Raven Core  3.0.0
P2P Digital Currency
tests_impl.h
Go to the documentation of this file.
1 /**********************************************************************
2  * Copyright (c) 2015 Andrew Poelstra *
3  * Distributed under the MIT software license, see the accompanying *
4  * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
5  **********************************************************************/
6 
7 #ifndef SECP256K1_MODULE_ECDH_TESTS_H
8 #define SECP256K1_MODULE_ECDH_TESTS_H
9 
10 void test_ecdh_api(void) {
11  /* Setup context that just counts errors */
13  secp256k1_pubkey point;
14  unsigned char res[32];
15  unsigned char s_one[32] = { 0 };
16  int32_t ecount = 0;
17  s_one[31] = 1;
18 
19  secp256k1_context_set_error_callback(tctx, counting_illegal_callback_fn, &ecount);
20  secp256k1_context_set_illegal_callback(tctx, counting_illegal_callback_fn, &ecount);
21  CHECK(secp256k1_ec_pubkey_create(tctx, &point, s_one) == 1);
22 
23  /* Check all NULLs are detected */
24  CHECK(secp256k1_ecdh(tctx, res, &point, s_one) == 1);
25  CHECK(ecount == 0);
26  CHECK(secp256k1_ecdh(tctx, NULL, &point, s_one) == 0);
27  CHECK(ecount == 1);
28  CHECK(secp256k1_ecdh(tctx, res, NULL, s_one) == 0);
29  CHECK(ecount == 2);
30  CHECK(secp256k1_ecdh(tctx, res, &point, NULL) == 0);
31  CHECK(ecount == 3);
32  CHECK(secp256k1_ecdh(tctx, res, &point, s_one) == 1);
33  CHECK(ecount == 3);
34 
35  /* Cleanup */
37 }
38 
40  unsigned char s_one[32] = { 0 };
41  secp256k1_pubkey point[2];
42  int i;
43 
44  s_one[31] = 1;
45  /* Check against pubkey creation when the basepoint is the generator */
46  for (i = 0; i < 100; ++i) {
48  unsigned char s_b32[32];
49  unsigned char output_ecdh[32];
50  unsigned char output_ser[32];
51  unsigned char point_ser[33];
52  size_t point_ser_len = sizeof(point_ser);
54 
56  secp256k1_scalar_get_b32(s_b32, &s);
57 
58  /* compute using ECDH function */
59  CHECK(secp256k1_ec_pubkey_create(ctx, &point[0], s_one) == 1);
60  CHECK(secp256k1_ecdh(ctx, output_ecdh, &point[0], s_b32) == 1);
61  /* compute "explicitly" */
62  CHECK(secp256k1_ec_pubkey_create(ctx, &point[1], s_b32) == 1);
63  CHECK(secp256k1_ec_pubkey_serialize(ctx, point_ser, &point_ser_len, &point[1], SECP256K1_EC_COMPRESSED) == 1);
64  CHECK(point_ser_len == sizeof(point_ser));
65  secp256k1_sha256_initialize(&sha);
66  secp256k1_sha256_write(&sha, point_ser, point_ser_len);
67  secp256k1_sha256_finalize(&sha, output_ser);
68  /* compare */
69  CHECK(memcmp(output_ecdh, output_ser, sizeof(output_ser)) == 0);
70  }
71 }
72 
73 void test_bad_scalar(void) {
74  unsigned char s_zero[32] = { 0 };
75  unsigned char s_overflow[32] = {
76  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
77  0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
78  0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b,
79  0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41
80  };
81  unsigned char s_rand[32] = { 0 };
82  unsigned char output[32];
83  secp256k1_scalar rand;
84  secp256k1_pubkey point;
85 
86  /* Create random point */
87  random_scalar_order(&rand);
88  secp256k1_scalar_get_b32(s_rand, &rand);
89  CHECK(secp256k1_ec_pubkey_create(ctx, &point, s_rand) == 1);
90 
91  /* Try to multiply it by bad values */
92  CHECK(secp256k1_ecdh(ctx, output, &point, s_zero) == 0);
93  CHECK(secp256k1_ecdh(ctx, output, &point, s_overflow) == 0);
94  /* ...and a good one */
95  s_overflow[31] -= 1;
96  CHECK(secp256k1_ecdh(ctx, output, &point, s_overflow) == 1);
97 }
98 
99 void run_ecdh_tests(void) {
100  test_ecdh_api();
102  test_bad_scalar();
103 }
104 
105 #endif /* SECP256K1_MODULE_ECDH_TESTS_H */
SECP256K1_API void secp256k1_context_set_illegal_callback(secp256k1_context *ctx, void(*fun)(const char *message, void *data), const void *data) SECP256K1_ARG_NONNULL(1)
Set a callback function to be called when an illegal argument is passed to an API call...
Definition: secp256k1.c:101
void test_ecdh_api(void)
Definition: tests_impl.h:10
void random_scalar_order(secp256k1_scalar *num)
Definition: tests.c:124
SECP256K1_API int secp256k1_ec_pubkey_serialize(const secp256k1_context *ctx, unsigned char *output, size_t *outputlen, const secp256k1_pubkey *pubkey, unsigned int flags) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Serialize a pubkey object into a serialized byte sequence.
Definition: secp256k1.c:165
#define SECP256K1_CONTEXT_SIGN
Definition: secp256k1.h:155
SECP256K1_API void secp256k1_context_destroy(secp256k1_context *ctx)
Destroy a secp256k1 context object.
Definition: secp256k1.c:92
void run_ecdh_tests(void)
Definition: tests_impl.h:99
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_create(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compute the public key for a secret key.
Definition: secp256k1.c:404
#define SECP256K1_EC_COMPRESSED
Flag to pass to secp256k1_ec_pubkey_serialize and secp256k1_ec_privkey_export.
Definition: secp256k1.h:159
void test_ecdh_generator_basepoint(void)
Definition: tests_impl.h:39
#define CHECK(cond)
Definition: util.h:52
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
SECP256K1_API void secp256k1_context_set_error_callback(secp256k1_context *ctx, void(*fun)(const char *message, void *data), const void *data) SECP256K1_ARG_NONNULL(1)
Set a callback function to be called when an internal consistency check fails.
Definition: secp256k1.c:109
void test_bad_scalar(void)
Definition: tests_impl.h:73
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ecdh(const secp256k1_context *ctx, unsigned char *result, const secp256k1_pubkey *pubkey, const unsigned char *privkey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Compute an EC Diffie-Hellman secret in constant time Returns: 1: exponentiation was successful 0: sca...
Definition: main_impl.h:13
SECP256K1_API secp256k1_context * secp256k1_context_create(unsigned int flags) SECP256K1_WARN_UNUSED_RESULT
Create a secp256k1 context object.
Definition: secp256k1.c:58
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:53