1 files changed, 219 insertions, 0 deletions
diff --git a/src/lib/util/test_crypto_ecc_dlog.c b/src/lib/util/test_crypto_ecc_dlog.c
new file mode 100644
index 000000000..c3382a4fa
--- /dev/null
+++ b/src/lib/util/test_crypto_ecc_dlog.c
@@ -0,0 +1,219 @@
+/*
+     This file is part of GNUnet.
+     Copyright (C) 2015 GNUnet e.V.
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU Affero General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     Affero General Public License for more details.
+     You should have received a copy of the GNU Affero General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+     SPDX-License-Identifier: AGPL3.0-or-later
+ */
+/**
+ * @file util/test_crypto_ecc_dlog.c
+ * @brief testcase for ECC DLOG calculation
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "gnunet_util_lib.h"
+#include <gcrypt.h>
+/**
+ * Name of the curve we are using.  Note that we have hard-coded
+ * structs that use 256 bits, so using a bigger curve will require
+ * changes that break stuff badly.  The name of the curve given here
+ * must be agreed by all peers and be supported by libgcrypt.
+ */
+#define CURVE "Ed25519"
+/**
+ * Maximum value we test dlog for.
+ */
+#define MAX_FACT 100
+/**
+ * Maximum memory to use, sqrt(MAX_FACT) is a good choice.
+ */
+#define MAX_MEM 10
+/**
+ * How many values do we test?
+ */
+#define TEST_ITER 100
+/**
+ * Range of values to use for MATH tests.
+ */
+#define MATH_MAX 5
+/**
+ * Do some DLOG operations for testing.
+ *
+ * @param edc context for ECC operations
+ */
+static void
+test_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc)
+{
+  for (unsigned int i = 0; i < TEST_ITER; i++)
+  {
+    struct GNUNET_CRYPTO_EccScalar fact;
+    struct GNUNET_CRYPTO_EccScalar n;
+    struct GNUNET_CRYPTO_EccPoint q;
+    int x;
+    fprintf (stderr, ".");
+    x = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
+                                  MAX_FACT);
+    memset (&n,
+            0,
+            sizeof (n));
+    for (unsigned int j = 0; j < x; j++)
+      sodium_increment (n.v,
+                        sizeof (n.v));
+    if (0 == GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
+                                       2))
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                  "Trying negative %d\n",
+                  -x);
+      crypto_core_ed25519_scalar_negate (fact.v,
+                                         n.v);
+      x = -x;
+    }
+    else
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                  "Trying positive %d\n",
+                  x);
+      fact = n;
+    }
+    if (0 == x)
+    {
+      /* libsodium does not like to multiply with zero; make sure
+         'q' is a valid point (g) first, then use q = q - q to get
+         the product with zero */
+      sodium_increment (fact.v,
+                        sizeof (fact.v));
+      GNUNET_assert (0 ==
+                     crypto_scalarmult_ed25519_base_noclamp (q.v,
+                                                             fact.v));
+      GNUNET_assert (
+        0 ==
+        crypto_core_ed25519_sub (q.v,
+                                 q.v,
+                                 q.v));
+    }
+    else
+      GNUNET_assert (0 ==
+                     crypto_scalarmult_ed25519_base_noclamp (q.v,
+                                                             fact.v));
+    {
+      int iret;
+      if (x !=
+          (iret = GNUNET_CRYPTO_ecc_dlog (edc,
+                                          &q)))
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "DLOG failed for value %d (got: %d)\n",
+                    x,
+                    iret);
+        GNUNET_assert (0);
+      }
+    }
+  }
+  fprintf (stderr,
+           "\n");
+}
+/**
+ * Do some arithmetic operations for testing.
+ *
+ * @param edc context for ECC operations
+ */
+static void
+test_math (struct GNUNET_CRYPTO_EccDlogContext *edc)
+{
+  int i;
+  int j;
+  struct GNUNET_CRYPTO_EccPoint ip;
+  struct GNUNET_CRYPTO_EccPoint jp;
+  struct GNUNET_CRYPTO_EccPoint r;
+  struct GNUNET_CRYPTO_EccPoint ir;
+  struct GNUNET_CRYPTO_EccPoint irj;
+  struct GNUNET_CRYPTO_EccPoint r_inv;
+  struct GNUNET_CRYPTO_EccPoint sum;
+  for (i = -MATH_MAX; i < MATH_MAX; i++)
+  {
+    GNUNET_CRYPTO_ecc_dexp (i, &ip);
+    for (j = -MATH_MAX; j < MATH_MAX; j++)
+    {
+      fprintf (stderr, ".");
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "%d + %d\n",
+                  i,
+                  j);
+      GNUNET_CRYPTO_ecc_dexp (j, &jp);
+      GNUNET_CRYPTO_ecc_rnd (&r,
+                             &r_inv);
+      GNUNET_CRYPTO_ecc_add (&ip, &r, &ir);
+      GNUNET_CRYPTO_ecc_add (&ir, &jp, &irj);
+      GNUNET_CRYPTO_ecc_add (&irj, &r_inv, &sum);
+      int res = GNUNET_CRYPTO_ecc_dlog (edc, &sum);
+      if (i + j != res)
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                    "Got %d, expected %d\n",
+                    res,
+                    i + j);
+        // GNUNET_assert (0);
+      }
+    }
+  }
+  fprintf (stderr, "\n");
+}
+int
+main (int argc, char *argv[])
+{
+  struct GNUNET_CRYPTO_EccDlogContext *edc;
+  if (! gcry_check_version ("1.6.0"))
+  {
+    fprintf (stderr,
+             _
+             (
+               "libgcrypt has not the expected version (version %s is required).\n"),
+             "1.6.0");
+    return 0;
+  }
+  if (getenv ("GNUNET_GCRYPT_DEBUG"))
+    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
+  GNUNET_log_setup ("test-crypto-ecc-dlog",
+                    "WARNING",
+                    NULL);
+  edc = GNUNET_CRYPTO_ecc_dlog_prepare (MAX_FACT,
+                                        MAX_MEM);
+  test_dlog (edc);
+  test_math (edc);
+  GNUNET_CRYPTO_ecc_dlog_release (edc);
+  return 0;
+}
+/* end of test_crypto_ecc_dlog.c */

diff --git a/src/lib/util/test_crypto_ecc_dlog.c b/src/lib/util/test_crypto_ecc_dlog.c new file mode 100644 index 000000000..c3382a4fa --- /dev/null +++ b/src/lib/util/test_crypto_ecc_dlog.c
@@ -0,0 +1,219 @@
	1	/*
	2	This file is part of GNUnet.
	3	Copyright (C) 2015 GNUnet e.V.
	4
	5	GNUnet is free software: you can redistribute it and/or modify it
	6	under the terms of the GNU Affero General Public License as published
	7	by the Free Software Foundation, either version 3 of the License,
	8	or (at your option) any later version.
	9
	10	GNUnet is distributed in the hope that it will be useful, but
	11	WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	Affero General Public License for more details.
	14
	15	You should have received a copy of the GNU Affero General Public License
	16	along with this program. If not, see <http://www.gnu.org/licenses/>.
	17
	18	SPDX-License-Identifier: AGPL3.0-or-later
	19
	20	*/
	21	/**
	22	* @file util/test_crypto_ecc_dlog.c
	23	* @brief testcase for ECC DLOG calculation
	24	* @author Christian Grothoff
	25	*/
	26
	27	#include "platform.h"
	28	#include "gnunet_util_lib.h"
	29	#include <gcrypt.h>
	30
	31
	32	/**
	33	* Name of the curve we are using. Note that we have hard-coded
	34	* structs that use 256 bits, so using a bigger curve will require
	35	* changes that break stuff badly. The name of the curve given here
	36	* must be agreed by all peers and be supported by libgcrypt.
	37	*/
	38	#define CURVE "Ed25519"
	39
	40	/**
	41	* Maximum value we test dlog for.
	42	*/
	43	#define MAX_FACT 100
	44
	45	/**
	46	* Maximum memory to use, sqrt(MAX_FACT) is a good choice.
	47	*/
	48	#define MAX_MEM 10
	49
	50	/**
	51	* How many values do we test?
	52	*/
	53	#define TEST_ITER 100
	54
	55	/**
	56	* Range of values to use for MATH tests.
	57	*/
	58	#define MATH_MAX 5
	59
	60
	61	/**
	62	* Do some DLOG operations for testing.
	63	*
	64	* @param edc context for ECC operations
	65	*/
	66	static void
	67	test_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc)
	68	{
	69	for (unsigned int i = 0; i < TEST_ITER; i++)
	70	{
	71	struct GNUNET_CRYPTO_EccScalar fact;
	72	struct GNUNET_CRYPTO_EccScalar n;
	73	struct GNUNET_CRYPTO_EccPoint q;
	74	int x;
	75
	76	fprintf (stderr, ".");
	77	x = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
	78	MAX_FACT);
	79	memset (&n,
	80	0,
	81	sizeof (n));
	82	for (unsigned int j = 0; j < x; j++)
	83	sodium_increment (n.v,
	84	sizeof (n.v));
	85	if (0 == GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
	86	2))
	87	{
	88	GNUNET_log (GNUNET_ERROR_TYPE_INFO,
	89	"Trying negative %d\n",
	90	-x);
	91	crypto_core_ed25519_scalar_negate (fact.v,
	92	n.v);
	93	x = -x;
	94	}
	95	else
	96	{
	97	GNUNET_log (GNUNET_ERROR_TYPE_INFO,
	98	"Trying positive %d\n",
	99	x);
	100	fact = n;
	101	}
	102	if (0 == x)
	103	{
	104	/* libsodium does not like to multiply with zero; make sure
	105	'q' is a valid point (g) first, then use q = q - q to get
	106	the product with zero */
	107	sodium_increment (fact.v,
	108	sizeof (fact.v));
	109	GNUNET_assert (0 ==
	110	crypto_scalarmult_ed25519_base_noclamp (q.v,
	111	fact.v));
	112	GNUNET_assert (
	113	0 ==
	114	crypto_core_ed25519_sub (q.v,
	115	q.v,
	116	q.v));
	117	}
	118	else
	119	GNUNET_assert (0 ==
	120	crypto_scalarmult_ed25519_base_noclamp (q.v,
	121	fact.v));
	122	{
	123	int iret;
	124
	125	if (x !=
	126	(iret = GNUNET_CRYPTO_ecc_dlog (edc,
	127	&q)))
	128	{
	129	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
	130	"DLOG failed for value %d (got: %d)\n",
	131	x,
	132	iret);
	133	GNUNET_assert (0);
	134	}
	135	}
	136	}
	137	fprintf (stderr,
	138	"\n");
	139	}
	140
	141
	142	/**
	143	* Do some arithmetic operations for testing.
	144	*
	145	* @param edc context for ECC operations
	146	*/
	147	static void
	148	test_math (struct GNUNET_CRYPTO_EccDlogContext *edc)
	149	{
	150	int i;
	151	int j;
	152	struct GNUNET_CRYPTO_EccPoint ip;
	153	struct GNUNET_CRYPTO_EccPoint jp;
	154	struct GNUNET_CRYPTO_EccPoint r;
	155	struct GNUNET_CRYPTO_EccPoint ir;
	156	struct GNUNET_CRYPTO_EccPoint irj;
	157	struct GNUNET_CRYPTO_EccPoint r_inv;
	158	struct GNUNET_CRYPTO_EccPoint sum;
	159
	160	for (i = -MATH_MAX; i < MATH_MAX; i++)
	161	{
	162	GNUNET_CRYPTO_ecc_dexp (i, &ip);
	163	for (j = -MATH_MAX; j < MATH_MAX; j++)
	164	{
	165	fprintf (stderr, ".");
	166	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
	167	"%d + %d\n",
	168	i,
	169	j);
	170	GNUNET_CRYPTO_ecc_dexp (j, &jp);
	171	GNUNET_CRYPTO_ecc_rnd (&r,
	172	&r_inv);
	173	GNUNET_CRYPTO_ecc_add (&ip, &r, &ir);
	174	GNUNET_CRYPTO_ecc_add (&ir, &jp, &irj);
	175	GNUNET_CRYPTO_ecc_add (&irj, &r_inv, &sum);
	176	int res = GNUNET_CRYPTO_ecc_dlog (edc, &sum);
	177	if (i + j != res)
	178	{
	179	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
	180	"Got %d, expected %d\n",
	181	res,
	182	i + j);
	183	// GNUNET_assert (0);
	184	}
	185	}
	186	}
	187	fprintf (stderr, "\n");
	188	}
	189
	190
	191	int
	192	main (int argc, char *argv[])
	193	{
	194	struct GNUNET_CRYPTO_EccDlogContext *edc;
	195
	196	if (! gcry_check_version ("1.6.0"))
	197	{
	198	fprintf (stderr,
	199	_
	200	(
	201	"libgcrypt has not the expected version (version %s is required).\n"),
	202	"1.6.0");
	203	return 0;
	204	}
	205	if (getenv ("GNUNET_GCRYPT_DEBUG"))
	206	gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
	207	GNUNET_log_setup ("test-crypto-ecc-dlog",
	208	"WARNING",
	209	NULL);
	210	edc = GNUNET_CRYPTO_ecc_dlog_prepare (MAX_FACT,
	211	MAX_MEM);
	212	test_dlog (edc);
	213	test_math (edc);
	214	GNUNET_CRYPTO_ecc_dlog_release (edc);
	215	return 0;
	216	}
	217
	218
	219	/* end of test_crypto_ecc_dlog.c */