Git-Tag: nettle_3.1rc1~66 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=259f0d2bd6cfb813b41c9b929b8cb5d3829197db;p=thirdparty%2Fnettle.git Use _eddsa_expand_key in the tests. --- diff --git a/ChangeLog b/ChangeLog index 3de9be5e..7031a01a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2014-10-08 Niels Möller + * testsuite/eddsa-sign-test.c (test_eddsa_sign): Use + _eddsa_expand_key, and check its public key output. + * eddsa-expand.c (_eddsa_expand_key): New file, new function. * eddsa.h (_eddsa_expand_key): Declare it. * Makefile.in (hogweed_SOURCES): Added eddsa-expand.c. diff --git a/testsuite/eddsa-sign-test.c b/testsuite/eddsa-sign-test.c index 0fbfa39a..381601db 100644 --- a/testsuite/eddsa-sign-test.c +++ b/testsuite/eddsa-sign-test.c @@ -45,27 +45,30 @@ test_eddsa_sign (const struct ecc_curve *ecc, size_t nbytes = 1 + ecc->p.bit_size / 8; uint8_t *signature = xalloc (2*nbytes); void *ctx = xalloc (H->context_size); + uint8_t *public_out = xalloc (nbytes); + uint8_t *k1 = xalloc (nbytes); mp_limb_t *k2 = xalloc_limbs (ecc->p.size); ASSERT (public->length == nbytes); ASSERT (private->length == nbytes); ASSERT (ref->length == 2*nbytes); + ASSERT (_eddsa_expand_key_itch (ecc) <= _eddsa_sign_itch (ecc)); - /* Generate subkeys. FIXME: Needs a function for key expansion. */ - H->init (ctx); - H->update (ctx, private->length, private->data); - H->digest (ctx, 2*nbytes, signature); - mpn_set_base256_le (k2, ecc->p.size, signature, nbytes); - /* Clear low 3 bits */ - k2[0] &= ~(mp_limb_t) 7; - /* Set bit number bit_size - 1 (bit 254 for curve25519) */ - k2[(ecc->p.bit_size - 1) / GMP_NUMB_BITS] - |= (mp_limb_t) 1 << ((ecc->p.bit_size - 1) % GMP_NUMB_BITS); - /* Clear any higher bits. */ - k2[ecc->p.size - 1] &= ~(mp_limb_t) 0 - >> (GMP_NUMB_BITS * ecc->p.size - ecc->p.bit_size); - - H->update (ctx, nbytes, signature + nbytes); + _eddsa_expand_key (ecc, H, ctx, private->data, + public_out, + k1, k2, scratch); + + if (!MEMEQ (nbytes, public_out, public->data)) + { + fprintf (stderr, "Bad public key from _eddsa_expand_key.\n"); + fprintf (stderr, "got:"); + print_hex (nbytes, public_out); + fprintf (stderr, "\nref:"); + tstring_print_hex (public); + fprintf (stderr, "\n"); + abort (); + } + H->update (ctx, nbytes, k1); _eddsa_sign (ecc, H, public->data, ctx, k2, msg->length, msg->data, signature, scratch); @@ -92,7 +95,9 @@ test_eddsa_sign (const struct ecc_curve *ecc, free (scratch); free (signature); free (ctx); + free (k1); free (k2); + free (public_out); } void test_main (void)