1 #include <tomcrypt_test.h> 2 3 #ifdef MECC 4 5 static int sizes[] = { 6 #ifdef ECC112 7 14, 8 #endif 9 #ifdef ECC128 10 16, 11 #endif 12 #ifdef ECC160 13 20, 14 #endif 15 #ifdef ECC192 16 24, 17 #endif 18 #ifdef ECC224 19 28, 20 #endif 21 #ifdef ECC256 22 32, 23 #endif 24 #ifdef ECC384 25 48, 26 #endif 27 #ifdef ECC521 28 65 29 #endif 30 }; 31 32 #ifdef LTC_ECC_SHAMIR 33 int ecc_test_shamir(void) 34 { 35 void *modulus, *mp, *kA, *kB, *rA, *rB; 36 ecc_point *G, *A, *B, *C1, *C2; 37 int x, y, z; 38 unsigned char buf[ECC_BUF_SIZE]; 39 40 DO(mp_init_multi(&kA, &kB, &rA, &rB, &modulus, NULL)); 41 LTC_ARGCHK((G = ltc_ecc_new_point()) != NULL); 42 LTC_ARGCHK((A = ltc_ecc_new_point()) != NULL); 43 LTC_ARGCHK((B = ltc_ecc_new_point()) != NULL); 44 LTC_ARGCHK((C1 = ltc_ecc_new_point()) != NULL); 45 LTC_ARGCHK((C2 = ltc_ecc_new_point()) != NULL); 46 47 for (x = 0; x < (int)(sizeof(sizes)/sizeof(sizes[0])); x++) { 48 /* get the base point */ 49 for (z = 0; ltc_ecc_sets[z].name; z++) { 50 if (sizes[z] < ltc_ecc_sets[z].size) break; 51 } 52 LTC_ARGCHK(ltc_ecc_sets[z].name != NULL); 53 54 /* load it */ 55 DO(mp_read_radix(G->x, ltc_ecc_sets[z].Gx, 16)); 56 DO(mp_read_radix(G->y, ltc_ecc_sets[z].Gy, 16)); 57 DO(mp_set(G->z, 1)); 58 DO(mp_read_radix(modulus, ltc_ecc_sets[z].prime, 16)); 59 DO(mp_montgomery_setup(modulus, &mp)); 60 61 /* do 100 random tests */ 62 for (y = 0; y < 100; y++) { 63 /* pick a random r1, r2 */ 64 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]); 65 DO(mp_read_unsigned_bin(rA, buf, sizes[x])); 66 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]); 67 DO(mp_read_unsigned_bin(rB, buf, sizes[x])); 68 69 /* compute rA * G = A */ 70 DO(ltc_mp.ecc_ptmul(rA, G, A, modulus, 1)); 71 72 /* compute rB * G = B */ 73 DO(ltc_mp.ecc_ptmul(rB, G, B, modulus, 1)); 74 75 /* pick a random kA, kB */ 76 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]); 77 DO(mp_read_unsigned_bin(kA, buf, sizes[x])); 78 LTC_ARGCHK(yarrow_read(buf, sizes[x], &yarrow_prng) == sizes[x]); 79 DO(mp_read_unsigned_bin(kB, buf, sizes[x])); 80 81 /* now, compute kA*A + kB*B = C1 using the older method */ 82 DO(ltc_mp.ecc_ptmul(kA, A, C1, modulus, 0)); 83 DO(ltc_mp.ecc_ptmul(kB, B, C2, modulus, 0)); 84 DO(ltc_mp.ecc_ptadd(C1, C2, C1, modulus, mp)); 85 DO(ltc_mp.ecc_map(C1, modulus, mp)); 86 87 /* now compute using mul2add */ 88 DO(ltc_mp.ecc_mul2add(A, kA, B, kB, C2, modulus)); 89 90 /* is they the sames? */ 91 if ((mp_cmp(C1->x, C2->x) != LTC_MP_EQ) || (mp_cmp(C1->y, C2->y) != LTC_MP_EQ) || (mp_cmp(C1->z, C2->z) != LTC_MP_EQ)) { 92 fprintf(stderr, "ECC failed shamir test: size=%d, testno=%d\n", sizes[x], y); 93 return 1; 94 } 95 } 96 mp_montgomery_free(mp); 97 } 98 ltc_ecc_del_point(C2); 99 ltc_ecc_del_point(C1); 100 ltc_ecc_del_point(B); 101 ltc_ecc_del_point(A); 102 ltc_ecc_del_point(G); 103 mp_clear_multi(kA, kB, rA, rB, modulus, NULL); 104 return 0; 105 } 106 #endif 107 108 int ecc_tests (void) 109 { 110 unsigned char buf[4][4096]; 111 unsigned long x, y, z, s; 112 int stat, stat2; 113 ecc_key usera, userb, pubKey, privKey; 114 115 DO(ecc_test ()); 116 DO(ecc_test ()); 117 DO(ecc_test ()); 118 DO(ecc_test ()); 119 DO(ecc_test ()); 120 121 for (s = 0; s < (sizeof(sizes)/sizeof(sizes[0])); s++) { 122 /* make up two keys */ 123 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera)); 124 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &userb)); 125 126 /* make the shared secret */ 127 x = sizeof(buf[0]); 128 DO(ecc_shared_secret (&usera, &userb, buf[0], &x)); 129 130 y = sizeof(buf[1]); 131 DO(ecc_shared_secret (&userb, &usera, buf[1], &y)); 132 133 if (y != x) { 134 fprintf(stderr, "ecc Shared keys are not same size."); 135 return 1; 136 } 137 138 if (memcmp (buf[0], buf[1], x)) { 139 fprintf(stderr, "ecc Shared keys not same contents."); 140 return 1; 141 } 142 143 /* now export userb */ 144 y = sizeof(buf[0]); 145 DO(ecc_export (buf[1], &y, PK_PUBLIC, &userb)); 146 ecc_free (&userb); 147 148 /* import and make the shared secret again */ 149 DO(ecc_import (buf[1], y, &userb)); 150 151 z = sizeof(buf[0]); 152 DO(ecc_shared_secret (&usera, &userb, buf[2], &z)); 153 154 if (z != x) { 155 fprintf(stderr, "failed. Size don't match?"); 156 return 1; 157 } 158 if (memcmp (buf[0], buf[2], x)) { 159 fprintf(stderr, "Failed. Contents didn't match."); 160 return 1; 161 } 162 163 /* export with ANSI X9.63 */ 164 y = sizeof(buf[1]); 165 DO(ecc_ansi_x963_export(&userb, buf[1], &y)); 166 ecc_free (&userb); 167 168 /* now import the ANSI key */ 169 DO(ecc_ansi_x963_import(buf[1], y, &userb)); 170 171 /* shared secret */ 172 z = sizeof(buf[0]); 173 DO(ecc_shared_secret (&usera, &userb, buf[2], &z)); 174 175 if (z != x) { 176 fprintf(stderr, "failed. Size don't match?"); 177 return 1; 178 } 179 if (memcmp (buf[0], buf[2], x)) { 180 fprintf(stderr, "Failed. Contents didn't match."); 181 return 1; 182 } 183 184 ecc_free (&usera); 185 ecc_free (&userb); 186 187 /* test encrypt_key */ 188 DO(ecc_make_key (&yarrow_prng, find_prng ("yarrow"), sizes[s], &usera)); 189 190 /* export key */ 191 x = sizeof(buf[0]); 192 DO(ecc_export(buf[0], &x, PK_PUBLIC, &usera)); 193 DO(ecc_import(buf[0], x, &pubKey)); 194 x = sizeof(buf[0]); 195 DO(ecc_export(buf[0], &x, PK_PRIVATE, &usera)); 196 DO(ecc_import(buf[0], x, &privKey)); 197 198 for (x = 0; x < 32; x++) { 199 buf[0][x] = x; 200 } 201 y = sizeof (buf[1]); 202 DO(ecc_encrypt_key (buf[0], 32, buf[1], &y, &yarrow_prng, find_prng ("yarrow"), find_hash ("sha256"), &pubKey)); 203 zeromem (buf[0], sizeof (buf[0])); 204 x = sizeof (buf[0]); 205 DO(ecc_decrypt_key (buf[1], y, buf[0], &x, &privKey)); 206 if (x != 32) { 207 fprintf(stderr, "Failed (length)"); 208 return 1; 209 } 210 for (x = 0; x < 32; x++) { 211 if (buf[0][x] != x) { 212 fprintf(stderr, "Failed (contents)"); 213 return 1; 214 } 215 } 216 /* test sign_hash */ 217 for (x = 0; x < 16; x++) { 218 buf[0][x] = x; 219 } 220 x = sizeof (buf[1]); 221 DO(ecc_sign_hash (buf[0], 16, buf[1], &x, &yarrow_prng, find_prng ("yarrow"), &privKey)); 222 DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat, &pubKey)); 223 buf[0][0] ^= 1; 224 DO(ecc_verify_hash (buf[1], x, buf[0], 16, &stat2, &privKey)); 225 if (!(stat == 1 && stat2 == 0)) { 226 fprintf(stderr, "ecc_verify_hash failed %d, %d, ", stat, stat2); 227 return 1; 228 } 229 ecc_free (&usera); 230 ecc_free (&pubKey); 231 ecc_free (&privKey); 232 } 233 #ifdef LTC_ECC_SHAMIR 234 return ecc_test_shamir(); 235 #else 236 return 0; 237 #endif 238 } 239 240 #else 241 242 int ecc_tests(void) 243 { 244 fprintf(stderr, "NOP"); 245 return 0; 246 } 247 248 #endif 249 250 /* $Source: /cvs/libtom/libtomcrypt/testprof/ecc_test.c,v $ */ 251 /* $Revision: 1.21 $ */ 252 /* $Date: 2006/12/04 03:21:03 $ */ 253
