iPXE
p384_test.c
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License as
6  * published by the Free Software Foundation; either version 2 of the
7  * License, or any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but
10  * WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  * General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17  * 02110-1301, USA.
18  *
19  * You can also choose to distribute this program under the terms of
20  * the Unmodified Binary Distribution Licence (as given in the file
21  * COPYING.UBDL), provided that you have satisfied its requirements.
22  */
23 
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25 
26 /** @file
27  *
28  * NIST P-384 elliptic curve self-tests
29  *
30  */
31 
32 /* Forcibly enable assertions */
33 #undef NDEBUG
34 
35 #include <ipxe/p384.h>
36 #include <ipxe/test.h>
37 #include "elliptic_test.h"
38 
39 /* http://point-at-infinity.org/ecc/nisttv k=1 */
40 ELLIPTIC_MULTIPLY_TEST ( poi_1, &p384_curve, BASE_GENERATOR,
41  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
42  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
43  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
44  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
45  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
46  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 ),
47  EXPECTED ( 0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37,
48  0x8e, 0xb1, 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74,
49  0x6e, 0x1d, 0x3b, 0x62, 0x8b, 0xa7, 0x9b, 0x98,
50  0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, 0x2a, 0x38,
51  0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c,
52  0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7,
53  0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f,
54  0x5d, 0x9e, 0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29,
55  0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
56  0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0,
57  0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d,
58  0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f ) );
59 
60 /* http://point-at-infinity.org/ecc/nisttv k=2 */
61 ELLIPTIC_MULTIPLY_TEST ( poi_2, &p384_curve, BASE_GENERATOR,
62  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
63  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
64  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
65  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
66  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
67  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 ),
68  EXPECTED ( 0x08, 0xd9, 0x99, 0x05, 0x7b, 0xa3, 0xd2, 0xd9,
69  0x69, 0x26, 0x00, 0x45, 0xc5, 0x5b, 0x97, 0xf0,
70  0x89, 0x02, 0x59, 0x59, 0xa6, 0xf4, 0x34, 0xd6,
71  0x51, 0xd2, 0x07, 0xd1, 0x9f, 0xb9, 0x6e, 0x9e,
72  0x4f, 0xe0, 0xe8, 0x6e, 0xbe, 0x0e, 0x64, 0xf8,
73  0x5b, 0x96, 0xa9, 0xc7, 0x52, 0x95, 0xdf, 0x61,
74  0x8e, 0x80, 0xf1, 0xfa, 0x5b, 0x1b, 0x3c, 0xed,
75  0xb7, 0xbf, 0xe8, 0xdf, 0xfd, 0x6d, 0xba, 0x74,
76  0xb2, 0x75, 0xd8, 0x75, 0xbc, 0x6c, 0xc4, 0x3e,
77  0x90, 0x4e, 0x50, 0x5f, 0x25, 0x6a, 0xb4, 0x25,
78  0x5f, 0xfd, 0x43, 0xe9, 0x4d, 0x39, 0xe2, 0x2d,
79  0x61, 0x50, 0x1e, 0x70, 0x0a, 0x94, 0x0e, 0x80 ) );
80 
81 /* http://point-at-infinity.org/ecc/nisttv k=2 (as base) to k=20 */
82 ELLIPTIC_MULTIPLY_TEST ( poi_2_20, &p384_curve,
83  BASE ( 0x08, 0xd9, 0x99, 0x05, 0x7b, 0xa3, 0xd2, 0xd9,
84  0x69, 0x26, 0x00, 0x45, 0xc5, 0x5b, 0x97, 0xf0,
85  0x89, 0x02, 0x59, 0x59, 0xa6, 0xf4, 0x34, 0xd6,
86  0x51, 0xd2, 0x07, 0xd1, 0x9f, 0xb9, 0x6e, 0x9e,
87  0x4f, 0xe0, 0xe8, 0x6e, 0xbe, 0x0e, 0x64, 0xf8,
88  0x5b, 0x96, 0xa9, 0xc7, 0x52, 0x95, 0xdf, 0x61,
89  0x8e, 0x80, 0xf1, 0xfa, 0x5b, 0x1b, 0x3c, 0xed,
90  0xb7, 0xbf, 0xe8, 0xdf, 0xfd, 0x6d, 0xba, 0x74,
91  0xb2, 0x75, 0xd8, 0x75, 0xbc, 0x6c, 0xc4, 0x3e,
92  0x90, 0x4e, 0x50, 0x5f, 0x25, 0x6a, 0xb4, 0x25,
93  0x5f, 0xfd, 0x43, 0xe9, 0x4d, 0x39, 0xe2, 0x2d,
94  0x61, 0x50, 0x1e, 0x70, 0x0a, 0x94, 0x0e, 0x80 ),
95  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
96  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
97  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
98  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
99  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
100  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0a ),
101  EXPECTED ( 0x60, 0x55, 0x08, 0xec, 0x02, 0xc5, 0x34, 0xbc,
102  0xee, 0xe9, 0x48, 0x4c, 0x86, 0x08, 0x6d, 0x21,
103  0x39, 0x84, 0x9e, 0x2b, 0x11, 0xc1, 0xa9, 0xca,
104  0x1e, 0x28, 0x08, 0xde, 0xc2, 0xea, 0xf1, 0x61,
105  0xac, 0x8a, 0x10, 0x5d, 0x70, 0xd4, 0xf8, 0x5c,
106  0x50, 0x59, 0x9b, 0xe5, 0x80, 0x0a, 0x62, 0x3f,
107  0x51, 0x58, 0xee, 0x87, 0x96, 0x2a, 0xc6, 0xb8,
108  0x1f, 0x00, 0xa1, 0x03, 0xb8, 0x54, 0x3a, 0x07,
109  0x38, 0x1b, 0x76, 0x39, 0xa3, 0xa6, 0x5f, 0x13,
110  0x53, 0xae, 0xf1, 0x1b, 0x73, 0x31, 0x06, 0xdd,
111  0xe9, 0x2e, 0x99, 0xb7, 0x8d, 0xe3, 0x67, 0xb4,
112  0x8e, 0x23, 0x8c, 0x38, 0xda, 0xd8, 0xee, 0xdd ) );
113 
114 /* http://point-at-infinity.org/ecc/nisttv k=112233445566778899 */
115 ELLIPTIC_MULTIPLY_TEST ( poi_mid, &p384_curve, BASE_GENERATOR,
116  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
117  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
118  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
119  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
120  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
121  0x01, 0x8e, 0xbb, 0xb9, 0x5e, 0xed, 0x0e, 0x13 ),
122  EXPECTED ( 0xa4, 0x99, 0xef, 0xe4, 0x88, 0x39, 0xbc, 0x3a,
123  0xbc, 0xd1, 0xc5, 0xce, 0xdb, 0xdd, 0x51, 0x90,
124  0x4f, 0x95, 0x14, 0xdb, 0x44, 0xf4, 0x68, 0x6d,
125  0xb9, 0x18, 0x98, 0x3b, 0x0c, 0x9d, 0xc3, 0xae,
126  0xe0, 0x5a, 0x88, 0xb7, 0x24, 0x33, 0xe9, 0x51,
127  0x5f, 0x91, 0xa3, 0x29, 0xf5, 0xf4, 0xfa, 0x60,
128  0x3b, 0x7c, 0xa2, 0x8e, 0xf3, 0x1f, 0x80, 0x9c,
129  0x2f, 0x1b, 0xa2, 0x4a, 0xae, 0xd8, 0x47, 0xd0,
130  0xf8, 0xb4, 0x06, 0xa4, 0xb8, 0x96, 0x85, 0x42,
131  0xde, 0x13, 0x9d, 0xb5, 0x82, 0x8c, 0xa4, 0x10,
132  0xe6, 0x15, 0xd1, 0x18, 0x2e, 0x25, 0xb9, 0x1b,
133  0x11, 0x31, 0xe2, 0x30, 0xb7, 0x27, 0xd3, 0x6a ) );
134 
135 /* http://point-at-infinity.org/ecc/nisttv k=<largest> */
136 ELLIPTIC_MULTIPLY_TEST ( poi_large, &p384_curve, BASE_GENERATOR,
137  SCALAR ( 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
138  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
139  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
140  0xc7, 0x63, 0x4d, 0x81, 0xf4, 0x37, 0x2d, 0xdf,
141  0x58, 0x1a, 0x0d, 0xb2, 0x48, 0xb0, 0xa7, 0x7a,
142  0xec, 0xec, 0x19, 0x6a, 0xcc, 0xc5, 0x29, 0x72 ),
143  EXPECTED ( 0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37,
144  0x8e, 0xb1, 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74,
145  0x6e, 0x1d, 0x3b, 0x62, 0x8b, 0xa7, 0x9b, 0x98,
146  0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, 0x2a, 0x38,
147  0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c,
148  0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7,
149  0xc9, 0xe8, 0x21, 0xb5, 0x69, 0xd9, 0xd3, 0x90,
150  0xa2, 0x61, 0x67, 0x40, 0x6d, 0x6d, 0x23, 0xd6,
151  0x07, 0x0b, 0xe2, 0x42, 0xd7, 0x65, 0xeb, 0x83,
152  0x16, 0x25, 0xce, 0xec, 0x4a, 0x0f, 0x47, 0x3e,
153  0xf5, 0x9f, 0x4e, 0x30, 0xe2, 0x81, 0x7e, 0x62,
154  0x85, 0xbc, 0xe2, 0x84, 0x6f, 0x15, 0xf1, 0xa0 ) );
155 
156 /* Point at infinity */
157 ELLIPTIC_MULTIPLY_TEST ( infinity, &p384_curve,
158  BASE ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
159  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
160  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
161  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
162  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
163  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
164  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
165  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
166  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
167  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
168  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
169  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ),
170  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
171  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
172  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
173  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
174  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
175  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 ),
176  EXPECTED ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
177  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
178  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
179  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
180  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
181  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
182  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
183  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
184  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
185  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
186  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
187  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ) );
188 
189 /* Invalid curve point (zero, base_y) */
190 ELLIPTIC_MULTIPLY_TEST ( invalid_zero, &p384_curve,
191  BASE ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
192  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
193  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
194  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
195  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
196  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
197  0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f,
198  0x5d, 0x9e, 0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29,
199  0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
200  0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0,
201  0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d,
202  0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5e ),
203  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
204  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
205  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
206  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
207  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
208  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 ),
209  EXPECTED_FAIL );
210 
211 /* Invalid curve point (base_x, base_y - 1) */
212 ELLIPTIC_MULTIPLY_TEST ( invalid_one, &p384_curve,
213  BASE ( 0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37,
214  0x8e, 0xb1, 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74,
215  0x6e, 0x1d, 0x3b, 0x62, 0x8b, 0xa7, 0x9b, 0x98,
216  0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, 0x2a, 0x38,
217  0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c,
218  0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7,
219  0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f,
220  0x5d, 0x9e, 0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29,
221  0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
222  0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0,
223  0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d,
224  0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5e ),
225  SCALAR ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
226  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
227  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
228  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
229  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
230  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 ),
231  EXPECTED_FAIL );
232 
233 /* http://point-at-infinity.org/ecc/nisttv k=2 + k=2 => k=4 */
234 ELLIPTIC_ADD_TEST ( poi_2_2_4, &p384_curve,
235  ADDEND ( 0x08, 0xd9, 0x99, 0x05, 0x7b, 0xa3, 0xd2, 0xd9,
236  0x69, 0x26, 0x00, 0x45, 0xc5, 0x5b, 0x97, 0xf0,
237  0x89, 0x02, 0x59, 0x59, 0xa6, 0xf4, 0x34, 0xd6,
238  0x51, 0xd2, 0x07, 0xd1, 0x9f, 0xb9, 0x6e, 0x9e,
239  0x4f, 0xe0, 0xe8, 0x6e, 0xbe, 0x0e, 0x64, 0xf8,
240  0x5b, 0x96, 0xa9, 0xc7, 0x52, 0x95, 0xdf, 0x61,
241  0x8e, 0x80, 0xf1, 0xfa, 0x5b, 0x1b, 0x3c, 0xed,
242  0xb7, 0xbf, 0xe8, 0xdf, 0xfd, 0x6d, 0xba, 0x74,
243  0xb2, 0x75, 0xd8, 0x75, 0xbc, 0x6c, 0xc4, 0x3e,
244  0x90, 0x4e, 0x50, 0x5f, 0x25, 0x6a, 0xb4, 0x25,
245  0x5f, 0xfd, 0x43, 0xe9, 0x4d, 0x39, 0xe2, 0x2d,
246  0x61, 0x50, 0x1e, 0x70, 0x0a, 0x94, 0x0e, 0x80 ),
247  AUGEND ( 0x08, 0xd9, 0x99, 0x05, 0x7b, 0xa3, 0xd2, 0xd9,
248  0x69, 0x26, 0x00, 0x45, 0xc5, 0x5b, 0x97, 0xf0,
249  0x89, 0x02, 0x59, 0x59, 0xa6, 0xf4, 0x34, 0xd6,
250  0x51, 0xd2, 0x07, 0xd1, 0x9f, 0xb9, 0x6e, 0x9e,
251  0x4f, 0xe0, 0xe8, 0x6e, 0xbe, 0x0e, 0x64, 0xf8,
252  0x5b, 0x96, 0xa9, 0xc7, 0x52, 0x95, 0xdf, 0x61,
253  0x8e, 0x80, 0xf1, 0xfa, 0x5b, 0x1b, 0x3c, 0xed,
254  0xb7, 0xbf, 0xe8, 0xdf, 0xfd, 0x6d, 0xba, 0x74,
255  0xb2, 0x75, 0xd8, 0x75, 0xbc, 0x6c, 0xc4, 0x3e,
256  0x90, 0x4e, 0x50, 0x5f, 0x25, 0x6a, 0xb4, 0x25,
257  0x5f, 0xfd, 0x43, 0xe9, 0x4d, 0x39, 0xe2, 0x2d,
258  0x61, 0x50, 0x1e, 0x70, 0x0a, 0x94, 0x0e, 0x80 ),
259  EXPECTED ( 0x13, 0x82, 0x51, 0xcd, 0x52, 0xac, 0x92, 0x98,
260  0xc1, 0xc8, 0xaa, 0xd9, 0x77, 0x32, 0x1d, 0xeb,
261  0x97, 0xe7, 0x09, 0xbd, 0x0b, 0x4c, 0xa0, 0xac,
262  0xa5, 0x5d, 0xc8, 0xad, 0x51, 0xdc, 0xfc, 0x9d,
263  0x15, 0x89, 0xa1, 0x59, 0x7e, 0x3a, 0x51, 0x20,
264  0xe1, 0xef, 0xd6, 0x31, 0xc6, 0x3e, 0x18, 0x35,
265  0xca, 0xca, 0xe2, 0x98, 0x69, 0xa6, 0x2e, 0x16,
266  0x31, 0xe8, 0xa2, 0x81, 0x81, 0xab, 0x56, 0x61,
267  0x6d, 0xc4, 0x5d, 0x91, 0x8a, 0xbc, 0x09, 0xf3,
268  0xab, 0x0e, 0x63, 0xcf, 0x79, 0x2a, 0xa4, 0xdc,
269  0xed, 0x73, 0x87, 0xbe, 0x37, 0xbb, 0xa5, 0x69,
270  0x54, 0x9f, 0x1c, 0x02, 0xb2, 0x70, 0xed, 0x67 ) );
271 
272 /* http://point-at-infinity.org/ecc/nisttv k=3 + k=5 => k=8 */
273 ELLIPTIC_ADD_TEST ( poi_3_5_8, &p384_curve,
274  ADDEND ( 0x07, 0x7a, 0x41, 0xd4, 0x60, 0x6f, 0xfa, 0x14,
275  0x64, 0x79, 0x3c, 0x7e, 0x5f, 0xdc, 0x7d, 0x98,
276  0xcb, 0x9d, 0x39, 0x10, 0x20, 0x2d, 0xcd, 0x06,
277  0xbe, 0xa4, 0xf2, 0x40, 0xd3, 0x56, 0x6d, 0xa6,
278  0xb4, 0x08, 0xbb, 0xae, 0x50, 0x26, 0x58, 0x0d,
279  0x02, 0xd7, 0xe5, 0xc7, 0x05, 0x00, 0xc8, 0x31,
280  0xc9, 0x95, 0xf7, 0xca, 0x0b, 0x0c, 0x42, 0x83,
281  0x7d, 0x0b, 0xbe, 0x96, 0x02, 0xa9, 0xfc, 0x99,
282  0x85, 0x20, 0xb4, 0x1c, 0x85, 0x11, 0x5a, 0xa5,
283  0xf7, 0x68, 0x4c, 0x0e, 0xdc, 0x11, 0x1e, 0xac,
284  0xc2, 0x4a, 0xbd, 0x6b, 0xe4, 0xb5, 0xd2, 0x98,
285  0xb6, 0x5f, 0x28, 0x60, 0x0a, 0x2f, 0x1d, 0xf1 ),
286  AUGEND ( 0x11, 0xde, 0x24, 0xa2, 0xc2, 0x51, 0xc7, 0x77,
287  0x57, 0x3c, 0xac, 0x5e, 0xa0, 0x25, 0xe4, 0x67,
288  0xf2, 0x08, 0xe5, 0x1d, 0xbf, 0xf9, 0x8f, 0xc5,
289  0x4f, 0x66, 0x61, 0xcb, 0xe5, 0x65, 0x83, 0xb0,
290  0x37, 0x88, 0x2f, 0x4a, 0x1c, 0xa2, 0x97, 0xe6,
291  0x0a, 0xbc, 0xdb, 0xc3, 0x83, 0x6d, 0x84, 0xbc,
292  0x8f, 0xa6, 0x96, 0xc7, 0x74, 0x40, 0xf9, 0x2d,
293  0x0f, 0x58, 0x37, 0xe9, 0x0a, 0x00, 0xe7, 0xc5,
294  0x28, 0x4b, 0x44, 0x77, 0x54, 0xd5, 0xde, 0xe8,
295  0x8c, 0x98, 0x65, 0x33, 0xb6, 0x90, 0x1a, 0xeb,
296  0x31, 0x77, 0x68, 0x6d, 0x0a, 0xe8, 0xfb, 0x33,
297  0x18, 0x44, 0x14, 0xab, 0xe6, 0xc1, 0x71, 0x3a ),
298  EXPECTED ( 0x16, 0x92, 0x77, 0x8e, 0xa5, 0x96, 0xe0, 0xbe,
299  0x75, 0x11, 0x42, 0x97, 0xa6, 0xfa, 0x38, 0x34,
300  0x45, 0xbf, 0x22, 0x7f, 0xbe, 0x58, 0x19, 0x0a,
301  0x90, 0x0c, 0x3c, 0x73, 0x25, 0x6f, 0x11, 0xfb,
302  0x5a, 0x32, 0x58, 0xd6, 0xf4, 0x03, 0xd5, 0xec,
303  0xe6, 0xe9, 0xb2, 0x69, 0xd8, 0x22, 0xc8, 0x7d,
304  0xdc, 0xd2, 0x36, 0x57, 0x00, 0xd4, 0x10, 0x6a,
305  0x83, 0x53, 0x88, 0xba, 0x3d, 0xb8, 0xfd, 0x0e,
306  0x22, 0x55, 0x4a, 0xdc, 0x6d, 0x52, 0x1c, 0xd4,
307  0xbd, 0x1c, 0x30, 0xc2, 0xec, 0x0e, 0xec, 0x19,
308  0x6b, 0xad, 0xe1, 0xe9, 0xcd, 0xd1, 0x70, 0x8d,
309  0x6f, 0x6a, 0xbf, 0xa4, 0x02, 0x2b, 0x0a, 0xd2 ) );
310 
311 /* http://point-at-infinity.org/ecc/nisttv k=1 + k=n-1 => infinity */
312 ELLIPTIC_ADD_TEST ( poi_1_n_1, &p384_curve,
313  ADDEND ( 0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37,
314  0x8e, 0xb1, 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74,
315  0x6e, 0x1d, 0x3b, 0x62, 0x8b, 0xa7, 0x9b, 0x98,
316  0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, 0x2a, 0x38,
317  0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c,
318  0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7,
319  0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f,
320  0x5d, 0x9e, 0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29,
321  0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
322  0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0,
323  0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d,
324  0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f ),
325  AUGEND ( 0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37,
326  0x8e, 0xb1, 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74,
327  0x6e, 0x1d, 0x3b, 0x62, 0x8b, 0xa7, 0x9b, 0x98,
328  0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, 0x2a, 0x38,
329  0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c,
330  0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7,
331  0xc9, 0xe8, 0x21, 0xb5, 0x69, 0xd9, 0xd3, 0x90,
332  0xa2, 0x61, 0x67, 0x40, 0x6d, 0x6d, 0x23, 0xd6,
333  0x07, 0x0b, 0xe2, 0x42, 0xd7, 0x65, 0xeb, 0x83,
334  0x16, 0x25, 0xce, 0xec, 0x4a, 0x0f, 0x47, 0x3e,
335  0xf5, 0x9f, 0x4e, 0x30, 0xe2, 0x81, 0x7e, 0x62,
336  0x85, 0xbc, 0xe2, 0x84, 0x6f, 0x15, 0xf1, 0xa0 ),
337  EXPECTED ( 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
338  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
339  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
340  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
341  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
342  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
343  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
344  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
345  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
346  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
347  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
348  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 ) );
349 
350 /**
351  * Perform P-384 self-test
352  *
353  */
354 static void p384_test_exec ( void ) {
355 
356  /* Curve sanity test */
357  elliptic_curve_ok ( &p384_curve );
358 
359  /* Multiplication tests from http://point-at-infinity.org/ecc/nisttv */
360  elliptic_multiply_ok ( &poi_1 );
361  elliptic_multiply_ok ( &poi_2 );
362  elliptic_multiply_ok ( &poi_2_20 );
363  elliptic_multiply_ok ( &poi_mid );
364  elliptic_multiply_ok ( &poi_large );
365 
366  /* Point at infinity */
367  elliptic_multiply_ok ( &infinity );
368 
369  /* Invalid point tests */
370  elliptic_multiply_ok ( &invalid_zero );
371  elliptic_multiply_ok ( &invalid_one );
372 
373  /* Addition tests from http://point-at-infinity.org/ecc/nisttv */
374  elliptic_add_ok ( &poi_2_2_4 );
375  elliptic_add_ok ( &poi_3_5_8 );
376  elliptic_add_ok ( &poi_1_n_1 );
377 }
378 
379 /** P-384 self-test */
380 struct self_test p384_test __self_test = {
381  .name = "p384",
382  .exec = p384_test_exec,
383 };
p384.h
NIST P-384 elliptic curve.
ELLIPTIC_ADD_TEST
ELLIPTIC_ADD_TEST(poi_2_2_4, &p384_curve, ADDEND(0x08, 0xd9, 0x99, 0x05, 0x7b, 0xa3, 0xd2, 0xd9, 0x69, 0x26, 0x00, 0x45, 0xc5, 0x5b, 0x97, 0xf0, 0x89, 0x02, 0x59, 0x59, 0xa6, 0xf4, 0x34, 0xd6, 0x51, 0xd2, 0x07, 0xd1, 0x9f, 0xb9, 0x6e, 0x9e, 0x4f, 0xe0, 0xe8, 0x6e, 0xbe, 0x0e, 0x64, 0xf8, 0x5b, 0x96, 0xa9, 0xc7, 0x52, 0x95, 0xdf, 0x61, 0x8e, 0x80, 0xf1, 0xfa, 0x5b, 0x1b, 0x3c, 0xed, 0xb7, 0xbf, 0xe8, 0xdf, 0xfd, 0x6d, 0xba, 0x74, 0xb2, 0x75, 0xd8, 0x75, 0xbc, 0x6c, 0xc4, 0x3e, 0x90, 0x4e, 0x50, 0x5f, 0x25, 0x6a, 0xb4, 0x25, 0x5f, 0xfd, 0x43, 0xe9, 0x4d, 0x39, 0xe2, 0x2d, 0x61, 0x50, 0x1e, 0x70, 0x0a, 0x94, 0x0e, 0x80), AUGEND(0x08, 0xd9, 0x99, 0x05, 0x7b, 0xa3, 0xd2, 0xd9, 0x69, 0x26, 0x00, 0x45, 0xc5, 0x5b, 0x97, 0xf0, 0x89, 0x02, 0x59, 0x59, 0xa6, 0xf4, 0x34, 0xd6, 0x51, 0xd2, 0x07, 0xd1, 0x9f, 0xb9, 0x6e, 0x9e, 0x4f, 0xe0, 0xe8, 0x6e, 0xbe, 0x0e, 0x64, 0xf8, 0x5b, 0x96, 0xa9, 0xc7, 0x52, 0x95, 0xdf, 0x61, 0x8e, 0x80, 0xf1, 0xfa, 0x5b, 0x1b, 0x3c, 0xed, 0xb7, 0xbf, 0xe8, 0xdf, 0xfd, 0x6d, 0xba, 0x74, 0xb2, 0x75, 0xd8, 0x75, 0xbc, 0x6c, 0xc4, 0x3e, 0x90, 0x4e, 0x50, 0x5f, 0x25, 0x6a, 0xb4, 0x25, 0x5f, 0xfd, 0x43, 0xe9, 0x4d, 0x39, 0xe2, 0x2d, 0x61, 0x50, 0x1e, 0x70, 0x0a, 0x94, 0x0e, 0x80), EXPECTED(0x13, 0x82, 0x51, 0xcd, 0x52, 0xac, 0x92, 0x98, 0xc1, 0xc8, 0xaa, 0xd9, 0x77, 0x32, 0x1d, 0xeb, 0x97, 0xe7, 0x09, 0xbd, 0x0b, 0x4c, 0xa0, 0xac, 0xa5, 0x5d, 0xc8, 0xad, 0x51, 0xdc, 0xfc, 0x9d, 0x15, 0x89, 0xa1, 0x59, 0x7e, 0x3a, 0x51, 0x20, 0xe1, 0xef, 0xd6, 0x31, 0xc6, 0x3e, 0x18, 0x35, 0xca, 0xca, 0xe2, 0x98, 0x69, 0xa6, 0x2e, 0x16, 0x31, 0xe8, 0xa2, 0x81, 0x81, 0xab, 0x56, 0x61, 0x6d, 0xc4, 0x5d, 0x91, 0x8a, 0xbc, 0x09, 0xf3, 0xab, 0x0e, 0x63, 0xcf, 0x79, 0x2a, 0xa4, 0xdc, 0xed, 0x73, 0x87, 0xbe, 0x37, 0xbb, 0xa5, 0x69, 0x54, 0x9f, 0x1c, 0x02, 0xb2, 0x70, 0xed, 0x67))
elliptic_curve_ok
#define elliptic_curve_ok(curve)
Report an elliptic curve sanity test result.
Definition: elliptic_test.h:127
p384_curve
struct elliptic_curve p384_curve
test.h
Self-test infrastructure.
self_test::name
const char * name
Test set name.
Definition: test.h:17
self_test
A self-test set.
Definition: test.h:15
FILE_LICENCE
FILE_LICENCE(GPL2_OR_LATER_OR_UBDL)
elliptic_add_ok
#define elliptic_add_ok(test)
Report an elliptic curve point addition test result.
Definition: elliptic_test.h:143
ELLIPTIC_MULTIPLY_TEST
ELLIPTIC_MULTIPLY_TEST(poi_1, &p384_curve, BASE_GENERATOR, SCALAR(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01), EXPECTED(0xaa, 0x87, 0xca, 0x22, 0xbe, 0x8b, 0x05, 0x37, 0x8e, 0xb1, 0xc7, 0x1e, 0xf3, 0x20, 0xad, 0x74, 0x6e, 0x1d, 0x3b, 0x62, 0x8b, 0xa7, 0x9b, 0x98, 0x59, 0xf7, 0x41, 0xe0, 0x82, 0x54, 0x2a, 0x38, 0x55, 0x02, 0xf2, 0x5d, 0xbf, 0x55, 0x29, 0x6c, 0x3a, 0x54, 0x5e, 0x38, 0x72, 0x76, 0x0a, 0xb7, 0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c, 0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f))
ADDEND
#define ADDEND(...)
Define inline addend point.
Definition: elliptic_test.h:56
BASE_GENERATOR
#define BASE_GENERATOR
Define base point to be curve's generator.
Definition: elliptic_test.h:50
SCALAR
#define SCALAR(...)
Define inline scalar multiple.
Definition: elliptic_test.h:53
__self_test
struct self_test p384_test __self_test
P-384 self-test.
Definition: p384_test.c:380
AUGEND
#define AUGEND(...)
Define inline augend point.
Definition: elliptic_test.h:59
EXPECTED_FAIL
#define EXPECTED_FAIL
Define result as an expected failure.
Definition: elliptic_test.h:65
EXPECTED
#define EXPECTED(...)
Define inline expected result point.
Definition: elliptic_test.h:62
elliptic_test.h
BASE
#define BASE
Definition: 3c595.h:69
p384_test_exec
static void p384_test_exec(void)
Perform P-384 self-test.
Definition: p384_test.c:354
elliptic_multiply_ok
#define elliptic_multiply_ok(test)
Report an elliptic curve point multiplication test result.
Definition: elliptic_test.h:135
Generated by   doxygen 1.8.15