#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <time.h>
#include <openssl/ec.h>
+#include <openssl/engine.h>
#include <openssl/err.h>
#define ABORT do { \
} while (0)
-void timings(EC_GROUP *group, int simult, BN_CTX *ctx)
+void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
{
clock_t clck;
int i, j;
BIGNUM *s, *s0;
EC_POINT *P;
- EC_POINT *points[1];
- BIGNUM *scalars[1];
s = BN_new();
s0 = BN_new();
if (!EC_GROUP_get_curve_GFp(group, s, NULL, NULL, ctx)) ABORT;
fprintf(stdout, "Timings for %d bit prime, ", (int)BN_num_bits(s));
if (!EC_GROUP_get_order(group, s, ctx)) ABORT;
- fprintf(stdout, "%d bit exponents ", (int)BN_num_bits(s));
+ fprintf(stdout, "%d bit scalars ", (int)BN_num_bits(s));
fflush(stdout);
P = EC_POINT_new(group);
if (P == NULL) ABORT;
EC_POINT_copy(P, EC_GROUP_get0_generator(group));
- points[0] = P;
- scalars[0] = s0;
-
clck = clock();
for (i = 0; i < 10; i++)
{
if (!BN_pseudo_rand(s, BN_num_bits(s), 0, 0)) ABORT;
- if (simult)
+ if (multi)
{
if (!BN_pseudo_rand(s0, BN_num_bits(s), 0, 0)) ABORT;
}
for (j = 0; j < 10; j++)
{
- if (!EC_POINTs_mul(group, P, s, simult != 0, points, scalars, ctx)) ABORT;
+ if (!EC_POINT_mul(group, P, s, multi ? P : NULL, multi ? s0 : NULL, ctx)) ABORT;
}
fprintf(stdout, ".");
fflush(stdout);
#endif
fprintf(stdout, "%i %s in %.2f " UNIT "\n", i*j,
- simult ? "s*P+t*Q operations" : "point multiplications",
+ multi ? "s*P+t*Q operations" : "point multiplications",
(double)clck/CLOCKS_PER_SEC);
fprintf(stdout, "average: %.4f " UNIT "\n", (double)clck/(CLOCKS_PER_SEC*i*j));
BIGNUM *x, *y, *z;
unsigned char buf[100];
size_t i, len;
+ int k;
+ /* enable memory leak checking unless explicitly disabled */
+ if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+ {
+ CRYPTO_malloc_debug_init();
+ CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+ }
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
ERR_load_crypto_strings();
}
fprintf(stdout, "A cyclic subgroup:\n");
+ k = 100;
do
{
+ if (k-- == 0) ABORT;
+
if (EC_POINT_is_at_infinity(group, P))
fprintf(stdout, " point at infinity\n");
else
if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
- fprintf(stdout, "verify group order ... ");
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINTs_mul(group, Q, z, 0, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, "ok\n");
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, " ok\n");
if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_192, group)) ABORT;
if (!BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
- fprintf(stdout, "verify group order ... ");
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINTs_mul(group, Q, z, 0, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, "ok\n");
-
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, " ok\n");
+
if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_224, group)) ABORT;
if (!BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
- fprintf(stdout, "verify group order ... ");
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINTs_mul(group, Q, z, 0, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, "ok\n");
-
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, " ok\n");
+
if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_256, group)) ABORT;
"7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
- fprintf(stdout, "verify group order ... ");
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINTs_mul(group, Q, z, 0, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, "ok\n");
-
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, " ok\n");
+
if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_384, group)) ABORT;
"7086A272C24088BE94769FD16650")) ABORT;
if (0 != BN_cmp(y, z)) ABORT;
- fprintf(stdout, "verify group order ... ");
+ fprintf(stdout, "verify group order ...");
+ fflush(stdout);
if (!EC_GROUP_get_order(group, z, ctx)) ABORT;
- if (!EC_POINTs_mul(group, Q, z, 0, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+ fprintf(stdout, ".");
+ fflush(stdout);
+ if (!EC_GROUP_precompute_mult(group, ctx)) ABORT;
+ if (!EC_POINT_mul(group, Q, z, NULL, NULL, ctx)) ABORT;
if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
- fprintf(stdout, "ok\n");
+ fprintf(stdout, " ok\n");
if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT;
if (!EC_GROUP_copy(P_521, group)) ABORT;
if (!EC_POINT_is_at_infinity(group, R)) ABORT; /* R = P + 2Q */
{
- EC_POINT *points[2];
- BIGNUM *scalars[2];
+ const EC_POINT *points[3];
+ const BIGNUM *scalars[3];
if (EC_POINT_is_at_infinity(group, Q)) ABORT;
+ points[0] = Q;
+ points[1] = Q;
+ points[2] = Q;
if (!BN_add(y, z, BN_value_one())) ABORT;
if (BN_is_odd(y)) ABORT;
if (!BN_rshift1(y, y)) ABORT;
-
- points[0] = Q;
- points[1] = Q;
scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */
scalars[1] = y;
- fprintf(stdout, "simultaneous multiplication ... ");
+ fprintf(stdout, "combined multiplication ...");
+ fflush(stdout);
/* z is still the group order */
if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, P, R, ctx)) ABORT;
if (0 != EC_POINT_cmp(group, R, Q, ctx)) ABORT;
- fprintf(stdout, "ok\n\n");
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) ABORT;
+ if (!BN_add(z, z, y)) ABORT;
+ z->neg = 1;
+ scalars[0] = y;
+ scalars[1] = z; /* z = -(order + y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+ fprintf(stdout, ".");
+ fflush(stdout);
+
+ if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) ABORT;
+ if (!BN_add(z, x, y)) ABORT;
+ z->neg = 1;
+ scalars[0] = x;
+ scalars[1] = y;
+ scalars[2] = z; /* z = -(x+y) */
+
+ if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) ABORT;
+ if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+
+ fprintf(stdout, " ok\n\n");
}
-#if 0
+#if 1
timings(P_192, 0, ctx);
timings(P_192, 1, ctx);
+ timings(P_224, 0, ctx);
+ timings(P_224, 1, ctx);
+ timings(P_256, 0, ctx);
+ timings(P_256, 1, ctx);
+ timings(P_384, 0, ctx);
+ timings(P_384, 1, ctx);
+ timings(P_521, 0, ctx);
+ timings(P_521, 1, ctx);
#endif
if (P_384) EC_GROUP_free(P_384);
if (P_521) EC_GROUP_free(P_521);
+ ENGINE_cleanup();
+ CRYPTO_cleanup_all_ex_data();
ERR_free_strings();
ERR_remove_state(0);
CRYPTO_mem_leaks_fp(stderr);
projects / openssl.git / blobdiff