github.com/ebceco/ebc@v1.8.19-0.20190309150932-8cb0b9e06484/crypto/secp256k1/libsecp256k1/src/modules/ecdh/tests_impl.h (about) 1 /********************************************************************** 2 * Copyright (c) 2015 Andrew Poelstra * 3 * Distributed under the MIT software license, see the accompanying * 4 * file COPYING or http://www.opensource.org/licenses/mit-license.php.* 5 **********************************************************************/ 6 7 #ifndef _SECP256K1_MODULE_ECDH_TESTS_ 8 #define _SECP256K1_MODULE_ECDH_TESTS_ 9 10 void test_ecdh_api(void) { 11 /* Setup context that just counts errors */ 12 secp256k1_context *tctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN); 13 secp256k1_pubkey point; 14 unsigned char res[32]; 15 unsigned char s_one[32] = { 0 }; 16 int32_t ecount = 0; 17 s_one[31] = 1; 18 19 secp256k1_context_set_error_callback(tctx, counting_illegal_callback_fn, &ecount); 20 secp256k1_context_set_illegal_callback(tctx, counting_illegal_callback_fn, &ecount); 21 CHECK(secp256k1_ec_pubkey_create(tctx, &point, s_one) == 1); 22 23 /* Check all NULLs are detected */ 24 CHECK(secp256k1_ecdh(tctx, res, &point, s_one) == 1); 25 CHECK(ecount == 0); 26 CHECK(secp256k1_ecdh(tctx, NULL, &point, s_one) == 0); 27 CHECK(ecount == 1); 28 CHECK(secp256k1_ecdh(tctx, res, NULL, s_one) == 0); 29 CHECK(ecount == 2); 30 CHECK(secp256k1_ecdh(tctx, res, &point, NULL) == 0); 31 CHECK(ecount == 3); 32 CHECK(secp256k1_ecdh(tctx, res, &point, s_one) == 1); 33 CHECK(ecount == 3); 34 35 /* Cleanup */ 36 secp256k1_context_destroy(tctx); 37 } 38 39 void test_ecdh_generator_basepoint(void) { 40 unsigned char s_one[32] = { 0 }; 41 secp256k1_pubkey point[2]; 42 int i; 43 44 s_one[31] = 1; 45 /* Check against pubkey creation when the basepoint is the generator */ 46 for (i = 0; i < 100; ++i) { 47 secp256k1_sha256_t sha; 48 unsigned char s_b32[32]; 49 unsigned char output_ecdh[32]; 50 unsigned char output_ser[32]; 51 unsigned char point_ser[33]; 52 size_t point_ser_len = sizeof(point_ser); 53 secp256k1_scalar s; 54 55 random_scalar_order(&s); 56 secp256k1_scalar_get_b32(s_b32, &s); 57 58 /* compute using ECDH function */ 59 CHECK(secp256k1_ec_pubkey_create(ctx, &point[0], s_one) == 1); 60 CHECK(secp256k1_ecdh(ctx, output_ecdh, &point[0], s_b32) == 1); 61 /* compute "explicitly" */ 62 CHECK(secp256k1_ec_pubkey_create(ctx, &point[1], s_b32) == 1); 63 CHECK(secp256k1_ec_pubkey_serialize(ctx, point_ser, &point_ser_len, &point[1], SECP256K1_EC_COMPRESSED) == 1); 64 CHECK(point_ser_len == sizeof(point_ser)); 65 secp256k1_sha256_initialize(&sha); 66 secp256k1_sha256_write(&sha, point_ser, point_ser_len); 67 secp256k1_sha256_finalize(&sha, output_ser); 68 /* compare */ 69 CHECK(memcmp(output_ecdh, output_ser, sizeof(output_ser)) == 0); 70 } 71 } 72 73 void test_bad_scalar(void) { 74 unsigned char s_zero[32] = { 0 }; 75 unsigned char s_overflow[32] = { 76 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 77 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 78 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 79 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41 80 }; 81 unsigned char s_rand[32] = { 0 }; 82 unsigned char output[32]; 83 secp256k1_scalar rand; 84 secp256k1_pubkey point; 85 86 /* Create random point */ 87 random_scalar_order(&rand); 88 secp256k1_scalar_get_b32(s_rand, &rand); 89 CHECK(secp256k1_ec_pubkey_create(ctx, &point, s_rand) == 1); 90 91 /* Try to multiply it by bad values */ 92 CHECK(secp256k1_ecdh(ctx, output, &point, s_zero) == 0); 93 CHECK(secp256k1_ecdh(ctx, output, &point, s_overflow) == 0); 94 /* ...and a good one */ 95 s_overflow[31] -= 1; 96 CHECK(secp256k1_ecdh(ctx, output, &point, s_overflow) == 1); 97 } 98 99 void run_ecdh_tests(void) { 100 test_ecdh_api(); 101 test_ecdh_generator_basepoint(); 102 test_bad_scalar(); 103 } 104 105 #endif