diff options
| author | Pauli <paul.dale@oracle.com> | 2017-04-28 14:06:11 +1000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2017-05-05 19:32:34 +0200 |
| commit | 2db85ac97a5dda90249f5e630e7b29c4196fc397 (patch) | |
| tree | 759e16482b75afac8ecc505c3be430be090908f1 /test/ectest.c | |
| parent | ce1932f25f784bc5df3505c5de8b6b53436202a3 (diff) | |
Conversion of the EC tests to use the framework.
Some refactoring done as well.
The prime_field_tests() function needs splitting and refactoring still.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3340)
Diffstat (limited to 'test/ectest.c')
| -rw-r--r-- | test/ectest.c | 2452 |
1 files changed, 1102 insertions, 1350 deletions
diff --git a/test/ectest.c b/test/ectest.c index bb2a08d59e..c057bd9033 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -21,21 +21,10 @@ * */ -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> - #include "e_os.h" +#include "testutil.h" -#ifdef OPENSSL_NO_EC -int main(int argc, char *argv[]) -{ - puts("Elliptic curves are disabled."); - return 0; -} -#else - +#ifndef OPENSSL_NO_EC # include <openssl/ec.h> # ifndef OPENSSL_NO_ENGINE # include <openssl/engine.h> @@ -52,114 +41,80 @@ int main(int argc, char *argv[]) # pragma warning(disable:4959) # endif -# define ABORT do { \ - fflush(stdout); \ - fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ - ERR_print_errors_fp(stderr); \ - EXIT(1); \ -} while (0) - -# define TIMING_BASE_PT 0 -# define TIMING_RAND_PT 1 -# define TIMING_SIMUL 2 +static size_t crv_len = 0; +static EC_builtin_curve *curves = NULL; /* test multiplication with group order, long and negative scalars */ -static void group_order_tests(EC_GROUP *group) +static int group_order_tests(EC_GROUP *group) { - BIGNUM *n1, *n2, *order; - EC_POINT *P = EC_POINT_new(group); - EC_POINT *Q = EC_POINT_new(group); - EC_POINT *R = EC_POINT_new(group); - EC_POINT *S = EC_POINT_new(group); - BN_CTX *ctx = BN_CTX_new(); - int i; - - n1 = BN_new(); - n2 = BN_new(); - order = BN_new(); - fprintf(stdout, "verify group order ..."); - fflush(stdout); - if (!EC_GROUP_get_order(group, order, ctx)) - ABORT; - if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, Q)) - ABORT; - fprintf(stdout, "."); - fflush(stdout); - if (!EC_GROUP_precompute_mult(group, ctx)) - ABORT; - if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, Q)) - ABORT; - fprintf(stdout, " ok\n"); - fprintf(stdout, "long/negative scalar tests "); + BIGNUM *n1 = NULL, *n2 = NULL, *order = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL, *S = NULL; + BN_CTX *ctx = NULL; + int i = 0, r = 0; + + if (!TEST_ptr(n1 = BN_new()) + || !TEST_ptr(n2 = BN_new()) + || !TEST_ptr(order = BN_new()) + || !TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_ptr(S = EC_POINT_new(group))) + goto err; + + if (!TEST_true(EC_GROUP_get_order(group, order, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_GROUP_precompute_mult(group, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q))) + goto err; + for (i = 1; i <= 2; i++) { const BIGNUM *scalars[6]; const EC_POINT *points[6]; - fprintf(stdout, i == 1 ? - "allowing precomputation ... " : - "without precomputation ... "); - if (!BN_set_word(n1, i)) - ABORT; - /* - * If i == 1, P will be the predefined generator for which - * EC_GROUP_precompute_mult has set up precomputation. - */ - if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) - ABORT; - - if (!BN_one(n1)) - ABORT; - /* n1 = 1 - order */ - if (!BN_sub(n1, n1, order)) - ABORT; - if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) - ABORT; - - /* n2 = 1 + order */ - if (!BN_add(n2, order, BN_value_one())) - ABORT; - if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) - ABORT; - - /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ - if (!BN_mul(n2, n1, n2, ctx)) - ABORT; - if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) - ABORT; + if (!TEST_true(BN_set_word(n1, i)) + /* + * If i == 1, P will be the predefined generator for which + * EC_GROUP_precompute_mult has set up precomputation. + */ + || !TEST_true(EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) + || !TEST_true(BN_one(n1)) + /* n1 = 1 - order */ + || !TEST_true(BN_sub(n1, n1, order)) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n1, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + + /* n2 = 1 + order */ + || !TEST_true(BN_add(n2, order, BN_value_one())) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + + /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ + || !TEST_true(BN_mul(n2, n1, n2, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) + goto err; /* n2 = order^2 - 1 */ BN_set_negative(n2, 0); - if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - ABORT; - /* Add P to verify the result. */ - if (!EC_POINT_add(group, Q, Q, P, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, Q)) - ABORT; - - /* Exercise EC_POINTs_mul, including corner cases. */ - if (EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + /* Add P to verify the result. */ + || !TEST_true(EC_POINT_add(group, Q, Q, P, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + + /* Exercise EC_POINTs_mul, including corner cases. */ + || !TEST_false(EC_POINT_is_at_infinity(group, P))) + goto err; scalars[0] = scalars[1] = BN_value_one(); points[0] = points[1] = P; - if (!EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) - ABORT; - if (!EC_POINT_dbl(group, S, points[0], ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, R, S, ctx)) - ABORT; + if (!TEST_true(EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINT_dbl(group, S, points[0], ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, R, S, ctx))) + goto err; scalars[0] = n1; points[0] = Q; /* => infinity */ @@ -173,13 +128,16 @@ static void group_order_tests(EC_GROUP *group) points[4] = P; /* => P */ scalars[5] = n2; points[5] = Q; /* => infinity */ - if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; } - fprintf(stdout, "ok\n"); + r = 1; +err: + if (r == 0 && i != 0) + TEST_info(i == 1 ? "allowing precomputation" : + "without precomputation"); EC_POINT_free(P); EC_POINT_free(Q); EC_POINT_free(R); @@ -188,1185 +146,1045 @@ static void group_order_tests(EC_GROUP *group) BN_free(n2); BN_free(order); BN_CTX_free(ctx); + return r; } -static void prime_field_tests(void) +static int prime_field_tests(void) { BN_CTX *ctx = NULL; - BIGNUM *p, *a, *b; - EC_GROUP *group; - EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = - NULL, *P_384 = NULL, *P_521 = NULL; - EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z, *yplusone; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *scalar3 = NULL; + EC_GROUP *group = NULL, *tmp = NULL; + EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, + *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x = NULL, *y = NULL, *z = NULL, *yplusone = NULL; + const EC_POINT *points[4]; + const BIGNUM *scalars[4]; unsigned char buf[100]; - size_t i, len; + size_t i, len, r = 0; int k; - ctx = BN_CTX_new(); - if (!ctx) - ABORT; - - p = BN_new(); - a = BN_new(); - b = BN_new(); - if (!p || !a || !b) - ABORT; - - if (!BN_hex2bn(&p, "17")) - ABORT; - if (!BN_hex2bn(&a, "1")) - ABORT; - if (!BN_hex2bn(&b, "1")) - ABORT; - - group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use - * EC_GROUP_new_curve_GFp so - * that the library gets to - * choose the EC_METHOD */ - if (!group) - ABORT; - - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - { - EC_GROUP *tmp; - tmp = EC_GROUP_new(EC_GROUP_method_of(group)); - if (!tmp) - ABORT; - if (!EC_GROUP_copy(tmp, group)) - ABORT; - EC_GROUP_free(group); - group = tmp; - } - - if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) - ABORT; - - fprintf(stdout, - "Curve defined by Weierstrass equation\n y^2 = x^3 + a*x + b (mod 0x"); - BN_print_fp(stdout, p); - fprintf(stdout, ")\n a = 0x"); - BN_print_fp(stdout, a); - fprintf(stdout, "\n b = 0x"); - BN_print_fp(stdout, b); - fprintf(stdout, "\n"); - - P = EC_POINT_new(group); - Q = EC_POINT_new(group); - R = EC_POINT_new(group); - if (!P || !Q || !R) - ABORT; - - if (!EC_POINT_set_to_infinity(group, P)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_true(BN_hex2bn(&p, "17")) + || !TEST_true(BN_hex2bn(&a, "1")) + || !TEST_true(BN_hex2bn(&b, "1")) + /* + * applications should use EC_GROUP_new_curve_GFp so + * that the library gets to choose the EC_METHOD + */ + || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method())) + || !TEST_true(EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) + || !TEST_ptr(tmp = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(tmp, group))) + goto err; + EC_GROUP_free(group); + group = tmp; + tmp = NULL; + + if (!TEST_true(EC_GROUP_get_curve_GFp(group, p, a, b, ctx))) + goto err; + + BIO_printf(bio_out, + "Curve defined by Weierstrass equation\n" + " y^2 = x^3 + a*x + b (mod 0x"); + BN_print(bio_out, p); + BIO_printf(bio_out, ")\n a = 0x"); + BN_print(bio_out, a); + BIO_printf(bio_out, "\n b = 0x"); + BN_print(bio_out, b); + BIO_printf(bio_out, "\n"); buf[0] = 0; - if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) - ABORT; - - if (!EC_POINT_add(group, P, P, Q, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; - - x = BN_new(); - y = BN_new(); - z = BN_new(); - yplusone = BN_new(); - if (x == NULL || y == NULL || z == NULL || yplusone == NULL) - ABORT; - - if (!BN_hex2bn(&x, "D")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { - if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx)) - ABORT; - fprintf(stderr, "Point is not on curve: x = 0x"); + if (!TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_true(EC_POINT_set_to_infinity(group, P)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_true(EC_POINT_oct2point(group, Q, buf, 1, ctx)) + || !TEST_true(EC_POINT_add(group, P, P, Q, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(z = BN_new()) + || !TEST_ptr(yplusone = BN_new()) + || !TEST_true(BN_hex2bn(&x, "D")) + || !TEST_true(EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, + ctx))) + goto err; + + if (!TEST_int_gt(EC_POINT_is_on_curve(group, Q, ctx), 0)) { + if (!TEST_true(EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, + ctx))) + goto err; + BIO_printf(bio_err, "Point is not on curve: x = 0x"); BN_print_fp(stderr, x); - fprintf(stderr, ", y = 0x"); + BIO_printf(bio_err, ", y = 0x"); BN_print_fp(stderr, y); - fprintf(stderr, "\n"); - ABORT; + BIO_printf(bio_err, "\n"); + goto err; } - fprintf(stdout, "A cyclic subgroup:\n"); + BIO_printf(bio_out, "A cyclic subgroup:\n"); k = 100; do { - if (k-- == 0) - ABORT; - - if (EC_POINT_is_at_infinity(group, P)) - fprintf(stdout, " point at infinity\n"); - else { - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - - fprintf(stdout, " x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, ", y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + if (!TEST_int_ne(k--, 0)) + goto err; + + if (EC_POINT_is_at_infinity(group, P)) { + BIO_printf(bio_out, " point at infinity\n"); + } else { + if (!TEST_true(EC_POINT_get_affine_coordinates_GFp(group, P, x, y, + ctx))) + goto err; + + BIO_printf(bio_out, " x = 0x"); + BN_print(bio_out, x); + BIO_printf(bio_out, ", y = 0x"); + BN_print(bio_out, y); + BIO_printf(bio_out, "\n"); } - if (!EC_POINT_copy(R, P)) - ABORT; - if (!EC_POINT_add(group, P, P, Q, ctx)) - ABORT; + if (!TEST_true(EC_POINT_copy(R, P)) + || !TEST_true(EC_POINT_add(group, P, P, Q, ctx))) + goto err; - } - while (!EC_POINT_is_at_infinity(group, P)); + } while (!EC_POINT_is_at_infinity(group, P)); - if (!EC_POINT_add(group, P, Q, R, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINT_add(group, P, Q, R, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof buf, ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "Generator as octet string, compressed form:\n "); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + BIO_printf(bio_out, "Generator as octet string, compressed form:\n "); for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); - - len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, - sizeof buf, ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n "); + BIO_printf(bio_out, "%02X", buf[i]); + + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, + buf, sizeof buf, ctx); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + BIO_printf(bio_out, "\nGenerator as octet string, uncompressed form:\n" + " "); for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); - - len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf, - ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "\nGenerator as octet string, hybrid form:\n "); + BIO_printf(bio_out, "%02X", buf[i]); + + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, + buf, sizeof buf, ctx); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + BIO_printf(bio_out, "\nGenerator as octet string, hybrid form:\n "); for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); - - if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx)) - ABORT; - fprintf(stdout, - "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n X = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, ", Y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, ", Z = 0x"); - BN_print_fp(stdout, z); - fprintf(stdout, "\n"); - - if (!EC_POINT_invert(group, P, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, R, ctx)) - ABORT; + BIO_printf(bio_out, "%02X", buf[i]); + + if (!TEST_true(EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, + ctx))) + goto err; + BIO_printf(bio_out, + "\nA representation of the inverse of that generator in\n" + "Jacobian projective coordinates:\n" + " X = 0x"); + BN_print(bio_out, x); + BIO_printf(bio_out, ", Y = 0x"); + BN_print(bio_out, y); + BIO_printf(bio_out, ", Z = 0x"); + BN_print(bio_out, z); + BIO_printf(bio_out, "\n"); + + if (!TEST_true(EC_POINT_invert(group, P, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) /* * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2, * 2000) -- not a NIST curve, but commonly used */ - if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) - ABORT; - if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82")) - ABORT; - if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) - ABORT; - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + || !TEST_true(BN_hex2bn(&p, "FFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "1C97BEFC" + "54BD7A8B65ACF89F81D4D4ADC565FA45")) + || !TEST_true(EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "4A96B568" + "8EF573284664698968C38BB913CBFC82")) + || !TEST_true(BN_hex2bn(&y, "23a62855" + "3168947d59dcc912042351377ac5fb32")) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_false(EC_POINT_set_affine_coordinates_GFp(group, P, x, + yplusone, ctx)) + || !TEST_true(EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "0100000000" + "000000000001F4C8F927AED3CA752257")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))) + goto err; + BIO_printf(bio_out, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x"); + BN_print(bio_out, x); + BIO_printf(bio_out, "\n y = 0x"); + BN_print(bio_out, y); + BIO_printf(bio_out, "\n"); /* G_y value taken from the standard: */ - if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 160) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_160 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_160, group)) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "23a62855" + "3168947d59dcc912042351377ac5fb32")) + || !TEST_int_eq(0, BN_cmp(y, z)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 160) + || !group_order_tests(group) + || !TEST_ptr(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_160, group)) /* Curve P-192 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) - ABORT; - if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-192 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "64210519E59C80E7" + "0FA7E9AB72243049FEB8DEECC146B9B1")) + || !TEST_true(EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "188DA80EB03090F6" + "7CBF20EB43A18800F4FF0AFD82FF1012")) + || !TEST_true(EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, + ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFF" + "FFFFFFFF99DEF836146BC9B1B4D22831")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))) + goto err; + + BIO_printf(bio_out, "\nNIST curve P-192 -- Generator:\n x = 0x"); + BN_print(bio_out, x); + BIO_printf(bio_out, "\n y = 0x"); + BN_print(bio_out, y); + BIO_printf(bio_out, "\n"); /* G_y value taken from the standard: */ - if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "07192B95FFC8DA78" + "631011ED6B24CDD573F977A11E794811")) + || !TEST_int_eq(0, BN_cmp(y, z)) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 192) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_192 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_192, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates_GFp(group, P, x, + yplusone, ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 192) + || !group_order_tests(group) + || !TEST_ptr(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_192, group)) /* Curve P-224 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn - (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn - (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) - ABORT; - if (!BN_hex2bn - (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn - (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn - (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFF000000000000000000000001")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) + || !TEST_true(BN_hex2bn(&b, "B4050A850C04B3ABF5413256" + "5044B0B7D7BFD8BA270B39432355FFB4")) + || !TEST_true(EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "B70E0CBD6BB4BF7F321390B9" + "4A03C1D356C21122343280D6115C1D21")) + || !TEST_true(EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, + ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFF16A2E0B8F03E13DD29455C5C2A3D")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))) + goto err; + + BIO_printf(bio_out, "\nNIST curve P-224 -- Generator:\n x = 0x"); + BN_print(bio_out, x); + BIO_printf(bio_out, "\n y = 0x"); + BN_print(bio_out, y); + BIO_printf(bio_out, "\n"); /* G_y value taken from the standard: */ - if (!BN_hex2bn - (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6" + "CD4375A05A07476444D5819985007E34")) + || !TEST_int_eq(0, BN_cmp(y, z)) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 224) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_224, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates_GFp(group, P, x, + yplusone, ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 224) + || !group_order_tests(group) + || !TEST_ptr(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_224, group)) /* Curve P-256 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn - (&p, - "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn - (&a, - "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) - ABORT; - if (!BN_hex2bn - (&b, - "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn - (&x, - "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E" - "84F3B9CAC2FC632551")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFF000000010000000000000000" + "00000000FFFFFFFFFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFF000000010000000000000000" + "00000000FFFFFFFFFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC" + "651D06B0CC53B0F63BCE3C3E27D2604B")) + || !TEST_true(EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) + + || !TEST_true(BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F2" + "77037D812DEB33A0F4A13945D898C296")) + || !TEST_true(EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, + ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFF" + "BCE6FAADA7179E84F3B9CAC2FC632551")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))) + goto err; + + BIO_printf(bio_out, "\nNIST curve P-256 -- Generator:\n x = 0x"); + BN_print(bio_out, x); + BIO_printf(bio_out, "\n y = 0x"); + BN_print(bio_out, y); + BIO_printf(bio_out, "\n"); /* G_y value taken from the standard: */ - if (!BN_hex2bn - (&z, - "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" + "2BCE33576B315ECECBB6406837BF51F5")) + || !TEST_int_eq(0, BN_cmp(y, z)) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 256) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - |