195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* Originally written by Bodo Moeller for the OpenSSL project.
295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ====================================================================
395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Redistribution and use in source and binary forms, with or without
695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * modification, are permitted provided that the following conditions
795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * are met:
895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 1. Redistributions of source code must retain the above copyright
1095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    notice, this list of conditions and the following disclaimer.
1195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
1295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 2. Redistributions in binary form must reproduce the above copyright
1395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    notice, this list of conditions and the following disclaimer in
1495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    the documentation and/or other materials provided with the
1595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    distribution.
1695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
1795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 3. All advertising materials mentioning features or use of this
1895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    software must display the following acknowledgment:
1995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    "This product includes software developed by the OpenSSL Project
2095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
2195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
2295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
2395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    endorse or promote products derived from this software without
2495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    prior written permission. For written permission, please contact
2595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    openssl-core@openssl.org.
2695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
2795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 5. Products derived from this software may not be called "OpenSSL"
2895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    nor may "OpenSSL" appear in their names without prior written
2995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    permission of the OpenSSL Project.
3095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
3195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * 6. Redistributions of any form whatsoever must retain the following
3295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    acknowledgment:
3395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    "This product includes software developed by the OpenSSL Project
3495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
3595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
3695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
3795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
3895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
3995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
4095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
4195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
4295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
4395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
4595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
4695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
4795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * OF THE POSSIBILITY OF SUCH DAMAGE.
4895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * ====================================================================
4995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
5095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * This product includes cryptographic software written by Eric Young
5195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * (eay@cryptsoft.com).  This product includes software written by Tim
5295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Hudson (tjh@cryptsoft.com).
5395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
5495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley */
5595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley/* ====================================================================
5695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
5795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
5895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Portions of the attached software ("Contribution") are developed by
5995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
6095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
6195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The Contribution is licensed pursuant to the OpenSSL open source
6295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * license provided above.
6395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley *
6495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * The elliptic curve binary polynomial software is originally written by
6595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems
6695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley * Laboratories. */
6795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
6895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <stdio.h>
6995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
7095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/bn.h>
71a70c75cfc0ca32a43985e3f24d737ca9cafcb910David Benjamin#include <openssl/crypto.h>
7295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/ec.h>
7395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley#include <openssl/obj.h>
7495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
7595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
76c44d2f4cb8a892a603edbbe710fa82bcd30f9cb5David Benjaminint example_EC_POINT_mul(void) {
7795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  /* This example ensures that 10×∞ + G = G, in P-256. */
7895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  EC_GROUP *group = NULL;
7995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  EC_POINT *p = NULL, *result = NULL;
8095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  BIGNUM *n = NULL;
8195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  int ret = 0;
8295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  const EC_POINT *generator;
8395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
8495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
8595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  p = EC_POINT_new(group);
8695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  result = EC_POINT_new(group);
8795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  n = BN_new();
8895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
8995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  if (p == NULL ||
9095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      result == NULL ||
9195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      group == NULL ||
9295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      n == NULL ||
9395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      !EC_POINT_set_to_infinity(group, p) ||
9495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      !BN_set_word(n, 10)) {
9595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley    goto err;
9695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  }
9795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
9895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  /* First check that 10×∞ = ∞. */
9995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  if (!EC_POINT_mul(group, result, NULL, p, n, NULL) ||
10095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      !EC_POINT_is_at_infinity(group, result)) {
10195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley    goto err;
10295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  }
10395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
10495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  generator = EC_GROUP_get0_generator(group);
10595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
10695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  /* Now check that 10×∞ + G = G. */
10795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  if (!EC_POINT_mul(group, result, BN_value_one(), p, n, NULL) ||
10895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley      EC_POINT_cmp(group, result, generator, NULL) != 0) {
10995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley    goto err;
11095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  }
11195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
11295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  ret = 1;
11395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
11495c29f3cd1f6c08c6c0927868683392eea727ccAdam Langleyerr:
11595c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  BN_free(n);
11695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  EC_POINT_free(result);
11795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  EC_POINT_free(p);
11895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  EC_GROUP_free(group);
11995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
12095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  return ret;
12195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
12295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
123c44d2f4cb8a892a603edbbe710fa82bcd30f9cb5David Benjaminint main(void) {
124a70c75cfc0ca32a43985e3f24d737ca9cafcb910David Benjamin  CRYPTO_library_init();
125a70c75cfc0ca32a43985e3f24d737ca9cafcb910David Benjamin
12695c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  if (!example_EC_POINT_mul()) {
12795c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley    fprintf(stderr, "failed\n");
12895c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley    return 1;
12995c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  }
13095c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley
13195c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  printf("PASS\n");
13295c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley  return 0;
13395c29f3cd1f6c08c6c0927868683392eea727ccAdam Langley}
134