aesni-x86_64.pl: make ECB subroutine Windows ABI compliant.

[oweals/openssl.git] / crypto / ec / ectest.c

diff --git a/crypto/ec/ectest.c b/crypto/ec/ectest.c
index 5a5daa5b9b2109f55b2ee144637c1d99f7dc5cbb..d1bf980599c8ace2cd5fe06049ab9da07a75e30b 100644 (file)
--- a/crypto/ec/ectest.c
+++ b/crypto/ec/ectest.c
@@ -94,6 +94,7 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
 #include <openssl/objects.h>
 #include <openssl/rand.h>
 #include <openssl/bn.h>
+#include <openssl/opensslconf.h>
 
 #if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
 /* suppress "too big too optimize" warning */
@@ -198,6 +199,7 @@ static void group_order_tests(EC_GROUP *group)
        EC_POINT *P = EC_POINT_new(group);
        EC_POINT *Q = EC_POINT_new(group);
        BN_CTX *ctx = BN_CTX_new();
+       int i;
 
        n1 = BN_new(); n2 = BN_new(); order = BN_new();
        fprintf(stdout, "verify group order ...");
@@ -211,21 +213,56 @@ static void group_order_tests(EC_GROUP *group)
        if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) ABORT;
        if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
        fprintf(stdout, " ok\n");
-       fprintf(stdout, "long/negative scalar tests ... ");
-       if (!BN_one(n1)) ABORT;
-       /* n1 = 1 - order */
-       if (!BN_sub(n1, n1, order)) ABORT;
-       if(!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT;
-       if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
-       /* n2 = 1 + order */
-       if (!BN_add(n2, order, BN_value_one())) ABORT;
-       if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
-       if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
-       /* n2 = (1 - order) * (1 + order) */
-       if (!BN_mul(n2, n1, n2, ctx)) ABORT;
-       if(!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
-       if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+       fprintf(stdout, "long/negative scalar tests ");
+        for (i = 1; i <= 2; i++)
+               {
+               const BIGNUM *scalars[6];
+               const EC_POINT *points[6];
+
+               fprintf(stdout, i == 1 ?
+                       "allowing precomputation ... " :
+                       "without precomputation ... ");
+               if (!BN_set_word(n1, i)) ABORT;
+               /* If i == 1, P will be the predefined generator for which
+                * EC_GROUP_precompute_mult has set up precomputation. */
+               if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) ABORT;
+
+               if (!BN_one(n1)) ABORT;
+               /* n1 = 1 - order */
+               if (!BN_sub(n1, n1, order)) ABORT;
+               if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) ABORT;
+               if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+
+               /* n2 = 1 + order */
+               if (!BN_add(n2, order, BN_value_one())) ABORT;
+               if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
+               if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+
+               /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
+               if (!BN_mul(n2, n1, n2, ctx)) ABORT;
+               if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
+               if (0 != EC_POINT_cmp(group, Q, P, ctx)) ABORT;
+
+               /* n2 = order^2 - 1 */
+               BN_set_negative(n2, 0);
+               if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) ABORT;
+               /* Add P to verify the result. */
+               if (!EC_POINT_add(group, Q, Q, P, ctx)) ABORT;
+               if (!EC_POINT_is_at_infinity(group, Q)) ABORT;
+
+               /* Exercise EC_POINTs_mul, including corner cases. */
+               if (EC_POINT_is_at_infinity(group, P)) ABORT;
+               scalars[0] = n1; points[0] = Q; /* => infinity */
+               scalars[1] = n2; points[1] = P; /* => -P */
+               scalars[2] = n1; points[2] = Q; /* => infinity */
+               scalars[3] = n2; points[3] = Q; /* => infinity */
+               scalars[4] = n1; points[4] = P; /* => P */
+               scalars[5] = n2; points[5] = Q; /* => infinity */
+               if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) ABORT;
+               if (!EC_POINT_is_at_infinity(group, P)) ABORT;
+               }
        fprintf(stdout, "ok\n");
+
        EC_POINT_free(P);
        EC_POINT_free(Q);
        BN_free(n1);
@@ -235,7 +272,7 @@ static void group_order_tests(EC_GROUP *group)
        }
 
 static void prime_field_tests(void)
-       {       
+       {
        BN_CTX *ctx = NULL;
        BIGNUM *p, *a, *b;
        EC_GROUP *group;
@@ -1270,7 +1307,7 @@ static void internal_curve_test(void)
        return;
        }
 
-#ifdef EC_NISTP_64_GCC_128
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
 /* nistp_test_params contains magic numbers for testing our optimized
  * implementations of several NIST curves with characteristic > 3. */
 struct nistp_test_params
@@ -1331,16 +1368,18 @@ static const struct nistp_test_params nistp_tests_params[] =
 
 void nistp_single_test(const struct nistp_test_params *test)
        {
-       fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree);
+       BN_CTX *ctx;
        BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
+       EC_GROUP *NISTP;
+       EC_POINT *G, *P, *Q, *Q_CHECK;
+
+       fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", test->degree);
+       ctx = BN_CTX_new();
        p = BN_new();
        a = BN_new();
        b = BN_new();
        x = BN_new(); y = BN_new();
        m = BN_new(); n = BN_new(); order = BN_new();
-       BN_CTX *ctx = BN_CTX_new();
-       EC_GROUP *NISTP;
-       EC_POINT *G, *P, *Q, *Q_CHECK;
 
        NISTP = EC_GROUP_new(test->meth());
        if(!NISTP) ABORT;
@@ -1467,7 +1506,7 @@ int main(int argc, char *argv[])
 #ifndef OPENSSL_NO_EC2M
        char2_field_tests();
 #endif
-#ifdef EC_NISTP_64_GCC_128
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
        nistp_tests();
 #endif
        /* test the internal curves */