From 098276ceac4279c88b44a2145c9c8cb8bde8a9e8 Mon Sep 17 00:00:00 2001 From: Crt Vavros - smlu Date: Fri, 29 Dec 2023 01:06:43 +0100 Subject: [PATCH] Fix moving y coord && Add tests for curve cached constants --- include/ack/ec.hpp | 24 +++++++++---------- .../ack/tests/ecdsa_brainpoolP256r1_test.hpp | 6 ++++- .../ack/tests/ecdsa_brainpoolP320r1_test.hpp | 6 ++++- .../ack/tests/ecdsa_brainpoolP384r1_test.hpp | 6 ++++- .../ack/tests/ecdsa_brainpoolP512r1_test.hpp | 6 ++++- .../ack/tests/ecdsa_secp256k1_test.hpp | 6 ++++- .../ack/tests/ecdsa_secp256r1_test.hpp | 6 ++++- .../ack/tests/ecdsa_secp384r1_test.hpp | 6 ++++- .../ack/tests/ecdsa_secp521r1_test.hpp | 6 ++++- 9 files changed, 52 insertions(+), 20 deletions(-) diff --git a/include/ack/ec.hpp b/include/ack/ec.hpp index 6568774..46c060f 100644 --- a/include/ack/ec.hpp +++ b/include/ack/ec.hpp @@ -1154,15 +1154,15 @@ namespace ack { // https://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-add-1998-cmo-2 // note: faster than https://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-add-2007-bl - const bool bZ1IsOne = p.z.is_one(); - const bool bZ2IsOne = q.z.is_one(); - if ( bZ1IsOne && bZ2IsOne ) { + const bool z1_is_one = p.z.is_one(); + const bool z2_is_one = q.z.is_one(); + if ( z1_is_one && z2_is_one ) { return add_z_1( p, q ); } - else if ( bZ1IsOne ) { + else if ( z1_is_one ) { return add_z2_1( q, p ); } - else if ( bZ2IsOne ) { + else if ( z2_is_one ) { return add_z2_1( p, q ); } return add_ne( p, q ); @@ -1189,16 +1189,16 @@ namespace ack { // note: this algo was measured to be the most efficient of them all. const auto M = [](const auto& p) { - const bool bZIsOne = p.z.is_one(); + const bool z_is_one = p.z.is_one(); if ( p.curve().a_is_zero ) { return 3 * p.x.sqr(); } else if ( p.curve().a_is_minus_3 ) { - const auto z2 = bZIsOne ? p.z : p.z.sqr(); + const auto z2 = z_is_one ? p.z : p.z.sqr(); return 3 * ( p.x - z2 ) * ( p.x + z2 ); } else { - const auto z4 = bZIsOne ? p.z : p.z.sqr().sqr(); + const auto z4 = z_is_one ? p.z : p.z.sqr().sqr(); return 3 * p.x.sqr() + p.curve().a * z4; } }( p ); @@ -1526,9 +1526,9 @@ namespace ack { const IntT n; // order of g const uint32_t h; // cofactor, i.e.: h = #E(Fp) / n // #E(Fp) - number of points on the curve - const bool a_is_minus_3; // cached a == p - 3 - const bool a_is_zero; // cached a == 0 - const IntT p_minus_n; // cached p - n; used for checking the maximum negative point coordinate + const bool a_is_minus_3; // cached constant a == p - 3 + const bool a_is_zero; // cached constant a == 0 + const IntT p_minus_n; // cached constant p - n; used for checking the maximum negative point coordinate /** * Creates a curve from the given parameters. @@ -1732,7 +1732,7 @@ namespace ack { if ( y.is_zero() ) { return PointT{}; } - return make_point( std::move( x ), y ); + return make_point( std::move( x ), std::move( y ) ); } /** diff --git a/tests/include/ack/tests/ecdsa_brainpoolP256r1_test.hpp b/tests/include/ack/tests/ecdsa_brainpoolP256r1_test.hpp index e0cf555..60d40df 100644 --- a/tests/include/ack/tests/ecdsa_brainpoolP256r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_brainpoolP256r1_test.hpp @@ -28,7 +28,11 @@ namespace ack::tests { REQUIRE_EQUAL( brainpoolP256r1.g.y, "547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997" ) REQUIRE_EQUAL( brainpoolP256r1.n , "a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7" ) REQUIRE_EQUAL( brainpoolP256r1.h , 1 ) - REQUIRE_EQUAL( brainpoolP256r1.verify(), true ) + + REQUIRE_EQUAL( brainpoolP256r1.a_is_minus_3, false ) + REQUIRE_EQUAL( brainpoolP256r1.a_is_zero , false ) + REQUIRE_EQUAL( brainpoolP256r1.p_minus_n , "e2027b801fc479308ff5399a8825fcd0" ) + REQUIRE_EQUAL( brainpoolP256r1.verify() , true ) // Test vectors from Google's Wycheproof RSA signature verification tests. // Generated from: 'ecdsa_brainpoolP256r1_sha3_256_test.json' diff --git a/tests/include/ack/tests/ecdsa_brainpoolP320r1_test.hpp b/tests/include/ack/tests/ecdsa_brainpoolP320r1_test.hpp index 8fe1767..85ea79d 100644 --- a/tests/include/ack/tests/ecdsa_brainpoolP320r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_brainpoolP320r1_test.hpp @@ -28,7 +28,11 @@ namespace ack::tests { REQUIRE_EQUAL( brainpoolP320r1.g.y, "14fdd05545ec1cc8ab4093247f77275e0743ffed117182eaa9c77877aaac6ac7d35245d1692e8ee1" ) REQUIRE_EQUAL( brainpoolP320r1.n , "d35e472036bc4fb7e13c785ed201e065f98fcfa5b68f12a32d482ec7ee8658e98691555b44c59311" ) REQUIRE_EQUAL( brainpoolP320r1.h , 1 ) - REQUIRE_EQUAL( brainpoolP320r1.verify(), true ) + + REQUIRE_EQUAL( brainpoolP320r1.a_is_minus_3, false ) + REQUIRE_EQUAL( brainpoolP320r1.a_is_zero , false ) + REQUIRE_EQUAL( brainpoolP320r1.p_minus_n , "14064fb4c224a8b248a0d933f7642bd56aced9b16" ) + REQUIRE_EQUAL( brainpoolP320r1.verify() , true ) // Test vectors from Google's Wycheproof RSA signature verification tests. // Generated from: 'ecdsa_brainpoolP320r1_sha384_p1363_test.json' diff --git a/tests/include/ack/tests/ecdsa_brainpoolP384r1_test.hpp b/tests/include/ack/tests/ecdsa_brainpoolP384r1_test.hpp index 2e172b1..0feb12b 100644 --- a/tests/include/ack/tests/ecdsa_brainpoolP384r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_brainpoolP384r1_test.hpp @@ -28,7 +28,11 @@ namespace ack::tests { REQUIRE_EQUAL( brainpoolP384r1.g.y, "8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315" ) REQUIRE_EQUAL( brainpoolP384r1.n , "8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565" ) REQUIRE_EQUAL( brainpoolP384r1.h , 1 ) - REQUIRE_EQUAL( brainpoolP384r1.verify(), true ) + + REQUIRE_EQUAL( brainpoolP384r1.a_is_minus_3, false ) + REQUIRE_EQUAL( brainpoolP384r1.a_is_zero , false ) + REQUIRE_EQUAL( brainpoolP384r1.p_minus_n , "f39b6bacd3b2eb7bdd98f07a249d57614bbece10480386ee" ) + REQUIRE_EQUAL( brainpoolP384r1.verify() , true ) // Test vectors from Google's Wycheproof RSA signature verification tests. // Generated from: 'ecdsa_brainpoolP384r1_sha3_384_test.json' diff --git a/tests/include/ack/tests/ecdsa_brainpoolP512r1_test.hpp b/tests/include/ack/tests/ecdsa_brainpoolP512r1_test.hpp index c2301ab..3a8c465 100644 --- a/tests/include/ack/tests/ecdsa_brainpoolP512r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_brainpoolP512r1_test.hpp @@ -28,7 +28,11 @@ namespace ack::tests { REQUIRE_EQUAL( brainpoolP512r1.g.y, "7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892" ) REQUIRE_EQUAL( brainpoolP512r1.n , "aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069" ) REQUIRE_EQUAL( brainpoolP512r1.h , 1 ) - REQUIRE_EQUAL( brainpoolP512r1.verify(), true ) + + REQUIRE_EQUAL( brainpoolP512r1.a_is_minus_3, false ) + REQUIRE_EQUAL( brainpoolP512r1.a_is_zero , false ) + REQUIRE_EQUAL( brainpoolP512r1.p_minus_n , "1280f3ebf4f1d42296d47401166f7709f0ad02bae2524eba77322c9d3bb91488a" ) + REQUIRE_EQUAL( brainpoolP512r1.verify() , true ) // Test vectors from Google's Wycheproof RSA signature verification tests. // Generated from: 'ecdsa_brainpoolP512r1_sha3_512_test.json' diff --git a/tests/include/ack/tests/ecdsa_secp256k1_test.hpp b/tests/include/ack/tests/ecdsa_secp256k1_test.hpp index 997b4d2..26d27bf 100644 --- a/tests/include/ack/tests/ecdsa_secp256k1_test.hpp +++ b/tests/include/ack/tests/ecdsa_secp256k1_test.hpp @@ -26,7 +26,11 @@ namespace ack::tests { REQUIRE_EQUAL( secp256k1.g.y, "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8" ) REQUIRE_EQUAL( secp256k1.n , "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141" ) REQUIRE_EQUAL( secp256k1.h , 1 ) - REQUIRE_EQUAL( secp256k1.verify(), true ) + + REQUIRE_EQUAL( secp256k1.a_is_minus_3, false ) + REQUIRE_EQUAL( secp256k1.a_is_zero , true ) + REQUIRE_EQUAL( secp256k1.p_minus_n , "14551231950b75fc4402da1722fc9baee" ) + REQUIRE_EQUAL( secp256k1.verify() , true ) // Custom test vectors { diff --git a/tests/include/ack/tests/ecdsa_secp256r1_test.hpp b/tests/include/ack/tests/ecdsa_secp256r1_test.hpp index de6d452..0ca0cfa 100644 --- a/tests/include/ack/tests/ecdsa_secp256r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_secp256r1_test.hpp @@ -26,7 +26,11 @@ namespace ack::tests { REQUIRE_EQUAL( secp256r1.g.y, "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" ) REQUIRE_EQUAL( secp256r1.n , "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" ) REQUIRE_EQUAL( secp256r1.h , 1 ) - REQUIRE_EQUAL( secp256r1.verify(), true ) + + REQUIRE_EQUAL( secp256r1.a_is_minus_3, true ) + REQUIRE_EQUAL( secp256r1.a_is_zero , false ) + REQUIRE_EQUAL( secp256r1.p_minus_n , "4319055358e8617b0c46353d039cdaae" ) + REQUIRE_EQUAL( secp256r1.verify() , true ) // Custom test vectors { diff --git a/tests/include/ack/tests/ecdsa_secp384r1_test.hpp b/tests/include/ack/tests/ecdsa_secp384r1_test.hpp index 2a4c8a3..051d10b 100644 --- a/tests/include/ack/tests/ecdsa_secp384r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_secp384r1_test.hpp @@ -28,7 +28,11 @@ namespace ack::tests { REQUIRE_EQUAL( secp384r1.g.y, "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f" ) REQUIRE_EQUAL( secp384r1.n , "ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973" ) REQUIRE_EQUAL( secp384r1.h , 1 ) - REQUIRE_EQUAL( secp384r1.verify(), true ) + + REQUIRE_EQUAL( secp384r1.a_is_minus_3, true ) + REQUIRE_EQUAL( secp384r1.a_is_zero , false ) + REQUIRE_EQUAL( secp384r1.p_minus_n , "389cb27e0bc8d21fa7e5f24cb74f58851313e696333ad68c" ) + REQUIRE_EQUAL( secp384r1.verify() , true ) // NIST FIPS 186-4 test vectors // https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures diff --git a/tests/include/ack/tests/ecdsa_secp521r1_test.hpp b/tests/include/ack/tests/ecdsa_secp521r1_test.hpp index 83a3176..75fdb10 100644 --- a/tests/include/ack/tests/ecdsa_secp521r1_test.hpp +++ b/tests/include/ack/tests/ecdsa_secp521r1_test.hpp @@ -28,7 +28,11 @@ namespace ack::tests { REQUIRE_EQUAL( secp521r1.g.y, "011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650" ) REQUIRE_EQUAL( secp521r1.n , "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409" ) REQUIRE_EQUAL( secp521r1.h , 1 ) - REQUIRE_EQUAL( secp521r1.verify(), true ) + + REQUIRE_EQUAL( secp521r1.a_is_minus_3, true ) + REQUIRE_EQUAL( secp521r1.a_is_zero , false ) + REQUIRE_EQUAL( secp521r1.p_minus_n , "5ae79787c40d069948033feb708f65a2fc44a36477663b851449048e16ec79bf6" ) + REQUIRE_EQUAL( secp521r1.verify() , true ) // NIST FIPS 186-4 test vectors // https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures