1 /* ===================================================================
2 *
3 * Copyright (c) 2018, Helder Eijs <helderijs@gmail.com>
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 *
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
18 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
19 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
20 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
24 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
25 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
27 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28 * POSSIBILITY OF SUCH DAMAGE.
29 * ===================================================================
30 */
31
32 #include <assert.h>
33
34 #include "common.h"
35 #include "endianess.h"
36 #include "multiply.h"
37 #include "mont.h"
38 #include "ec.h"
39 #include "modexp_utils.h"
40
41 #include <sys/time.h>
42
43 #include "ec_ws.c"
44
45 #define BYTES 66
46
main(void)47 int main(void)
48 {
49 const uint8_t p521_mod[BYTES] = "\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff";
50 const uint8_t b[BYTES] = "\x00\x51\x95\x3e\xb9\x61\x8e\x1c\x9a\x1f\x92\x9a\x21\xa0\xb6\x85\x40\xee\xa2\xda\x72\x5b\x99\xb3\x15\xf3\xb8\xb4\x89\x91\x8e\xf1\x09\xe1\x56\x19\x39\x51\xec\x7e\x93\x7b\x16\x52\xc0\xbd\x3b\xb1\xbf\x07\x35\x73\xdf\x88\x3d\x2c\x34\xf1\xef\x45\x1f\xd4\x6b\x50\x3f\x00";
51 const uint8_t order[BYTES] = "\x01\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfa\x51\x86\x87\x83\xbf\x2f\x96\x6b\x7f\xcc\x01\x48\xf7\x09\xa5\xd0\x3b\xb5\xc9\xb8\x89\x9c\x47\xae\xbb\x6f\xb7\x1e\x91\x38\x64\x09";
52 const uint8_t p521_Gx[BYTES] = "\x00\xc6\x85\x8e\x06\xb7\x04\x04\xe9\xcd\x9e\x3e\xcb\x66\x23\x95\xb4\x42\x9c\x64\x81\x39\x05\x3f\xb5\x21\xf8\x28\xaf\x60\x6b\x4d\x3d\xba\xa1\x4b\x5e\x77\xef\xe7\x59\x28\xfe\x1d\xc1\x27\xa2\xff\xa8\xde\x33\x48\xb3\xc1\x85\x6a\x42\x9b\xf9\x7e\x7e\x31\xc2\xe5\xbd\x66";
53 const uint8_t p521_Gy[BYTES] = "\x01\x18\x39\x29\x6a\x78\x9a\x3b\xc0\x04\x5c\x8a\x5f\xb4\x2c\x7d\x1b\xd9\x98\xf5\x44\x49\x57\x9b\x44\x68\x17\xaf\xbd\x17\x27\x3e\x66\x2c\x97\xee\x72\x99\x5e\xf4\x26\x40\xc5\x50\xb9\x01\x3f\xad\x07\x61\x35\x3c\x70\x86\xa2\x72\xc2\x40\x88\xbe\x94\x76\x9f\xd1\x66\x50";
54
55 uint8_t x[BYTES], y[BYTES];
56 uint8_t exp[BYTES];
57 EcContext *ec_ctx;
58 EcPoint *ecp = NULL;
59 EcPoint *gp = NULL;
60 unsigned i;
61 struct timeval start, stop;
62 double duration_ms, rate;
63
64 #define ITERATIONS 500U
65
66 /* Make almost-worst case exponent */
67 for (i=0; i<BYTES; i++) {
68 exp[i] = (uint8_t)(0xFF - i);
69 }
70
71 /** Only 1 bit in MSB **/
72 exp[0] &= 1;
73
74 ec_ws_new_context(&ec_ctx, p521_mod, b, order, BYTES, /* seed */ 4);
75
76 ec_ws_new_point(&gp, p521_Gx, p521_Gy, BYTES, ec_ctx);
77 ec_ws_clone(&ecp, gp);
78
79 /** Scalar multiplications by G **/
80 gettimeofday(&start, NULL);
81 for (i=0; i<ITERATIONS; i++) {
82 ec_ws_copy(ecp, gp);
83 ec_ws_scalar(ecp, exp, BYTES, 0xFFF);
84 ec_ws_get_xy(x, y, BYTES, ecp);
85 }
86 gettimeofday(&stop, NULL);
87 duration_ms = (double)(stop.tv_sec - start.tv_sec) * 1000 + (double)(stop.tv_usec - start.tv_usec) / 1000;
88 rate = ITERATIONS / (duration_ms/1000);
89 printf("Speed (scalar mult by G) = %.0f op/s\n", rate);
90
91 ec_ws_get_xy(x, y, BYTES, ecp);
92 printf("X: ");
93 for (i=0; i<BYTES; i++)
94 printf("%02X", x[i]);
95 printf("\n");
96 printf("Y: ");
97 for (i=0; i<BYTES; i++)
98 printf("%02X", y[i]);
99 printf("\n");
100
101 #if 1
102 /** Scalar multiplications by arbitrary point **/
103 ec_ws_double(ecp);
104 gettimeofday(&start, NULL);
105 for (i=0; i<ITERATIONS; i++) {
106 ec_ws_scalar(ecp, exp, BYTES, 0xFFF);
107 ec_ws_get_xy(x, y, BYTES, ecp);
108 }
109 gettimeofday(&stop, NULL);
110 duration_ms = (double)(stop.tv_sec - start.tv_sec) * 1000 + (double)(stop.tv_usec - start.tv_usec) / 1000;
111 rate = ITERATIONS / (duration_ms/1000);
112 printf("Speed (scalar mult by P) = %.0f op/s\n", rate);
113
114 ec_ws_get_xy(x, y, BYTES, ecp);
115 printf("X: ");
116 for (i=0; i<BYTES; i++)
117 printf("%02X", x[i]);
118 printf("\n");
119 printf("Y: ");
120 for (i=0; i<BYTES; i++)
121 printf("%02X", y[i]);
122 printf("\n");
123 #endif
124
125 ec_free_point(gp);
126 ec_free_point(ecp);
127 ec_free_context(ec_ctx);
128
129 return 0;
130 }
131