ec_asn1_test: add an example using BLS12-377

This exercises the cofactor guessing code with a large cofactor. Thanks to Daniel Bleichenbacher for pointing out this example. This contains a hack to use a bogus OID since this curve has none.
author: tb <> 2025-09-17 16:13:11 +0000
committer: tb <> 2025-09-17 16:13:11 +0000
commit: 67355f1acbcfe22e391065386b442de8180421de (patch)
tree: 076e214ab7b9605e7471d0ce066303a717bff018 /src
parent: 61442379f1c0fd68060c13835a870f84283fa66f (diff)
download: openbsd-67355f1acbcfe22e391065386b442de8180421de.tar.gz
openbsd-67355f1acbcfe22e391065386b442de8180421de.tar.bz2
openbsd-67355f1acbcfe22e391065386b442de8180421de.zip
1 files changed, 80 insertions, 1 deletions
diff --git a/src/regress/lib/libcrypto/ec/ec_asn1_test.c b/src/regress/lib/libcrypto/ec/ec_asn1_test.c
index c89ab0e7ab..51b688342b 100644
--- a/src/regress/lib/libcrypto/ec/ec_asn1_test.c
+++ b/src/regress/lib/libcrypto/ec/ec_asn1_test.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_asn1_test.c,v 1.39 2025/08/26 17:57:10 tb Exp $ */
+/* $OpenBSD: ec_asn1_test.c,v 1.40 2025/09/17 16:13:11 tb Exp $ */
 /*
 * Copyright (c) 2017, 2021 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2024, 2025 Theo Buehler <tb@openbsd.org>
@@ -735,6 +735,82 @@ static const struct curve secp256k1_m = {
        .param_len = sizeof(ec_secp256k1_m_pkparameters_parameters),
 };
+/*
+ * From https://eips.ethereum.org/EIPS/eip-2539
+ */
+static const uint8_t ec_bls12_377_pkparameters_named_curve[] = {
+        0x06, 0x04, 0x29, 0x01, 0x01, 0x01,
+};
+static const uint8_t ec_bls12_377_pkparameters_parameters[] = {
+        0x30, 0x82, 0x01, 0x3d, 0x02, 0x01, 0x01, 0x30,
+        0x3b, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+        0x01, 0x01, 0x02, 0x30, 0x01, 0xae, 0x3a, 0x46,
+        0x17, 0xc5, 0x10, 0xea, 0xc6, 0x3b, 0x05, 0xc0,
+        0x6c, 0xa1, 0x49, 0x3b, 0x1a, 0x22, 0xd9, 0xf3,
+        0x00, 0xf5, 0x13, 0x8f, 0x1e, 0xf3, 0x62, 0x2f,
+        0xba, 0x09, 0x48, 0x00, 0x17, 0x0b, 0x5d, 0x44,
+        0x30, 0x00, 0x00, 0x00, 0x85, 0x08, 0xc0, 0x00,
+        0x00, 0x00, 0x00, 0x01, 0x30, 0x64, 0x04, 0x30,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x04, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x01, 0x04, 0x61, 0x04, 0x00, 0x88, 0x48,
+        0xde, 0xfe, 0x74, 0x0a, 0x67, 0xc8, 0xfc, 0x62,
+        0x25, 0xbf, 0x87, 0xff, 0x54, 0x85, 0x95, 0x1e,
+        0x2c, 0xaa, 0x9d, 0x41, 0xbb, 0x18, 0x82, 0x82,
+        0xc8, 0xbd, 0x37, 0xcb, 0x5c, 0xd5, 0x48, 0x15,
+        0x12, 0xff, 0xcd, 0x39, 0x4e, 0xea, 0xb9, 0xb1,
+        0x6e, 0xb2, 0x1b, 0xe9, 0xef, 0x01, 0x91, 0x4a,
+        0x69, 0xc5, 0x10, 0x2e, 0xff, 0x1f, 0x67, 0x4f,
+        0x5d, 0x30, 0xaf, 0xee, 0xc4, 0xbd, 0x7f, 0xb3,
+        0x48, 0xca, 0x3e, 0x52, 0xd9, 0x6d, 0x18, 0x2a,
+        0xd4, 0x4f, 0xb8, 0x23, 0x05, 0xc2, 0xfe, 0x3d,
+        0x36, 0x34, 0xa9, 0x59, 0x1a, 0xfd, 0x82, 0xde,
+        0x55, 0x55, 0x9c, 0x8e, 0xa6, 0x02, 0x20, 0x12,
+        0xab, 0x65, 0x5e, 0x9a, 0x2c, 0xa5, 0x56, 0x60,
+        0xb4, 0x4d, 0x1e, 0x5c, 0x37, 0xb0, 0x01, 0x59,
+        0xaa, 0x76, 0xfe, 0xd0, 0x00, 0x00, 0x01, 0x0a,
+        0x11, 0x80, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02,
+        0x10, 0x17, 0x0b, 0x5d, 0x44, 0x30, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00,
+};
+static const struct curve bls12_377 = {
+        .descr = "BLS12-377",
+        .oid =   "1.1.1.1.1", /* XXX */
+        .sn =    "BLS12-377",
+        .p =     "01ae3a46" "17c510ea" "c63b05c0" "6ca1493b"
+                 "1a22d9f3" "00f5138f" "1ef3622f" "ba094800"
+                 "170b5d44" "30000000" "8508c000" "00000001",
+        .a =     "0",
+        .b =     "1",
+        .x =     "008848de" "fe740a67" "c8fc6225" "bf87ff54"
+                 "85951e2c" "aa9d41bb" "188282c8" "bd37cb5c"
+                 "d5481512" "ffcd394e" "eab9b16e" "b21be9ef",
+        .y =     "01914a69" "c5102eff" "1f674f5d" "30afeec4"
+                 "bd7fb348" "ca3e52d9" "6d182ad4" "4fb82305"
+                 "c2fe3d36" "34a9591a" "fd82de55" "559c8ea6",
+        .order = "12ab655e" "9a2ca556" "60b44d1e" "5c37b001"
+                 "59aa76fe" "d0000001" "0a118000" "00000001",
+        .cofactor = "170b5d44" "30000000" "00000000" "00000000",
+        .named = ec_bls12_377_pkparameters_named_curve,
+        .named_len = sizeof(ec_bls12_377_pkparameters_named_curve),
+        .param = ec_bls12_377_pkparameters_parameters,
+        .param_len = sizeof(ec_bls12_377_pkparameters_parameters),
+};
 static EC_GROUP *
 ec_group_from_curve_method(const struct curve *curve, const EC_METHOD *method,
    BN_CTX *ctx)
@@ -1025,6 +1101,9 @@ ec_group_non_builtin_curves(void)
        failed |= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_mont_method(), ctx);
        failed |= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_simple_method(), ctx);
+        failed |= ec_group_non_builtin_curve(&bls12_377, EC_GFp_mont_method(), ctx);
+        failed |= ec_group_non_builtin_curve(&bls12_377, EC_GFp_simple_method(), ctx);
        BN_CTX_free(ctx);
        return failed;
author	tb <>	2025-09-17 16:13:11 +0000
committer	tb <>	2025-09-17 16:13:11 +0000
commit	67355f1acbcfe22e391065386b442de8180421de (patch)
tree	076e214ab7b9605e7471d0ce066303a717bff018 /src
parent	61442379f1c0fd68060c13835a870f84283fa66f (diff)
download	openbsd-67355f1acbcfe22e391065386b442de8180421de.tar.gz openbsd-67355f1acbcfe22e391065386b442de8180421de.tar.bz2 openbsd-67355f1acbcfe22e391065386b442de8180421de.zip

diff --git a/src/regress/lib/libcrypto/ec/ec_asn1_test.c b/src/regress/lib/libcrypto/ec/ec_asn1_test.c index c89ab0e7ab..51b688342b 100644 --- a/src/regress/lib/libcrypto/ec/ec_asn1_test.c +++ b/src/regress/lib/libcrypto/ec/ec_asn1_test.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_asn1_test.c,v 1.39 2025/08/26 17:57:10 tb Exp $ */	1	/* $OpenBSD: ec_asn1_test.c,v 1.40 2025/09/17 16:13:11 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2017, 2021 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2017, 2021 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2024, 2025 Theo Buehler <tb@openbsd.org>	4	* Copyright (c) 2024, 2025 Theo Buehler <tb@openbsd.org>
@@ -735,6 +735,82 @@ static const struct curve secp256k1_m = {
735	.param_len = sizeof(ec_secp256k1_m_pkparameters_parameters),	735	.param_len = sizeof(ec_secp256k1_m_pkparameters_parameters),
736	};	736	};
737		737
		738	/*
		739	* From https://eips.ethereum.org/EIPS/eip-2539
		740	*/
		741
		742	static const uint8_t ec_bls12_377_pkparameters_named_curve[] = {
		743	0x06, 0x04, 0x29, 0x01, 0x01, 0x01,
		744	};
		745
		746	static const uint8_t ec_bls12_377_pkparameters_parameters[] = {
		747	0x30, 0x82, 0x01, 0x3d, 0x02, 0x01, 0x01, 0x30,
		748	0x3b, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d,
		749	0x01, 0x01, 0x02, 0x30, 0x01, 0xae, 0x3a, 0x46,
		750	0x17, 0xc5, 0x10, 0xea, 0xc6, 0x3b, 0x05, 0xc0,
		751	0x6c, 0xa1, 0x49, 0x3b, 0x1a, 0x22, 0xd9, 0xf3,
		752	0x00, 0xf5, 0x13, 0x8f, 0x1e, 0xf3, 0x62, 0x2f,
		753	0xba, 0x09, 0x48, 0x00, 0x17, 0x0b, 0x5d, 0x44,
		754	0x30, 0x00, 0x00, 0x00, 0x85, 0x08, 0xc0, 0x00,
		755	0x00, 0x00, 0x00, 0x01, 0x30, 0x64, 0x04, 0x30,
		756	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		757	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		758	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		759	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		760	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		761	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		762	0x04, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		763	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		764	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		765	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		766	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		767	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		768	0x00, 0x01, 0x04, 0x61, 0x04, 0x00, 0x88, 0x48,
		769	0xde, 0xfe, 0x74, 0x0a, 0x67, 0xc8, 0xfc, 0x62,
		770	0x25, 0xbf, 0x87, 0xff, 0x54, 0x85, 0x95, 0x1e,
		771	0x2c, 0xaa, 0x9d, 0x41, 0xbb, 0x18, 0x82, 0x82,
		772	0xc8, 0xbd, 0x37, 0xcb, 0x5c, 0xd5, 0x48, 0x15,
		773	0x12, 0xff, 0xcd, 0x39, 0x4e, 0xea, 0xb9, 0xb1,
		774	0x6e, 0xb2, 0x1b, 0xe9, 0xef, 0x01, 0x91, 0x4a,
		775	0x69, 0xc5, 0x10, 0x2e, 0xff, 0x1f, 0x67, 0x4f,
		776	0x5d, 0x30, 0xaf, 0xee, 0xc4, 0xbd, 0x7f, 0xb3,
		777	0x48, 0xca, 0x3e, 0x52, 0xd9, 0x6d, 0x18, 0x2a,
		778	0xd4, 0x4f, 0xb8, 0x23, 0x05, 0xc2, 0xfe, 0x3d,
		779	0x36, 0x34, 0xa9, 0x59, 0x1a, 0xfd, 0x82, 0xde,
		780	0x55, 0x55, 0x9c, 0x8e, 0xa6, 0x02, 0x20, 0x12,
		781	0xab, 0x65, 0x5e, 0x9a, 0x2c, 0xa5, 0x56, 0x60,
		782	0xb4, 0x4d, 0x1e, 0x5c, 0x37, 0xb0, 0x01, 0x59,
		783	0xaa, 0x76, 0xfe, 0xd0, 0x00, 0x00, 0x01, 0x0a,
		784	0x11, 0x80, 0x00, 0x00, 0x00, 0x00, 0x01, 0x02,
		785	0x10, 0x17, 0x0b, 0x5d, 0x44, 0x30, 0x00, 0x00,
		786	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		787	0x00,
		788	};
		789
		790	static const struct curve bls12_377 = {
		791	.descr = "BLS12-377",
		792	.oid = "1.1.1.1.1", /* XXX */
		793	.sn = "BLS12-377",
		794	.p = "01ae3a46" "17c510ea" "c63b05c0" "6ca1493b"
		795	"1a22d9f3" "00f5138f" "1ef3622f" "ba094800"
		796	"170b5d44" "30000000" "8508c000" "00000001",
		797	.a = "0",
		798	.b = "1",
		799	.x = "008848de" "fe740a67" "c8fc6225" "bf87ff54"
		800	"85951e2c" "aa9d41bb" "188282c8" "bd37cb5c"
		801	"d5481512" "ffcd394e" "eab9b16e" "b21be9ef",
		802	.y = "01914a69" "c5102eff" "1f674f5d" "30afeec4"
		803	"bd7fb348" "ca3e52d9" "6d182ad4" "4fb82305"
		804	"c2fe3d36" "34a9591a" "fd82de55" "559c8ea6",
		805	.order = "12ab655e" "9a2ca556" "60b44d1e" "5c37b001"
		806	"59aa76fe" "d0000001" "0a118000" "00000001",
		807	.cofactor = "170b5d44" "30000000" "00000000" "00000000",
		808	.named = ec_bls12_377_pkparameters_named_curve,
		809	.named_len = sizeof(ec_bls12_377_pkparameters_named_curve),
		810	.param = ec_bls12_377_pkparameters_parameters,
		811	.param_len = sizeof(ec_bls12_377_pkparameters_parameters),
		812	};
		813
738	static EC_GROUP *	814	static EC_GROUP *
739	ec_group_from_curve_method(const struct curve curve, const EC_METHOD method,	815	ec_group_from_curve_method(const struct curve curve, const EC_METHOD method,
740	BN_CTX *ctx)	816	BN_CTX *ctx)
@@ -1025,6 +1101,9 @@ ec_group_non_builtin_curves(void)
1025	failed \|= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_mont_method(), ctx);	1101	failed \|= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_mont_method(), ctx);
1026	failed \|= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_simple_method(), ctx);	1102	failed \|= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_simple_method(), ctx);
1027		1103
		1104	failed \|= ec_group_non_builtin_curve(&bls12_377, EC_GFp_mont_method(), ctx);
		1105	failed \|= ec_group_non_builtin_curve(&bls12_377, EC_GFp_simple_method(), ctx);
		1106
1028	BN_CTX_free(ctx);	1107	BN_CTX_free(ctx);
1029		1108
1030	return failed;	1109	return failed;