• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 #include <tomcrypt_test.h>
2 
3 #ifdef MECC
4 
5 static int sizes[] = {
6 #ifdef ECC112
7 14,
8 #endif
9 #ifdef ECC128
10 16,
11 #endif
12 #ifdef ECC160
13 20,
14 #endif
15 #ifdef ECC192
16 24,
17 #endif
18 #ifdef ECC224
19 28,
20 #endif
21 #ifdef ECC256
22 32,
23 #endif
24 #ifdef ECC384
25 48,
26 #endif
27 #ifdef ECC521
28 65
29 #endif
30 };
31 
32 #ifdef LTC_ECC_SHAMIR
ecc_test_shamir(void)33 int ecc_test_shamir(void)
34 {
35    void *modulus, *mp, *kA, *kB, *rA, *rB;
36    ecc_point *G, *A, *B, *C1, *C2;
37    int x, y, z;
38    unsigned char buf[ECC_BUF_SIZE];
39 
40    DO(mp_init_multi(&kA, &kB, &rA, &rB, &modulus, NULL));
41    LTC_ARGCHK((G  = ltc_ecc_new_point()) != NULL);
42    LTC_ARGCHK((A  = ltc_ecc_new_point()) != NULL);
43    LTC_ARGCHK((B  = ltc_ecc_new_point()) != NULL);
44    LTC_ARGCHK((C1 = ltc_ecc_new_point()) != NULL);
45    LTC_ARGCHK((C2 = ltc_ecc_new_point()) != NULL);
46 
47    for (x = 0; x < (int)(sizeof(sizes)/sizeof(sizes[0])); x++) {
48        /* get the base point */
49        for (z = 0; ltc_ecc_sets[z].name; z++) {
50            if (sizes[z] < ltc_ecc_sets[z].size) break;
51        }
52        LTC_ARGCHK(ltc_ecc_sets[z].name != NULL);
53 
54        /* load it */
55        DO(mp_read_radix(G->x, ltc_ecc_sets[z].Gx, 16));
56        DO(mp_read_radix(G->y, ltc_ecc_sets[z].Gy, 16));
57        DO(mp_set(G->z, 1));
58        DO(mp_read_radix(modulus, ltc_ecc_sets[z].prime, 16));
59        DO(mp_montgomery_setup(modulus, &mp));
60 
61        /* do 100 random tests */
62        for (y = 0; y < 100; y++) {
63           /* pick a random r1, r2 */
64           LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
65           DO(mp_read_unsigned_bin(rA, buf, sizes[x]));
66           LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
67           DO(mp_read_unsigned_bin(rB, buf, sizes[x]));
68 
69           /* compute rA * G = A */
70           DO(ltc_mp.ecc_ptmul(rA, G, A, modulus, 1));
71 
72           /* compute rB * G = B */
73           DO(ltc_mp.ecc_ptmul(rB, G, B, modulus, 1));
74 
75           /* pick a random kA, kB */
76           LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
77           DO(mp_read_unsigned_bin(kA, buf, sizes[x]));
78           LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]);
79           DO(mp_read_unsigned_bin(kB, buf, sizes[x]));
80 
81           /* now, compute kA*A + kB*B = C1 using the older method */
82           DO(ltc_mp.ecc_ptmul(kA, A, C1, modulus, 0));
83           DO(ltc_mp.ecc_ptmul(kB, B, C2, modulus, 0));
84           DO(ltc_mp.ecc_ptadd(C1, C2, C1, modulus, mp));
85           DO(ltc_mp.ecc_map(C1, modulus, mp));
86 
87           /* now compute using mul2add */
88           DO(ltc_mp.ecc_mul2add(A, kA, B, kB, C2, modulus));
89 
90           /* is they the sames?  */
91           if ((mp_cmp(C1->x, C2->x) != LTC_MP_EQ) || (mp_cmp(C1->y, C2->y) != LTC_MP_EQ) || (mp_cmp(C1->z, C2->z) != LTC_MP_EQ)) {
92              fprintf(stderr, "ECC failed shamir test: size=%d, testno=%d\n", sizes[x], y);
93              return 1;
94           }
95       }
96       mp_montgomery_free(mp);
97   }
98   ltc_ecc_del_point(C2);
99   ltc_ecc_del_point(C1);
100   ltc_ecc_del_point(B);
101   ltc_ecc_del_point(A);
102   ltc_ecc_del_point(G);
103   mp_clear_multi(kA, kB, rA, rB, modulus, NULL);
104   return 0;
105 }
106 #endif
107 
ecc_tests(void)108 int ecc_tests (void)
109 {
110   unsigned char buf[4][4096];
111   unsigned long x, y, z, s;
112   int           stat, stat2;
113   ecc_key usera, userb, pubKey, privKey;
114 
115   DO(ecc_test ());
116   DO(ecc_test ());
117   DO(ecc_test ());
118   DO(ecc_test ());
119   DO(ecc_test ());
120 
121   for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) {
122      /* make up two keys */
123      DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
124      DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb));
125 
126      /* make the shared secret */
127      x = sizeof(buf[0]);
128      DO(ecc_shared_secret (&usera, &userb, buf[0], &x));
129 
130      y = sizeof(buf[1]);
131      DO(ecc_shared_secret (&userb, &usera, buf[1], &y));
132 
133      if (y != x) {
134        fprintf(stderr, "ecc Shared keys are not same size.");
135        return 1;
136      }
137 
138      if (memcmp (buf[0], buf[1], x)) {
139        fprintf(stderr, "ecc Shared keys not same contents.");
140        return 1;
141      }
142 
143      /* now export userb */
144      y = sizeof(buf[0]);
145      DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb));
146      ecc_free (&userb);
147 
148      /* import and make the shared secret again */
149      DO(ecc_import (buf[1], y, &userb));
150 
151      z = sizeof(buf[0]);
152      DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
153 
154      if (z != x) {
155        fprintf(stderr, "failed.  Size don't match?");
156        return 1;
157      }
158      if (memcmp (buf[0], buf[2], x)) {
159        fprintf(stderr, "Failed.  Contents didn't match.");
160        return 1;
161      }
162 
163      /* export with ANSI X9.63 */
164      y = sizeof(buf[1]);
165      DO(ecc_ansi_x963_export(&userb, buf[1], &y));
166      ecc_free (&userb);
167 
168      /* now import the ANSI key */
169      DO(ecc_ansi_x963_import(buf[1], y, &userb));
170 
171      /* shared secret */
172      z = sizeof(buf[0]);
173      DO(ecc_shared_secret (&usera, &userb, buf[2], &z));
174 
175      if (z != x) {
176        fprintf(stderr, "failed.  Size don't match?");
177        return 1;
178      }
179      if (memcmp (buf[0], buf[2], x)) {
180        fprintf(stderr, "Failed.  Contents didn't match.");
181        return 1;
182      }
183 
184      ecc_free (&usera);
185      ecc_free (&userb);
186 
187      /* test encrypt_key */
188      DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera));
189 
190      /* export key */
191      x = sizeof(buf[0]);
192      DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera));
193      DO(ecc_import(buf[0], x, &pubKey));
194      x = sizeof(buf[0]);
195      DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera));
196      DO(ecc_import(buf[0], x, &privKey));
197 
198      for (x = 0; x < 32; x++) {
199         buf[0][x] = x;
200      }
201      y = sizeof (buf[1]);
202      DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey));
203      zeromem (buf[0], sizeof (buf[0]));
204      x = sizeof (buf[0]);
205      DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey));
206      if (x != 32) {
207        fprintf(stderr, "Failed (length)");
208        return 1;
209      }
210      for (x = 0; x < 32; x++) {
211         if (buf[0][x] != x) {
212            fprintf(stderr, "Failed (contents)");
213            return 1;
214         }
215      }
216      /* test sign_hash */
217      for (x = 0; x < 16; x++) {
218         buf[0][x] = x;
219      }
220      x = sizeof (buf[1]);
221      DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey));
222      DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey));
223      buf[0][0] ^= 1;
224      DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey));
225      if (!(stat == 1 && stat2 == 0)) {
226         fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2);
227         return 1;
228      }
229      ecc_free (&usera);
230      ecc_free (&pubKey);
231      ecc_free (&privKey);
232   }
233 #ifdef LTC_ECC_SHAMIR
234   return ecc_test_shamir();
235 #else
236   return 0;
237 #endif
238 }
239 
240 #else
241 
ecc_tests(void)242 int ecc_tests(void)
243 {
244    fprintf(stderr, "NOP");
245    return 0;
246 }
247 
248 #endif
249 
250 /* $Source: /cvs/libtom/libtomcrypt/testprof/ecc_test.c,v $ */
251 /* $Revision: 1.21 $ */
252 /* $Date: 2006/12/04 03:21:03 $ */
253