summaryrefslogtreecommitdiffstats
path: root/crypto/p224_unittest.cc
diff options
context:
space:
mode:
authoragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-07-27 21:25:19 +0000
committeragl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2012-07-27 21:25:19 +0000
commit5edb84671e92de756662871e912488107d15dedd (patch)
tree5da0baeb94a3385173fbcc65d13c07f0991beee4 /crypto/p224_unittest.cc
parent2500961f4fdfc570c0b51f027547a734d03c6bd3 (diff)
downloadchromium_src-5edb84671e92de756662871e912488107d15dedd.zip
chromium_src-5edb84671e92de756662871e912488107d15dedd.tar.gz
chromium_src-5edb84671e92de756662871e912488107d15dedd.tar.bz2
crypto: special case ∞+a, a+∞ and a+a in p224.
In unrelated work, I found that the group addition formula used in p224.cc doesn't work when one of the arguments is the point at infinity. This change catches that case and simplifies the ScalarMult loop as a consequence. In the course of doing this, I found a couple of bugs in Contract that would have produced the wrong answer is very rare cases. I also added a catch for a+a. This can't happen in the ScalarMult loop, but it could happen from SPAKE2 at a rate of 1 in ~2**220 evaluations. BUG=none TEST=crypto_unittests Review URL: https://chromiumcodereview.appspot.com/10822019 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@148815 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto/p224_unittest.cc')
-rw-r--r--crypto/p224_unittest.cc15
1 files changed, 14 insertions, 1 deletions
diff --git a/crypto/p224_unittest.cc b/crypto/p224_unittest.cc
index 1ab2ff7..c6acfdd 100644
--- a/crypto/p224_unittest.cc
+++ b/crypto/p224_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
@@ -806,3 +806,16 @@ TEST(P224, Addition) {
p224::Add(minus_b, sum, &a_again);
EXPECT_TRUE(a_again.ToString() == a.ToString());
}
+
+TEST(P224, Infinity) {
+ char zeros[56];
+ memset(zeros, 0, sizeof(zeros));
+
+ // Test that x^0 = ∞.
+ Point a;
+ p224::ScalarBaseMult(reinterpret_cast<const uint8*>(zeros), &a);
+ EXPECT_TRUE(memcmp(zeros, a.ToString().data(), sizeof(zeros)) == 0);
+
+ // We shouldn't allow ∞ to be imported.
+ EXPECT_FALSE(a.SetFromString(std::string(zeros, sizeof(zeros))));
+}