1 files changed, 1 insertions, 203 deletions
diff --git a/src/regress/lib/libcrypto/ec/ectest.c b/src/regress/lib/libcrypto/ec/ectest.c
index 9140b7e94a..0ea16b6af6 100644
--- a/src/regress/lib/libcrypto/ec/ectest.c
+++ b/src/regress/lib/libcrypto/ec/ectest.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ectest.c,v 1.17 2023/04/18 08:17:49 tb Exp $  */
+/*      $OpenBSD: ectest.c,v 1.18 2023/04/18 15:20:34 tb Exp $  */
 /* crypto/ec/ectest.c */
 /*
 * Originally written by Bodo Moeller for the OpenSSL project.
@@ -762,205 +762,6 @@ internal_curve_test(void)
        return;
 }
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-/* nistp_test_params contains magic numbers for testing our optimized
- * implementations of several NIST curves with characteristic > 3. */
-struct nistp_test_params {
-        const EC_METHOD* (*meth) ();
-        int degree;
-        /* Qx, Qy and D are taken from
-         * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
-         * Otherwise, values are standard curve parameters from FIPS 180-3 */
-        const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
-};
-static const struct nistp_test_params nistp_tests_params[] = { {
-                /* P-224 */
-                EC_GFp_nistp224_method,
-                    224,
-                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* p */
-                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", /* a */
-                "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", /* b */
-                "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E", /* Qx */
-                "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555", /* Qy */
-                "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", /* Gx */
-                "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", /* Gy */
-                "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", /* order */
-                "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8", /* d */
-        },
-        {
-                /* P-256 */
-                EC_GFp_nistp256_method,
-                    256,
-                "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", /* p */
-                "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", /* a */
-                "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", /* b */
-                "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", /* Qx */
-                "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", /* Qy */
-                "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", /* Gx */
-                "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", /* Gy */
-                "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", /* order */
-                "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", /* d */
-        },
-        {
-                /* P-521 */
-                EC_GFp_nistp521_method,
-                    521,
-                "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", /* p */
-                "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", /* a */
-                "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", /* b */
-                "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", /* Qx */
-                "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", /* Qy */
-                "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", /* Gx */
-                "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", /* Gy */
-                "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", /* order */
-                "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", /* d */
-        },
-};
-void
-nistp_single_test(const struct nistp_test_params *test)
-{
-        BN_CTX *ctx;
-        BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
-        EC_GROUP *NISTP;
-        EC_POINT *G, *P, *Q, *Q_CHECK;
-        fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree);
-        ctx = BN_CTX_new();
-        p = BN_new();
-        a = BN_new();
-        b = BN_new();
-        x = BN_new();
-        y = BN_new();
-        m = BN_new();
-        n = BN_new();
-        order = BN_new();
-        NISTP = EC_GROUP_new(test->meth());
-        if (!NISTP)
-                ABORT;
-        if (!BN_hex2bn(&p, test->p))
-                ABORT;
-        if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
-                ABORT;
-        if (!BN_hex2bn(&a, test->a))
-                ABORT;
-        if (!BN_hex2bn(&b, test->b))
-                ABORT;
-        if (!EC_GROUP_set_curve(NISTP, p, a, b, ctx))
-                ABORT;
-        G = EC_POINT_new(NISTP);
-        P = EC_POINT_new(NISTP);
-        Q = EC_POINT_new(NISTP);
-        Q_CHECK = EC_POINT_new(NISTP);
-        if (!BN_hex2bn(&x, test->Qx))
-                ABORT;
-        if (!BN_hex2bn(&y, test->Qy))
-                ABORT;
-        if (!EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, y, ctx))
-                ABORT;
-        if (!BN_hex2bn(&x, test->Gx))
-                ABORT;
-        if (!BN_hex2bn(&y, test->Gy))
-                ABORT;
-        if (!EC_POINT_set_affine_coordinates(NISTP, G, x, y, ctx))
-                ABORT;
-        if (!BN_hex2bn(&order, test->order))
-                ABORT;
-        if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
-                ABORT;
-        fprintf(stdout, "verify degree ... ");
-        if (EC_GROUP_get_degree(NISTP) != test->degree)
-                ABORT;
-        fprintf(stdout, "ok\n");
-        fprintf(stdout, "NIST test vectors ... ");
-        if (!BN_hex2bn(&n, test->d))
-                ABORT;
-        /* fixed point multiplication */
-        EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* random point multiplication */
-        EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* set generator to P = 2*G, where G is the standard generator */
-        if (!EC_POINT_dbl(NISTP, P, G, ctx))
-                ABORT;
-        if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
-                ABORT;
-        /* set the scalar to m=n/2, where n is the NIST test scalar */
-        if (!BN_rshift(m, n, 1))
-                ABORT;
-        /* test the non-standard generator */
-        /* fixed point multiplication */
-        EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* random point multiplication */
-        EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* now repeat all tests with precomputation */
-        if (!EC_GROUP_precompute_mult(NISTP, ctx))
-                ABORT;
-        /* fixed point multiplication */
-        EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* random point multiplication */
-        EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* reset generator */
-        if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
-                ABORT;
-        /* fixed point multiplication */
-        EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        /* random point multiplication */
-        EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
-        if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
-                ABORT;
-        fprintf(stdout, "ok\n");
-        group_order_tests(NISTP);
-        EC_GROUP_free(NISTP);
-        EC_POINT_free(G);
-        EC_POINT_free(P);
-        EC_POINT_free(Q);
-        EC_POINT_free(Q_CHECK);
-        BN_free(n);
-        BN_free(m);
-        BN_free(p);
-        BN_free(a);
-        BN_free(b);
-        BN_free(x);
-        BN_free(y);
-        BN_free(order);
-        BN_CTX_free(ctx);
-}
-void
-nistp_tests()
-{
-        unsigned i;
-        for (i = 0; i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params); i++) {
-                nistp_single_test(&nistp_tests_params[i]);
-        }
-}
-#endif
 int
 main(int argc, char *argv[])
 {
@@ -968,9 +769,6 @@ main(int argc, char *argv[])
        prime_field_tests();
        puts("");
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-        nistp_tests();
-#endif
        /* test the internal curves */
        internal_curve_test();

diff --git a/src/regress/lib/libcrypto/ec/ectest.c b/src/regress/lib/libcrypto/ec/ectest.c index 9140b7e94a..0ea16b6af6 100644 --- a/src/regress/lib/libcrypto/ec/ectest.c +++ b/src/regress/lib/libcrypto/ec/ectest.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ectest.c,v 1.17 2023/04/18 08:17:49 tb Exp $ */	1	/* $OpenBSD: ectest.c,v 1.18 2023/04/18 15:20:34 tb Exp $ */
2	/* crypto/ec/ectest.c */	2	/* crypto/ec/ectest.c */
3	/*	3	/*
4	* Originally written by Bodo Moeller for the OpenSSL project.	4	* Originally written by Bodo Moeller for the OpenSSL project.
@@ -762,205 +762,6 @@ internal_curve_test(void)
762	return;	762	return;
763	}	763	}
764		764
765	#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
766	/* nistp_test_params contains magic numbers for testing our optimized
767	* implementations of several NIST curves with characteristic > 3. */
768	struct nistp_test_params {
769	const EC_METHOD* (*meth) ();
770	int degree;
771	/* Qx, Qy and D are taken from
772	* http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
773	* Otherwise, values are standard curve parameters from FIPS 180-3 */
774	const char p, a, b, Qx, Qy, Gx, Gy, order, *d;
775	};
776
777	static const struct nistp_test_params nistp_tests_params[] = { {
778	/* P-224 */
779	EC_GFp_nistp224_method,
780	224,
781	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", /* p */
782	"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", /* a */
783	"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", /* b */
784	"E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E", /* Qx */
785	"4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555", /* Qy */
786	"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", /* Gx */
787	"BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", /* Gy */
788	"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", /* order */
789	"3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8", /* d */
790	},
791	{
792	/* P-256 */
793	EC_GFp_nistp256_method,
794	256,
795	"ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", /* p */
796	"ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", /* a */
797	"5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", /* b */
798	"b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", /* Qx */
799	"3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", /* Qy */
800	"6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", /* Gx */
801	"4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", /* Gy */
802	"ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", /* order */
803	"c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", /* d */
804	},
805	{
806	/* P-521 */
807	EC_GFp_nistp521_method,
808	521,
809	"1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", /* p */
810	"1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", /* a */
811	"051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", /* b */
812	"0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", /* Qx */
813	"0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", /* Qy */
814	"c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", /* Gx */
815	"11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", /* Gy */
816	"1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", /* order */
817	"0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", /* d */
818	},
819	};
820
821	void
822	nistp_single_test(const struct nistp_test_params *test)
823	{
824	BN_CTX *ctx;
825	BIGNUM p, a, b, x, y, n, m, order;
826	EC_GROUP *NISTP;
827	EC_POINT G, P, Q, Q_CHECK;
828
829	fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree);
830	ctx = BN_CTX_new();
831	p = BN_new();
832	a = BN_new();
833	b = BN_new();
834	x = BN_new();
835	y = BN_new();
836	m = BN_new();
837	n = BN_new();
838	order = BN_new();
839
840	NISTP = EC_GROUP_new(test->meth());
841	if (!NISTP)
842	ABORT;
843	if (!BN_hex2bn(&p, test->p))
844	ABORT;
845	if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
846	ABORT;
847	if (!BN_hex2bn(&a, test->a))
848	ABORT;
849	if (!BN_hex2bn(&b, test->b))
850	ABORT;
851	if (!EC_GROUP_set_curve(NISTP, p, a, b, ctx))
852	ABORT;
853	G = EC_POINT_new(NISTP);
854	P = EC_POINT_new(NISTP);
855	Q = EC_POINT_new(NISTP);
856	Q_CHECK = EC_POINT_new(NISTP);
857	if (!BN_hex2bn(&x, test->Qx))
858	ABORT;
859	if (!BN_hex2bn(&y, test->Qy))
860	ABORT;
861	if (!EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, y, ctx))
862	ABORT;
863	if (!BN_hex2bn(&x, test->Gx))
864	ABORT;
865	if (!BN_hex2bn(&y, test->Gy))
866	ABORT;
867	if (!EC_POINT_set_affine_coordinates(NISTP, G, x, y, ctx))
868	ABORT;
869	if (!BN_hex2bn(&order, test->order))
870	ABORT;
871	if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
872	ABORT;
873
874	fprintf(stdout, "verify degree ... ");
875	if (EC_GROUP_get_degree(NISTP) != test->degree)
876	ABORT;
877	fprintf(stdout, "ok\n");
878
879	fprintf(stdout, "NIST test vectors ... ");
880	if (!BN_hex2bn(&n, test->d))
881	ABORT;
882	/* fixed point multiplication */
883	EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
884	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
885	ABORT;
886	/* random point multiplication */
887	EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
888	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
889	ABORT;
890
891	/* set generator to P = 2G, where G is the standard generator /
892	if (!EC_POINT_dbl(NISTP, P, G, ctx))
893	ABORT;
894	if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
895	ABORT;
896	/* set the scalar to m=n/2, where n is the NIST test scalar */
897	if (!BN_rshift(m, n, 1))
898	ABORT;
899
900	/* test the non-standard generator */
901	/* fixed point multiplication */
902	EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
903	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
904	ABORT;
905	/* random point multiplication */
906	EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
907	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
908	ABORT;
909
910	/* now repeat all tests with precomputation */
911	if (!EC_GROUP_precompute_mult(NISTP, ctx))
912	ABORT;
913
914	/* fixed point multiplication */
915	EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
916	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
917	ABORT;
918	/* random point multiplication */
919	EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
920	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
921	ABORT;
922
923	/* reset generator */
924	if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
925	ABORT;
926	/* fixed point multiplication */
927	EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
928	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
929	ABORT;
930	/* random point multiplication */
931	EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
932	if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
933	ABORT;
934
935	fprintf(stdout, "ok\n");
936	group_order_tests(NISTP);
937	EC_GROUP_free(NISTP);
938	EC_POINT_free(G);
939	EC_POINT_free(P);
940	EC_POINT_free(Q);
941	EC_POINT_free(Q_CHECK);
942	BN_free(n);
943	BN_free(m);
944	BN_free(p);
945	BN_free(a);
946	BN_free(b);
947	BN_free(x);
948	BN_free(y);
949	BN_free(order);
950	BN_CTX_free(ctx);
951	}
952
953	void
954	nistp_tests()
955	{
956	unsigned i;
957
958	for (i = 0; i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params); i++) {
959	nistp_single_test(&nistp_tests_params[i]);
960	}
961	}
962	#endif
963
964	int	765	int
965	main(int argc, char *argv[])	766	main(int argc, char *argv[])
966	{	767	{
@@ -968,9 +769,6 @@ main(int argc, char *argv[])
968		769
969	prime_field_tests();	770	prime_field_tests();
970	puts("");	771	puts("");
971	#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
972	nistp_tests();
973	#endif
974	/* test the internal curves */	772	/* test the internal curves */
975	internal_curve_test();	773	internal_curve_test();
976		774