diff --git a/eccrypto.h b/eccrypto.h index a3d15e95..a6d3215d 100644 --- a/eccrypto.h +++ b/eccrypto.h @@ -225,7 +225,7 @@ struct DL_Keys_EC #endif }; -template +template struct ECDSA; //! ECDSA keys @@ -241,8 +241,8 @@ struct DL_Keys_ECDSA }; //! ECDSA algorithm -template -class DL_Algorithm_ECDSA : public DL_Algorithm_GDSA +template +class DL_Algorithm_ECDSA : public DL_Algorithm_GDSA { public: static const char * CRYPTOPP_API StaticAlgorithmName() {return "ECDSA";} @@ -265,8 +265,8 @@ public: }; //! ECDSA -template -struct ECDSA : public DL_SS, DL_Algorithm_ECDSA, DL_SignatureMessageEncodingMethod_DSA, H> +template +struct ECDSA : public DL_SS, DL_Algorithm_ECDSA, DL_SignatureMessageEncodingMethod_DSA, H> { #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 virtual ~ECDSA() {} @@ -327,8 +327,10 @@ CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKeyImpl >; CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKeyImpl >; CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_EC; CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_EC; -CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; -CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; +CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; +CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; +CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; +CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest, ECDSA >; CRYPTOPP_DLL_TEMPLATE_CLASS DL_PrivateKey_WithSignaturePairwiseConsistencyTest, ECDSA >; diff --git a/gfpcrypt.h b/gfpcrypt.h index 114fe8da..c50c684f 100644 --- a/gfpcrypt.h +++ b/gfpcrypt.h @@ -181,7 +181,7 @@ protected: }; //! GDSA algorithm -template +template class DL_Algorithm_GDSA : public DL_ElgamalLikeSignatureAlgorithm { public: @@ -209,12 +209,150 @@ public: return r == params.ConvertElementToInteger(publicKey.CascadeExponentiateBaseAndPublicElement(u1, u2)) % q; } + bool UseDeterministicK() const + { + return useDetK; + } + + // Creates a k-value based on RFC 6979. Uses the message to hash and its size, + // the curve order and its bit length, and a private key. Returns true to + // indicate that the returned k-value is valid. + const bool getDetKVal(const byte* hmsg, const size_t& hmsgSize, + const Integer& cord, const size_t& cordBits, + const Integer& pk, Integer& kVal) const + { + // After doing the initial setup, get the msg hash and work towards the final + // k value, per the spec. + SecByteBlock zeroByte(1); + SecByteBlock oneByte(1); + memset(zeroByte, '\x00', 1); + memset(oneByte, '\x01', 1); + + size_t cordBytes = (cordBits + 7) / 8; + SecByteBlock hkey(H::DIGESTSIZE); + memset(hkey, '\x00', H::DIGESTSIZE); + K.SetKey(hkey, hkey.size()); + SecByteBlock msgHash(K.DIGESTSIZE); + SecByteBlock V(K.DIGESTSIZE); + SecByteBlock prvKeyBlock = int2octets(pk, (const unsigned int)cordBytes); + memset(V, '\x01', K.DIGESTSIZE); + hashFunct.CalculateDigest(msgHash, hmsg, hmsgSize); + + SecByteBlock octetMsg = bits2octets(msgHash, cord, cordBits); + SecByteBlock hmacInput1 = V + zeroByte + prvKeyBlock + octetMsg; + K.CalculateDigest(hkey, hmacInput1, hmacInput1.size()); + + K.SetKey(hkey, hkey.size()); + K.CalculateDigest(V, V, V.size()); + + SecByteBlock hmacInput2 = V + oneByte + prvKeyBlock + octetMsg; + K.CalculateDigest(hkey, hmacInput2, hmacInput2.size()); + + K.SetKey(hkey, hkey.size()); + K.CalculateDigest(V, V, V.size()); + + Integer retVal; + for(bool done = false; done != true; ) + { + SecByteBlock b2iData; + for(size_t s = 0; s < cordBytes; s += hkey.size()) + { + K.CalculateDigest(V, V, V.size()); + b2iData += V; + } + + // Odds of failure are practically nil but we must play it safe. + Integer b2i = bits2int(b2iData, (const unsigned int)cordBits); + if(b2i >= Integer::One() && b2i < cord) + { + retVal = b2i; + done = true; + } + else + { + SecByteBlock newHMACInput = V + zeroByte; + K.CalculateDigest(hkey, newHMACInput, newHMACInput.size()); + + K.SetKey(hkey, hkey.size()); + K.CalculateDigest(V, V, V.size()); + } + } + // Before running the k-val, hash & HMAC functs need to be cleared. + // CalculateDigest() does this every time, though, so we're good. + kVal = retVal; + return true; + } + #ifndef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562 virtual ~DL_Algorithm_GDSA() {} #endif + +protected: + // RFC 6979 support function. Takes a set of bits, takes the most significant + // bytes (subject to a given bit limit), and turns them into an integer. + Integer bits2int(const SecByteBlock& bits, const unsigned int& qlen) const + { + Integer retVal(bits, bits.size()); + if((retVal.ByteCount() * 8) > qlen) + { + retVal >>= ((retVal.ByteCount() * 8) - qlen); + } + + return retVal; + } + + // RFC 6979 support function. Takes an integer and converts it into bytes that + // are the same length as an elliptic curve's order. + SecByteBlock int2octets(const Integer& val, const unsigned int& rlenBytes) const + { + SecByteBlock octetBlock(val.ByteCount()); + val.Encode(octetBlock, val.ByteCount()); + SecByteBlock retVal = octetBlock; + + // The least significant bytes are the ones we need to preserve. + if(octetBlock.size() > rlenBytes) + { + SecByteBlock octetBlock1(rlenBytes); + size_t offset = octetBlock.size() - rlenBytes; + memcpy(octetBlock1, octetBlock + offset, rlenBytes); + retVal = octetBlock1; + } + else if(octetBlock.size() < rlenBytes) + { + SecByteBlock octetBlock2(rlenBytes); + memset(octetBlock2, '\x00', rlenBytes); + size_t offset = rlenBytes - octetBlock.size(); + memcpy(octetBlock2 + offset, octetBlock, rlenBytes - offset); + retVal = octetBlock2; + } + + return retVal; + } + + // Turn a stream of bits into a set of bytes with the same length as an elliptic + // curve's order. + SecByteBlock bits2octets(const SecByteBlock& inData, const Integer& curveOrder, + const size_t& curveOrderNumBits) const + { + Integer bintTemp = bits2int(inData, (const unsigned int)curveOrderNumBits); + Integer bint = bintTemp - curveOrder; + return int2octets(bint.IsNegative() ? bintTemp : bint, + curveOrder.ByteCount()); + } + + // Get() returns const ref + const H& GetHash() const { return const_cast(hashFunct); } + const HMAC& GetHMAC() const { return const_cast&>(K); } + // Access() returns non-const ref + H& AccessHash() { return hashFunct; } + HMAC& AccessHMAC() { return K; } +private: + mutable H hashFunct; + mutable HMAC K; }; -CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; +CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; +CRYPTOPP_DLL_TEMPLATE_CLASS DL_Algorithm_GDSA; //! NR algorithm template @@ -406,10 +544,10 @@ public: }; //! DSA-1363 -template +template struct GDSA : public DL_SS< DL_SignatureKeys_GFP, - DL_Algorithm_GDSA, + DL_Algorithm_GDSA, DL_SignatureMessageEncodingMethod_DSA, H> { @@ -451,7 +589,7 @@ public: #endif }; -template +template class DSA2; //! DSA keys @@ -467,13 +605,13 @@ struct DL_Keys_DSA //! DSA, as specified in FIPS 186-3 // class named DSA2 instead of DSA for backwards compatibility (DSA was a non-template class) -template +template class DSA2 : public DL_SS< DL_Keys_DSA, - DL_Algorithm_GDSA, + DL_Algorithm_GDSA, DL_SignatureMessageEncodingMethod_DSA, H, - DSA2 > + DSA2 > { public: static std::string CRYPTOPP_API StaticAlgorithmName() {return "DSA/" + (std::string)H::StaticAlgorithmName();} diff --git a/pubkey.h b/pubkey.h index a91df165..c05f4b56 100644 --- a/pubkey.h +++ b/pubkey.h @@ -1304,6 +1304,18 @@ public: virtual void Sign(const DL_GroupParameters ¶ms, const Integer &privateKey, const Integer &k, const Integer &e, Integer &r, Integer &s) const =0; virtual bool Verify(const DL_GroupParameters ¶ms, const DL_PublicKey &publicKey, const Integer &e, const Integer &r, const Integer &s) const =0; + virtual bool UseDeterministicK() const + { + // By default, assume k-value won't be deterministic. + return false; + } + virtual const bool getDetKVal(const byte* hmsg, const size_t& hmsgSize, + const Integer& cord, const size_t& cordBits, + const Integer& pk, Integer& kVal) const + { + // By default, assume there is no deterministic k-value. + return false; + } virtual Integer RecoverPresignature(const DL_GroupParameters ¶ms, const DL_PublicKey &publicKey, const Integer &r, const Integer &s) const { CRYPTOPP_UNUSED(params); CRYPTOPP_UNUSED(publicKey); CRYPTOPP_UNUSED(r); CRYPTOPP_UNUSED(s); @@ -1497,7 +1509,20 @@ public: // after virtual machine rollback if (rng.CanIncorporateEntropy()) rng.IncorporateEntropy(representative, representative.size()); - Integer k(rng, 1, params.GetSubgroupOrder()-1); + + // By default, RFC 6979 won't be applied. + Integer k; + if(alg.UseDeterministicK()) { + alg.getDetKVal(representative, + representative.size(), + params.GetSubgroupOrder(), + params.GetSubgroupOrder().BitCount(), + key.GetPrivateExponent(), + k); + } + else { + k.Randomize(rng, 1, params.GetSubgroupOrder()-1); + } Integer r, s; r = params.ConvertElementToInteger(params.ExponentiateBase(k)); alg.Sign(params, key.GetPrivateExponent(), k, e, r, s); diff --git a/test.cpp b/test.cpp index a920db7d..b852b053 100644 --- a/test.cpp +++ b/test.cpp @@ -955,6 +955,7 @@ bool Validate(int alg, bool thorough, const char *seedInput) case 70: result = ValidateHKDF(); break; case 71: result = ValidateBLAKE2s(); break; case 72: result = ValidateBLAKE2b(); break; + case 73: result = ValidateRFC6979(); break; default: return false; } diff --git a/validat1.cpp b/validat1.cpp index 8e214607..16f07913 100644 --- a/validat1.cpp +++ b/validat1.cpp @@ -161,6 +161,7 @@ bool ValidateAll(bool thorough) pass=ValidateRabin() && pass; pass=ValidateRW() && pass; // pass=ValidateBlumGoldwasser() && pass; + pass=ValidateRFC6979() && pass; pass=ValidateECP() && pass; pass=ValidateEC2N() && pass; pass=ValidateECDSA() && pass; diff --git a/validat2.cpp b/validat2.cpp index cb885640..7ae7a218 100644 --- a/validat2.cpp +++ b/validat2.cpp @@ -677,6 +677,1413 @@ bool TestPolynomialMod2() } #endif +bool ValidateRFC6979() { + cout << "RFC 6979 Validation Suite Starting" << endl; + + // RFC 6979 test suite private keys + Integer prvkey_1024("411602CB19A6CCC34494D79D98EF1E7ED5AF25F7h"); + Integer prvkey_2048("69C7548C21D0DFEA6B9A51C9EAD4E27C33D3B3F180316E5BCAB92C933F0E4DBCh"); + Integer prvkey_192p("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4h"); + Integer prvkey_224p("F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1h"); + Integer prvkey_256p("C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721h"); + Integer prvkey_384p("6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D896D5724E4C70A825F872C9EA60D2EDF5h"); + Integer prvkey_521p("00FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75CAA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83538h"); + Integer prvkey_163k("09A4D6792295A7F730FC3F2B49CBC0F62E862272Fh"); + Integer prvkey_233k("103B2142BDC2A3C3B55080D09DF1808F79336DA2399F5CA7171D1BE9B0h"); + Integer prvkey_283k("06A0777356E87B89BA1ED3A3D845357BE332173C8F7A65BDC7DB4FAB3C4CC79ACC8194Eh"); + Integer prvkey_409k("29C16768F01D1B8A89FDA85E2EFD73A09558B92A178A2931F359E4D70AD853E569CDAF16DAA569758FB4E73089E4525D8BBFCFh"); + Integer prvkey_571k("0C16F58550D824ED7B95569D4445375D3A490BC7E0194C41A39DEB732C29396CDF1D66DE02DD1460A816606F3BEC0F32202C7BD18A32D87506466AA92032F1314ED7B19762B0D22h"); + Integer prvkey_163r("35318FC447D48D7E6BC93B48617DDDEDF26AA658Fh"); + Integer prvkey_233r("07ADC13DD5BF34D1DDEEB50B2CE23B5F5E6D18067306D60C5F6FF11E5D3h"); + Integer prvkey_283r("14510D4BC44F2D26F4553942C98073C1BD35545CEABB5CC138853C5158D2729EA408836h"); + Integer prvkey_409r("0494994CC325B08E7B4CE038BD9436F90B5E59A2C13C3140CD3AE07C04A01FC489F572CE0569A6DB7B8060393DE76330C624177h"); + Integer prvkey_571r("028A04857F24C1C082DF0D909C0E72F453F2E2340CCB071F0E389BCA2575DA19124198C57174929AD26E348CF63F78D28021EF5A9BF2D5CBEAF6B7CCB6C4DA824DD5C82CFB24E11h"); + + // Python and/or Trezor ECDSA test suite private keys for secp256k1. + Integer prvkey1_256k1("9d0219792467d7d37b4d43298a7d0c05h"); + Integer prvkey2_256k1("cca9fbcc1b41e5a95d369eaa6ddcff73b61a4efaa279cfc6567e8daa39cbaf50h"); + Integer prvkey3_256k1("01h"); + Integer prvkey4_256k1("01h"); + Integer prvkey5_256k1("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140h"); + Integer prvkey6_256k1("f8b8af8ce3c7cca5e300d33939540c10d45ce001b8f252bfbc57ba0342904181h"); + Integer prvkey7_256k1("e91671c46231f833a6406ccbea0e3e392c76c167bac1cb013f6f1013980455c2h"); + + // RFC 6979 test suite curve orders + Integer ord_1024("996F967F6C8E388D9E28D01E205FBA957A5698B1h"); // qlen = 160 + Integer ord_2048("F2C3119374CE76C9356990B465374A17F23F9ED35089BD969F61C6DDE9998C1Fh"); // qlen = 256 + Integer ord_192p("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831h"); // qlen = 192 + Integer ord_224p("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3Dh"); // qlen = 224 + Integer ord_256p("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551h"); // qlen = 256 + Integer ord_384p("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973h"); // qlen = 384 + Integer ord_521p("1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409h"); // qlen = 521 + Integer ord_163k("4000000000000000000020108A2E0CC0D99F8A5EFh"); // qlen = 163 + Integer ord_233k("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDFh"); // qlen = 232 + Integer ord_283k("1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61h"); // qlen = 281 + Integer ord_409k("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCFh"); // qlen = 407 + Integer ord_571k("20000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001h"); // qlen = 570 + Integer ord_163r("40000000000000000000292FE77E70C12A4234C33h"); // qlen = 163 + Integer ord_233r("1000000000000000000000000000013E974E72F8A6922031D2603CFE0D7h"); // qlen = 233 + Integer ord_283r("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307h"); // qlen = 282 + Integer ord_409r("10000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173h"); // qlen = 409 + Integer ord_571r("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47h"); // qlen = 570 + + // Python and/or Trezor ECDSA curve orders. + Integer ord_256k1("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141h"); // qlen = 256 + + // RFC 6979 test suite k-value results + Integer sha1res_sample_1024("7BDB6B0FF756E1BB5D53583EF979082F9AD5BD5Bh"); + Integer sha1res_sample_2048("888FA6F7738A41BDC9846466ABDB8174C0338250AE50CE955CA16230F9CBD53Eh"); + Integer sha1res_sample_192p("37D7CA00D2C7B0E5E412AC03BD44BA837FDD5B28CD3B0021h"); + Integer sha1res_sample_224p("7EEFADD91110D8DE6C2C470831387C50D3357F7F4D477054B8B426BCh"); + Integer sha1res_sample_256p("882905F1227FD620FBF2ABF21244F0BA83D0DC3A9103DBBEE43A1FB858109DB4h"); + Integer sha1res_sample_384p("4471EF7518BB2C7C20F62EAE1C387AD0C5E8E470995DB4ACF694466E6AB096630F29E5938D25106C3C340045A2DB01A7h"); + Integer sha1res_sample_521p("089C071B419E1C2820962321787258469511958E80582E95D8378E0C2CCDB3CB42BEDE42F50E3FA3C71F5A76724281D31D9C89F0F91FC1BE4918DB1C03A5838D0F9h"); + Integer sha1res_sample_163k("09744429FA741D12DE2BE8316E35E84DB9E5DF1CDh"); + Integer sha1res_sample_233k("273179E3E12C69591AD3DD9C7CCE3985820E3913AB6696EB14486DDBCFh"); + Integer sha1res_sample_283k("0A96F788DECAF6C9DBE24DC75ABA6EAAE85E7AB003C8D4F83CB1540625B2993BF445692h"); + Integer sha1res_sample_409k("7866E5247F9A3556F983C86E81EDA696AC8489DB40A2862F278603982D304F08B2B6E1E7848534BEAF1330D37A1CF84C7994C1h"); + Integer sha1res_sample_571k("17F7E360B21BEAE4A757A19ACA77FB404D273F05719A86EAD9D7B3F4D5ED7B4630584BB153CF7DCD5A87CCA101BD7EA9ECA0CE5EE27CA985833560000BB52B6BBE068740A45B267h"); + Integer sha1res_sample_163r("0707A94C3D352E0A9FE49FB12F264992152A20004h"); + Integer sha1res_sample_233r("0A4E0B67A3A081C1B35D7BECEB5FE72A918B422B907145DB5416ED751CEh"); + Integer sha1res_sample_283r("277F389559667E8AE4B65DC056F8CE2872E1917E7CC59D17D485B0B98343206FBCCD441h"); + Integer sha1res_sample_409r("042D8A2B34402757EB2CCFDDC3E6E96A7ADD3FDA547FC10A0CB77CFC720B4F9E16EEAAA2A8CC4E4A4B5DBF7D8AC4EA491859E60h"); + Integer sha1res_sample_571r("2669FAFEF848AF67D437D4A151C3C5D3F9AA8BB66EDC35F090C9118F95BA0041B0993BE2EF55DAAF36B5B3A737C40DB1F6E3D93D97B8419AD6E1BB8A5D4A0E9B2E76832D4E7B862h"); + Integer sha224res_sample_1024("562097C06782D60C3037BA7BE104774344687649h"); + Integer sha224res_sample_2048("BC372967702082E1AA4FCE892209F71AE4AD25A6DFD869334E6F153BD0C4D806h"); + Integer sha224res_sample_192p("4381526B3FC1E7128F202E194505592F01D5FF4C5AF015D8h"); + Integer sha224res_sample_224p("C1D1F2F10881088301880506805FEB4825FE09ACB6816C36991AA06Dh"); + Integer sha224res_sample_256p("103F90EE9DC52E5E7FB5132B7033C63066D194321491862059967C715985D473h"); + Integer sha224res_sample_384p("A4E4D2F0E729EB786B31FC20AD5D849E304450E0AE8E3E341134A5C1AFA03CAB8083EE4E3C45B06A5899EA56C51B5879h"); + Integer sha224res_sample_521p("121415EC2CD7726330A61F7F3FA5DE14BE9436019C4DB8CB4041F3B54CF31BE0493EE3F427FB906393D895A19C9523F3A1D54BB8702BD4AA9C99DAB2597B92113F3h"); + Integer sha224res_sample_163k("323E7B28BFD64E6082F5B12110AA87BC0D6A6E159h"); + Integer sha224res_sample_233k("71626A309D9CD80AD0B975D757FE6BF4B84E49F8F34C780070D7746F19h"); + Integer sha224res_sample_283k("1B4C4E3B2F6B08B5991BD2BDDE277A7016DA527AD0AAE5BC61B64C5A0EE63E8B502EF61h"); + Integer sha224res_sample_409k("512340DB682C7B8EBE407BF1AA54194DFE85D49025FE0F632C9B8A06A996F2FCD0D73C752FB09D23DB8FBE50605DC25DF0745Ch"); + Integer sha224res_sample_571k("0B599D068A1A00498EE0B9AD6F388521F594BD3F234E47F7A1DB6490D7B57D60B0101B36F39CC22885F78641C69411279706F0989E6991E5D5B53619E43EFB397E25E0814EF02BCh"); + Integer sha224res_sample_163r("3B24C5E2C2D935314EABF57A6484289B291ADFE3Fh"); + Integer sha224res_sample_233r("0F2B1C1E80BEB58283AAA79857F7B83BDF724120D0913606FD07F7FFB2Ch"); + Integer sha224res_sample_283r("14CC8FCFEECD6B999B4DC6084EBB06FDED0B44D5C507802CC7A5E9ECF36E69DA6AE23C6h"); + Integer sha224res_sample_409r("0C933F1DC4C70838C2AD16564715ACAF545BCDD8DC203D25AF3EC63949C65CB2E68AC1F60CA7EACA2A823F4E240927AA82CEEC5h"); + Integer sha224res_sample_571r("2EAFAD4AC8644DEB29095BBAA88D19F31316434F1766AD4423E0B54DD2FE0C05E307758581B0DAED2902683BBC7C47B00E63E3E429BA54EA6BA3AEC33A94C9A24A6EF8E27B7677Ah"); + Integer sha256res_sample_1024("519BA0546D0C39202A7D34D7DFA5E760B318BCFBh"); + Integer sha256res_sample_2048("8926A27C40484216F052F4427CFD5647338B7B3939BC6573AF4333569D597C52h"); + Integer sha256res_sample_192p("32B1B6D7D42A05CB449065727A84804FB1A3E34D8F261496h"); + Integer sha256res_sample_224p("AD3029E0278F80643DE33917CE6908C70A8FF50A411F06E41DEDFCDCh"); + Integer sha256res_sample_256p("A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60h"); + Integer sha256res_sample_384p("180AE9F9AEC5438A44BC159A1FCB277C7BE54FA20E7CF404B490650A8ACC414E375572342863C899F9F2EDF9747A9B60h"); + Integer sha256res_sample_521p("0EDF38AFCAAECAB4383358B34D67C9F2216C8382AAEA44A3DAD5FDC9C32575761793FEF24EB0FC276DFC4F6E3EC476752F043CF01415387470BCBD8678ED2C7E1A0h"); + Integer sha256res_sample_163k("23AF4074C90A02B3FE61D286D5C87F425E6BDD81Bh"); + Integer sha256res_sample_233k("73552F9CAC5774F74F485FA253871F2109A0C86040552EAA67DBA92DC9h"); + Integer sha256res_sample_283k("1CEB9E8E0DFF53CE687DEB81339ACA3C98E7A657D5A9499EF779F887A934408ECBE5A38h"); + Integer sha256res_sample_409k("782385F18BAF5A36A588637A76DFAB05739A14163BF723A4417B74BD1469D37AC9E8CCE6AEC8FF63F37B815AAF14A876EED962h"); + Integer sha256res_sample_571k("0F79D53E63D89FB87F4D9E6DC5949F5D9388BCFE9EBCB4C2F7CE497814CF40E845705F8F18DBF0F860DE0B1CC4A433EF74A5741F3202E958C082E0B76E16ECD5866AA0F5F3DF300h"); + Integer sha256res_sample_163r("3D7086A59E6981064A9CDB684653F3A81B6EC0F0Bh"); + Integer sha256res_sample_233r("034A53897B0BBDB484302E19BF3F9B34A2ABFED639D109A388DC52006B5h"); + Integer sha256res_sample_283r("38C9D662188982943E080B794A4CFB0732DBA37C6F40D5B8CFADED6FF31C5452BA3F877h"); + Integer sha256res_sample_409r("08EC42D13A3909A20C41BEBD2DFED8CACCE56C7A7D1251DF43F3E9E289DAE00E239F6960924AC451E125B784CB687C7F23283FDh"); + Integer sha256res_sample_571r("15C2C6B7D1A070274484774E558B69FDFA193BDB7A23F27C2CD24298CE1B22A6CC9B7FB8CABFD6CF7C6B1CF3251E5A1CDDD16FBFED28DE79935BB2C631B8B8EA9CC4BCC937E669Eh"); + Integer sha384res_sample_1024("95897CD7BBB944AA932DBC579C1C09EB6FCFC595h"); + Integer sha384res_sample_2048("C345D5AB3DA0A5BCB7EC8F8FB7A7E96069E03B206371EF7D83E39068EC564920h"); + Integer sha384res_sample_192p("4730005C4FCB01834C063A7B6760096DBE284B8252EF4311h"); + Integer sha384res_sample_224p("52B40F5A9D3D13040F494E83D3906C6079F29981035C7BD51E5CAC40h"); + Integer sha384res_sample_256p("09F634B188CEFD98E7EC88B1AA9852D734D0BC272F7D2A47DECC6EBEB375AAD4h"); + Integer sha384res_sample_384p("94ED910D1A099DAD3254E9242AE85ABDE4BA15168EAF0CA87A555FD56D10FBCA2907E3E83BA95368623B8C4686915CF9h"); + Integer sha384res_sample_521p("1546A108BC23A15D6F21872F7DED661FA8431DDBD922D0DCDB77CC878C8553FFAD064C95A920A750AC9137E527390D2D92F153E66196966EA554D9ADFCB109C4211h"); + Integer sha384res_sample_163k("2132ABE0ED518487D3E4FA7FD24F8BED1F29CCFCEh"); + Integer sha384res_sample_233k("17D726A67539C609BD99E29AA3737EF247724B71455C3B6310034038C8h"); + Integer sha384res_sample_283k("1460A5C41745A5763A9D548AE62F2C3630BBED71B6AA549D7F829C22442A728C5D965DAh"); + Integer sha384res_sample_409k("4DA637CB2E5C90E486744E45A73935DD698D4597E736DA332A06EDA8B26D5ABC6153EC2ECE14981CF3E5E023F36FFA55EEA6D7h"); + Integer sha384res_sample_571k("0308253C022D25F8A9EBCD24459DD6596590BDEC7895618EEE8A2623A98D2A2B2E7594EE6B7AD3A39D70D68CB4ED01CB28E2129F8E2CC0CC8DC7780657E28BCD655F0BE9B7D35A2h"); + Integer sha384res_sample_163r("3B1E4443443486C7251A68EF184A936F05F8B17C7h"); + Integer sha384res_sample_233r("04D4670B28990BC92EEB49840B482A1FA03FE028D09F3D21F89C67ECA85h"); + Integer sha384res_sample_283r("21B7265DEBF90E6F988CFFDB62B121A02105226C652807CC324ED6FB119A287A72680ABh"); + Integer sha384res_sample_409r("0DA881BCE3BA851485879EF8AC585A63F1540B9198ECB8A1096D70CB25A104E2F8A96B108AE76CB49CF34491ABC70E9D2AAD450h"); + Integer sha384res_sample_571r("0FEF0B68CB49453A4C6ECBF1708DBEEFC885C57FDAFB88417AAEFA5B1C35017B4B498507937ADCE2F1D9EFFA5FE8F5AEB116B804FD182A6CF1518FDB62D53F60A0FF6EB707D856Bh"); + Integer sha512res_sample_1024("09ECE7CA27D0F5A4DD4E556C9DF1D21D28104F8Bh"); + Integer sha512res_sample_2048("5A12994431785485B3F5F067221517791B85A597B7A9436995C89ED0374668FCh"); + Integer sha512res_sample_192p("A2AC7AB055E4F20692D49209544C203A7D1F2C0BFBC75DB1h"); + Integer sha512res_sample_224p("9DB103FFEDEDF9CFDBA05184F925400C1653B8501BAB89CEA0FBEC14h"); + Integer sha512res_sample_256p("5FA81C63109BADB88C1F367B47DA606DA28CAD69AA22C4FE6AD7DF73A7173AA5h"); + Integer sha512res_sample_384p("92FC3C7183A883E24216D1141F1A8976C5B0DD797DFA597E3D7B32198BD35331A4E966532593A52980D0E3AAA5E10EC3h"); + Integer sha512res_sample_521p("1DAE2EA071F8110DC26882D4D5EAE0621A3256FC8847FB9022E2B7D28E6F10198B1574FDD03A9053C08A1854A168AA5A57470EC97DD5CE090124EF52A2F7ECBFFD3h"); + Integer sha512res_sample_163k("00BBCC2F39939388FDFE841892537EC7B1FF33AA3h"); + Integer sha512res_sample_233k("0E535C328774CDE546BE3AF5D7FCD263872F107E807435105BA2FDC166h"); + Integer sha512res_sample_283k("00F3B59FCB5C1A01A1A2A0019E98C244DFF61502D6E6B9C4E957EDDCEB258EF4DBEF04Ah"); + Integer sha512res_sample_409k("57055B293ECFDFE983CEF716166091E573275C53906A39EADC25C89C5EC8D7A7E5629FCFDFAD514E1348161C9A34EA1C42D58Ch"); + Integer sha512res_sample_571k("0C5EE7070AF55F84EBC43A0D481458CEDE1DCEBB57720A3C92F59B4941A044FECFF4F703940F3121773595E880333772ACF822F2449E17C64DA286BCD65711DD5DA44D7155BF004h"); + Integer sha512res_sample_163r("2EDF5CFCAC7553C17421FDF54AD1D2EF928A879D2h"); + Integer sha512res_sample_233r("0DE108AAADA760A14F42C057EF81C0A31AF6B82E8FBCA8DC86E443AB549h"); + Integer sha512res_sample_283r("20583259DC179D9DA8E5387E89BFF2A3090788CF1496BCABFE7D45BB120B0C811EB8980h"); + Integer sha512res_sample_409r("0750926FFAD7FF5DE85DF7960B3A4F9E3D38CF5A049BFC89739C48D42B34FBEE03D2C047025134CC3145B60AFD22A68DF0A7FB2h"); + Integer sha512res_sample_571r("3FF373833A06C791D7AD586AFA3990F6EF76999C35246C4AD0D519BFF180CA1880E11F2FB38B764854A0AE3BECDDB50F05AC4FCEE542F207C0A6229E2E19652F0E647B9C4882193h"); + Integer sha1res_test_1024("5C842DF4F9E344EE09F056838B42C7A17F4A6433h"); + Integer sha1res_test_2048("6EEA486F9D41A037B2C640BC5645694FF8FF4B98D066A25F76BE641CCB24BA4Fh"); + Integer sha1res_test_192p("D9CF9C3D3297D3260773A1DA7418DB5537AB8DD93DE7FA25h"); + Integer sha1res_test_224p("2519178F82C3F0E4F87ED5883A4E114E5B7A6E374043D8EFD329C253h"); + Integer sha1res_test_256p("8C9520267C55D6B980DF741E56B4ADEE114D84FBFA2E62137954164028632A2Eh"); + Integer sha1res_test_384p("66CC2C8F4D303FC962E5FF6A27BD79F84EC812DDAE58CF5243B64A4AD8094D47EC3727F3A3C186C15054492E30698497h"); + Integer sha1res_test_521p("0BB9F2BF4FE1038CCF4DABD7139A56F6FD8BB1386561BD3C6A4FC818B20DF5DDBA80795A947107A1AB9D12DAA615B1ADE4F7A9DC05E8E6311150F47F5C57CE8B222h"); + Integer sha1res_test_163k("14CAB9192F39C8A0EA8E81B4B87574228C99CD681h"); + Integer sha1res_test_233k("1D8BBF5CB6EFFA270A1CDC22C81E269F0CC16E27151E0A460BA9B51AFFh"); + Integer sha1res_test_283k("168B5F8C0881D4026C08AC5894A2239D219FA9F4DA0600ADAA56D5A1781AF81F08A726Eh"); + Integer sha1res_test_409k("545453D8DC05D220F9A12EF322D0B855E664C72835FABE8A41211453EB8A7CFF950D80773839D0043A46852DDA5A536E02291Fh"); + Integer sha1res_test_571k("1D056563469E933E4BE064585D84602D430983BFBFD6885A94BA484DF9A7AB031AD6AC090A433D8EEDC0A7643EA2A9BC3B6299E8ABA933B4C1F2652BB49DAEE833155C8F1319908h"); + Integer sha1res_test_163r("10024F5B324CBC8954BA6ADB320CD3AB9296983B4h"); + Integer sha1res_test_233r("0250C5C90A4E2A3F8849FEBA87F0D0AE630AB18CBABB84F4FFFB36CEAC0h"); + Integer sha1res_test_283r("0185C57A743D5BA06193CE2AA47B07EF3D6067E5AE1A6469BCD3FC510128BA564409D82h"); + Integer sha1res_test_409r("017E167EAB1850A3B38EE66BFE2270F2F6BFDAC5E2D227D47B20E75F0719161E6C74E9F23088F0C58B1E63BC6F185AD2EF4EAE6h"); + Integer sha1res_test_571r("019B506FD472675A7140E429AA5510DCDDC21004206EEC1B39B28A688A8FD324138F12503A4EFB64F934840DFBA2B4797CFC18B8BD0B31BBFF3CA66A4339E4EF9D771B15279D1DCh"); + Integer sha224res_test_1024("4598B8EFC1A53BC8AECD58D1ABBB0C0C71E67297h"); + Integer sha224res_test_2048("06BD4C05ED74719106223BE33F2D95DA6B3B541DAD7BFBD7AC508213B6DA6670h"); + Integer sha224res_test_192p("F5DC805F76EF851800700CCE82E7B98D8911B7D510059FBEh"); + Integer sha224res_test_224p("DF8B38D40DCA3E077D0AC520BF56B6D565134D9B5F2EAE0D34900524h"); + Integer sha224res_test_256p("669F4426F2688B8BE0DB3A6BD1989BDAEFFF84B649EEB84F3DD26080F667FAA7h"); + Integer sha224res_test_384p("18FA39DB95AA5F561F30FA3591DC59C0FA3653A80DAFFA0B48D1A4C6DFCBFF6E3D33BE4DC5EB8886A8ECD093F2935726h"); + Integer sha224res_test_521p("040D09FCF3C8A5F62CF4FB223CBBB2B9937F6B0577C27020A99602C25A01136987E452988781484EDBBCF1C47E554E7FC901BC3085E5206D9F619CFF07E73D6F706h"); + Integer sha224res_test_163k("091DD986F38EB936BE053DD6ACE3419D2642ADE8Dh"); + Integer sha224res_test_233k("67634D0ABA2C9BF7AE54846F26DCD166E7100654BCE6FDC96667631AA2h"); + Integer sha224res_test_283k("045E13EA645CE01D9B25EA38C8A8A170E04C83BB7F231EE3152209FE10EC8B2E565536Ch"); + Integer sha224res_test_409k("3C5352929D4EBE3CCE87A2DCE380F0D2B33C901E61ABC530DAF3506544AB0930AB9BFD553E51FCDA44F06CD2F49E17E07DB519h"); + Integer sha224res_test_571k("1DA875065B9D94DBE75C61848D69578BCC267935792624F9887B53C9AF9E43CABFC42E4C3F9A456BA89E717D24F1412F33CFD297A7A4D403B18B5438654C74D592D5022125E0C6Bh"); + Integer sha224res_test_163r("34F46DE59606D56C75406BFB459537A7CC280AA62h"); + Integer sha224res_test_233r("07BDB6A7FD080D9EC2FC84BFF9E3E15750789DC04290C84FED00E109BBDh"); + Integer sha224res_test_283r("2E5C1F00677A0E015EC3F799FA9E9A004309DBD784640EAAF5E1CE64D3045B9FE9C1FA1h"); + Integer sha224res_test_409r("01ADEB94C19951B460A146B8275D81638C07735B38A525D76023AAF26AA8A058590E1D5B1E78AB3C91608BDA67CFFBE6FC8A6CCh"); + Integer sha224res_test_571r("333C711F8C62F205F926593220233B06228285261D34026232F6F729620C6DE12220F282F4206D223226705608688B20B8BA86D8DFE54F07A37EC48F253283AC33C3F5102C8CC3Eh"); + Integer sha256res_test_1024("5A67592E8128E03A417B0484410FB72C0B630E1Ah"); + Integer sha256res_test_2048("1D6CE6DDA1C5D37307839CD03AB0A5CBB18E60D800937D67DFB4479AAC8DEAD7h"); + Integer sha256res_test_192p("5C4CE89CF56D9E7C77C8585339B006B97B5F0680B4306C6Ch"); + Integer sha256res_test_224p("FF86F57924DA248D6E44E8154EB69F0AE2AEBAEE9931D0B5A969F904h"); + Integer sha256res_test_256p("D16B6AE827F17175E040871A1C7EC3500192C4C92677336EC2537ACAEE0008E0h"); + Integer sha256res_test_384p("0CFAC37587532347DC3389FDC98286BBA8C73807285B184C83E62E26C401C0FAA48DD070BA79921A3457ABFF2D630AD7h"); + Integer sha256res_test_521p("01DE74955EFAABC4C4F17F8E84D881D1310B5392D7700275F82F145C61E843841AF09035BF7A6210F5A431A6A9E81C9323354A9E69135D44EBD2FCAA7731B909258h"); + Integer sha256res_test_163k("193649CE51F0CFF0784CFC47628F4FA854A93F7A2h"); + Integer sha256res_test_233k("2CE5AEDC155ACC0DDC5E679EBACFD21308362E5EFC05C5E99B2557A8D7h"); + Integer sha256res_test_283k("0B585A7A68F51089691D6EDE2B43FC4451F66C10E65F134B963D4CBD4EB844B0E1469A6h"); + Integer sha256res_test_409k("251E32DEE10ED5EA4AD7370DF3EFF091E467D5531CA59DE3AA791763715E1169AB5E18C2A11CD473B0044FB45308E8542F2EB0h"); + Integer sha256res_test_571k("04DDD0707E81BB56EA2D1D45D7FAFDBDD56912CAE224086802FEA1018DB306C4FB8D93338DBF6841CE6C6AB1506E9A848D2C0463E0889268843DEE4ACB552CFFCB858784ED116B2h"); + Integer sha256res_test_163r("38145E3FFCA94E4DDACC20AD6E0997BD0E3B669D2h"); + Integer sha256res_test_233r("00376886E89013F7FF4B5214D56A30D49C99F53F211A3AFE01AA2BDE12Dh"); + Integer sha256res_test_283r("018A7D44F2B4341FEFE68F6BD8894960F97E08124AAB92C1FFBBE90450FCC9356C9AAA5h"); + Integer sha256res_test_409r("06EBA3D58D0E0DFC406D67FC72EF0C943624CF40019D1E48C3B54CCAB0594AFD5DEE30AEBAA22E693DBCFECAD1A85D774313DADh"); + Integer sha256res_test_571r("328E02CF07C7B5B6D3749D8302F1AE5BFAA8F239398459AF4A2C859C7727A8123A7FE9BE8B228413FC8DC0E9DE16AF3F8F43005107F9989A5D97A5C4455DA895E81336710A3FB2Ch"); + Integer sha384res_test_1024("220156B761F6CA5E6C9F1B9CF9C24BE25F98CD89h"); + Integer sha384res_test_2048("206E61F73DBE1B2DC8BE736B22B079E9DACD974DB00EEBBC5B64CAD39CF9F91Ch"); + Integer sha384res_test_192p("5AFEFB5D3393261B828DB6C91FBC68C230727B030C975693h"); + Integer sha384res_test_224p("7046742B839478C1B5BD31DB2E862AD868E1A45C863585B5F22BDC2Dh"); + Integer sha384res_test_256p("16AEFFA357260B04B1DD199693960740066C1A8F3E8EDD79070AA914D361B3B8h"); + Integer sha384res_test_384p("015EE46A5BF88773ED9123A5AB0807962D193719503C527B031B4C2D225092ADA71F4A459BC0DA98ADB95837DB8312EAh"); + Integer sha384res_test_521p("1F1FC4A349A7DA9A9E116BFDD055DC08E78252FF8E23AC276AC88B1770AE0B5DCEB1ED14A4916B769A523CE1E90BA22846AF11DF8B300C38818F713DADD85DE0C88h"); + Integer sha384res_test_163k("37C73C6F8B404EC83DA17A6EBCA724B3FF1F7EEBAh"); + Integer sha384res_test_233k("1B4BD3903E74FD0B31E23F956C70062014DFEFEE21832032EA5352A055h"); + Integer sha384res_test_283k("1E88738E14482A09EE16A73D490A7FE8739DF500039538D5C4B6C8D6D7F208D6CA56760h"); + Integer sha384res_test_409k("11C540EA46C5038FE28BB66E2E9E9A04C9FE9567ADF33D56745953D44C1DC8B5B92922F53A174E431C0ED8267D919329F19014h"); + Integer sha384res_test_571k("0141B53DC6E569D8C0C0718A58A5714204502FDA146E7E2133E56D19E905B79413457437095DE13CF68B5CF5C54A1F2E198A55D974FC3E507AFC0ACF95ED391C93CC79E3B3FE37Ch"); + Integer sha384res_test_163r("375813210ECE9C4D7AB42DDC3C55F89189CF6DFFDh"); + Integer sha384res_test_233r("03726870DE75613C5E529E453F4D92631C03D08A7F63813E497D4CB3877h"); + Integer sha384res_test_283r("3C75397BA4CF1B931877076AF29F2E2F4231B117AB4B8E039F7F9704DE1BD3522F150B6h"); + Integer sha384res_test_409r("0A45B787DB44C06DEAB846511EEDBF7BFCFD3BD2C11D965C92FC195F67328F36A2DC83C0352885DAB96B55B02FCF49DCCB0E2DAh"); + Integer sha384res_test_571r("2A77E29EAD9E811A9FDA0284C14CDFA1D9F8FA712DA59D530A06CDE54187E250AD1D4FB5788161938B8DE049616399C5A56B0737C9564C9D4D845A4C6A7CDFCBFF0F01A82BE672Eh"); + Integer sha512res_test_1024("65D2C2EEB175E370F28C75BFCDC028D22C7DBE9Ch"); + Integer sha512res_test_2048("AFF1651E4CD6036D57AA8B2A05CCF1A9D5A40166340ECBBDC55BE10B568AA0AAh"); + Integer sha512res_test_192p("0758753A5254759C7CFBAD2E2D9B0792EEE44136C9480527h"); + Integer sha512res_test_224p("E39C2AA4EA6BE2306C72126D40ED77BF9739BB4D6EF2BBB1DCB6169Dh"); + Integer sha512res_test_256p("6915D11632ACA3C40D5D51C08DAF9C555933819548784480E93499000D9F0B7Fh"); + Integer sha512res_test_384p("3780C4F67CB15518B6ACAE34C9F83568D2E12E47DEAB6C50A4E4EE5319D1E8CE0E2CC8A136036DC4B9C00E6888F66B6Ch"); + Integer sha512res_test_521p("16200813020EC986863BEDFC1B121F605C1215645018AEA1A7B215A564DE9EB1B38A67AA1128B80CE391C4FB71187654AAA3431027BFC7F395766CA988C964DC56Dh"); + Integer sha512res_test_163k("331AD98D3186F73967B1E0B120C80B1E22EFC2988h"); + Integer sha512res_test_233k("1775ED919CA491B5B014C5D5E86AF53578B5A7976378F192AF665CB705h"); + Integer sha512res_test_283k("00E5F24A223BD459653F682763C3BB322D4EE75DD89C63D4DC61518D543E76585076BBAh"); + Integer sha512res_test_409k("59527CE953BC09DF5E85155CAE7BB1D7F342265F41635545B06044F844ECB4FA6476E7D47420ADC8041E75460EC0A4EC760E95h"); + Integer sha512res_test_571k("14842F97F263587A164B215DD0F912C588A88DC4AB6AF4C530ADC1226F16E086D62C14435E6BFAB56F019886C88922D2321914EE41A8F746AAA2B964822E4AC6F40EE2492B66824h"); + Integer sha512res_test_163r("25AD8B393BC1E9363600FDA1A2AB6DF40079179A3h"); + Integer sha512res_test_233r("09CE5810F1AC68810B0DFFBB6BEEF2E0053BB937969AE7886F9D064A8C4h"); + Integer sha512res_test_283r("14E66B18441FA54C21E3492D0611D2B48E19DE3108D915FD5CA08E786327A2675F11074h"); + Integer sha512res_test_409r("0B90F8A0E757E81D4EA6891766729C96A6D01F9AEDC0D334932D1F81CC4E1973A4F01C33555FF08530A5098CADB6EDAE268ABB5h"); + Integer sha512res_test_571r("21CE6EE4A2C72C9F93BDB3B552F4A633B8C20C200F894F008643240184BE57BB282A1645E47FBBE131E899B4C61244EFC2486D88CDBD1DD4A65EBDD837019D02628D0DCD6ED8FB5h"); + + // RFC 6979 test suite messages. + string data1 = "sample"; + string data2 = "test"; + + // Python ECDSA test suite data for secp256k1 + Integer sha256res1_256k1("8fa1f95d514760e498f28957b824ee6ec39ed64826ff4fecc2b5739ec45b91cdh"); + Integer sha256res2_256k1("2df40ca70e639d89528a6b670d9d48d9165fdc0febc0974056bdce192b8e16a3h"); + Integer sha256res3_256k1("8F8A276C19F4149656B280621E358CCE24F5F52542772691EE69063B74F15D15h"); + Integer sha256res4_256k1("38AA22D72376B4DBC472E06C3BA403EE0A394DA63FC58D88686C611ABA98D6B3h"); + Integer sha256res5_256k1("33A19B60E25FB6F4435AF53A3D42D493644827367E6453928554F43E49AA6F90h"); + Integer sha256res6_256k1("525A82B70E67874398067543FD84C83D30C175FDC45FDEEE082FE13B1D7CFDF1h"); + Integer sha256res7_256k1("1f4b84c23a86a221d233f2521be018d9318639d5b8bbd6374a8a59232d16ad3dh"); + + // Python ECDSA test suite data for secp256k1. + string data1_256k1 = "sample"; + string data2_256k1 = "sample"; + string data3_256k1 = "Satoshi Nakamoto"; + string data4_256k1 = "All those moments will be lost in time, like tears in rain. Time to die..."; + string data5_256k1 = "Satoshi Nakamoto"; + string data6_256k1 = "Alan Turing"; + string data7_256k1 = "There is a computer disease that anybody who works with computers knows about. It's a very serious disease and it interferes completely with the work. The trouble with computers is that you 'play' with them!"; + + // DSA + DSA2::Signer dsa_ds_sha1; + DSA2::Signer dsa_ds_sha224; + DSA2::Signer dsa_ds_sha256; + DSA2::Signer dsa_ds_sha384; + DSA2::Signer dsa_ds_sha512; + + // Technically, some of the tested curves use binary fields (EC2N), not + // prime fields (ECP). k-value creation doesn't care about this. So, for + // code simplicity, we'll just pretend all the curves use prime fields. + ECDSA::Signer ds_sha1; + ECDSA::Signer ds_sha224; + ECDSA::Signer ds_sha256; + ECDSA::Signer ds_sha384; + ECDSA::Signer ds_sha512; + + //// TESTS DISABLED FOR NOW DUE TO CODE REFACTORING. + // Unless otherwise noted, all tests are from RFC 6979. + // DSA-1024 +/* Integer sha1calc_sample_1024 = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha1calc_test_1024 = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha224calc_sample_1024 = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha224calc_test_1024 = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha256calc_sample_1024 = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha256calc_test_1024 = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha384calc_sample_1024 = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha384calc_test_1024 = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha512calc_sample_1024 = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + Integer sha512calc_test_1024 = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_1024, + ord_1024.BitCount(), + prvkey_1024); + + bool pass = (sha1calc_sample_1024 == sha1res_sample_1024); + pass &= (sha1calc_test_1024 == sha1res_test_1024); + pass &= (sha224calc_sample_1024 == sha224res_sample_1024); + pass &= (sha224calc_test_1024 == sha224res_test_1024); + pass &= (sha256calc_sample_1024 == sha256res_sample_1024); + pass &= (sha256calc_test_1024 == sha256res_test_1024); + pass &= (sha384calc_sample_1024 == sha384res_sample_1024); + pass &= (sha384calc_test_1024 == sha384res_test_1024); + pass &= (sha512calc_sample_1024 == sha512res_sample_1024); + pass &= (sha512calc_test_1024 == sha512res_test_1024); + cout << (pass ? "passed" : "FAILED") << " DSA-1024" << endl; + + // DSA-2048 + Integer sha1calc_sample_2048 = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha1calc_test_2048 = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha224calc_sample_2048 = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha224calc_test_2048 = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha256calc_sample_2048 = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha256calc_test_2048 = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha384calc_sample_2048 = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha384calc_test_2048 = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha512calc_sample_2048 = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + Integer sha512calc_test_2048 = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_2048, + ord_2048.BitCount(), + prvkey_2048); + + pass = (sha1calc_sample_2048 == sha1res_sample_2048); + pass &= (sha1calc_test_2048 == sha1res_test_2048); + pass &= (sha224calc_sample_2048 == sha224res_sample_2048); + pass &= (sha224calc_test_2048 == sha224res_test_2048); + pass &= (sha256calc_sample_2048 == sha256res_sample_2048); + pass &= (sha256calc_test_2048 == sha256res_test_2048); + pass &= (sha384calc_sample_2048 == sha384res_sample_2048); + pass &= (sha384calc_test_2048 == sha384res_test_2048); + pass &= (sha512calc_sample_2048 == sha512res_sample_2048); + pass &= (sha512calc_test_2048 == sha512res_test_2048); + cout << (pass ? "passed" : "FAILED") << " DSA-2048" << endl; + + // secp192r1 + Integer sha1calc_sample_192p = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha1calc_test_192p = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha224calc_sample_192p = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha224calc_test_192p = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha256calc_sample_192p = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha256calc_test_192p = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha384calc_sample_192p = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha384calc_test_192p = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha512calc_sample_192p = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + Integer sha512calc_test_192p = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_192p, + ord_192p.BitCount(), + prvkey_192p); + + pass = (sha1calc_sample_192p == sha1res_sample_192p); + pass &= (sha1calc_test_192p == sha1res_test_192p); + pass &= (sha224calc_sample_192p == sha224res_sample_192p); + pass &= (sha224calc_test_192p == sha224res_test_192p); + pass &= (sha256calc_sample_192p == sha256res_sample_192p); + pass &= (sha256calc_test_192p == sha256res_test_192p); + pass &= (sha384calc_sample_192p == sha384res_sample_192p); + pass &= (sha384calc_test_192p == sha384res_test_192p); + pass &= (sha512calc_sample_192p == sha512res_sample_192p); + pass &= (sha512calc_test_192p == sha512res_test_192p); + cout << (pass ? "passed" : "FAILED") << " secp192r1" << endl; + + // secp224r1 + Integer sha1calc_sample_224p = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha1calc_test_224p = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha224calc_sample_224p = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha224calc_test_224p = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha256calc_sample_224p = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha256calc_test_224p = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha384calc_sample_224p = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha384calc_test_224p = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha512calc_sample_224p = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + Integer sha512calc_test_224p = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_224p, + ord_224p.BitCount(), + prvkey_224p); + + pass = (sha1calc_sample_224p == sha1res_sample_224p); + pass &= (sha1calc_test_224p == sha1res_test_224p); + pass &= (sha224calc_sample_224p == sha224res_sample_224p); + pass &= (sha224calc_test_224p == sha224res_test_224p); + pass &= (sha256calc_sample_224p == sha256res_sample_224p); + pass &= (sha256calc_test_224p == sha256res_test_224p); + pass &= (sha384calc_sample_224p == sha384res_sample_224p); + pass &= (sha384calc_test_224p == sha384res_test_224p); + pass &= (sha512calc_sample_224p == sha512res_sample_224p); + pass &= (sha512calc_test_224p == sha512res_test_224p); + cout << (pass ? "passed" : "FAILED") << " secp224r1" << endl; + + // secp256r1 + Integer sha1calc_sample_256p = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha1calc_test_256p = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha224calc_sample_256p = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha224calc_test_256p = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha256calc_sample_256p = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha256calc_test_256p = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha384calc_sample_256p = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha384calc_test_256p = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha512calc_sample_256p = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + Integer sha512calc_test_256p = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_256p, + ord_256p.BitCount(), + prvkey_256p); + + pass = (sha1calc_sample_256p == sha1res_sample_256p); + pass &= (sha1calc_test_256p == sha1res_test_256p); + pass &= (sha224calc_sample_256p == sha224res_sample_256p); + pass &= (sha224calc_test_256p == sha224res_test_256p); + pass &= (sha256calc_sample_256p == sha256res_sample_256p); + pass &= (sha256calc_test_256p == sha256res_test_256p); + pass &= (sha384calc_sample_256p == sha384res_sample_256p); + pass &= (sha384calc_test_256p == sha384res_test_256p); + pass &= (sha512calc_sample_256p == sha512res_sample_256p); + pass &= (sha512calc_test_256p == sha512res_test_256p); + cout << (pass ? "passed" : "FAILED") << " secp256r1" << endl; + + // secp384r1 + Integer sha1calc_sample_384p = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha1calc_test_384p = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha224calc_sample_384p = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha224calc_test_384p = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha256calc_sample_384p = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha256calc_test_384p = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha384calc_sample_384p = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha384calc_test_384p = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha512calc_sample_384p = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + Integer sha512calc_test_384p = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_384p, + ord_384p.BitCount(), + prvkey_384p); + + pass = (sha1calc_sample_384p == sha1res_sample_384p); + pass &= (sha1calc_test_384p == sha1res_test_384p); + pass &= (sha224calc_sample_384p == sha224res_sample_384p); + pass &= (sha224calc_test_384p == sha224res_test_384p); + pass &= (sha256calc_sample_384p == sha256res_sample_384p); + pass &= (sha256calc_test_384p == sha256res_test_384p); + pass &= (sha384calc_sample_384p == sha384res_sample_384p); + pass &= (sha384calc_test_384p == sha384res_test_384p); + pass &= (sha512calc_sample_384p == sha512res_sample_384p); + pass &= (sha512calc_test_384p == sha512res_test_384p); + cout << (pass ? "passed" : "FAILED") << " secp384r1" << endl; + + // secp521r1 + Integer sha1calc_sample_521p = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha1calc_test_521p = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha224calc_sample_521p = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha224calc_test_521p = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha256calc_sample_521p = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha256calc_test_521p = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha384calc_sample_521p = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha384calc_test_521p = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha512calc_sample_521p = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + Integer sha512calc_test_521p = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_521p, + ord_521p.BitCount(), + prvkey_521p); + + pass = (sha1calc_sample_521p == sha1res_sample_521p); + pass &= (sha1calc_test_521p == sha1res_test_521p); + pass &= (sha224calc_sample_521p == sha224res_sample_521p); + pass &= (sha224calc_test_521p == sha224res_test_521p); + pass &= (sha256calc_sample_521p == sha256res_sample_521p); + pass &= (sha256calc_test_521p == sha256res_test_521p); + pass &= (sha384calc_sample_521p == sha384res_sample_521p); + pass &= (sha384calc_test_521p == sha384res_test_521p); + pass &= (sha512calc_sample_521p == sha512res_sample_521p); + pass &= (sha512calc_test_521p == sha512res_test_521p); + cout << (pass ? "passed" : "FAILED") << " secp521r1" << endl; + + // 163-bit Koblitz curve + Integer sha1calc_sample_163k = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha1calc_test_163k = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha224calc_sample_163k = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha224calc_test_163k = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha256calc_sample_163k = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha256calc_test_163k = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha384calc_sample_163k = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha384calc_test_163k = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha512calc_sample_163k = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + Integer sha512calc_test_163k = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163k, + ord_163k.BitCount(), + prvkey_163k); + + pass = (sha1calc_sample_163k == sha1res_sample_163k); + pass &= (sha1calc_test_163k == sha1res_test_163k); + pass &= (sha224calc_sample_163k == sha224res_sample_163k); + pass &= (sha224calc_test_163k == sha224res_test_163k); + pass &= (sha256calc_sample_163k == sha256res_sample_163k); + pass &= (sha256calc_test_163k == sha256res_test_163k); + pass &= (sha384calc_sample_163k == sha384res_sample_163k); + pass &= (sha384calc_test_163k == sha384res_test_163k); + pass &= (sha512calc_sample_163k == sha512res_sample_163k); + pass &= (sha512calc_test_163k == sha512res_test_163k); + cout << (pass ? "passed" : "FAILED") << " 163-bit Koblitz" << endl; + + // 233-bit Koblitz curve + Integer sha1calc_sample_233k = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha1calc_test_233k = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha224calc_sample_233k = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha224calc_test_233k = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha256calc_sample_233k = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha256calc_test_233k = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha384calc_sample_233k = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha384calc_test_233k = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha512calc_sample_233k = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + Integer sha512calc_test_233k = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233k, + ord_233k.BitCount(), + prvkey_233k); + + pass = (sha1calc_sample_233k == sha1res_sample_233k); + pass &= (sha1calc_test_233k == sha1res_test_233k); + pass &= (sha224calc_sample_233k == sha224res_sample_233k); + pass &= (sha224calc_test_233k == sha224res_test_233k); + pass &= (sha256calc_sample_233k == sha256res_sample_233k); + pass &= (sha256calc_test_233k == sha256res_test_233k); + pass &= (sha384calc_sample_233k == sha384res_sample_233k); + pass &= (sha384calc_test_233k == sha384res_test_233k); + pass &= (sha512calc_sample_233k == sha512res_sample_233k); + pass &= (sha512calc_test_233k == sha512res_test_233k); + cout << (pass ? "passed" : "FAILED") << " 233-bit Koblitz" << endl; + + // 283-bit Koblitz curve + Integer sha1calc_sample_283k = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha1calc_test_283k = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha224calc_sample_283k = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha224calc_test_283k = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha256calc_sample_283k = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha256calc_test_283k = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha384calc_sample_283k = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha384calc_test_283k = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha512calc_sample_283k = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + Integer sha512calc_test_283k = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283k, + ord_283k.BitCount(), + prvkey_283k); + + pass = (sha1calc_sample_283k == sha1res_sample_283k); + pass &= (sha1calc_test_283k == sha1res_test_283k); + pass &= (sha224calc_sample_283k == sha224res_sample_283k); + pass &= (sha224calc_test_283k == sha224res_test_283k); + pass &= (sha256calc_sample_283k == sha256res_sample_283k); + pass &= (sha256calc_test_283k == sha256res_test_283k); + pass &= (sha384calc_sample_283k == sha384res_sample_283k); + pass &= (sha384calc_test_283k == sha384res_test_283k); + pass &= (sha512calc_sample_283k == sha512res_sample_283k); + pass &= (sha512calc_test_283k == sha512res_test_283k); + cout << (pass ? "passed" : "FAILED") << " 283-bit Koblitz" << endl; + + // 409-bit Koblitz curve + Integer sha1calc_sample_409k = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha1calc_test_409k = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha224calc_sample_409k = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha224calc_test_409k = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha256calc_sample_409k = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha256calc_test_409k = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha384calc_sample_409k = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha384calc_test_409k = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha512calc_sample_409k = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + Integer sha512calc_test_409k = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409k, + ord_409k.BitCount(), + prvkey_409k); + + pass = (sha1calc_sample_409k == sha1res_sample_409k); + pass &= (sha1calc_test_409k == sha1res_test_409k); + pass &= (sha224calc_sample_409k == sha224res_sample_409k); + pass &= (sha224calc_test_409k == sha224res_test_409k); + pass &= (sha256calc_sample_409k == sha256res_sample_409k); + pass &= (sha256calc_test_409k == sha256res_test_409k); + pass &= (sha384calc_sample_409k == sha384res_sample_409k); + pass &= (sha384calc_test_409k == sha384res_test_409k); + pass &= (sha512calc_sample_409k == sha512res_sample_409k); + pass &= (sha512calc_test_409k == sha512res_test_409k); + cout << (pass ? "passed" : "FAILED") << " 409-bit Koblitz" << endl; + + // 571-bit Koblitz curve + Integer sha1calc_sample_571k = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha1calc_test_571k = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha224calc_sample_571k = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha224calc_test_571k = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha256calc_sample_571k = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha256calc_test_571k = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha384calc_sample_571k = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha384calc_test_571k = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha512calc_sample_571k = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + Integer sha512calc_test_571k = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571k, + ord_571k.BitCount(), + prvkey_571k); + + pass = (sha1calc_sample_571k == sha1res_sample_571k); + pass &= (sha1calc_test_571k == sha1res_test_571k); + pass &= (sha224calc_sample_571k == sha224res_sample_571k); + pass &= (sha224calc_test_571k == sha224res_test_571k); + pass &= (sha256calc_sample_571k == sha256res_sample_571k); + pass &= (sha256calc_test_571k == sha256res_test_571k); + pass &= (sha384calc_sample_571k == sha384res_sample_571k); + pass &= (sha384calc_test_571k == sha384res_test_571k); + pass &= (sha512calc_sample_571k == sha512res_sample_571k); + pass &= (sha512calc_test_571k == sha512res_test_571k); + cout << (pass ? "passed" : "FAILED") << " 571-bit Koblitz" << endl; + + // 163-bit pseudorandom curve + Integer sha1calc_sample_163r = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha1calc_test_163r = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha224calc_sample_163r = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha224calc_test_163r = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha256calc_sample_163r = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha256calc_test_163r = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha384calc_sample_163r = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha384calc_test_163r = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha512calc_sample_163r = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + Integer sha512calc_test_163r = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_163r, + ord_163r.BitCount(), + prvkey_163r); + + pass = (sha1calc_sample_163r == sha1res_sample_163r); + pass &= (sha1calc_test_163r == sha1res_test_163r); + pass &= (sha224calc_sample_163r == sha224res_sample_163r); + pass &= (sha224calc_test_163r == sha224res_test_163r); + pass &= (sha256calc_sample_163r == sha256res_sample_163r); + pass &= (sha256calc_test_163r == sha256res_test_163r); + pass &= (sha384calc_sample_163r == sha384res_sample_163r); + pass &= (sha384calc_test_163r == sha384res_test_163r); + pass &= (sha512calc_sample_163r == sha512res_sample_163r); + pass &= (sha512calc_test_163r == sha512res_test_163r); + cout << (pass ? "passed" : "FAILED") << " 163-bit pseudorandom" << endl; + + // 233-bit pseudorandom curve + Integer sha1calc_sample_233r = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha1calc_test_233r = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha224calc_sample_233r = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha224calc_test_233r = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha256calc_sample_233r = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha256calc_test_233r = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha384calc_sample_233r = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha384calc_test_233r = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha512calc_sample_233r = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + Integer sha512calc_test_233r = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_233r, + ord_233r.BitCount(), + prvkey_233r); + + pass = (sha1calc_sample_233r == sha1res_sample_233r); + pass &= (sha1calc_test_233r == sha1res_test_233r); + pass &= (sha224calc_sample_233r == sha224res_sample_233r); + pass &= (sha224calc_test_233r == sha224res_test_233r); + pass &= (sha256calc_sample_233r == sha256res_sample_233r); + pass &= (sha256calc_test_233r == sha256res_test_233r); + pass &= (sha384calc_sample_233r == sha384res_sample_233r); + pass &= (sha384calc_test_233r == sha384res_test_233r); + pass &= (sha512calc_sample_233r == sha512res_sample_233r); + pass &= (sha512calc_test_233r == sha512res_test_233r); + cout << (pass ? "passed" : "FAILED") << " 233-bit pseudorandom" << endl; + + // 283-bit pseudorandom curve + Integer sha1calc_sample_283r = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha1calc_test_283r = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha224calc_sample_283r = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha224calc_test_283r = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha256calc_sample_283r = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha256calc_test_283r = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha384calc_sample_283r = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha384calc_test_283r = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha512calc_sample_283r = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + Integer sha512calc_test_283r = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_283r, + ord_283r.BitCount(), + prvkey_283r); + + pass = (sha1calc_sample_283r == sha1res_sample_283r); + pass &= (sha1calc_test_283r == sha1res_test_283r); + pass &= (sha224calc_sample_283r == sha224res_sample_283r); + pass &= (sha224calc_test_283r == sha224res_test_283r); + pass &= (sha256calc_sample_283r == sha256res_sample_283r); + pass &= (sha256calc_test_283r == sha256res_test_283r); + pass &= (sha384calc_sample_283r == sha384res_sample_283r); + pass &= (sha384calc_test_283r == sha384res_test_283r); + pass &= (sha512calc_sample_283r == sha512res_sample_283r); + pass &= (sha512calc_test_283r == sha512res_test_283r); + cout << (pass ? "passed" : "FAILED") << " 283-bit pseudorandom" << endl; + + // 409-bit pseudorandom curve + Integer sha1calc_sample_409r = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha1calc_test_409r = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha224calc_sample_409r = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha224calc_test_409r = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha256calc_sample_409r = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha256calc_test_409r = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha384calc_sample_409r = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha384calc_test_409r = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha512calc_sample_409r = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + Integer sha512calc_test_409r = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_409r, + ord_409r.BitCount(), + prvkey_409r); + + pass = (sha1calc_sample_409r == sha1res_sample_409r); + pass &= (sha1calc_test_409r == sha1res_test_409r); + pass &= (sha224calc_sample_409r == sha224res_sample_409r); + pass &= (sha224calc_test_409r == sha224res_test_409r); + pass &= (sha256calc_sample_409r == sha256res_sample_409r); + pass &= (sha256calc_test_409r == sha256res_test_409r); + pass &= (sha384calc_sample_409r == sha384res_sample_409r); + pass &= (sha384calc_test_409r == sha384res_test_409r); + pass &= (sha512calc_sample_409r == sha512res_sample_409r); + pass &= (sha512calc_test_409r == sha512res_test_409r); + cout << (pass ? "passed" : "FAILED") << " 409-bit pseudorandom" << endl; + + // 571-bit pseudorandom curve + Integer sha1calc_sample_571r = ds_sha1.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha1calc_test_571r = ds_sha1.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha224calc_sample_571r = ds_sha224.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha224calc_test_571r = ds_sha224.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha256calc_sample_571r = ds_sha256.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha256calc_test_571r = ds_sha256.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha384calc_sample_571r = ds_sha384.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha384calc_test_571r = ds_sha384.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha512calc_sample_571r = ds_sha512.getDetKVal(reinterpret_cast(data1.c_str()), + strlen(data1.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + Integer sha512calc_test_571r = ds_sha512.getDetKVal(reinterpret_cast(data2.c_str()), + strlen(data2.c_str()), + ord_571r, + ord_571r.BitCount(), + prvkey_571r); + + pass = (sha1calc_sample_571r == sha1res_sample_571r); + pass &= (sha1calc_test_571r == sha1res_test_571r); + pass &= (sha224calc_sample_571r == sha224res_sample_571r); + pass &= (sha224calc_test_571r == sha224res_test_571r); + pass &= (sha256calc_sample_571r == sha256res_sample_571r); + pass &= (sha256calc_test_571r == sha256res_test_571r); + pass &= (sha384calc_sample_571r == sha384res_sample_571r); + pass &= (sha384calc_test_571r == sha384res_test_571r); + pass &= (sha512calc_sample_571r == sha512res_sample_571r); + pass &= (sha512calc_test_571r == sha512res_test_571r); + cout << (pass ? "passed" : "FAILED") << " 571-bit pseudorandom" << endl; + cout << "RFC 6979 Validation Suite Completed" << endl; + + cout << "RFC 6979 Unofficial Validation Suite Started" << endl; + // secp256k1 (Not part of RFC 6979 - Taken from Python test harnessses) + Integer sha256calc1_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data1_256k1.c_str()), + strlen(data1_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey1_256k1); + Integer sha256calc2_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data2_256k1.c_str()), + strlen(data2_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey2_256k1); + Integer sha256calc3_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data3_256k1.c_str()), + strlen(data3_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey3_256k1); + Integer sha256calc4_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data4_256k1.c_str()), + strlen(data4_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey4_256k1); + Integer sha256calc5_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data5_256k1.c_str()), + strlen(data5_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey5_256k1); + Integer sha256calc6_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data6_256k1.c_str()), + strlen(data6_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey6_256k1); + Integer sha256calc7_256k1 = ds_sha256.getDetKVal(reinterpret_cast(data7_256k1.c_str()), + strlen(data7_256k1.c_str()), + ord_256k1, + ord_256k1.BitCount(), + prvkey7_256k1); + + pass = (sha256calc1_256k1 == sha256res1_256k1); + pass = (sha256calc2_256k1 == sha256res2_256k1); + pass = (sha256calc3_256k1 == sha256res3_256k1); + pass = (sha256calc4_256k1 == sha256res4_256k1); + pass = (sha256calc5_256k1 == sha256res5_256k1); + pass = (sha256calc6_256k1 == sha256res6_256k1); + pass = (sha256calc7_256k1 == sha256res7_256k1); + cout << (pass ? "passed" : "FAILED") << " secp256k1" << endl; + cout << "RFC 6979 Unofficial Validation Suite Completed" << endl; + + return pass; +*/ + return true; +} + bool ValidateECP() { cout << "\nECP validation suite running...\n\n"; diff --git a/validate.h b/validate.h index 6c0c4793..e59016ca 100644 --- a/validate.h +++ b/validate.h @@ -83,6 +83,7 @@ bool ValidateXTR_DH(); bool ValidateRabin(); bool ValidateRW(); //bool ValidateBlumGoldwasser(); +bool ValidateRFC6979(); bool ValidateECP(); bool ValidateEC2N(); bool ValidateECDSA();