blob: 28b2209495907c8bf11dadf427d510c185d4e43a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
#!/bin/bash
to_bc() {
local input
if [ $# -ge 1 ]; then
input="$1"
else
input=$(cat)
fi
echo "$input" | sed -e "s/0x//" | tr '[:lower:]' '[:upper:]'
}
trim_bc() {
local input
if [ $# -ge 1 ]; then
input="$1"
else
input=$(cat)
fi
echo "$input" | tr -d " \n\\\\"
}
from_bc() {
local input
if [ $# -ge 1 ]; then
input="$1"
else
input=$(cat)
fi
if [[ "$input" == "-"* ]]; then
echo "$input" | sed -e "s/-/-0x/"
else
echo "0x$input"
fi | tr -d " \n\\\\" | tr '[:upper:]' '[:lower:]'
}
errors=0
for directory in $(ls -d */); do
curves="${directory}curves.json"
if [ ! -e "$curves" ]; then
continue
fi
total=$(cat "$curves" | jq ".curves | length")
num=$(echo $total - 1 | bc)
for i in $(seq 0 $num); do
curve=$(cat "$curves" | jq ".curves[$i]")
name=$(echo "$curve" | jq -r ".name")
form=$(echo "$curve" | jq -r ".form")
if [ -n "$1" ] && [ "$directory$name" != "$1" ]; then
continue
fi
echo "Checking $directory$name"
if [ "$form" != "Weierstrass" ]; then
echo " -> Skipping, not Weierstrass"
continue
fi
bits=$(echo "$curve" | jq -r ".field.bits")
a=$(echo "$curve" | jq -r ".params.a.raw")
b=$(echo "$curve" | jq -r ".params.b.raw")
n=$(echo "$curve" | jq -r ".order")
h=$(echo "$curve" | jq -r ".cofactor")
full_order=$(echo "ibase=16;obase=10; $(to_bc $n) * $(to_bc $h)" | bc | trim_bc)
field_type=$(echo "$curve" | jq -r ".field.type")
case "$field_type" in
Prime)
p=$(echo "$curve" | jq -r ".field.p")
# Reduce coefficients, some curves come not-reduced (BADA55...)
a_reduced=$(echo "ibase=16;obase=10; $(to_bc $a) % $(to_bc $p)" | bc | from_bc)
b_reduced=$(echo "ibase=16;obase=10; $(to_bc $b) % $(to_bc $p)" | bc | from_bc)
computed_curve=$(echo -e "$p\n$a_reduced\n$b_reduced\n" | ./ecgen-static --fp $bits 2>/dev/null)
if [ "$?" -ne 0 ]; then
bits=$((bits+1))
computed_curve=$(echo -e "$p\n$a_reduced\n$b_reduced\n" | ./ecgen-static --fp $bits 2>/dev/null)
fi
;;
Binary)
degree=$(echo "$curve" | jq -r ".field.degree")
num_exps=$(echo "$curve" | jq -r ".field.poly | length")
if [ $num_exps -ne 3 ]; then
echo " -> Skipping, unsupported polynomial"
continue
fi
e1=$(echo "$curve" | jq -r ".field.poly[0].power")
e2=$(echo "$curve" | jq -r ".field.poly[1].power")
e3=$(echo "$curve" | jq -r ".field.poly[2].power")
computed_curve=$(echo -e "$degree\n$e1\n$e2\n$e3\n$a\n$b\n" | ./ecgen-static --f2m $bits 2>/dev/null)
;;
*)
echo " ?? Unknown curve field: $field_type"
continue
;;
esac
computed_full_order=$(echo "$computed_curve" | jq -r ".[0].order" | to_bc)
res=$(echo "ibase=16;obase=10; $full_order == $computed_full_order" | bc -q)
if [ "$res" != "1" ]; then
echo "Wrong curve order! $full_order vs $computed_full_order" >&2
errors=$((errors+1))
fi
done
done
echo "-----"
if [ "$errors" != 0 ]; then
echo "Failing due to $errors failing tests"
exit 1
else
echo "All OK"
fi
|
