status-im
/
secp256k1
mirror of https://github.com/status-im/secp256k1.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge bitcoin-core/secp256k1#1026: ecdh: Add test computing shared_secret=basepoint with random inputs 

3531a43b5b ecdh: Make generator_basepoint test depend on global iteration count (Tim Ruffing)
c881dd49bd ecdh: Add test computing shared_secret=basepoint with random inputs (Tim Ruffing)

Pull request description:

ACKs for top commit:
  jonasnick:
    ACK 3531a43b5b

Tree-SHA512: 5a2e47bad7ec5b3fd9033283fe00e54563b7b1655baf2b8ca39718deceddcc816bb8fcda0d07af6f1f8a785642da5dc69b7df52a1ddd445a3a98a5d5ecff6780
This commit is contained in:
Jonas Nick 2022-02-11 19:35:24 +00:00
parent 077528317d 3531a43b5b
commit 3ef94aa5ba
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
1 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/modules/ecdh/tests_impl.h
View File

@ -60,7 +60,7 @@ void test_ecdh_generator_basepoint(void) {
s_one[31] = 1;
/* Check against pubkey creation when the basepoint is the generator */
for (i = 0; i < 100; ++i) {
for (i = 0; i < 2 * count; ++i) {
secp256k1_sha256 sha;
unsigned char s_b32[32];
unsigned char output_ecdh[65];
@ -123,10 +123,43 @@ void test_bad_scalar(void) {
CHECK(secp256k1_ecdh(ctx, output, &point, s_overflow, ecdh_hash_function_test_fail, NULL) == 0);
}
/** Test that ECDH(sG, 1/s) == ECDH((1/s)G, s) == ECDH(G, 1) for a few random s. */
void test_result_basepoint(void) {
secp256k1_pubkey point;
secp256k1_scalar rand;
unsigned char s[32];
unsigned char s_inv[32];
unsigned char out[32];
unsigned char out_inv[32];
unsigned char out_base[32];
int i;
unsigned char s_one[32] = { 0 };
s_one[31] = 1;
CHECK(secp256k1_ec_pubkey_create(ctx, &point, s_one) == 1);
CHECK(secp256k1_ecdh(ctx, out_base, &point, s_one, NULL, NULL) == 1);
for (i = 0; i < 2 * count; i++) {
random_scalar_order(&rand);
secp256k1_scalar_get_b32(s, &rand);
secp256k1_scalar_inverse(&rand, &rand);
secp256k1_scalar_get_b32(s_inv, &rand);
CHECK(secp256k1_ec_pubkey_create(ctx, &point, s) == 1);
CHECK(secp256k1_ecdh(ctx, out, &point, s_inv, NULL, NULL) == 1);
CHECK(secp256k1_memcmp_var(out, out_base, 32) == 0);
CHECK(secp256k1_ec_pubkey_create(ctx, &point, s_inv) == 1);
CHECK(secp256k1_ecdh(ctx, out_inv, &point, s, NULL, NULL) == 1);
CHECK(secp256k1_memcmp_var(out_inv, out_base, 32) == 0);
}
}
void run_ecdh_tests(void) {
test_ecdh_api();
test_ecdh_generator_basepoint();
test_bad_scalar();
test_result_basepoint();
}
#endif /* SECP256K1_MODULE_ECDH_TESTS_H */