Additional sc25519 tests
This commit is contained in:
parent
89943bdd38
commit
2952a15bfe
@ -13,6 +13,26 @@ static const unsigned char max_canonical_p[32] = {
|
|||||||
0xe4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
0xe4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f
|
||||||
};
|
};
|
||||||
|
static const unsigned char L_p1[32] = {
|
||||||
|
0xee, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10
|
||||||
|
};
|
||||||
|
static const unsigned char L[32] = {
|
||||||
|
0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10
|
||||||
|
};
|
||||||
|
static const unsigned char L_1[32] = {
|
||||||
|
0xec, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10
|
||||||
|
};
|
||||||
|
static const unsigned char sc_8[32] = {
|
||||||
|
0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
|
||||||
|
};
|
||||||
|
static const unsigned char sc_highbit[32] = {
|
||||||
|
0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80
|
||||||
|
};
|
||||||
|
|
||||||
static void
|
static void
|
||||||
add_P(unsigned char * const S)
|
add_P(unsigned char * const S)
|
||||||
@ -378,6 +398,114 @@ main(void)
|
|||||||
crypto_core_ed25519_scalar_mul(sc3, sc, sc2);
|
crypto_core_ed25519_scalar_mul(sc3, sc, sc2);
|
||||||
assert(memcmp(sc3, sc, crypto_core_ed25519_SCALARBYTES) != 0);
|
assert(memcmp(sc3, sc, crypto_core_ed25519_SCALARBYTES) != 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_1, sc_8);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L-1)*8: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, sc_8, L_1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("8(L-1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_1, L_1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L-1)^2: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L, sc_8);
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_p1, sc_8);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L+1)*8: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, sc_8, L_p1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("8(L+1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_p1, L_p1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L+1)^2: %s\n", hex);
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_1, sc_highbit);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L-1)h: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, sc_highbit, L_1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("h(L-1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_p1, sc_highbit);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L+1)h: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, sc_highbit, L_p1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("h(L+1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, sc_highbit, sc_highbit);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("h^2: %s\n", hex);
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L, sc_8);
|
||||||
|
assert(sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES));
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, sc_8, L);
|
||||||
|
assert(sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES));
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L, L);
|
||||||
|
assert(sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES));
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L, L_1);
|
||||||
|
assert(sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES));
|
||||||
|
crypto_core_ed25519_scalar_mul(sc, L_1, L);
|
||||||
|
assert(sodium_is_zero(sc, crypto_core_ed25519_SCALARBYTES));
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L_1, sc_8);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L-1)+8: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, sc_8, L_1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("8+(L-1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L_1, L_1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L-1)*2: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L, sc_8);
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L_p1, sc_8);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L+1)+8: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, sc_8, L_p1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("8+(L+1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L_p1, L_p1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L+1)*2: %s\n", hex);
|
||||||
|
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L_1, sc_highbit);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L-1)+h: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, sc_highbit, L_1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("h+(L-1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, L_p1, sc_highbit);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("(L+1)+h: %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, sc_highbit, L_p1);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("h+(L+1): %s\n", hex);
|
||||||
|
crypto_core_ed25519_scalar_add(sc, sc_highbit, sc_highbit);
|
||||||
|
sodium_bin2hex(hex, crypto_core_ed25519_SCALARBYTES * 2 + 1,
|
||||||
|
sc, crypto_core_ed25519_SCALARBYTES);
|
||||||
|
printf("h*2: %s\n", hex);
|
||||||
|
|
||||||
sodium_free(hex);
|
sodium_free(hex);
|
||||||
sodium_free(sc64);
|
sodium_free(sc64);
|
||||||
sodium_free(sc3);
|
sodium_free(sc3);
|
||||||
|
@ -15,4 +15,26 @@ sub1: f67c79849de0253ba142949e1db6224b13121212121212121212121212121202
|
|||||||
add2: b02e8581ce62f69922427c23f970f7e951525252525252525252525252525202
|
add2: b02e8581ce62f69922427c23f970f7e951525252525252525252525252525202
|
||||||
sub2: 3da570db4b001cbeb35a7b7fe588e72aaeadadadadadadadadadadadadadad0d
|
sub2: 3da570db4b001cbeb35a7b7fe588e72aaeadadadadadadadadadadadadadad0d
|
||||||
mul: 4453ef38408c06677c1b810e4bf8b1991f01c88716fbfa2f075a518b77da400b
|
mul: 4453ef38408c06677c1b810e4bf8b1991f01c88716fbfa2f075a518b77da400b
|
||||||
|
(L-1)*8: e5d3f55c1a631258d69cf7a2def9de1400000000000000000000000000000010
|
||||||
|
8(L-1): e5d3f55c1a631258d69cf7a2def9de1400000000000000000000000000000010
|
||||||
|
(L-1)^2: 0100000000000000000000000000000000000000000000000000000000000000
|
||||||
|
(L+1)*8: 0800000000000000000000000000000000000000000000000000000000000000
|
||||||
|
8(L+1): 0800000000000000000000000000000000000000000000000000000000000000
|
||||||
|
(L+1)^2: 0100000000000000000000000000000000000000000000000000000000000000
|
||||||
|
(L-1)h: 609faee7d21893c0b2e6bc17f5cef7a600000000000000000000000000000000
|
||||||
|
h(L-1): 609faee7d21893c0b2e6bc17f5cef7a600000000000000000000000000000000
|
||||||
|
(L+1)h: 8d344775474a7f9723b63a8be92ae76dffffffffffffffffffffffffffffff0f
|
||||||
|
h(L+1): 8d344775474a7f9723b63a8be92ae76dffffffffffffffffffffffffffffff0f
|
||||||
|
h^2: 726cf51b9ec1dda146af8c58ffd22d148f6ffd85f41cbb738f260cdf4650e60c
|
||||||
|
(L-1)+8: 0700000000000000000000000000000000000000000000000000000000000000
|
||||||
|
8+(L-1): 0700000000000000000000000000000000000000000000000000000000000000
|
||||||
|
(L-1)*2: ebd3f55c1a631258d69cf7a2def9de1400000000000000000000000000000010
|
||||||
|
(L+1)+8: 0900000000000000000000000000000000000000000000000000000000000000
|
||||||
|
8+(L+1): 0900000000000000000000000000000000000000000000000000000000000000
|
||||||
|
(L+1)*2: 0200000000000000000000000000000000000000000000000000000000000000
|
||||||
|
(L-1)+h: 8c344775474a7f9723b63a8be92ae76dffffffffffffffffffffffffffffff0f
|
||||||
|
h+(L-1): 8c344775474a7f9723b63a8be92ae76dffffffffffffffffffffffffffffff0f
|
||||||
|
(L+1)+h: 8e344775474a7f9723b63a8be92ae76dffffffffffffffffffffffffffffff0f
|
||||||
|
h+(L+1): 8e344775474a7f9723b63a8be92ae76dffffffffffffffffffffffffffffff0f
|
||||||
|
h*2: 1000000000000000000000000000000000000000000000000000000000000000
|
||||||
OK
|
OK
|
||||||
|
Loading…
Reference in New Issue
Block a user