summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authortb <>2018-07-15 18:22:57 +0000
committertb <>2018-07-15 18:22:57 +0000
commite8aad185bc3296229a54ff70b7d536b3acbf89c4 (patch)
tree3c2bd781377b49af32241147237de947c01c692a /src
parent9a27b36fed2fa4c308561a2ad385d1660f0bfe8c (diff)
downloadopenbsd-e8aad185bc3296229a54ff70b7d536b3acbf89c4.tar.gz
openbsd-e8aad185bc3296229a54ff70b7d536b3acbf89c4.tar.bz2
openbsd-e8aad185bc3296229a54ff70b7d536b3acbf89c4.zip
re-commit the removal of the EC_POINTs_mul() regression tests with num > 1
Diffstat (limited to 'src')
-rw-r--r--src/regress/lib/libcrypto/ec/ectest.c188
1 files changed, 27 insertions, 161 deletions
diff --git a/src/regress/lib/libcrypto/ec/ectest.c b/src/regress/lib/libcrypto/ec/ectest.c
index 4d305c983e..401c013a6c 100644
--- a/src/regress/lib/libcrypto/ec/ectest.c
+++ b/src/regress/lib/libcrypto/ec/ectest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ectest.c,v 1.7 2018/07/15 06:03:31 tb Exp $ */ 1/* $OpenBSD: ectest.c,v 1.8 2018/07/15 18:22:57 tb Exp $ */
2/* crypto/ec/ectest.c */ 2/* crypto/ec/ectest.c */
3/* 3/*
4 * Originally written by Bodo Moeller for the OpenSSL project. 4 * Originally written by Bodo Moeller for the OpenSSL project.
@@ -662,101 +662,29 @@ prime_field_tests(void)
662 662
663 663
664 /* more tests using the last curve */ 664 /* more tests using the last curve */
665 665 fprintf(stdout, "infinity tests ...");
666 fflush(stdout);
666 if (!EC_POINT_copy(Q, P)) 667 if (!EC_POINT_copy(Q, P))
667 ABORT; 668 ABORT;
668 if (EC_POINT_is_at_infinity(group, Q)) 669 if (EC_POINT_is_at_infinity(group, Q))
669 ABORT; 670 ABORT;
671 /* P := 2P */
670 if (!EC_POINT_dbl(group, P, P, ctx)) 672 if (!EC_POINT_dbl(group, P, P, ctx))
671 ABORT; 673 ABORT;
672 if (!EC_POINT_is_on_curve(group, P, ctx)) 674 if (!EC_POINT_is_on_curve(group, P, ctx))
673 ABORT; 675 ABORT;
674 if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ 676 /* Q := -P */
675 677 if (!EC_POINT_invert(group, Q, ctx))
676 if (!EC_POINT_add(group, R, P, Q, ctx)) 678 ABORT;
677 ABORT; 679 /* R := 2P - P = P */
680 if (!EC_POINT_add(group, R, P, Q, ctx))
681 ABORT;
682 /* R := R + Q = P - P = infty */
678 if (!EC_POINT_add(group, R, R, Q, ctx)) 683 if (!EC_POINT_add(group, R, R, Q, ctx))
679 ABORT; 684 ABORT;
680 if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ 685 if (!EC_POINT_is_at_infinity(group, R))
681 686 ABORT;
682 { 687 fprintf(stdout, " ok\n\n");
683 const EC_POINT *points[4];
684 const BIGNUM *scalars[4];
685 BIGNUM scalar3;
686
687 if (EC_POINT_is_at_infinity(group, Q))
688 ABORT;
689 points[0] = Q;
690 points[1] = Q;
691 points[2] = Q;
692 points[3] = Q;
693
694 if (!EC_GROUP_get_order(group, z, ctx))
695 ABORT;
696 if (!BN_add(y, z, BN_value_one()))
697 ABORT;
698 if (BN_is_odd(y))
699 ABORT;
700 if (!BN_rshift1(y, y))
701 ABORT;
702 scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
703 scalars[1] = y;
704
705 fprintf(stdout, "combined multiplication ...");
706 fflush(stdout);
707
708 /* z is still the group order */
709 if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
710 ABORT;
711 if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
712 ABORT;
713 if (0 != EC_POINT_cmp(group, P, R, ctx))
714 ABORT;
715 if (0 != EC_POINT_cmp(group, R, Q, ctx))
716 ABORT;
717
718 fprintf(stdout, ".");
719 fflush(stdout);
720
721 if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
722 ABORT;
723 if (!BN_add(z, z, y))
724 ABORT;
725 BN_set_negative(z, 1);
726 scalars[0] = y;
727 scalars[1] = z; /* z = -(order + y) */
728
729 if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
730 ABORT;
731 if (!EC_POINT_is_at_infinity(group, P))
732 ABORT;
733
734 fprintf(stdout, ".");
735 fflush(stdout);
736
737 if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
738 ABORT;
739 if (!BN_add(z, x, y))
740 ABORT;
741 BN_set_negative(z, 1);
742 scalars[0] = x;
743 scalars[1] = y;
744 scalars[2] = z; /* z = -(x+y) */
745
746 BN_init(&scalar3);
747 BN_zero(&scalar3);
748 scalars[3] = &scalar3;
749
750 if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx))
751 ABORT;
752 if (!EC_POINT_is_at_infinity(group, P))
753 ABORT;
754
755 fprintf(stdout, " ok\n\n");
756
757 BN_free(&scalar3);
758 }
759
760 688
761 if (ctx) 689 if (ctx)
762 BN_CTX_free(ctx); 690 BN_CTX_free(ctx);
@@ -1186,91 +1114,29 @@ prime_field_tests(void)
1186 ); 1114 );
1187 1115
1188 /* more tests using the last curve */ 1116 /* more tests using the last curve */
1189 1117 fprintf(stdout, "infinity tests ...");
1118 fflush(stdout);
1190 if (!EC_POINT_copy(Q, P)) 1119 if (!EC_POINT_copy(Q, P))
1191 ABORT; 1120 ABORT;
1192 if (EC_POINT_is_at_infinity(group, Q)) 1121 if (EC_POINT_is_at_infinity(group, Q))
1193 ABORT; 1122 ABORT;
1123 /* P := 2P */
1194 if (!EC_POINT_dbl(group, P, P, ctx)) 1124 if (!EC_POINT_dbl(group, P, P, ctx))
1195 ABORT; 1125 ABORT;
1196 if (!EC_POINT_is_on_curve(group, P, ctx)) 1126 if (!EC_POINT_is_on_curve(group, P, ctx))
1197 ABORT; 1127 ABORT;
1198 if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ 1128 /* Q := -P */
1199 1129 if (!EC_POINT_invert(group, Q, ctx))
1200 if (!EC_POINT_add(group, R, P, Q, ctx)) 1130 ABORT;
1201 ABORT; 1131 /* R := 2P - P = P */
1132 if (!EC_POINT_add(group, R, P, Q, ctx))
1133 ABORT;
1134 /* R := R + Q = P - P = infty */
1202 if (!EC_POINT_add(group, R, R, Q, ctx)) 1135 if (!EC_POINT_add(group, R, R, Q, ctx))
1203 ABORT; 1136 ABORT;
1204 if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */ 1137 if (!EC_POINT_is_at_infinity(group, R))
1205 1138 ABORT;
1206 { 1139 fprintf(stdout, " ok\n\n");
1207 const EC_POINT *points[3];
1208 const BIGNUM *scalars[3];
1209
1210 if (EC_POINT_is_at_infinity(group, Q))
1211 ABORT;
1212 points[0] = Q;
1213 points[1] = Q;
1214 points[2] = Q;
1215
1216 if (!BN_add(y, z, BN_value_one()))
1217 ABORT;
1218 if (BN_is_odd(y))
1219 ABORT;
1220 if (!BN_rshift1(y, y))
1221 ABORT;
1222 scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
1223 scalars[1] = y;
1224
1225 fprintf(stdout, "combined multiplication ...");
1226 fflush(stdout);
1227
1228 /* z is still the group order */
1229 if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
1230 ABORT;
1231 if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
1232 ABORT;
1233 if (0 != EC_POINT_cmp(group, P, R, ctx))
1234 ABORT;
1235 if (0 != EC_POINT_cmp(group, R, Q, ctx))
1236 ABORT;
1237
1238 fprintf(stdout, ".");
1239 fflush(stdout);
1240
1241 if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
1242 ABORT;
1243 if (!BN_add(z, z, y))
1244 ABORT;
1245 BN_set_negative(z, 1);
1246 scalars[0] = y;
1247 scalars[1] = z; /* z = -(order + y) */
1248
1249 if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
1250 ABORT;
1251 if (!EC_POINT_is_at_infinity(group, P))
1252 ABORT;
1253
1254 fprintf(stdout, ".");
1255 fflush(stdout);
1256
1257 if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
1258 ABORT;
1259 if (!BN_add(z, x, y))
1260 ABORT;
1261 BN_set_negative(z, 1);
1262 scalars[0] = x;
1263 scalars[1] = y;
1264 scalars[2] = z; /* z = -(x+y) */
1265
1266 if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx))
1267 ABORT;
1268 if (!EC_POINT_is_at_infinity(group, P))
1269 ABORT;
1270
1271 fprintf(stdout, " ok\n\n");
1272 }
1273
1274 1140
1275 if (ctx) 1141 if (ctx)
1276 BN_CTX_free(ctx); 1142 BN_CTX_free(ctx);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 01:53:46 +0000