[u/mdw/catacomb] / dsa-gen.c

/* -*-c-*-
 *
 * $Id: dsa-gen.c,v 1.1 1999/11/19 19:28:00 mdw Exp $
 *
 * Generate DSA shared parameters
 *
 * (c) 1999 Straylight/Edgeware
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This file is part of Catacomb.
 *
 * Catacomb is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Library General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 * 
 * Catacomb is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Library General Public License for more details.
 * 
 * You should have received a copy of the GNU Library General Public
 * License along with Catacomb; if not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 * MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: dsa-gen.c,v $
 * Revision 1.1  1999/11/19 19:28:00  mdw
 * Implementation of the Digital Signature Algorithm.
 *
 */

/*----- Header files ------------------------------------------------------*/

#include <stdio.h>
#include <stdlib.h>

#include "dsa.h"
#include "mp.h"
#include "pgen.h"
#include "rabin.h"
#include "rc4.h"
#include "sha.h"

/*----- Main code ---------------------------------------------------------*/

/* --- @dsa_seed@ --- *
 *
 * Arguments:	@dsa_param *dp@ = where to store parameters
 *		@unsigned l@ = bitlength of @p@ in bits
 *		@const void *k@ = pointer to key material
 *		@void (*proc)(int ev, mp *m, void *p)@ = event procedure
 *		@size_t sz@ = size of key material
 *
 * Returns:	Zero if all went well, nonzero if key material was
 *		unsuitable (one of the @DSAEV@ codes).
 *
 * Use:		Generates the DSA shared parameters from a given seed value.
 *		This can take quite a long time.  The size of @p@ in bits is
 *		%$l = 512 + 64l'$%.  The DSA standard, FIPS 186, only allows
 *		%$0 \le l' \le 8$%.  This implementation has no such limit,
 *		although @l@ must be a multiple of 8.
 *
 *		The event procedure is informed of various happenings during
 *		generation.  It is passed an event code describing what
 *		happened, and a multiprecision number which pertains to the
 *		event code.
 */

int dsa_seed(dsa_param *dp, unsigned l, const void *k, size_t sz,
		void (*proc)(int /*ev*/, mp */*m*/, void */*p*/), void *arg)
{
  mp *q, *p, *g;
  mp *s = mp_loadb(MP_NEW, k, sz);
  octet *sbuf = xmalloc(sz);
  rc4_ctx rc4;
  int fail;

  l /= 8;
  rc4_init(&rc4, k, sz);

  /* --- Generate @q@ --- */

  {
    octet xbuf[SHA_HASHSZ], ybuf[SHA_HASHSZ];
    sha_ctx c;
    int i;

    sha_init(&c);
    sha_hash(&c, k, sz);
    sha_done(&c, xbuf);

    MPX_UADDN(s->v, s->vl, 1);
    mp_storeb(s, sbuf, sz);
    sha_init(&c);
    sha_hash(&c, sbuf, sz);
    sha_done(&c, ybuf);
    
    for (i = 0; i < sizeof(xbuf); i++)
      xbuf[i] ^= ybuf[i];
    xbuf[0] |= 0x80;
    xbuf[SHA_HASHSZ - 1] |= 0x01;
    q = mp_loadb(MP_NEW, xbuf, sizeof(xbuf));
  }

  /* --- Quick primality check --- */

  {
    pgen pg;
    int rc = pgen_create(&pg, q);
    pgen_destroy(&pg);
    if (rc == PGEN_COMPOSITE) {
      if (proc)
	proc(DSAEV_FAILQ, q, arg);
      fail = DSAEV_FAILQ;
      goto fail_0;
    }
  }

  /* --- Ensure that @q@ is prime --- *
   *
   * This requires 18 iterations, because the DSA spec is paranoid.
   * Fortunately, it doesn't actually take very long.
   */

  {
    rabin r;
    int i;
    mp *g = MP_NEW;
    octet gbuf[SHA_HASHSZ];

    rabin_create(&r, q);
    for (i = 0; i < 18; i++) {
      rc4_encrypt(&rc4, 0, gbuf, sizeof(gbuf));
      g = mp_loadb(g, gbuf, sizeof(gbuf));
      if (rabin_test(&r, g) == PGEN_COMPOSITE)
	break;
      if (proc)
	proc(DSAEV_PASSQ, q, arg);
    }
    mp_drop(g);
    rabin_destroy(&r);
    if (i < 18) {
      if (proc)
	proc(DSAEV_FAILQ, q, arg);
      fail = DSAEV_FAILQ;
      goto fail_0;
    }
    if (proc)
      proc(DSAEV_GOODQ, q, arg);
  }

  /* --- Now generate @p@ --- *
   *
   * This is, unfortunately, rather more messy and complicated.
   */

  {
    mp *q2 = mp_lsl(MP_NEW, q, 1);
    mp *ll = mp_lsl(MP_NEW, MP_ONE, l * 8 - 1);
    unsigned n = l / SHA_HASHSZ, b = l % SHA_HASHSZ;
    size_t psz = SHA_HASHSZ * (n + 1);
    octet *pbuf = xmalloc(psz);
    sha_ctx c;
    unsigned i, j;

    /* --- Fiddle with the leftover bytes count --- */

    b = SHA_HASHSZ - b;

    /* --- Go round 4096 times trying different @p@ values --- */

    p = MP_NEW;
    for (j = 0; j < 4096; j++) {

      /* --- Build a prospective value of @p@ --- */

      {
	octet *pp = pbuf + SHA_HASHSZ * n;

	for (i = 0; i <= n; i++) {
	  MPX_UADDN(s->v, s->vl, 1);
	  mp_storeb(s, sbuf, sz);
	  sha_init(&c);
	  sha_hash(&c, sbuf, sz);
	  sha_done(&c, pp);
	  pp -= SHA_HASHSZ;
	}

	pbuf[b] &= 0x7f;
	p = mp_loadb(p, pbuf + b, psz - b);
	p = mp_add(p, p, ll);
      }

      /* --- Adjust @p@ so that %$p \bmod 2q = 1$% --- */

      {
	mp *c = MP_NEW;
	mp_div(0, &c, p, q2);
	c = mp_sub(c, c, MP_ONE);
	p = mp_sub(p, p, c);
	mp_drop(c);
      }

      /* --- Check that @p@ is large enough --- */

      if (MP_CMP(p, <, ll))
	continue;

      /* --- Run a simple primality test --- */

      {
	pgen pg;
	int rc = pgen_create(&pg, p);
	pgen_destroy(&pg);
	if (rc == PGEN_COMPOSITE)
	  continue;
      }

      /* --- Run the Rabin-Miller test --- */

      {
	rabin r;
	mp *g = MP_NEW;

	if (proc)
	  proc(DSAEV_TRYP, p, arg);
	rabin_create(&r, p);
	for (i = 0; i < 5; i++) {
	  rc4_encrypt(&rc4, 0, pbuf, psz - b);
	  g = mp_loadb(g, pbuf, psz - b);
	  if (rabin_test(&r, g) == PGEN_COMPOSITE)
	    break;
	  if (proc)
	    proc(DSAEV_PASSP, p, arg);
	}
	mp_drop(g);
	rabin_destroy(&r);
	if (i < 5) {
	  if (proc)
	    proc(DSAEV_FAILP, p, arg);
	  fail = DSAEV_FAILP;
	  continue;
	}
      }

      /* --- It worked! --- */

      if (proc)
	proc(DSAEV_GOODP, p, arg);
      break;
    }

    free(pbuf);
    mp_drop(q2);
    mp_drop(ll);
    if (j >= 4096)
      goto fail_1;
  }

  /* --- Choose a generator of an order-%$q$% subgroup of %$Z^*_p$% --- */

  {
    mp *pp = MP_NEW;
    mpw hw;
    mp h;
    unsigned i;
    mpmont mm;

    /* --- Calculate %$p' = (p - 1)/q$% --- */

    {
      mp *p1 = mp_sub(MP_NEW, p, MP_ONE);
      mp_div(&pp, 0, p1, q);
      mp_drop(p1);
    }

    /* --- Now find %$h$% where %$g = h^{p'} \bmod p \ne 1$% --- */

    mp_build(&h, &hw, &hw + 1);
    mpmont_create(&mm, p);
    for (i = 0; i < NPRIME; i++) {
      hw = ptab[i];
      if (proc)
	proc(DSAEV_TRYH, &h, arg);
      g = mpmont_exp(&mm, &h, pp);
      if (MP_CMP(g, !=, MP_ONE))
	break;
      if (proc)
	proc(DSAEV_FAILH, &h, arg);
      mp_drop(g);
    }
    mp_drop(pp);
    if (i >= NPRIME) {
      fail = DSAEV_FAILH;
      goto fail_1;
    }
  }
  if (proc)
    proc(DSAEV_GOODG, g, arg);

  /* --- Return the important information that I succeeded --- */

  dp->p = p;
  dp->q = q;
  dp->g = g;
  free(sbuf);
  return (0);

  /* --- Tidy up after failure --- */

fail_1:
  mp_drop(p);
fail_0:
  mp_drop(q);
  mp_drop(s);
  free(sbuf);
  return (-1);
}

/*----- Test rig ----------------------------------------------------------*/

#ifdef TEST_RIG

static char baton[] = "/-\\|";
static char *b = baton;

static void event(int ev, mp *m, void *p)
{
  if (ev == DSAEV_TRYP || ev == DSAEV_PASSP) {
    fputc(*b++, stdout);
    fputc('\b', stdout);
    fflush(stdout);
    if (!*b)
      b = baton;
  }
}

static int verify(dstr *v)
{
  mp *q = *(mp **)v[2].buf;
  mp *p = *(mp **)v[3].buf;
  mp *g = *(mp **)v[4].buf;
  dsa_param dp;
  unsigned l = *(unsigned *)v[1].buf;
  int ok = 1;
  int rc;

  rc = dsa_seed(&dp, l, v[0].buf, v[0].len, event, 0);
  if (rc || MP_CMP(q, !=, dp.q) ||
      MP_CMP(p, !=, dp.p) || MP_CMP(g, !=, dp.g)) {
    fputs("\n*** gen failed", stderr);
    fputs("\nseed = ", stderr); type_hex.dump(&v[0], stderr);
    fprintf(stderr, "\nl = %u", l);
    fputs("\n   q = ", stderr); mp_writefile(q, stderr, 16);
    fputs("\n   p = ", stderr); mp_writefile(q, stderr, 16);
    fputs("\n   g = ", stderr); mp_writefile(g, stderr, 16);
    if (!rc) {
      fputs("\ndp.q = ", stderr); mp_writefile(dp.q, stderr, 16);
      fputs("\ndp.p = ", stderr); mp_writefile(dp.p, stderr, 16);
      fputs("\ndp.g = ", stderr); mp_writefile(dp.g, stderr, 16);
    }
    fputc('\n', stderr);
    ok = 0;
  }

  mp_drop(q); mp_drop(p); mp_drop(g);
  if (!rc) {
    mp_drop(dp.q); mp_drop(dp.p); mp_drop(dp.g);
  }
  return (ok);
}

static test_chunk tests[] = {
  { "gen", verify,
    { &type_hex, &type_int, &type_mp, &type_mp, &type_mp, 0 }  },
  { 0, 0, { 0 } }
};

int main(int argc, char *argv[])
{
  sub_init();
  test_run(argc, argv, tests, SRCDIR "/tests/dsa");
  return (0);
}

#endif

/*----- That's all, folks -------------------------------------------------*/
Commit	Line	Data
8b810a45	1	/* --c--
	2	*
	3	* $Id: dsa-gen.c,v 1.1 1999/11/19 19:28:00 mdw Exp $
	4	*
	5	* Generate DSA shared parameters
	6	*
	7	* (c) 1999 Straylight/Edgeware
	8	*/
	9
	10	/----- Licensing notice --------------------------------------------------
	11	*
	12	* This file is part of Catacomb.
	13	*
	14	* Catacomb is free software; you can redistribute it and/or modify
	15	* it under the terms of the GNU Library General Public License as
	16	* published by the Free Software Foundation; either version 2 of the
	17	* License, or (at your option) any later version.
	18	*
	19	* Catacomb is distributed in the hope that it will be useful,
	20	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	21	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	* GNU Library General Public License for more details.
	23	*
	24	* You should have received a copy of the GNU Library General Public
	25	* License along with Catacomb; if not, write to the Free
	26	* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
	27	* MA 02111-1307, USA.
	28	*/
	29
	30	/----- Revision history --------------------------------------------------
	31	*
	32	* $Log: dsa-gen.c,v $
	33	* Revision 1.1 1999/11/19 19:28:00 mdw
	34	* Implementation of the Digital Signature Algorithm.
	35	*
	36	*/
	37
	38	/----- Header files ------------------------------------------------------/
	39
	40	#include <stdio.h>
	41	#include <stdlib.h>
	42
	43	#include "dsa.h"
	44	#include "mp.h"
	45	#include "pgen.h"
	46	#include "rabin.h"
	47	#include "rc4.h"
	48	#include "sha.h"
	49
	50	/----- Main code ---------------------------------------------------------/
	51
	52	/* --- @dsa_seed@ --- *
	53	*
	54	* Arguments: @dsa_param *dp@ = where to store parameters
	55	* @unsigned l@ = bitlength of @p@ in bits
	56	* @const void *k@ = pointer to key material
	57	* @void (proc)(int ev, mp m, void *p)@ = event procedure
	58	* @size_t sz@ = size of key material
	59	*
	60	* Returns: Zero if all went well, nonzero if key material was
	61	* unsuitable (one of the @DSAEV@ codes).
	62	*
	63	* Use: Generates the DSA shared parameters from a given seed value.
	64	* This can take quite a long time. The size of @p@ in bits is
65	* %$l = 512 + 64l'$%. The DSA standard, FIPS 186, only allows
66	* %$0 \le l' \le 8$%. This implementation has no such limit,
67	* although @l@ must be a multiple of 8.
68	*
69	* The event procedure is informed of various happenings during
70	* generation. It is passed an event code describing what
71	* happened, and a multiprecision number which pertains to the
72	* event code.
73	*/
74
75	int dsa_seed(dsa_param dp, unsigned l, const void k, size_t sz,
76	void (proc)(int /ev/, mp /m/, void /p/), void arg)
77	{
78	mp q, p, *g;
79	mp *s = mp_loadb(MP_NEW, k, sz);
80	octet *sbuf = xmalloc(sz);
81	rc4_ctx rc4;
82	int fail;
83
84	l /= 8;
85	rc4_init(&rc4, k, sz);
86
87	/* --- Generate @q@ --- */
88
89	{
90	octet xbuf[SHA_HASHSZ], ybuf[SHA_HASHSZ];
91	sha_ctx c;
92	int i;
93
94	sha_init(&c);
95	sha_hash(&c, k, sz);
96	sha_done(&c, xbuf);
97
98	MPX_UADDN(s->v, s->vl, 1);
99	mp_storeb(s, sbuf, sz);
100	sha_init(&c);
101	sha_hash(&c, sbuf, sz);
102	sha_done(&c, ybuf);
103
104	for (i = 0; i < sizeof(xbuf); i++)
105	xbuf[i] ^= ybuf[i];
106	xbuf[0] \|= 0x80;
107	xbuf[SHA_HASHSZ - 1] \|= 0x01;
108	q = mp_loadb(MP_NEW, xbuf, sizeof(xbuf));
109	}
110
111	/* --- Quick primality check --- */
112
113	{
114	pgen pg;
115	int rc = pgen_create(&pg, q);
116	pgen_destroy(&pg);
117	if (rc == PGEN_COMPOSITE) {
118	if (proc)
119	proc(DSAEV_FAILQ, q, arg);
120	fail = DSAEV_FAILQ;
121	goto fail_0;
122	}
123	}
124
125	/* --- Ensure that @q@ is prime --- *
126	*
127	* This requires 18 iterations, because the DSA spec is paranoid.
128	* Fortunately, it doesn't actually take very long.
129	*/
130
131	{
132	rabin r;
133	int i;
134	mp *g = MP_NEW;
135	octet gbuf[SHA_HASHSZ];
136
137	rabin_create(&r, q);
138	for (i = 0; i < 18; i++) {
139	rc4_encrypt(&rc4, 0, gbuf, sizeof(gbuf));
140	g = mp_loadb(g, gbuf, sizeof(gbuf));
141	if (rabin_test(&r, g) == PGEN_COMPOSITE)
142	break;
143	if (proc)
144	proc(DSAEV_PASSQ, q, arg);
145	}
146	mp_drop(g);
147	rabin_destroy(&r);
148	if (i < 18) {
149	if (proc)
150	proc(DSAEV_FAILQ, q, arg);
151	fail = DSAEV_FAILQ;
152	goto fail_0;
153	}
154	if (proc)
155	proc(DSAEV_GOODQ, q, arg);
156	}
157
158	/* --- Now generate @p@ --- *
159	*
160	* This is, unfortunately, rather more messy and complicated.
161	*/
162
163	{
164	mp *q2 = mp_lsl(MP_NEW, q, 1);
165	mp ll = mp_lsl(MP_NEW, MP_ONE, l 8 - 1);
166	unsigned n = l / SHA_HASHSZ, b = l % SHA_HASHSZ;
167	size_t psz = SHA_HASHSZ * (n + 1);
168	octet *pbuf = xmalloc(psz);
169	sha_ctx c;
170	unsigned i, j;
171
172	/* --- Fiddle with the leftover bytes count --- */
173
174	b = SHA_HASHSZ - b;
175
176	/* --- Go round 4096 times trying different @p@ values --- */
177
178	p = MP_NEW;
179	for (j = 0; j < 4096; j++) {
180
181	/* --- Build a prospective value of @p@ --- */
182
183	{
184	octet pp = pbuf + SHA_HASHSZ n;
185
186	for (i = 0; i <= n; i++) {
187	MPX_UADDN(s->v, s->vl, 1);
188	mp_storeb(s, sbuf, sz);
189	sha_init(&c);
190	sha_hash(&c, sbuf, sz);
191	sha_done(&c, pp);
192	pp -= SHA_HASHSZ;
193	}
194
195	pbuf[b] &= 0x7f;
196	p = mp_loadb(p, pbuf + b, psz - b);
197	p = mp_add(p, p, ll);
198	}
199
200	/* --- Adjust @p@ so that %$p \bmod 2q = 1$% --- */
201
202	{
203	mp *c = MP_NEW;
204	mp_div(0, &c, p, q2);
205	c = mp_sub(c, c, MP_ONE);
206	p = mp_sub(p, p, c);
207	mp_drop(c);
208	}
209
210	/* --- Check that @p@ is large enough --- */
211
212	if (MP_CMP(p, <, ll))
213	continue;
214
215	/* --- Run a simple primality test --- */
216
217	{
218	pgen pg;
219	int rc = pgen_create(&pg, p);
220	pgen_destroy(&pg);
221	if (rc == PGEN_COMPOSITE)
222	continue;
223	}
224
225	/* --- Run the Rabin-Miller test --- */
226
227	{
228	rabin r;
229	mp *g = MP_NEW;
230
231	if (proc)
232	proc(DSAEV_TRYP, p, arg);
233	rabin_create(&r, p);
234	for (i = 0; i < 5; i++) {
235	rc4_encrypt(&rc4, 0, pbuf, psz - b);
236	g = mp_loadb(g, pbuf, psz - b);
237	if (rabin_test(&r, g) == PGEN_COMPOSITE)
238	break;
239	if (proc)
240	proc(DSAEV_PASSP, p, arg);
241	}
242	mp_drop(g);
243	rabin_destroy(&r);
244	if (i < 5) {
245	if (proc)
246	proc(DSAEV_FAILP, p, arg);
247	fail = DSAEV_FAILP;
248	continue;
249	}
250	}
251
252	/* --- It worked! --- */
253
254	if (proc)
255	proc(DSAEV_GOODP, p, arg);
256	break;
257	}
258
259	free(pbuf);
260	mp_drop(q2);
261	mp_drop(ll);
262	if (j >= 4096)
263	goto fail_1;
264	}
265
266	/* --- Choose a generator of an order-%$q$% subgroup of %$Z^_p$% --- /
267
268	{
269	mp *pp = MP_NEW;
270	mpw hw;
271	mp h;
272	unsigned i;
273	mpmont mm;
274
275	/* --- Calculate %$p' = (p - 1)/q$% --- */
276
277	{
278	mp *p1 = mp_sub(MP_NEW, p, MP_ONE);
279	mp_div(&pp, 0, p1, q);
280	mp_drop(p1);
281	}
282
283	/* --- Now find %$h$% where %$g = h^{p'} \bmod p \ne 1$% --- */
284
285	mp_build(&h, &hw, &hw + 1);
286	mpmont_create(&mm, p);
287	for (i = 0; i < NPRIME; i++) {
288	hw = ptab[i];
289	if (proc)
290	proc(DSAEV_TRYH, &h, arg);
291	g = mpmont_exp(&mm, &h, pp);
292	if (MP_CMP(g, !=, MP_ONE))
293	break;
294	if (proc)
295	proc(DSAEV_FAILH, &h, arg);
296	mp_drop(g);
297	}
298	mp_drop(pp);
299	if (i >= NPRIME) {
300	fail = DSAEV_FAILH;
301	goto fail_1;
302	}
303	}
304	if (proc)
305	proc(DSAEV_GOODG, g, arg);
306
307	/* --- Return the important information that I succeeded --- */
308
309	dp->p = p;
310	dp->q = q;
311	dp->g = g;
312	free(sbuf);
313	return (0);
314
315	/* --- Tidy up after failure --- */
316
317	fail_1:
318	mp_drop(p);
319	fail_0:
320	mp_drop(q);
321	mp_drop(s);
322	free(sbuf);
323	return (-1);
324	}
325
326	/----- Test rig ----------------------------------------------------------/
327
328	#ifdef TEST_RIG
329
330	static char baton[] = "/-\\\|";
331	static char *b = baton;
332
333	static void event(int ev, mp m, void p)
334	{
335	if (ev == DSAEV_TRYP \|\| ev == DSAEV_PASSP) {
336	fputc(*b++, stdout);
337	fputc('\b', stdout);
338	fflush(stdout);
339	if (!*b)
340	b = baton;
341	}
342	}
343
344	static int verify(dstr *v)
345	{
346	mp q = (mp **)v[2].buf;
347	mp p = (mp **)v[3].buf;
348	mp g = (mp **)v[4].buf;
349	dsa_param dp;
350	unsigned l = (unsigned )v[1].buf;
351	int ok = 1;
352	int rc;
353
354	rc = dsa_seed(&dp, l, v[0].buf, v[0].len, event, 0);
355	if (rc \|\| MP_CMP(q, !=, dp.q) \|\|
356	MP_CMP(p, !=, dp.p) \|\| MP_CMP(g, !=, dp.g)) {
357	fputs("\n*** gen failed", stderr);
358	fputs("\nseed = ", stderr); type_hex.dump(&v[0], stderr);
359	fprintf(stderr, "\nl = %u", l);
360	fputs("\n q = ", stderr); mp_writefile(q, stderr, 16);
361	fputs("\n p = ", stderr); mp_writefile(q, stderr, 16);
362	fputs("\n g = ", stderr); mp_writefile(g, stderr, 16);
363	if (!rc) {
364	fputs("\ndp.q = ", stderr); mp_writefile(dp.q, stderr, 16);
365	fputs("\ndp.p = ", stderr); mp_writefile(dp.p, stderr, 16);
366	fputs("\ndp.g = ", stderr); mp_writefile(dp.g, stderr, 16);
367	}
368	fputc('\n', stderr);
369	ok = 0;
370	}
371
372	mp_drop(q); mp_drop(p); mp_drop(g);
373	if (!rc) {
374	mp_drop(dp.q); mp_drop(dp.p); mp_drop(dp.g);
375	}
376	return (ok);
377	}
378
379	static test_chunk tests[] = {
380	{ "gen", verify,
381	{ &type_hex, &type_int, &type_mp, &type_mp, &type_mp, 0 } },
382	{ 0, 0, { 0 } }
383	};
384
385	int main(int argc, char *argv[])
386	{
387	sub_init();
388	test_run(argc, argv, tests, SRCDIR "/tests/dsa");
389	return (0);
390	}
391
392	#endif
393
394	/----- That's all, folks -------------------------------------------------/