github.com/hxx258456/ccgo@v0.0.5-0.20230213014102-48b35f46f66f/sm2/p256_test.go

github.com/hxx258456/ccgo@v0.0.5-0.20230213014102-48b35f46f66f/sm2/p256_test.go (about)

     1  package sm2
     2  
     3  import (
     4  	"crypto/elliptic"
     5  	"crypto/rand"
     6  	"encoding/hex"
     7  	"fmt"
     8  	"math/big"
     9  	"testing"
    10  )
    11  
    12  type baseMultTest struct {
    13  	k string
    14  }
    15  
    16  var baseMultTests = []baseMultTest{
    17  	{
    18  		"112233445566778899",
    19  	},
    20  	{
    21  		"112233445566778899112233445566778899",
    22  	},
    23  	{
    24  		"6950511619965839450988900688150712778015737983940691968051900319680",
    25  	},
    26  	{
    27  		"13479972933410060327035789020509431695094902435494295338570602119423",
    28  	},
    29  	{
    30  		"13479971751745682581351455311314208093898607229429740618390390702079",
    31  	},
    32  	{
    33  		"13479972931865328106486971546324465392952975980343228160962702868479",
    34  	},
    35  	{
    36  		"11795773708834916026404142434151065506931607341523388140225443265536",
    37  	},
    38  	{
    39  		"784254593043826236572847595991346435467177662189391577090",
    40  	},
    41  	{
    42  		"13479767645505654746623887797783387853576174193480695826442858012671",
    43  	},
    44  	{
    45  		"205688069665150753842126177372015544874550518966168735589597183",
    46  	},
    47  	{
    48  		"13479966930919337728895168462090683249159702977113823384618282123295",
    49  	},
    50  	{
    51  		"50210731791415612487756441341851895584393717453129007497216",
    52  	},
    53  	{
    54  		"26959946667150639794667015087019625940457807714424391721682722368041",
    55  	},
    56  	{
    57  		"26959946667150639794667015087019625940457807714424391721682722368042",
    58  	},
    59  	{
    60  		"26959946667150639794667015087019625940457807714424391721682722368043",
    61  	},
    62  	{
    63  		"26959946667150639794667015087019625940457807714424391721682722368044",
    64  	},
    65  	{
    66  		"26959946667150639794667015087019625940457807714424391721682722368045",
    67  	},
    68  	{
    69  		"26959946667150639794667015087019625940457807714424391721682722368046",
    70  	},
    71  	{
    72  		"26959946667150639794667015087019625940457807714424391721682722368047",
    73  	},
    74  	{
    75  		"26959946667150639794667015087019625940457807714424391721682722368048",
    76  	},
    77  	{
    78  		"26959946667150639794667015087019625940457807714424391721682722368049",
    79  	},
    80  	{
    81  		"26959946667150639794667015087019625940457807714424391721682722368050",
    82  	},
    83  	{
    84  		"26959946667150639794667015087019625940457807714424391721682722368051",
    85  	},
    86  	{
    87  		"26959946667150639794667015087019625940457807714424391721682722368052",
    88  	},
    89  	{
    90  		"26959946667150639794667015087019625940457807714424391721682722368053",
    91  	},
    92  	{
    93  		"26959946667150639794667015087019625940457807714424391721682722368054",
    94  	},
    95  	{
    96  		"26959946667150639794667015087019625940457807714424391721682722368055",
    97  	},
    98  	{
    99  		"26959946667150639794667015087019625940457807714424391721682722368056",
   100  	},
   101  	{
   102  		"26959946667150639794667015087019625940457807714424391721682722368057",
   103  	},
   104  	{
   105  		"26959946667150639794667015087019625940457807714424391721682722368058",
   106  	},
   107  	{
   108  		"26959946667150639794667015087019625940457807714424391721682722368059",
   109  	},
   110  	{
   111  		"26959946667150639794667015087019625940457807714424391721682722368060",
   112  	},
   113  }
   114  
   115  type scalarMultTest struct {
   116  	k          string
   117  	xIn, yIn   string
   118  	xOut, yOut string
   119  }
   120  
   121  var p256MultTests = []scalarMultTest{
   122  	{
   123  		"9e9e0dfa7b29bd78a381e5ad3c3ef3154080bf8198b4f6d4dc4b13a04e49a979",
   124  		"0a5351c475d8f8c5dab77b688b17fa1d6f2a9aed187b3a6cb670647c1a1b2369",
   125  		"aba5ace91a313f0d4468a44f66617e7f497f3508c6f2c0273dc6c133c9a59df0",
   126  		"f64634b9eb2b0feb5bfdcb882a365041437da717dfb4156e7b3f3b22784889a9",
   127  		"84d36430a453396b047494e6a74c43abf193c13ce17dd60b614b22de97139d09",
   128  	},
   129  	{
   130  		"dd242eb66c7be62f2d3173185b6875f66d0d0bc75df8900c69d48630ef60faff",
   131  		"0f5e36b3eaa03868bccfd0f7e5f0189ee5d58b0946420ee0672797620f4856df",
   132  		"35032c2d743a0df6d838b01034402db85d3ad4b07f316612cfc8902434dedd29",
   133  		"1ffe871e928012e14dfad0ec1d54a8198c6830dd283703a42c21f2367c72d10f",
   134  		"fbf401d0729d2b38a925d2d2b750293239ea74065a28279710e5fc8a7c86b3b7",
   135  	},
   136  	{
   137  		"38f2411d1cad8c1b026e731a85dcc2eca79f472369233ae204aa5d6a2f6542f1",
   138  		"1fb1c5de8ef2fdecf9a729ed4eb9ce0f363e75fed95400dbd25c333c26393bc3",
   139  		"e9250c58d7200783aa9ec9814c13f252ba368bf52d6fd8f2e9397e603972e55d",
   140  		"b5301fcc9818019651e8f56a265fb254ad864d9001b21ebd6b1a6ec0e6f6e07a",
   141  		"2e29cd8f8697360d0b60d730d073793d41bc3c99f00c99875f5d22ed0b32ea6a",
   142  	},
   143  }
   144  
   145  func genericParamsForCurve(c elliptic.Curve) *elliptic.CurveParams {
   146  	d := *(c.Params())
   147  	return &d
   148  }
   149  
   150  func TestP256BaseMult(t *testing.T) {
   151  	p256 := P256Sm2()
   152  	p256Generic := genericParamsForCurve(p256)
   153  
   154  	scalars := make([]*big.Int, 0, len(baseMultTests)+1)
   155  	for i := 1; i <= 20; i++ {
   156  		k := new(big.Int).SetInt64(int64(i))
   157  		scalars = append(scalars, k)
   158  	}
   159  	for _, e := range baseMultTests {
   160  		k, _ := new(big.Int).SetString(e.k, 10)
   161  		scalars = append(scalars, k)
   162  	}
   163  	k := new(big.Int).SetInt64(1)
   164  	k.Lsh(k, 500)
   165  	scalars = append(scalars, k)
   166  
   167  	for i, k := range scalars {
   168  		x, y := p256.ScalarBaseMult(k.Bytes())
   169  		x2, y2 := p256Generic.ScalarBaseMult(k.Bytes())
   170  		if x.Cmp(x2) != 0 || y.Cmp(y2) != 0 {
   171  			t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, x, y, x2, y2)
   172  		}
   173  
   174  		if testing.Short() && i > 5 {
   175  			break
   176  		}
   177  	}
   178  }
   179  
   180  //goland:noinspection GoUnusedFunction
   181  func generateP256MultTests() {
   182  	p256 := P256Sm2()
   183  	p256Generic := genericParamsForCurve(p256)
   184  	for i := 0; i < 3; i++ {
   185  		k1, err := randFieldElement(p256Generic, rand.Reader)
   186  		if err != nil {
   187  			fmt.Printf("%v\n", err)
   188  		}
   189  		x1, y1 := p256Generic.ScalarBaseMult(k1.Bytes())
   190  		k2, err := randFieldElement(p256Generic, rand.Reader)
   191  		if err != nil {
   192  			fmt.Printf("%v\n", err)
   193  		}
   194  		x2, y2 := p256Generic.ScalarMult(x1, y1, k2.Bytes())
   195  		fmt.Printf("%s\n", hex.EncodeToString(k2.Bytes()))
   196  		fmt.Printf("%s\n", hex.EncodeToString(x1.Bytes()))
   197  		fmt.Printf("%s\n", hex.EncodeToString(y1.Bytes()))
   198  		fmt.Printf("%s\n", hex.EncodeToString(x2.Bytes()))
   199  		fmt.Printf("%s\n", hex.EncodeToString(y2.Bytes()))
   200  	}
   201  }
   202  
   203  func TestP256Mult(t *testing.T) {
   204  	p256 := P256Sm2()
   205  	for i, e := range p256MultTests {
   206  		x, _ := new(big.Int).SetString(e.xIn, 16)
   207  		y, _ := new(big.Int).SetString(e.yIn, 16)
   208  		k, _ := new(big.Int).SetString(e.k, 16)
   209  		expectedX, _ := new(big.Int).SetString(e.xOut, 16)
   210  		expectedY, _ := new(big.Int).SetString(e.yOut, 16)
   211  
   212  		xx, yy := p256.ScalarMult(x, y, k.Bytes())
   213  		if xx.Cmp(expectedX) != 0 || yy.Cmp(expectedY) != 0 {
   214  			t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, expectedX, expectedY)
   215  		}
   216  	}
   217  }
   218  
   219  type synthCombinedMult struct {
   220  	elliptic.Curve
   221  }
   222  
   223  func (s synthCombinedMult) CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int) {
   224  	x1, y1 := s.ScalarBaseMult(baseScalar)
   225  	x2, y2 := s.ScalarMult(bigX, bigY, scalar)
   226  	return s.Add(x1, y1, x2, y2)
   227  }
   228  
   229  func TestP256CombinedMult(t *testing.T) {
   230  	type combinedMult interface {
   231  		elliptic.Curve
   232  		CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int)
   233  	}
   234  
   235  	p256, ok := P256Sm2().(combinedMult)
   236  	if !ok {
   237  		p256 = &synthCombinedMult{P256Sm2()}
   238  	}
   239  
   240  	gx := p256.Params().Gx
   241  	gy := p256.Params().Gy
   242  
   243  	zero := make([]byte, 32)
   244  	one := make([]byte, 32)
   245  	one[31] = 1
   246  	two := make([]byte, 32)
   247  	two[31] = 2
   248  
   249  	// 0×G + 0×G = ∞
   250  	x, y := p256.CombinedMult(gx, gy, zero, zero)
   251  	if x.Sign() != 0 || y.Sign() != 0 {
   252  		t.Errorf("0×G + 0×G = (%d, %d), should be ∞", x, y)
   253  	}
   254  
   255  	// 1×G + 0×G = G
   256  	x, y = p256.CombinedMult(gx, gy, one, zero)
   257  	if x.Cmp(gx) != 0 || y.Cmp(gy) != 0 {
   258  		t.Errorf("1×G + 0×G = (%d, %d), should be (%d, %d)", x, y, gx, gy)
   259  	}
   260  
   261  	// 0×G + 1×G = G
   262  	x, y = p256.CombinedMult(gx, gy, zero, one)
   263  	if x.Cmp(gx) != 0 || y.Cmp(gy) != 0 {
   264  		t.Errorf("0×G + 1×G = (%d, %d), should be (%d, %d)", x, y, gx, gy)
   265  	}
   266  
   267  	// 1×G + 1×G = 2×G
   268  	x, y = p256.CombinedMult(gx, gy, one, one)
   269  	ggx, ggy := p256.ScalarBaseMult(two)
   270  	if x.Cmp(ggx) != 0 || y.Cmp(ggy) != 0 {
   271  		t.Errorf("1×G + 1×G = (%d, %d), should be (%d, %d)", x, y, ggx, ggy)
   272  	}
   273  
   274  	minusOne := new(big.Int).Sub(p256.Params().N, big.NewInt(1))
   275  	// 1×G + (-1)×G = ∞
   276  	x, y = p256.CombinedMult(gx, gy, one, minusOne.Bytes())
   277  	if x.Sign() != 0 || y.Sign() != 0 {
   278  		t.Errorf("1×G + (-1)×G = (%d, %d), should be ∞", x, y)
   279  	}
   280  }
   281  
   282  func TestIssue52075(t *testing.T) {
   283  	Gx, Gy := P256Sm2().Params().Gx, P256Sm2().Params().Gy
   284  	scalar := make([]byte, 33)
   285  	scalar[32] = 1
   286  	x, y := P256Sm2().ScalarBaseMult(scalar)
   287  	if x.Cmp(Gx) != 0 || y.Cmp(Gy) != 0 {
   288  		t.Errorf("unexpected output (%v,%v)", x, y)
   289  	}
   290  	x, y = P256Sm2().ScalarMult(Gx, Gy, scalar)
   291  	if x.Cmp(Gx) != 0 || y.Cmp(Gy) != 0 {
   292  		t.Errorf("unexpected output (%v,%v)", x, y)
   293  	}
   294  }