gitee.com/ks-custle/core-gm@v0.0.0-20230922171213-b83bdd97b62c/sm2/p256_test.go (about) 1 package sm2 2 3 import ( 4 "crypto/elliptic" 5 "crypto/rand" 6 "encoding/hex" 7 "fmt" 8 "math/big" 9 "testing" 10 ) 11 12 type baseMultTest struct { 13 k string 14 } 15 16 var baseMultTests = []baseMultTest{ 17 { 18 "112233445566778899", 19 }, 20 { 21 "112233445566778899112233445566778899", 22 }, 23 { 24 "6950511619965839450988900688150712778015737983940691968051900319680", 25 }, 26 { 27 "13479972933410060327035789020509431695094902435494295338570602119423", 28 }, 29 { 30 "13479971751745682581351455311314208093898607229429740618390390702079", 31 }, 32 { 33 "13479972931865328106486971546324465392952975980343228160962702868479", 34 }, 35 { 36 "11795773708834916026404142434151065506931607341523388140225443265536", 37 }, 38 { 39 "784254593043826236572847595991346435467177662189391577090", 40 }, 41 { 42 "13479767645505654746623887797783387853576174193480695826442858012671", 43 }, 44 { 45 "205688069665150753842126177372015544874550518966168735589597183", 46 }, 47 { 48 "13479966930919337728895168462090683249159702977113823384618282123295", 49 }, 50 { 51 "50210731791415612487756441341851895584393717453129007497216", 52 }, 53 { 54 "26959946667150639794667015087019625940457807714424391721682722368041", 55 }, 56 { 57 "26959946667150639794667015087019625940457807714424391721682722368042", 58 }, 59 { 60 "26959946667150639794667015087019625940457807714424391721682722368043", 61 }, 62 { 63 "26959946667150639794667015087019625940457807714424391721682722368044", 64 }, 65 { 66 "26959946667150639794667015087019625940457807714424391721682722368045", 67 }, 68 { 69 "26959946667150639794667015087019625940457807714424391721682722368046", 70 }, 71 { 72 "26959946667150639794667015087019625940457807714424391721682722368047", 73 }, 74 { 75 "26959946667150639794667015087019625940457807714424391721682722368048", 76 }, 77 { 78 "26959946667150639794667015087019625940457807714424391721682722368049", 79 }, 80 { 81 "26959946667150639794667015087019625940457807714424391721682722368050", 82 }, 83 { 84 "26959946667150639794667015087019625940457807714424391721682722368051", 85 }, 86 { 87 "26959946667150639794667015087019625940457807714424391721682722368052", 88 }, 89 { 90 "26959946667150639794667015087019625940457807714424391721682722368053", 91 }, 92 { 93 "26959946667150639794667015087019625940457807714424391721682722368054", 94 }, 95 { 96 "26959946667150639794667015087019625940457807714424391721682722368055", 97 }, 98 { 99 "26959946667150639794667015087019625940457807714424391721682722368056", 100 }, 101 { 102 "26959946667150639794667015087019625940457807714424391721682722368057", 103 }, 104 { 105 "26959946667150639794667015087019625940457807714424391721682722368058", 106 }, 107 { 108 "26959946667150639794667015087019625940457807714424391721682722368059", 109 }, 110 { 111 "26959946667150639794667015087019625940457807714424391721682722368060", 112 }, 113 } 114 115 type scalarMultTest struct { 116 k string 117 xIn, yIn string 118 xOut, yOut string 119 } 120 121 var p256MultTests = []scalarMultTest{ 122 { 123 "9e9e0dfa7b29bd78a381e5ad3c3ef3154080bf8198b4f6d4dc4b13a04e49a979", 124 "0a5351c475d8f8c5dab77b688b17fa1d6f2a9aed187b3a6cb670647c1a1b2369", 125 "aba5ace91a313f0d4468a44f66617e7f497f3508c6f2c0273dc6c133c9a59df0", 126 "f64634b9eb2b0feb5bfdcb882a365041437da717dfb4156e7b3f3b22784889a9", 127 "84d36430a453396b047494e6a74c43abf193c13ce17dd60b614b22de97139d09", 128 }, 129 { 130 "dd242eb66c7be62f2d3173185b6875f66d0d0bc75df8900c69d48630ef60faff", 131 "0f5e36b3eaa03868bccfd0f7e5f0189ee5d58b0946420ee0672797620f4856df", 132 "35032c2d743a0df6d838b01034402db85d3ad4b07f316612cfc8902434dedd29", 133 "1ffe871e928012e14dfad0ec1d54a8198c6830dd283703a42c21f2367c72d10f", 134 "fbf401d0729d2b38a925d2d2b750293239ea74065a28279710e5fc8a7c86b3b7", 135 }, 136 { 137 "38f2411d1cad8c1b026e731a85dcc2eca79f472369233ae204aa5d6a2f6542f1", 138 "1fb1c5de8ef2fdecf9a729ed4eb9ce0f363e75fed95400dbd25c333c26393bc3", 139 "e9250c58d7200783aa9ec9814c13f252ba368bf52d6fd8f2e9397e603972e55d", 140 "b5301fcc9818019651e8f56a265fb254ad864d9001b21ebd6b1a6ec0e6f6e07a", 141 "2e29cd8f8697360d0b60d730d073793d41bc3c99f00c99875f5d22ed0b32ea6a", 142 }, 143 } 144 145 func genericParamsForCurve(c elliptic.Curve) *elliptic.CurveParams { 146 d := *(c.Params()) 147 return &d 148 } 149 150 func TestP256BaseMult(t *testing.T) { 151 p256 := P256Sm2() 152 p256Generic := genericParamsForCurve(p256) 153 154 scalars := make([]*big.Int, 0, len(baseMultTests)+1) 155 for i := 1; i <= 20; i++ { 156 k := new(big.Int).SetInt64(int64(i)) 157 scalars = append(scalars, k) 158 } 159 for _, e := range baseMultTests { 160 k, _ := new(big.Int).SetString(e.k, 10) 161 scalars = append(scalars, k) 162 } 163 k := new(big.Int).SetInt64(1) 164 k.Lsh(k, 500) 165 scalars = append(scalars, k) 166 167 for i, k := range scalars { 168 x, y := p256.ScalarBaseMult(k.Bytes()) 169 x2, y2 := p256Generic.ScalarBaseMult(k.Bytes()) 170 if x.Cmp(x2) != 0 || y.Cmp(y2) != 0 { 171 t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, x, y, x2, y2) 172 } 173 174 if testing.Short() && i > 5 { 175 break 176 } 177 } 178 } 179 180 //goland:noinspection GoUnusedFunction 181 func generateP256MultTests() { 182 p256 := P256Sm2() 183 p256Generic := genericParamsForCurve(p256) 184 for i := 0; i < 3; i++ { 185 k1, err := randFieldElement(p256Generic, rand.Reader) 186 if err != nil { 187 fmt.Printf("%v\n", err) 188 } 189 x1, y1 := p256Generic.ScalarBaseMult(k1.Bytes()) 190 k2, err := randFieldElement(p256Generic, rand.Reader) 191 if err != nil { 192 fmt.Printf("%v\n", err) 193 } 194 x2, y2 := p256Generic.ScalarMult(x1, y1, k2.Bytes()) 195 fmt.Printf("%s\n", hex.EncodeToString(k2.Bytes())) 196 fmt.Printf("%s\n", hex.EncodeToString(x1.Bytes())) 197 fmt.Printf("%s\n", hex.EncodeToString(y1.Bytes())) 198 fmt.Printf("%s\n", hex.EncodeToString(x2.Bytes())) 199 fmt.Printf("%s\n", hex.EncodeToString(y2.Bytes())) 200 } 201 } 202 203 func TestP256Mult(t *testing.T) { 204 p256 := P256Sm2() 205 for i, e := range p256MultTests { 206 x, _ := new(big.Int).SetString(e.xIn, 16) 207 y, _ := new(big.Int).SetString(e.yIn, 16) 208 k, _ := new(big.Int).SetString(e.k, 16) 209 expectedX, _ := new(big.Int).SetString(e.xOut, 16) 210 expectedY, _ := new(big.Int).SetString(e.yOut, 16) 211 212 xx, yy := p256.ScalarMult(x, y, k.Bytes()) 213 if xx.Cmp(expectedX) != 0 || yy.Cmp(expectedY) != 0 { 214 t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, expectedX, expectedY) 215 } 216 } 217 } 218 219 type synthCombinedMult struct { 220 elliptic.Curve 221 } 222 223 func (s synthCombinedMult) CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int) { 224 x1, y1 := s.ScalarBaseMult(baseScalar) 225 x2, y2 := s.ScalarMult(bigX, bigY, scalar) 226 return s.Add(x1, y1, x2, y2) 227 } 228 229 func TestP256CombinedMult(t *testing.T) { 230 type combinedMult interface { 231 elliptic.Curve 232 CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int) 233 } 234 235 p256, ok := P256Sm2().(combinedMult) 236 if !ok { 237 p256 = &synthCombinedMult{P256Sm2()} 238 } 239 240 gx := p256.Params().Gx 241 gy := p256.Params().Gy 242 243 zero := make([]byte, 32) 244 one := make([]byte, 32) 245 one[31] = 1 246 two := make([]byte, 32) 247 two[31] = 2 248 249 // 0×G + 0×G = ∞ 250 x, y := p256.CombinedMult(gx, gy, zero, zero) 251 if x.Sign() != 0 || y.Sign() != 0 { 252 t.Errorf("0×G + 0×G = (%d, %d), should be ∞", x, y) 253 } 254 255 // 1×G + 0×G = G 256 x, y = p256.CombinedMult(gx, gy, one, zero) 257 if x.Cmp(gx) != 0 || y.Cmp(gy) != 0 { 258 t.Errorf("1×G + 0×G = (%d, %d), should be (%d, %d)", x, y, gx, gy) 259 } 260 261 // 0×G + 1×G = G 262 x, y = p256.CombinedMult(gx, gy, zero, one) 263 if x.Cmp(gx) != 0 || y.Cmp(gy) != 0 { 264 t.Errorf("0×G + 1×G = (%d, %d), should be (%d, %d)", x, y, gx, gy) 265 } 266 267 // 1×G + 1×G = 2×G 268 x, y = p256.CombinedMult(gx, gy, one, one) 269 ggx, ggy := p256.ScalarBaseMult(two) 270 if x.Cmp(ggx) != 0 || y.Cmp(ggy) != 0 { 271 t.Errorf("1×G + 1×G = (%d, %d), should be (%d, %d)", x, y, ggx, ggy) 272 } 273 274 minusOne := new(big.Int).Sub(p256.Params().N, big.NewInt(1)) 275 // 1×G + (-1)×G = ∞ 276 x, y = p256.CombinedMult(gx, gy, one, minusOne.Bytes()) 277 if x.Sign() != 0 || y.Sign() != 0 { 278 t.Errorf("1×G + (-1)×G = (%d, %d), should be ∞", x, y) 279 } 280 } 281 282 func TestIssue52075(t *testing.T) { 283 Gx, Gy := P256Sm2().Params().Gx, P256Sm2().Params().Gy 284 scalar := make([]byte, 33) 285 scalar[32] = 1 286 x, y := P256Sm2().ScalarBaseMult(scalar) 287 if x.Cmp(Gx) != 0 || y.Cmp(Gy) != 0 { 288 t.Errorf("unexpected output (%v,%v)", x, y) 289 } 290 x, y = P256Sm2().ScalarMult(Gx, Gy, scalar) 291 if x.Cmp(Gx) != 0 || y.Cmp(Gy) != 0 { 292 t.Errorf("unexpected output (%v,%v)", x, y) 293 } 294 }