summaryrefslogtreecommitdiff
path: root/nacl/crypto_scalarmult/try.c
diff options
context:
space:
mode:
Diffstat (limited to 'nacl/crypto_scalarmult/try.c')
-rw-r--r--nacl/crypto_scalarmult/try.c126
1 files changed, 126 insertions, 0 deletions
diff --git a/nacl/crypto_scalarmult/try.c b/nacl/crypto_scalarmult/try.c
new file mode 100644
index 00000000..560ce493
--- /dev/null
+++ b/nacl/crypto_scalarmult/try.c
@@ -0,0 +1,126 @@
1/*
2 * crypto_scalarmult/try.c version 20090118
3 * D. J. Bernstein
4 * Public domain.
5 */
6
7#include <stdlib.h>
8#include "crypto_scalarmult.h"
9
10extern unsigned char *alignedcalloc(unsigned long long);
11
12const char *primitiveimplementation = crypto_scalarmult_IMPLEMENTATION;
13
14#define mlen crypto_scalarmult_SCALARBYTES
15#define nlen crypto_scalarmult_SCALARBYTES
16#define plen crypto_scalarmult_BYTES
17#define qlen crypto_scalarmult_BYTES
18#define rlen crypto_scalarmult_BYTES
19
20static unsigned char *m;
21static unsigned char *n;
22static unsigned char *p;
23static unsigned char *q;
24static unsigned char *r;
25
26static unsigned char *m2;
27static unsigned char *n2;
28static unsigned char *p2;
29static unsigned char *q2;
30static unsigned char *r2;
31
32void preallocate(void)
33{
34}
35
36void allocate(void)
37{
38 m = alignedcalloc(mlen);
39 n = alignedcalloc(nlen);
40 p = alignedcalloc(plen);
41 q = alignedcalloc(qlen);
42 r = alignedcalloc(rlen);
43 m2 = alignedcalloc(mlen + crypto_scalarmult_BYTES);
44 n2 = alignedcalloc(nlen + crypto_scalarmult_BYTES);
45 p2 = alignedcalloc(plen + crypto_scalarmult_BYTES);
46 q2 = alignedcalloc(qlen + crypto_scalarmult_BYTES);
47 r2 = alignedcalloc(rlen + crypto_scalarmult_BYTES);
48}
49
50void predoit(void)
51{
52}
53
54void doit(void)
55{
56 crypto_scalarmult(q,n,p);
57 crypto_scalarmult_base(r,n);
58}
59
60char checksum[crypto_scalarmult_BYTES * 2 + 1];
61
62const char *checksum_compute(void)
63{
64 long long i;
65 long long j;
66 long long tests;
67
68 for (i = 0;i < mlen;++i) m[i] = i;
69 for (i = 0;i < nlen;++i) n[i] = i + 1;
70 for (i = 0;i < plen;++i) p[i] = i + 2;
71 for (i = 0;i < qlen;++i) q[i] = i + 3;
72 for (i = 0;i < rlen;++i) r[i] = i + 4;
73
74 for (i = -16;i < 0;++i) p[i] = random();
75 for (i = -16;i < 0;++i) n[i] = random();
76 for (i = plen;i < plen + 16;++i) p[i] = random();
77 for (i = nlen;i < nlen + 16;++i) n[i] = random();
78 for (i = -16;i < plen + 16;++i) p2[i] = p[i];
79 for (i = -16;i < nlen + 16;++i) n2[i] = n[i];
80
81 if (crypto_scalarmult_base(p,n) != 0) return "crypto_scalarmult_base returns nonzero";
82
83 for (i = -16;i < nlen + 16;++i) if (n2[i] != n[i]) return "crypto_scalarmult_base overwrites input";
84 for (i = -16;i < 0;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes before output";
85 for (i = plen;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult_base writes after output";
86
87 for (tests = 0;tests < 100;++tests) {
88 for (i = -16;i < 0;++i) q[i] = random();
89 for (i = -16;i < 0;++i) p[i] = random();
90 for (i = -16;i < 0;++i) m[i] = random();
91 for (i = qlen;i < qlen + 16;++i) q[i] = random();
92 for (i = plen;i < plen + 16;++i) p[i] = random();
93 for (i = mlen;i < mlen + 16;++i) m[i] = random();
94 for (i = -16;i < qlen + 16;++i) q2[i] = q[i];
95 for (i = -16;i < plen + 16;++i) p2[i] = p[i];
96 for (i = -16;i < mlen + 16;++i) m2[i] = m[i];
97
98 if (crypto_scalarmult(q,m,p) != 0) return "crypto_scalarmult returns nonzero";
99
100 for (i = -16;i < mlen + 16;++i) if (m2[i] != m[i]) return "crypto_scalarmult overwrites n input";
101 for (i = -16;i < plen + 16;++i) if (p2[i] != p[i]) return "crypto_scalarmult overwrites p input";
102 for (i = -16;i < 0;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes before output";
103 for (i = qlen;i < qlen + 16;++i) if (q2[i] != q[i]) return "crypto_scalarmult writes after output";
104
105 if (crypto_scalarmult(m2,m2,p) != 0) return "crypto_scalarmult returns nonzero";
106 for (i = 0;i < qlen;++i) if (q[i] != m2[i]) return "crypto_scalarmult does not handle n overlap";
107 for (i = 0;i < qlen;++i) m2[i] = m[i];
108
109 if (crypto_scalarmult(p2,m2,p2) != 0) return "crypto_scalarmult returns nonzero";
110 for (i = 0;i < qlen;++i) if (q[i] != p2[i]) return "crypto_scalarmult does not handle p overlap";
111
112 if (crypto_scalarmult(r,n,q) != 0) return "crypto_scalarmult returns nonzero";
113 if (crypto_scalarmult(q,n,p) != 0) return "crypto_scalarmult returns nonzero";
114 if (crypto_scalarmult(p,m,q) != 0) return "crypto_scalarmult returns nonzero";
115 for (j = 0;j < plen;++j) if (p[j] != r[j]) return "crypto_scalarmult not associative";
116 for (j = 0;j < mlen;++j) m[j] ^= q[j % qlen];
117 for (j = 0;j < nlen;++j) n[j] ^= p[j % plen];
118 }
119
120 for (i = 0;i < crypto_scalarmult_BYTES;++i) {
121 checksum[2 * i] = "0123456789abcdef"[15 & (p[i] >> 4)];
122 checksum[2 * i + 1] = "0123456789abcdef"[15 & p[i]];
123 }
124 checksum[2 * i] = 0;
125 return 0;
126}