| 1 | /* |
| 2 | * ed448-test.c: test harness for elliptic curve signatures |
| 3 | * |
| 4 | * (The implementations originally came with different test arrangements, |
| 5 | * with complicated external dependencies. This file replicates the original |
| 6 | * tests, but without the dependencies.) |
| 7 | */ |
| 8 | /* |
| 9 | * This file is Free Software. It was originally written for secnet. |
| 10 | * |
| 11 | * Copyright 2019 Mark Wooding |
| 12 | * |
| 13 | * You may redistribute secnet as a whole and/or modify it under the |
| 14 | * terms of the GNU General Public License as published by the Free |
| 15 | * Software Foundation; either version 3, or (at your option) any |
| 16 | * later version. |
| 17 | * |
| 18 | * You may redistribute this file and/or modify it under the terms of |
| 19 | * the GNU General Public License as published by the Free Software |
| 20 | * Foundation; either version 2, or (at your option) any later |
| 21 | * version. |
| 22 | * |
| 23 | * This software is distributed in the hope that it will be useful, |
| 24 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 25 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 26 | * GNU General Public License for more details. |
| 27 | * |
| 28 | * You should have received a copy of the GNU General Public License |
| 29 | * along with this software; if not, see |
| 30 | * https://www.gnu.org/licenses/gpl.html. |
| 31 | */ |
| 32 | |
| 33 | #include <stdio.h> |
| 34 | |
| 35 | #include "secnet.h" |
| 36 | |
| 37 | #include "sha3.h" |
| 38 | #include "ed448.h" |
| 39 | |
| 40 | #include "crypto-test.h" |
| 41 | |
| 42 | enum { |
| 43 | RSIGOUT, RAOUT = RSIGOUT, RRC = RSIGOUT, NROUT, |
| 44 | RA = NROUT, RPH, RCTX, RM, RSIGIN, NREG |
| 45 | }; |
| 46 | |
| 47 | static void test_pubkey(struct reg *out, const struct reg *in, void *ctx) |
| 48 | { |
| 49 | allocate_bytes(&out[RAOUT].v, ED448_PUBSZ); |
| 50 | ed448_pubkey(out[RAOUT].v.bytes.p, |
| 51 | in[RA].v.bytes.p, in[RA].v.bytes.sz); |
| 52 | } |
| 53 | |
| 54 | static void test_sign(struct reg *out, const struct reg *in, void *ctx) |
| 55 | { |
| 56 | octet K[ED448_PUBSZ]; |
| 57 | const octet *m = in[RM].v.bytes.p; size_t msz = in[RM].v.bytes.sz; |
| 58 | octet h[64]; |
| 59 | shake_ctx hctx; |
| 60 | |
| 61 | if (in[RPH].v.i) { |
| 62 | shake256_init(&hctx); |
| 63 | shake_hash(&hctx, m, msz); |
| 64 | shake_done(&hctx, h, sizeof(h)); |
| 65 | m = h; msz = sizeof(h); |
| 66 | } |
| 67 | |
| 68 | allocate_bytes(&out[RSIGOUT].v, ED448_SIGSZ); |
| 69 | ed448_pubkey(K, in[RA].v.bytes.p, in[RA].v.bytes.sz); |
| 70 | ed448_sign(out[RSIGOUT].v.bytes.p, |
| 71 | in[RA].v.bytes.p, in[RA].v.bytes.sz, K, |
| 72 | in[RPH].v.i, |
| 73 | in[RCTX].v.bytes.p, in[RCTX].v.bytes.sz, |
| 74 | m, msz); |
| 75 | } |
| 76 | |
| 77 | static void test_verify(struct reg *out, const struct reg *in, void *ctx) |
| 78 | { |
| 79 | const octet *m = in[RM].v.bytes.p; size_t msz = in[RM].v.bytes.sz; |
| 80 | octet h[64]; |
| 81 | shake_ctx hctx; |
| 82 | |
| 83 | if (in[RPH].v.i) { |
| 84 | shake256_init(&hctx); |
| 85 | shake_hash(&hctx, m, msz); |
| 86 | shake_done(&hctx, h, sizeof(h)); |
| 87 | m = h; msz = sizeof(h); |
| 88 | } |
| 89 | |
| 90 | out[RRC].v.i = ed448_verify(in[RA].v.bytes.p, |
| 91 | in[RPH].v.i, |
| 92 | in[RCTX].v.bytes.p, in[RCTX].v.bytes.sz, |
| 93 | m, msz, in[RSIGIN].v.bytes.p); |
| 94 | } |
| 95 | |
| 96 | #define REG_A { "a", RA, ®ty_bytes, 0 } |
| 97 | #define REG_BIGA { "A", RA, ®ty_bytes, 0 } |
| 98 | #define REG_PH { "ph", RPH, ®ty_int, 0 } |
| 99 | #define REG_CTX { "ctx", RCTX, ®ty_bytes, 0 } |
| 100 | #define REG_M { "m", RM, ®ty_bytes, 0 } |
| 101 | #define REG_SIGIN { "sig", RSIGIN, ®ty_bytes, 0 } |
| 102 | |
| 103 | #define REG_SIGOUT { "sig", RSIGOUT, ®ty_bytes, 0 } |
| 104 | #define REG_AOUT { "A", RAOUT, ®ty_bytes, 0 } |
| 105 | #define REG_RC { "rc", RRC, ®ty_int, 0 } |
| 106 | static const struct regdef |
| 107 | pubkey_regs[] = { REG_A, REG_AOUT, REGLIST_END }, |
| 108 | sign_regs[] = { REG_A, REG_PH, REG_CTX, |
| 109 | REG_M, REG_SIGOUT, REGLIST_END }, |
| 110 | verify_regs[] = { REG_BIGA, REG_PH, REG_CTX, |
| 111 | REG_M, REG_SIGIN, REG_RC, REGLIST_END }; |
| 112 | |
| 113 | static const struct test tests[] = { |
| 114 | { "pubkey", run_test, pubkey_regs, test_pubkey }, |
| 115 | { "sign", run_test, sign_regs, test_sign }, |
| 116 | { "verify", run_test, verify_regs, test_verify }, |
| 117 | { 0 } |
| 118 | }; |
| 119 | |
| 120 | int main(void) |
| 121 | { return run_test_suite(NROUT, NREG, sizeof(struct reg), tests, stdin); } |