[secnet] / x25519-tests.in

### Tests for X25519.						-*-conf-*-
### Extracted from Catacomb.

###--------------------------------------------------------------------------
test x25519

## These are from Daniel J. Bernstein, `Cryptography in NaCl', 2009-03-10,
## https://cr.yp.to/highspeed/naclcrypto-20090310.pdf
## Make Alice's public key.
x 77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a
Y 0900000000000000000000000000000000000000000000000000000000000000
Z 8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a

## Make Bob's public key.
x 5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb
Y 0900000000000000000000000000000000000000000000000000000000000000
Z de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f

## Make the shared secret using Alice's private key.
x 77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a
Y de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f
Z 4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742

## Make the (same) shared secret using Bob's private key.
x 5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb
Y 8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a
Z 4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742

## These tests are from RFC7748.  I've clamped the public values because
## RFC7748 wants the top bits ignored.
x a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4
Y e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c
Z c3da55379de9c6908e94ea4df28d084f32eccf03491c71f754b4075577a28552

x 4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d
Y e5210f12786811d3f4b7959d0538ae2c31dbe7106fc03c3efc4cd549c715a413
Z 95cbde9476e8907d7aade45cb4b873f88b595a68799fa152e6f8f7647aac7957

###--------------------------------------------------------------------------
test x25519-mct

## These tests are from RFC7748.
x 0900000000000000000000000000000000000000000000000000000000000000
Y 0900000000000000000000000000000000000000000000000000000000000000
n 1
Z 422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079

x 422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079
Y 0900000000000000000000000000000000000000000000000000000000000000
n 9
Z 7b96f292a115e83e78560105869c00b0f4fb2cd10e385b8c64bf047b0c0e1113

x 7b96f292a115e83e78560105869c00b0f4fb2cd10e385b8c64bf047b0c0e1113
Y 15ede295d28b07a10484dab4c591580dea0a9181591f20c364c1b26387200466
n 90
Z b1a5a73158904c020866c13939dd7e1aa26852ee1d2609c92e5a8f1debe2150a

x b1a5a73158904c020866c13939dd7e1aa26852ee1d2609c92e5a8f1debe2150a
Y 4f5d42724afd7c6e46259e753d3f9e186b72c47f692881c0d069c481ddaf3362
n 900
Z 684cf59ba83309552800ef566f2f4d3c1c3887c49360e3875f2eb94d99532c51
Commit	Line	Data
8a7654a6 MW	1	### Tests for X25519. --conf--
	2	### Extracted from Catacomb.
	3
	4	###--------------------------------------------------------------------------
	5	test x25519
	6
	7	## These are from Daniel J. Bernstein, `Cryptography in NaCl', 2009-03-10,
	8	## https://cr.yp.to/highspeed/naclcrypto-20090310.pdf
	9	## Make Alice's public key.
	10	x 77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a
	11	Y 0900000000000000000000000000000000000000000000000000000000000000
	12	Z 8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a
	13
	14	## Make Bob's public key.
	15	x 5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb
	16	Y 0900000000000000000000000000000000000000000000000000000000000000
	17	Z de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f
	18
	19	## Make the shared secret using Alice's private key.
	20	x 77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a
	21	Y de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f
	22	Z 4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742
	23
	24	## Make the (same) shared secret using Bob's private key.
	25	x 5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb
	26	Y 8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a
	27	Z 4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742
	28
	29	## These tests are from RFC7748. I've clamped the public values because
	30	## RFC7748 wants the top bits ignored.
	31	x a546e36bf0527c9d3b16154b82465edd62144c0ac1fc5a18506a2244ba449ac4
	32	Y e6db6867583030db3594c1a424b15f7c726624ec26b3353b10a903a6d0ab1c4c
	33	Z c3da55379de9c6908e94ea4df28d084f32eccf03491c71f754b4075577a28552
	34
	35	x 4b66e9d4d1b4673c5ad22691957d6af5c11b6421e0ea01d42ca4169e7918ba0d
	36	Y e5210f12786811d3f4b7959d0538ae2c31dbe7106fc03c3efc4cd549c715a413
	37	Z 95cbde9476e8907d7aade45cb4b873f88b595a68799fa152e6f8f7647aac7957
	38
	39	###--------------------------------------------------------------------------
	40	test x25519-mct
	41
	42	## These tests are from RFC7748.
	43	x 0900000000000000000000000000000000000000000000000000000000000000
	44	Y 0900000000000000000000000000000000000000000000000000000000000000
	45	n 1
	46	Z 422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079
	47
a1a6042e	48	x 422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079
8a7654a6	49	Y 0900000000000000000000000000000000000000000000000000000000000000
a1a6042e MW	50	n 9
a1a6042e MW	51	Z 7b96f292a115e83e78560105869c00b0f4fb2cd10e385b8c64bf047b0c0e1113
8a7654a6	52
a1a6042e MW	53	x 7b96f292a115e83e78560105869c00b0f4fb2cd10e385b8c64bf047b0c0e1113
	54	Y 15ede295d28b07a10484dab4c591580dea0a9181591f20c364c1b26387200466
	55	n 90
	56	Z b1a5a73158904c020866c13939dd7e1aa26852ee1d2609c92e5a8f1debe2150a
	57
	58	x b1a5a73158904c020866c13939dd7e1aa26852ee1d2609c92e5a8f1debe2150a
	59	Y 4f5d42724afd7c6e46259e753d3f9e186b72c47f692881c0d069c481ddaf3362
	60	n 900
	61	Z 684cf59ba83309552800ef566f2f4d3c1c3887c49360e3875f2eb94d99532c51