diff --git a/internal/util.go b/internal/util.go index 43a5b41..0733e37 100644 --- a/internal/util.go +++ b/internal/util.go @@ -27,11 +27,14 @@ func Bytes(bits int) int { func ReadBits(dst []byte, rand io.Reader, bits int) ([]byte, error) { i := Bytes(bits) - if cap(dst) < i { - dst = make([]byte, i) - } else { - for len(dst) < i { - dst = append(dst, 0) + + if i < len(dst) { + dst = dst[:i] + } else if len(dst) < i { + if i <= cap(dst) { + dst = dst[:i] + } else { + dst = make([]byte, i) } } diff --git a/kcdsa/internal/domain.go b/kcdsa/internal/domain.go deleted file mode 100644 index c68bbb7..0000000 --- a/kcdsa/internal/domain.go +++ /dev/null @@ -1,61 +0,0 @@ -package internal - -import ( - "crypto/sha256" - "hash" -) - -type _ParameterSizes int - -const ( - _L2048N224SHA224 _ParameterSizes = iota - _L2048N224SHA256 - _L2048N256SHA256 - _L3072N256SHA256 -) - -type Domain struct { - A, B int // 소수 p와 q의 비트 길이를 각각 α와 β라 할 때, 두 값의 순서 쌍 - LH int // 해시 코드의 비트 길이 - L int // ℓ 해시 함수의 입력 블록 비트 길이 - - NewHash func() hash.Hash -} - -var ( - paramValuesMap = map[_ParameterSizes]Domain{ - _L2048N224SHA224: { - A: 2048, - B: 224, - LH: 28, - NewHash: sha256.New224, - L: 512, - }, - _L2048N224SHA256: { - A: 2048, - B: 224, - LH: 32, - NewHash: sha256.New, - L: 512, - }, - _L2048N256SHA256: { - A: 2048, - B: 256, - LH: 32, - NewHash: sha256.New, - L: 512, - }, - _L3072N256SHA256: { - A: 3072, - B: 256, - LH: 32, - NewHash: sha256.New, - L: 512, - }, - } -) - -func GetDomain(sizes int) (Domain, bool) { - p, ok := paramValuesMap[_ParameterSizes(sizes)] - return p, ok -} diff --git a/kcdsa/internal/kcdsa.go b/kcdsa/internal/kcdsa.go deleted file mode 100644 index 58fb45d..0000000 --- a/kcdsa/internal/kcdsa.go +++ /dev/null @@ -1,162 +0,0 @@ -package internal - -import ( - "crypto/subtle" - "hash" - "math/big" - - "github.com/RyuaNerin/go-krypto/internal" -) - -var ( - one = big.NewInt(1) -) - -func Sign(P, Q, G, Y, X, K *big.Int, h hash.Hash, data []byte) (r, s *big.Int, err error) { - // Q 생성할 때, Q 사이즈를 doamin.B 사이즈랑 동일하게 생성한다. - B := Q.BitLen() - - buf := make([]byte, 0, h.Size()) - - // step 2. w = g^k mod p - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 2. w = g^k mod p") - //fmt.Println("G = 0x" + hex.EncodeToString(G.Bytes())) - //fmt.Println("K = 0x" + hex.EncodeToString(K.Bytes())) - //fmt.Println("P = 0x" + hex.EncodeToString(P.Bytes())) - W := new(big.Int).Exp(G, K, P) - //fmt.Println("W = 0x" + hex.EncodeToString(W.Bytes())) - - // step 3. R = h(W) mod 2^β (w를 바이트 열로 변환 후 해시한 결과의 바이트 열에서 β 비트만큼 절삭): - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 3. R = h(W) mod 2^β") - h.Reset() - h.Write(W.Bytes()) - RBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) - R := new(big.Int).SetBytes(RBytes) - //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) - - // step 4. Z = Y mod 2^l - i2l := new(big.Int).Lsh(one, uint(h.BlockSize())*8) - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 4. Z = Y mod 2^l") - //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) - //fmt.Println("2l = 0x" + hex.EncodeToString(i2l.Bytes())) - Z := new(big.Int).Mod(Y, i2l) - ZBytes := Z.Bytes() - //fmt.Println("Z = 0x" + hex.EncodeToString(ZBytes)) - - // step 5. h = trunc(Hash(Z||M), β) - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 5. h = trunc(Hash(Z||M), β)") - h.Reset() - h.Write(ZBytes) - h.Write(data) - HBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) - H := new(big.Int).SetBytes(HBytes) - //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) - - // step 6. E = (R xor H) mod Q - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 6. E = (R xor H) mod Q") - //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) - //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) - //fmt.Println("Q = 0x" + hex.EncodeToString(Q.Bytes())) - E := new(big.Int).Xor(R, H) - E.Mod(E, Q) - //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) - - //step 7. S = X(K-E) mod Q - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 7. S = X(K-E) mod Q") - //fmt.Println("X = 0x" + hex.EncodeToString(X.Bytes())) - //fmt.Println("K = 0x" + hex.EncodeToString(K.Bytes())) - //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) - //fmt.Println("Q = 0x" + hex.EncodeToString(Q.Bytes())) - K.Mod(K.Sub(K, E), Q) - S := new(big.Int).Mul(X, K) - S.Mod(S, Q) - //fmt.Println("S = 0x" + hex.EncodeToString(S.Bytes())) - - r = R - s = S - - return -} - -func Verify(P, Q, G, Y *big.Int, h hash.Hash, data []byte, R, S *big.Int) bool { - // Q 생성할 때, Q 사이즈를 doamin.B 사이즈랑 동일하게 생성한다. - B := Q.BitLen() - - // step 1. 수신된 서명 {R', S'}에 대해 |R'|=LH, 0 < S' < Q 임을 확인한다. - if P.Sign() <= 0 { - return false - } - - if S.Sign() < 1 || S.Cmp(Q) >= 0 { - return false - } - - buf := make([]byte, h.Size()) - - // step 2. Z = Y mod 2^l - i2l := new(big.Int).Lsh(one, uint(h.BlockSize())*8) - - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 2. Z = Y mod 2^l") - //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) - //fmt.Println("2l = 0x" + hex.EncodeToString(i2l.Bytes())) - Z := new(big.Int).Mod(Y, i2l) - ZBytes := Z.Bytes() - //fmt.Println("Z = 0x" + hex.EncodeToString(ZBytes)) - - // step 3. h = trunc(Hash(Z||M), β) - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 3. h = trunc(Hash(Z||M), β)") - h.Reset() - h.Write(ZBytes) - h.Write(data) - HBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) - H := new(big.Int).SetBytes(HBytes) - //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) - - // step 4. E' = (R' xor H') mod Q - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 4. E' = (R' xor H') mod Q") - //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) - //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) - //fmt.Println("Q = 0x" + hex.EncodeToString(Q.Bytes())) - E := new(big.Int).Xor(R, H) - E.Mod(E, Q) - //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) - - // step 5. W' = Y ^ {S'} G ^ {E'} mod P - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 5. W' = Y ^ {S'} G ^ {E'} mod P") - //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) - //fmt.Println("G = 0x" + hex.EncodeToString(G.Bytes())) - //fmt.Println("S = 0x" + hex.EncodeToString(S.Bytes())) - //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) - //fmt.Println("P = 0x" + hex.EncodeToString(P.Bytes())) - W := new(big.Int).Exp(Y, S, P) - E.Exp(G, E, P) - W.Mul(W, E) - W.Mod(W, P) - //fmt.Println("W = 0x" + hex.EncodeToString(W.Bytes())) - - // step 6. trunc(Hash(W'), β) = R'이 성립하는지 확인한다. - //fmt.Println("--------------------------------------------------") - //fmt.Println("step 6. trunc(Hash(W'), β) = R'") - h.Reset() - h.Write(W.Bytes()) - rBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) - r := new(big.Int).SetBytes(rBytes) - //fmt.Println("r = 0x" + hex.EncodeToString(r.Bytes())) - //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) - - return bigIntEqual(R, r) -} - -func bigIntEqual(a, b *big.Int) bool { - return subtle.ConstantTimeCompare(a.Bytes(), b.Bytes()) == 1 -} diff --git a/kcdsa/internal/kcdsa_test.go b/kcdsa/internal/kcdsa_test.go deleted file mode 100644 index 15f57aa..0000000 --- a/kcdsa/internal/kcdsa_test.go +++ /dev/null @@ -1,86 +0,0 @@ -package internal - -import ( - "bufio" - "crypto/rand" - "errors" - "math/big" - "testing" -) - -var rnd = bufio.NewReaderSize(rand.Reader, 1<<15) - -type testCase struct { - Sizes _ParameterSizes - - M []byte - - Seed_ []byte - J *big.Int - Count int - P, Q *big.Int - - H []byte - G *big.Int - - XKEY []byte - X *big.Int - Y, Z *big.Int - - KKEY *big.Int - R *big.Int - S *big.Int - - Fail bool -} - -func Test_SignVerify_With_BadPublicKey(t *testing.T) { - for idx, tc := range testCase_TestVector { - tc2 := testCase_TestVector[(idx+1)%len(testCase_TestVector)] - - domain, _ := GetDomain(int(tc.Sizes)) - - ok := Verify(tc2.P, tc2.Q, tc2.G, tc2.Y, domain.NewHash(), tc.M, tc.R, tc.S) - if ok { - t.Errorf("Verify unexpected success with non-existent mod inverse of Q") - return - } - } -} - -func generateK(Q *big.Int) (K *big.Int, err error) { - if Q.Sign() <= 0 || Q.BitLen()%8 != 0 { - return nil, errors.New("invalid public key") - } - - privQMinus1 := new(big.Int).Sub(Q, one) - - // step 1. 난수 k를 [1, Q-1]에서 임의로 선택한다. - for { - // K = [0 ~ q-2] - K, err = rand.Int(rnd, privQMinus1) - if err != nil { - return - } - // k = K + 1 -> [1 ~ q-1] - K.Add(K, one) - - if K.Sign() > 0 && K.Cmp(Q) < 0 { - break - } - } - - return -} - -func testVerify(t *testing.T, testCases []testCase) { - for _, tc := range testCases { - domain, _ := GetDomain(int(tc.Sizes)) - - ok := Verify(tc.P, tc.Q, tc.G, tc.Y, domain.NewHash(), tc.M, tc.R, tc.S) - if ok == tc.Fail { - t.Errorf("verify failed") - return - } - } -} diff --git a/kcdsa/kcdsa.go b/kcdsa/kcdsa.go index 81f1835..01b09d0 100644 --- a/kcdsa/kcdsa.go +++ b/kcdsa/kcdsa.go @@ -3,6 +3,7 @@ package kcdsa import ( "crypto/rand" + "crypto/sha256" "errors" "hash" "io" @@ -10,11 +11,11 @@ import ( "github.com/RyuaNerin/go-krypto/internal" "github.com/RyuaNerin/go-krypto/internal/randutil" - kcdsainternal "github.com/RyuaNerin/go-krypto/kcdsa/internal" ) var ( ErrInvalidPublicKey = errors.New("krypto/kcdsa: invalid public key") + ErrInvalidTTAKParameters = errors.New("krypto/kcdsa: invalid ttak parameters") ErrInvalidParameterSizes = errors.New("krypto/kcdsa: invalid ParameterSizes") ErrParametersNotSetUp = errors.New("krypto/kcdsa: parameters not set up before generating key") ) @@ -28,8 +29,54 @@ const ( L3072N256SHA256 ) +type domain struct { + A, B int // 소수 p와 q의 비트 길이를 각각 α와 β라 할 때, 두 값의 순서 쌍 + LH int // 해시 코드의 비트 길이 + L int // ℓ 해시 함수의 입력 블록 비트 길이 + + NewHash func() hash.Hash +} + +var ( + paramValuesMap = map[ParameterSizes]domain{ + L2048N224SHA224: { + A: 2048, + B: 224, + LH: 28, + NewHash: sha256.New224, + L: 512, + }, + L2048N224SHA256: { + A: 2048, + B: 224, + LH: 32, + NewHash: sha256.New, + L: 512, + }, + L2048N256SHA256: { + A: 2048, + B: 256, + LH: 32, + NewHash: sha256.New, + L: 512, + }, + L3072N256SHA256: { + A: 3072, + B: 256, + LH: 32, + NewHash: sha256.New, + L: 512, + }, + } +) + +func (sizes ParameterSizes) domain() (domain, bool) { + p, ok := paramValuesMap[ParameterSizes(sizes)] + return p, ok +} + func (ps ParameterSizes) Hash() hash.Hash { - domain, ok := kcdsainternal.GetDomain(int(ps)) + domain, ok := ps.domain() if !ok { panic(ErrInvalidParameterSizes.Error()) } @@ -44,7 +91,7 @@ var ( // using the prime number generator used in crypto/dsa package. func GenerateParameters(params *Parameters, rand io.Reader, sizes ParameterSizes) (err error) { // https://cs.opensource.google/go/go/+/refs/tags/go1.18:src/crypto/dsa/dsa.go;l=65-155 - domain, ok := kcdsainternal.GetDomain(int(sizes)) + domain, ok := sizes.domain() if !ok { return ErrInvalidParameterSizes } @@ -145,7 +192,6 @@ func GenerateKey(priv *PrivateKey, rand io.Reader) error { return nil } -// Sign data using K generated randomly like in crypto/dsa packages. func Sign(randReader io.Reader, priv *PrivateKey, h hash.Hash, data []byte) (r, s *big.Int, err error) { randutil.MaybeReadByte(randReader) @@ -156,25 +202,194 @@ func Sign(randReader io.Reader, priv *PrivateKey, h hash.Hash, data []byte) (r, privQMinus1 := new(big.Int).Sub(priv.Q, one) - // step 1. 난수 k를 [1, Q-1]에서 임의로 선택한다. - var K *big.Int - for { - // K = [0 ~ q-2] - K, err = rand.Int(randReader, privQMinus1) + var attempts int + for attempts = 10; attempts > 0; attempts-- { + // step 1. 난수 k를 [1, Q-1]에서 임의로 선택한다. + var K *big.Int + for { + // K = [0 ~ q-2] + K, err = rand.Int(randReader, privQMinus1) + if err != nil { + return nil, nil, err + } + // k = K + 1 -> [1 ~ q-1] + K.Add(K, one) + + if K.Sign() > 0 && K.Cmp(priv.Q) < 0 { + break + } + } + + r, s, err = sign(priv, K, h, data) if err != nil { - return + return nil, nil, err + } + if r.Sign() == 0 { + continue } - // k = K + 1 -> [1 ~ q-1] - K.Add(K, one) - if K.Sign() > 0 && K.Cmp(priv.Q) < 0 { + if s.Sign() != 0 { break } } - return kcdsainternal.Sign(priv.P, priv.Q, priv.G, priv.Y, priv.X, K, h, data) + // Only degenerate private keys will require more than a handful of + // attempts. + if attempts == 0 { + return nil, nil, ErrInvalidPublicKey + } + + return } func Verify(pub *PublicKey, h hash.Hash, data []byte, R, S *big.Int) bool { - return kcdsainternal.Verify(pub.P, pub.Q, pub.G, pub.Y, h, data, R, S) + // step 1. 수신된 서명 {R', S'}에 대해 |R'|=LH, 0 < S' < Q 임을 확인한다. + if pub.P.Sign() <= 0 { + return false + } + + if R.Sign() < 1 { + return false + } + if S.Sign() < 1 || S.Cmp(pub.Q) >= 0 { + return false + } + + return verify(pub, h, data, R, S) +} + +func sign(priv *PrivateKey, K *big.Int, h hash.Hash, data []byte) (r, s *big.Int, err error) { + // Q 생성할 때, Q 사이즈를 doamin.B 사이즈랑 동일하게 생성한다. + B := priv.Q.BitLen() + + buf := make([]byte, 0, h.Size()) + + // step 2. w = g^k mod p + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 2. w = g^k mod p") + //fmt.Println("G = 0x" + hex.EncodeToString(G.Bytes())) + //fmt.Println("K = 0x" + hex.EncodeToString(K.Bytes())) + //fmt.Println("P = 0x" + hex.EncodeToString(P.Bytes())) + W := new(big.Int).Exp(priv.G, K, priv.P) + //fmt.Println("W = 0x" + hex.EncodeToString(W.Bytes())) + + // step 3. R = h(W) mod 2^β (w를 바이트 열로 변환 후 해시한 결과의 바이트 열에서 β 비트만큼 절삭): + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 3. R = h(W) mod 2^β") + h.Reset() + h.Write(W.Bytes()) + RBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) + R := new(big.Int).SetBytes(RBytes) + //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) + + // step 4. Z = Y mod 2^l + i2l := new(big.Int).Lsh(one, uint(h.BlockSize())*8) + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 4. Z = Y mod 2^l") + //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) + //fmt.Println("2l = 0x" + hex.EncodeToString(i2l.Bytes())) + Z := new(big.Int).Mod(priv.Y, i2l) + ZBytes := Z.Bytes() + //fmt.Println("Z = 0x" + hex.EncodeToString(ZBytes)) + + // step 5. h = trunc(Hash(Z||M), β) + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 5. h = trunc(Hash(Z||M), β)") + h.Reset() + h.Write(ZBytes) + h.Write(data) + HBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) + H := new(big.Int).SetBytes(HBytes) + //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) + + // step 6. E = (R xor H) mod Q + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 6. E = (R xor H) mod Q") + //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) + //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) + //fmt.Println("Q = 0x" + hex.EncodeToString(Q.Bytes())) + E := new(big.Int).Xor(R, H) + E.Mod(E, priv.Q) + //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) + + //step 7. S = X(K-E) mod Q + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 7. S = X(K-E) mod Q") + //fmt.Println("X = 0x" + hex.EncodeToString(X.Bytes())) + //fmt.Println("K = 0x" + hex.EncodeToString(K.Bytes())) + //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) + //fmt.Println("Q = 0x" + hex.EncodeToString(Q.Bytes())) + K.Mod(K.Sub(K, E), priv.Q) + S := new(big.Int).Mul(priv.X, K) + S.Mod(S, priv.Q) + //fmt.Println("S = 0x" + hex.EncodeToString(S.Bytes())) + + r = R + s = S + + return +} + +func verify(pub *PublicKey, h hash.Hash, data []byte, R, S *big.Int) bool { + // Q 생성할 때, Q 사이즈를 doamin.B 사이즈랑 동일하게 생성한다. + B := pub.Q.BitLen() + + buf := make([]byte, h.Size()) + + // step 2. Z = Y mod 2^l + i2l := new(big.Int).Lsh(one, uint(h.BlockSize())*8) + + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 2. Z = Y mod 2^l") + //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) + //fmt.Println("2l = 0x" + hex.EncodeToString(i2l.Bytes())) + Z := new(big.Int).Mod(pub.Y, i2l) + ZBytes := Z.Bytes() + //fmt.Println("Z = 0x" + hex.EncodeToString(ZBytes)) + + // step 3. h = trunc(Hash(Z||M), β) + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 3. h = trunc(Hash(Z||M), β)") + h.Reset() + h.Write(ZBytes) + h.Write(data) + HBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) + H := new(big.Int).SetBytes(HBytes) + //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) + + // step 4. E' = (R' xor H') mod Q + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 4. E' = (R' xor H') mod Q") + //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) + //fmt.Println("H = 0x" + hex.EncodeToString(H.Bytes())) + //fmt.Println("Q = 0x" + hex.EncodeToString(Q.Bytes())) + E := new(big.Int).Xor(R, H) + E.Mod(E, pub.Q) + //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) + + // step 5. W' = Y ^ {S'} G ^ {E'} mod P + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 5. W' = Y ^ {S'} G ^ {E'} mod P") + //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) + //fmt.Println("G = 0x" + hex.EncodeToString(G.Bytes())) + //fmt.Println("S = 0x" + hex.EncodeToString(S.Bytes())) + //fmt.Println("E = 0x" + hex.EncodeToString(E.Bytes())) + //fmt.Println("P = 0x" + hex.EncodeToString(P.Bytes())) + W := new(big.Int).Exp(pub.Y, S, pub.P) + E.Exp(pub.G, E, pub.P) + W.Mul(W, E) + W.Mod(W, pub.P) + //fmt.Println("W = 0x" + hex.EncodeToString(W.Bytes())) + + // step 6. trunc(Hash(W'), β) = R'이 성립하는지 확인한다. + //fmt.Println("--------------------------------------------------") + //fmt.Println("step 6. trunc(Hash(W'), β) = R'") + h.Reset() + h.Write(W.Bytes()) + rBytes := internal.TruncateLeft(h.Sum(buf[:0]), B) + r := new(big.Int).SetBytes(rBytes) + //fmt.Println("r = 0x" + hex.EncodeToString(r.Bytes())) + //fmt.Println("R = 0x" + hex.EncodeToString(R.Bytes())) + + return internal.BigIntEqual(R, r) } diff --git a/kcdsa/kcdsa_test.go b/kcdsa/kcdsa_test.go index 7037215..1912d38 100644 --- a/kcdsa/kcdsa_test.go +++ b/kcdsa/kcdsa_test.go @@ -3,6 +3,7 @@ package kcdsa import ( "bufio" "crypto/rand" + "math/big" "testing" "github.com/RyuaNerin/go-krypto/internal" @@ -11,6 +12,30 @@ import ( var rnd = bufio.NewReaderSize(rand.Reader, 1<<15) +type testCase struct { + Sizes ParameterSizes + + M []byte + + Seed_ []byte + J *big.Int + Count int + P, Q *big.Int + + H []byte + G *big.Int + + XKEY []byte + X *big.Int + Y, Z *big.Int + + KKEY *big.Int + R *big.Int + S *big.Int + + Fail bool +} + var ( as = []CipherSize{ {Name: "L2048 N224 SHA224", Size: int(L2048N224SHA224)}, @@ -20,6 +45,27 @@ var ( } ) +func Test_SignVerify_With_BadPublicKey(t *testing.T) { + for idx, tc := range testCase_TestVector { + tc2 := testCase_TestVector[(idx+1)%len(testCase_TestVector)] + + pub := PublicKey{ + Parameters: Parameters{ + P: tc2.P, + Q: tc2.Q, + G: tc2.G, + }, + Y: tc2.Y, + } + + ok := Verify(&pub, tc.Sizes.Hash(), tc.M, tc.R, tc.S) + if ok { + t.Errorf("Verify unexpected success with non-existent mod inverse of Q") + return + } + } +} + func Test_Signing_With_DegenerateKeys(t *testing.T) { badKeys := []struct { p, q, g, y, x string @@ -109,3 +155,24 @@ func testSignAndVerify(t *testing.T, i int, priv *PrivateKey, sizes ParameterSiz return } } + +func testVerify(t *testing.T, testCases []testCase) { + for _, tc := range testCases { + pub := PublicKey{ + Parameters: Parameters{ + P: tc.P, + Q: tc.Q, + G: tc.G, + }, + Y: tc.Y, + } + + domain, _ := tc.Sizes.domain() + + ok := Verify(&pub, domain.NewHash(), tc.M, tc.R, tc.S) + if ok == tc.Fail { + t.Errorf("verify failed") + return + } + } +} diff --git a/kcdsa/kcdsattak/convert.go b/kcdsa/kcdsattak/convert.go deleted file mode 100644 index 7161349..0000000 --- a/kcdsa/kcdsattak/convert.go +++ /dev/null @@ -1,49 +0,0 @@ -package kcdsattak - -import ( - "crypto/dsa" - "math/big" - - "github.com/RyuaNerin/go-krypto/internal" -) - -/** -DSA Y = { G^x } mod P -KCDSA Y = G^{X^{-1} mod Q} mod P -*/ - -func FromDSA(dpk *dsa.PrivateKey) *PrivateKey { - kpk := &PrivateKey{ - X: new(big.Int).Set(dpk.X), - PublicKey: PublicKey{ - Y: new(big.Int), - Parameters: Parameters{ - P: new(big.Int).Set(dpk.P), - Q: new(big.Int).Set(dpk.Q), - G: new(big.Int).Set(dpk.G), - }, - }, - } - - xInv := internal.FermatInverse(kpk.X, kpk.Q) - kpk.PublicKey.Y.Exp(kpk.G, xInv, kpk.P) - - return kpk -} - -func (kpk *PrivateKey) ToDSA() *dsa.PrivateKey { - dpk := &dsa.PrivateKey{ - X: new(big.Int).Set(kpk.X), - PublicKey: dsa.PublicKey{ - Y: new(big.Int), - Parameters: dsa.Parameters{ - P: new(big.Int).Set(kpk.P), - Q: new(big.Int).Set(kpk.Q), - G: new(big.Int).Set(kpk.G), - }, - }, - } - - dpk.Y.Exp(dpk.G, dpk.X, dpk.P) - return dpk -} diff --git a/kcdsa/kcdsattak/convert_test.go b/kcdsa/kcdsattak/convert_test.go deleted file mode 100644 index 343fa09..0000000 --- a/kcdsa/kcdsattak/convert_test.go +++ /dev/null @@ -1,62 +0,0 @@ -package kcdsattak - -import ( - "crypto/dsa" - "crypto/rand" - "testing" - - "github.com/RyuaNerin/go-krypto/kcdsa" -) - -var ( - sizeDSA2KCDSA = map[dsa.ParameterSizes]kcdsa.ParameterSizes{ - dsa.L2048N224: kcdsa.L2048N224SHA224, - dsa.L2048N256: kcdsa.L2048N256SHA256, - dsa.L3072N256: kcdsa.L3072N256SHA256, - } -) - -func Test_DSA_TO_KCDSA(t *testing.T) { - for sz := range sizeDSA2KCDSA { - for { - var expect dsa.PrivateKey - dsa.GenerateParameters(&expect.Parameters, rand.Reader, sz) - dsa.GenerateKey(&expect, rand.Reader) - - cvt := FromDSA(&expect) - - answer := cvt.ToDSA() - - equals := true && - expect.X.Cmp(answer.X) == 0 && - expect.Y.Cmp(answer.Y) == 0 && - expect.P.Cmp(answer.P) == 0 && - expect.Q.Cmp(answer.Q) == 0 && - expect.G.Cmp(answer.G) == 0 - - if !equals { - t.Fail() - return - } - - break - } - } -} - -func Test_KCDSA_TO_DSA(t *testing.T) { - for _, sz := range sizeDSA2KCDSA { - var expect PrivateKey - GenerateParameters(&expect.Parameters, rand.Reader, sz) - GenerateKey(&expect, rand.Reader, UserProvidedRandomInput, sz) - - cvt := expect.ToDSA() - - answer := FromDSA(cvt) - - if !expect.Equal(answer) { - t.Fail() - return - } - } -} diff --git a/kcdsa/kcdsattak/kcdsa.go b/kcdsa/kcdsattak/kcdsa.go deleted file mode 100644 index 368a188..0000000 --- a/kcdsa/kcdsattak/kcdsa.go +++ /dev/null @@ -1,107 +0,0 @@ -package kcdsattak - -import ( - "hash" - "io" - "math/big" - - "github.com/RyuaNerin/go-krypto/internal" - "github.com/RyuaNerin/go-krypto/kcdsa" - kcdsainternal "github.com/RyuaNerin/go-krypto/kcdsa/internal" -) - -// Generate the paramters -func GenerateParameters(params *Parameters, rand io.Reader, sizes kcdsa.ParameterSizes) (seed []byte, count int, err error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, 0, ErrInvalidParameterSizes - } - - // p. 13 - for { - seed, err := internal.ReadBits(seed[:0], rand, domain.B) - if err != nil { - return nil, 0, err - } - - J, err := generateJ(seed, domain) - if err != nil { - continue - } - - P, Q, count, err := generatePQ(J, seed, domain) - if err != nil { - continue - } - - _, G, err := GenerateHG(rand, P, J) - if err != nil { - continue - } - - params.P = P - params.Q = Q - params.G = G - return seed, count, nil - } -} - -// Generate PublicKey and PrivateKey -func GenerateKey(priv *PrivateKey, rand io.Reader, userProvidedRandomInput []byte, sizes kcdsa.ParameterSizes) error { - if priv.P == nil || priv.Q == nil || priv.G == nil { - return kcdsa.ErrParametersNotSetUp - } - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return ErrInvalidParameterSizes - } - - // p.16 - xkey, err := internal.ReadBits(nil, rand, domain.B) - if err != nil { - return err - } - - X, Y, _, _, err := generateXYZ(priv.P, priv.Q, priv.G, userProvidedRandomInput, xkey, domain) - if err != nil { - return err - } - - priv.X = X - priv.Y = Y - return nil -} - -// Sign data using K generated randomly like in crypto/dsa packages. -func Sign(rand io.Reader, priv *PrivateKey, data []byte, sizes kcdsa.ParameterSizes) (r, s *big.Int, err error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, nil, kcdsa.ErrInvalidParameterSizes - } - - machineGeneratedRandomInput := make([]byte, internal.Bytes(domain.B)) - _, err = io.ReadFull(rand, machineGeneratedRandomInput) - if err != nil { - return - } - - return sign(rand, priv, machineGeneratedRandomInput, data, domain) -} - -func sign(rand io.Reader, priv *PrivateKey, machineGeneratedRandomInput []byte, data []byte, domain kcdsainternal.Domain) (r, s *big.Int, err error) { - if priv.Q.Sign() <= 0 || priv.P.Sign() <= 0 || priv.G.Sign() <= 0 || priv.X.Sign() <= 0 || priv.Q.BitLen()%8 != 0 { - err = ErrInvalidPublicKey - return - } - - J, err := generateK(rand, priv.Q, machineGeneratedRandomInput, domain) - if err != nil { - return nil, nil, err - } - - return kcdsainternal.Sign(priv.P, priv.Q, priv.G, priv.Y, priv.X, J, domain.NewHash(), data) -} - -func Verify(pub *PublicKey, h hash.Hash, data []byte, R, S *big.Int) bool { - return kcdsainternal.Verify(pub.P, pub.Q, pub.G, pub.Y, h, data, R, S) -} diff --git a/kcdsa/kcdsattak/kcdsa_bench_test.go b/kcdsa/kcdsattak/kcdsa_bench_test.go deleted file mode 100644 index a6ab196..0000000 --- a/kcdsa/kcdsattak/kcdsa_bench_test.go +++ /dev/null @@ -1,100 +0,0 @@ -package kcdsattak - -import ( - "testing" - - "github.com/RyuaNerin/go-krypto/kcdsa" - . "github.com/RyuaNerin/testingutil" -) - -func Benchmark_GenerateParameters(b *testing.B) { - BA(b, as, func(b *testing.B, ps int) { - var params Parameters - b.ReportAllocs() - b.ResetTimer() - for i := 0; i < b.N; i++ { - if _, _, err := GenerateParameters(¶ms, rnd, kcdsa.ParameterSizes(ps)); err != nil { - b.Error(err) - return - } - } - }, false) -} - -func Benchmark_GenerateKey(b *testing.B) { - BA(b, as, func(b *testing.B, ps int) { - var priv PrivateKey - if _, _, err := GenerateParameters(&priv.Parameters, rnd, kcdsa.ParameterSizes(ps)); err != nil { - b.Error(err) - return - } - - b.ReportAllocs() - b.ResetTimer() - for i := 0; i < b.N; i++ { - if err := GenerateKey(&priv, rnd, UserProvidedRandomInput, kcdsa.ParameterSizes(ps)); err != nil { - b.Error(err) - return - } - } - }, false) -} - -func Benchmark_Sign(b *testing.B) { - BA(b, as, func(b *testing.B, sz int) { - data := []byte(`text`) - - var priv PrivateKey - if _, _, err := GenerateParameters(&priv.Parameters, rnd, kcdsa.ParameterSizes(sz)); err != nil { - b.Error(err) - return - } - if err := GenerateKey(&priv, rnd, UserProvidedRandomInput, kcdsa.ParameterSizes(sz)); err != nil { - b.Error(err) - return - } - - b.ReportAllocs() - b.ResetTimer() - - for i := 0; i < b.N; i++ { - r, _, err := Sign(rnd, &priv, data, kcdsa.ParameterSizes(sz)) - if err != nil { - b.Error(err) - return - } - data = r.Bytes() - } - }, false) -} - -func Benchmark_Verify(b *testing.B) { - BA(b, as, func(b *testing.B, sz int) { - data := []byte(`text`) - - var priv PrivateKey - if _, _, err := GenerateParameters(&priv.Parameters, rnd, kcdsa.ParameterSizes(sz)); err != nil { - b.Error(err) - } - if err := GenerateKey(&priv, rnd, UserProvidedRandomInput, kcdsa.ParameterSizes(sz)); err != nil { - b.Error(err) - } - - r, s, err := Sign(rnd, &priv, data, kcdsa.ParameterSizes(sz)) - if err != nil { - b.Error(err) - } - - h := kcdsa.ParameterSizes(sz).Hash() - - b.ReportAllocs() - b.ResetTimer() - for i := 0; i < b.N; i++ { - ok := Verify(&priv.PublicKey, h, data, r, s) - if !ok { - b.Errorf("%d: Verify failed", i) - return - } - } - }, false) -} diff --git a/kcdsa/kcdsattak/kcdsa_test.go b/kcdsa/kcdsattak/kcdsa_test.go deleted file mode 100644 index 734eb4b..0000000 --- a/kcdsa/kcdsattak/kcdsa_test.go +++ /dev/null @@ -1,97 +0,0 @@ -package kcdsattak - -import ( - "bufio" - "crypto/rand" - "math/big" - "testing" - - "github.com/RyuaNerin/go-krypto/kcdsa" - - . "github.com/RyuaNerin/testingutil" -) - -var rnd = bufio.NewReaderSize(rand.Reader, 1<<15) - -var ( - as = []CipherSize{ - {Name: "L2048 N224 SHA224", Size: int(kcdsa.L2048N224SHA224)}, - {Name: "L2048 N224 SHA256", Size: int(kcdsa.L2048N224SHA256)}, - {Name: "L2048 N256 SHA256", Size: int(kcdsa.L2048N256SHA256)}, - {Name: "L3072 N256 SHA256", Size: int(kcdsa.L3072N256SHA256)}, - } -) - -type testCase struct { - Sizes kcdsa.ParameterSizes - - M []byte - - Seed_ []byte - J *big.Int - Count int - P, Q *big.Int - - H []byte - G *big.Int - - XKEY []byte - X *big.Int - Y, Z *big.Int - - KKEY *big.Int - R *big.Int - S *big.Int - - Fail bool -} - -func testKCDSA( - t *testing.T, - sizes kcdsa.ParameterSizes, - L, N int, - gp func(params *Parameters, sizes kcdsa.ParameterSizes) error, - gk func(priv *PrivateKey, sizes kcdsa.ParameterSizes) error, -) { - var priv PrivateKey - params := &priv.Parameters - - err := gp(params, sizes) - if err != nil { - t.Errorf("%d: %s", int(sizes), err) - return - } - - if params.P.BitLen() > L { - t.Errorf("%d: params.BitLen got:%d want:%d", int(sizes), params.P.BitLen(), L) - return - } - - if params.Q.BitLen() > N { - t.Errorf("%d: q.BitLen got:%d want:%d", int(sizes), params.Q.BitLen(), L) - return - } - - err = gk(&priv, sizes) - if err != nil { - t.Errorf("error generating key: %s", err) - return - } - - testSignAndVerify(t, int(sizes), &priv, sizes) -} - -func testSignAndVerify(t *testing.T, i int, priv *PrivateKey, sizes kcdsa.ParameterSizes) { - data := []byte("testing") - r, s, err := Sign(rand.Reader, priv, data, sizes) - if err != nil { - t.Errorf("%d: error signing: %s", i, err) - return - } - - ok := Verify(&priv.PublicKey, sizes.Hash(), data, r, s) - if !ok { - t.Errorf("%d: Verify failed", i) - return - } -} diff --git a/kcdsa/kcdsattak/kcdsattak.go b/kcdsa/kcdsattak/kcdsattak.go deleted file mode 100644 index dbe4f06..0000000 --- a/kcdsa/kcdsattak/kcdsattak.go +++ /dev/null @@ -1,343 +0,0 @@ -// Package kcdsattak implements functions what generate the KCDSA parameters as defined in TTAK.KO-12.0001/R4 -package kcdsattak - -import ( - "encoding/binary" - "errors" - "io" - "math/big" - - "github.com/RyuaNerin/go-krypto/internal" - "github.com/RyuaNerin/go-krypto/kcdsa" - kcdsainternal "github.com/RyuaNerin/go-krypto/kcdsa/internal" -) - -var ( - ErrInvalidPublicKey = kcdsa.ErrInvalidPublicKey // Same with kcdsa.ErrInvalidPublicKey - ErrInvalidParameterSizes = kcdsa.ErrInvalidParameterSizes // Same with kcdsa.ErrInvalidParameterSizes - ErrParametersNotSetUp = kcdsa.ErrParametersNotSetUp // Same with kcdsa.ErrParametersNotSetUp - - ErrUseAnotherSeed = errors.New("krypto/kcdsa/kcdsattak: use another seed") - ErrUseAnotherH = errors.New("krypto/kcdsa/kcdsattak: use another H") - ErrWrongSeed = errors.New("krypto/kcdsa/kcdsattak: wrong seed length") - ErrShortXKey = errors.New("krypto/kcdsa/kcdsattak: XKEY is too short") - - one = big.NewInt(1) - two = big.NewInt(2) -) - -// Pre-prime generating function -func PPGF(seed []byte, nBits int, sizes kcdsa.ParameterSizes) ([]byte, error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, kcdsa.ErrInvalidParameterSizes - } - - return ppgf(nil, seed, nBits, domain), nil -} -func ppgf(U []byte, seed []byte, nBits int, domain kcdsainternal.Domain) []byte { - // p.12 - // from java - i := internal.Bytes(nBits) - iBuf := make([]byte, 1) - - if len(U) < i { - U = U[:cap(U)] - for len(U) < i { - U = append(U, make([]byte, i)...) - } - } - - h := domain.NewHash() - - var hbuf []byte - count := 0 - for { - iBuf[0] = byte(count) - - h.Reset() - h.Write(seed) - h.Write(iBuf) - hbuf = h.Sum(hbuf[:0]) - - if i >= domain.LH { - i -= domain.LH - for j := 0; j < domain.LH; j++ { - U[j+i] = hbuf[j] - } - if i == 0 { - break - } - } else { - for j := 0; j < i; j++ { - U[j] = hbuf[j+domain.LH-i] - } - break - } - - count++ - } - - i = nBits & 0x07 - if i != 0 { - U[0] &= byte((1 << i) - 1) - } - - return U -} - -// Generate J, defined in TTAK.KO-12.0001/R4 -// bits of seed > domain.B -func GenerateJ(seed []byte, sizes kcdsa.ParameterSizes) (J *big.Int, err error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, kcdsa.ErrInvalidParameterSizes - } - return generateJ(seed, domain) -} -func generateJ(seed []byte, domain kcdsainternal.Domain) (J *big.Int, err error) { - // p.14 - if len(seed) != internal.Bytes(domain.B) { - return nil, ErrWrongSeed - } - - // 2: Seed를 일방향 함수 PPGF의 입력으로 하여 비트 길이가 n = (α - β - 4)인 난수 U를 생성한다. - // (U ← PPGF(Seed, n)) - //fmt.Println("--------------------------------------------------") - //fmt.Println("U ← PPGF(Seed, n)") - U := new(big.Int).SetBytes(ppgf(nil, seed, domain.A-domain.B-4, domain)) - //fmt.Println(U.BitLen()) - //fmt.Println("U = 0x" + hex.EncodeToString(U.Bytes())) - - // 3: U의 상위에 4 비트 '1000'을 붙이고 최하위 비트는 1로 만들어 이를 J로 둔다. - // (J ← 2^(α-β-1) ∨ U ∨ 1) - //fmt.Println("--------------------------------------------------") - //fmt.Println("J ← 2^(α-β-1) ∨ U ∨ 1") - J = new(big.Int).SetInt64(0b1) - J.Lsh(J, uint(domain.A-domain.B-1)) - J.Or(J, U) - J.Or(J, one) - //fmt.Println("J = 0x" + hex.EncodeToString(J.Bytes())) - - // 4: 강한 소수 판정 알고리즘으로 J를 판정하여 소수가 아니면 단계 1로 간다. - if !J.ProbablyPrime(internal.NumMRTests) { - return nil, ErrUseAnotherSeed - } - return J, nil -} - -// Generate P, Q, defined in TTAK.KO-12.0001/R4 -func GeneratePQ(J *big.Int, seed []byte, sizes kcdsa.ParameterSizes) (p, q *big.Int, count int, err error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, nil, 0, kcdsa.ErrInvalidParameterSizes - } - return generatePQ(J, seed, domain) -} -func generatePQ(J *big.Int, seed []byte, domain kcdsainternal.Domain) (p, q *big.Int, count int, err error) { - // p.14 - if len(seed) != internal.Bytes(domain.B) { - return nil, nil, 0, ErrWrongSeed - } - - // 5: Count를 0으로 둔다. (Count ← 0) - count = 0 - - seedCount := make([]byte, len(seed)+4) - copy(seedCount, seed) - - q = new(big.Int) - p = new(big.Int) - - uBuf := make([]byte, internal.Bytes(domain.B)) - - // 7: Count > 2^24이면 단계 1로 간다. - for count <= (1 << 24) { - // 6: Count를 1 증가시킨다. (Count ← (Count + 1)) - count += 1 - binary.BigEndian.PutUint32(seedCount[len(seedCount)-4:], uint32(count)) - - // 8: Seed에 Count를 연접한 것을 일방향 함수 PPGF의 입력으로 하여 비트 길이가 - // β인 난수 U를 생성한다. (U ← PPGF(Seed ‖ Count, β)) - U := ppgf(uBuf[:0], seedCount, domain.B, domain) - - // 9: U의 최상위 및 최하위 비트를 1로 만들어 이를 q로 둔다. - // (q ← 2^(β-1) ∨ U ∨ 1) - U[0] |= 0b1000_0000 - U[len(U)-1] |= 1 - q.SetBytes(U) - - // 10: p ← (2Jq + 1)의 비트 길이가 α보다 길면 단계 6으로 간다. - p.Add(p.Lsh(p.Mul(J, q), 1), one) - if p.BitLen() > domain.A { - continue - } - - // 11: 강한 소수 판정 알고리즘으로 q를 판정하여 소수가 아니면 단계 6으로 간다. - if !q.ProbablyPrime(internal.NumMRTests) { - continue - } - - // 12: 강한 소수 판정 알고리즘으로 p를 판정하여 소수가 아니면 단계 6으로 간다 - if !p.ProbablyPrime(internal.NumMRTests) { - continue - } - - return - } - - return nil, nil, 0, ErrUseAnotherSeed -} - -// Generate H, G, defined in TTAK.KO-12.0001/R4 -func GenerateHG(rand io.Reader, P, J *big.Int) (H []byte, G *big.Int, err error) { - pm1 := new(big.Int).Set(P) - pm1.Sub(pm1, one) - - hInt := new(big.Int) - for { - H, err = internal.ReadBits(H, rand, P.BitLen()) - if err != nil { - return nil, nil, err - } - hInt.Mod(hInt.Add(hInt.SetBytes(H), two), pm1) - - G, err := generateG(P, J, H, pm1) - if err != nil { - continue - } - - return H, G, nil - } -} - -// Generate P, defined in TTAK.KO-12.0001/R4 -// 1 < H < (p-1) -func GenerateG(P, J *big.Int, H []byte) (G *big.Int, err error) { - pm1 := new(big.Int).Set(P) - pm1.Sub(pm1, one) - - return generateG(P, J, H, pm1) -} -func generateG(P, J *big.Int, H []byte, pm1 *big.Int) (G *big.Int, err error) { - h := new(big.Int).SetBytes(H) - - // 1: p보다 작은 임의의 수 h를 생성한다. - // 1 < h < (p - 1) - if h.Cmp(one) != 1 || h.Cmp(pm1) != -1 { - return nil, errors.New("H must be 1 < H < p-1") - } - - // 2: g ← h^(2J) mod p를 계산한다. - g := new(big.Int).Set(J) - g.Lsh(g, 1) - g.Exp(h, g, P) - - // 3: g = 1이면 단계 1로 간다. - if g.Cmp(one) == 0 { - return nil, ErrUseAnotherH - } - - return g, nil -} - -// Generate X, Y, Z, defined in TTAK.KO-12.0001/R4 -// bits of xkey > B -func GenerateXYZ(P, Q, G *big.Int, userProvidedRandomInput []byte, xkey []byte, sizes kcdsa.ParameterSizes) (X, Y, Z *big.Int, xkeyNext []byte, err error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, nil, nil, nil, kcdsa.ErrInvalidParameterSizes - } - return generateXYZ(P, Q, G, userProvidedRandomInput, xkey, domain) -} -func generateXYZ(P, Q, G *big.Int, userProvidedRandomInput []byte, xkey []byte, domain kcdsainternal.Domain) (X, Y, Z *big.Int, xkeyNext []byte, err error) { - // p.16 - if len(xkey) < internal.Bytes(domain.B) { - return nil, nil, nil, nil, ErrShortXKey - } - - i2b := new(big.Int).Lsh(one, uint(domain.B)) - i2l := new(big.Int).Lsh(one, uint(domain.L)) - - ppgfBuf := make([]byte, 0, internal.Bytes(domain.B)) - - // 3: XSEEDj ← PPGF(user_provided_random_input, b) - //fmt.Println("--------------------------------------------------") - //fmt.Println("3: XSEEDj ← PPGF(user_provided_random_input, b)") - xseed := new(big.Int).SetBytes(ppgf(ppgfBuf, userProvidedRandomInput, domain.B, domain)) - //fmt.Println("xseed = 0x" + hex.EncodeToString(xseed.Bytes())) - - // 4: XVAL ← (XKEY + XSEEDj) mod 2^b - //fmt.Println("--------------------------------------------------") - //fmt.Println("4: XVAL ← (XKEY + XSEEDj) mod 2^b") - xval := new(big.Int).SetBytes(xkey) - xval.Add(xval, xseed) - xval.Mod(xval, i2b) - //fmt.Println("xval = 0x" + hex.EncodeToString(xval.Bytes())) - - // 5: xj ← PPGF(XVAL, b) mod q - //fmt.Println("--------------------------------------------------") - //fmt.Println("5: xj ← PPGF(XVAL, b) mod q") - X = new(big.Int).SetBytes(ppgf(ppgfBuf, xval.Bytes(), domain.B, domain)) - X.Mod(X, Q) - //fmt.Println("X = 0x" + hex.EncodeToString(X.Bytes())) - - // 6: XKEY ← (XKEY + PPGF((xj + XSEEDj) mod 2^b, b)) mod 2^b - //fmt.Println("--------------------------------------------------") - //fmt.Println("5: XKEY ← (XKEY + PPGF((xj + XSEEDj) mod 2^b, b)) mod 2^b") - xkeyNextInt := new(big.Int).Set(X) - xkeyNextInt.Mod(xkeyNextInt.Add(xkeyNextInt, xseed), i2b) - - xkeyNextInt.SetBytes(ppgf(ppgfBuf, xkeyNextInt.Bytes(), domain.B, domain)) - xkeyNextInt.Mod(xkeyNextInt.Add(xkeyNextInt, new(big.Int).SetBytes(xkey)), i2b) - //fmt.Println("XKEY = 0x" + hex.EncodeToString(xkeyNext.Bytes())) - xkeyNext = xkeyNextInt.FillBytes(xkey) - - // x′ = x^(-1) mod q - //fmt.Println("--------------------------------------------------") - //fmt.Println("x′ = x^(-1) mod q") - Xinv := internal.FermatInverse(X, Q) - //fmt.Println("Xinv = 0x" + hex.EncodeToString(Xinv.Bytes())) - - // y = g^x′ mod p - //fmt.Println("--------------------------------------------------") - //fmt.Println("y = g^x′ mod p") - Y = new(big.Int).Exp(G, Xinv, P) - //fmt.Println("Y = 0x" + hex.EncodeToString(Y.Bytes())) - - // z = y mod 2^ℓ - //fmt.Println("--------------------------------------------------") - //fmt.Println("z = y mod 2^ℓ") - Z = new(big.Int).Mod(Y, i2l) - //fmt.Println("Z = 0x" + hex.EncodeToString(Z.Bytes())) - - return -} - -// Generate K defined in TTAK.KO-12.0001/R4 -func GenerateK(randReader io.Reader, Q *big.Int, machine_generated_random_input []byte, sizes kcdsa.ParameterSizes) (K *big.Int, err error) { - domain, ok := kcdsainternal.GetDomain(int(sizes)) - if !ok { - return nil, kcdsa.ErrInvalidParameterSizes - } - return generateK(randReader, Q, machine_generated_random_input, domain) -} -func generateK(randReader io.Reader, Q *big.Int, machine_generated_random_input []byte, domain kcdsainternal.Domain) (K *big.Int, err error) { - kkeyBytes := make([]byte, internal.Bytes(domain.B)) - if _, err = randReader.Read(kkeyBytes); err != nil { - return nil, err - } - kkey := new(big.Int).SetBytes(kkeyBytes) - - kseedBytes := ppgf(nil, machine_generated_random_input, domain.B, domain) - kseed := new(big.Int).SetBytes(kseedBytes) - - kval := kkey.Add(kkey, kseed).Bytes() - kval = internal.TruncateLeft(kval, domain.B) - - KBytes := ppgf(nil, kval, domain.B, domain) - K = new(big.Int).SetBytes(KBytes) - K.Mod(K, Q) - - return -} diff --git a/kcdsa/kcdsattak/kcdsattak_test.go b/kcdsa/kcdsattak/kcdsattak_test.go deleted file mode 100644 index 5024a5f..0000000 --- a/kcdsa/kcdsattak/kcdsattak_test.go +++ /dev/null @@ -1,119 +0,0 @@ -package kcdsattak - -import ( - "crypto/rand" - "testing" - - "github.com/RyuaNerin/go-krypto/kcdsa" -) - -func Test_TTAK_GenerateJ(t *testing.T) { - if testing.Short() { - t.Skip("skipping parameter generation test in short mode") - return - } - - for _, tc := range testCase_TestVector { - J, err := GenerateJ(tc.Seed_, tc.Sizes) - if err != nil { - t.Error(err) - return - } - if J.Cmp(tc.J) != 0 { - t.Errorf("GenerateTTAKJ failed") - return - } - } -} - -func Test_TTAK_GeneratePQ(t *testing.T) { - if testing.Short() { - t.Skip("skipping parameter generation test in short mode") - return - } - - for _, tc := range testCase_TestVector { - P, Q, count, err := GeneratePQ(tc.J, tc.Seed_, tc.Sizes) - if err != nil { - t.Error(err) - return - } - if P.Cmp(tc.P) != 0 || Q.Cmp(tc.Q) != 0 || count != tc.Count { - t.Errorf("GenerateTTAKPQ failed") - return - } - } -} - -func Test_TTAK_GenerateHG(t *testing.T) { - if testing.Short() { - t.Skip("skipping parameter generation test in short mode") - return - } - - for _, tc := range testCase_TestVector { - _, _, err := GenerateHG(rand.Reader, tc.P, tc.J) - if err != nil { - t.Error(err) - return - } - } -} - -func Test_TTAK_GenerateG(t *testing.T) { - if testing.Short() { - t.Skip("skipping parameter generation test in short mode") - return - } - - for _, tc := range testCase_TestVector { - G, err := GenerateG(tc.P, tc.J, tc.H) - if err != nil { - t.Error(err) - return - } - if G.Cmp(tc.G) != 0 { - t.Errorf("GenerateTTAKG failed") - return - } - } -} - -func Test_TTAK_GenerateXYZ(t *testing.T) { - if testing.Short() { - t.Skip("skipping parameter generation test in short mode") - return - } - - for _, tc := range testCase_TestVector { - X, Y, Z, _, err := GenerateXYZ(tc.P, tc.Q, tc.G, UserProvidedRandomInput, tc.XKEY, tc.Sizes) - if err != nil { - t.Error(err) - return - } - if X.Cmp(tc.X) != 0 || Y.Cmp(tc.Y) != 0 || Z.Cmp(tc.Z) != 0 { - t.Errorf("GenerateTTAKX failed") - return - } - } -} - -func Test_kcdsa_GenerateParametersTTAK(t *testing.T) { - if testing.Short() { - t.Skip("skipping parameter generation test in short mode") - return - } - - gp := func(params *Parameters, sizes kcdsa.ParameterSizes) error { - _, _, err := GenerateParameters(params, rand.Reader, sizes) - return err - } - gk := func(priv *PrivateKey, sizes kcdsa.ParameterSizes) error { - return GenerateKey(priv, rand.Reader, UserProvidedRandomInput, sizes) - } - - testKCDSA(t, kcdsa.L2048N224SHA224, 2048, 224, gp, gk) - testKCDSA(t, kcdsa.L2048N224SHA256, 2048, 224, gp, gk) - testKCDSA(t, kcdsa.L2048N256SHA256, 2048, 256, gp, gk) - testKCDSA(t, kcdsa.L3072N256SHA256, 3072, 256, gp, gk) -} diff --git a/kcdsa/kcdsattak/key.go b/kcdsa/kcdsattak/key.go deleted file mode 100644 index 15dc020..0000000 --- a/kcdsa/kcdsattak/key.go +++ /dev/null @@ -1,58 +0,0 @@ -package kcdsattak - -import ( - "crypto" - "math/big" - - "github.com/RyuaNerin/go-krypto/internal" -) - -type Parameters struct { - P, Q, G *big.Int - - J *big.Int - Seed []byte - Count int -} - -// PublicKey represents a KCDSA public key. -type PublicKey struct { - Parameters - Y *big.Int -} - -// PrivateKey represents a KCDSA private key. -type PrivateKey struct { - PublicKey - X *big.Int -} - -// Public returns the public key corresponding to priv. -func (priv *PrivateKey) Public() crypto.PublicKey { - return &priv.PublicKey -} - -// Equal reports whether priv and x have the same value. -func (priv *PrivateKey) Equal(x crypto.PrivateKey) bool { - xx, ok := x.(*PrivateKey) - if !ok { - return false - } - return priv.PublicKey.Equal(&xx.PublicKey) && internal.BigIntEqual(priv.X, xx.X) -} - -// Equal reports whether pub and y have the same value. -func (pub *PublicKey) Equal(x crypto.PublicKey) bool { - xx, ok := x.(*PublicKey) - if !ok { - return false - } - return pub.Parameters.Equal(xx.Parameters) && internal.BigIntEqual(pub.Y, xx.Y) -} - -// Equal reports whether p, q, g and sizes have the same value. -func (params *Parameters) Equal(xx Parameters) bool { - return internal.BigIntEqual(params.P, xx.P) && - internal.BigIntEqual(params.Q, xx.Q) && - internal.BigIntEqual(params.G, xx.G) -} diff --git a/kcdsa/kcdsattak/testcases_ttak_test.go b/kcdsa/kcdsattak/testcases_ttak_test.go deleted file mode 100644 index 2514123..0000000 --- a/kcdsa/kcdsattak/testcases_ttak_test.go +++ /dev/null @@ -1,295 +0,0 @@ -package kcdsattak - -import ( - "github.com/RyuaNerin/go-krypto/internal" - "github.com/RyuaNerin/go-krypto/kcdsa" -) - -var ( - UserProvidedRandomInput = internal.HB(` - 73 61 6c 64 6a 66 61 77 70 33 39 39 75 33 37 34 72 30 39 38 75 39 38 5e - 25 5e 25 68 6b 72 67 6e 3b 6c 77 6b 72 70 34 37 74 39 33 63 25 24 38 39 - 34 33 39 38 35 39 6b 6a 64 6d 6e 76 63 6d 20 63 76 6b 20 6f 34 75 30 39 - 72 20 34 6a 20 6f 6a 32 6f 75 74 32 30 39 78 66 71 77 3b 6c 2a 26 21 5e - 23 40 55 23 2a 23 24 29 28 23 20 7a 20 78 6f 39 35 37 74 63 2d 39 35 20 - 35 20 76 35 6f 69 75 76 39 38 37 36 20 36 20 76 6a 20 6f 35 69 75 76 2d - 30 35 33 2c 6d 63 76 6c 72 6b 66 77 6f 72 65 74`) - - M = internal.HB(` - 54 68 69 73 20 69 73 20 61 20 74 65 73 74 20 6d 65 73 73 61 67 65 20 66 - 6f 72 20 4b 43 44 53 41 20 75 73 61 67 65 21`) - - // samples in TTAK.KO-12.0001/R4 - testCase_TestVector = []testCase{ - // p.30 - // Ⅱ.1 소수 p, q의 길이 (α, β) = (2048, 224), SHA-224 적용 예 - { - Sizes: kcdsa.L2048N224SHA224, - M: M, - - Seed_: internal.HB(`c0 52 a2 76 41 00 f0 f4 ec 90 6b 9c 5c 6b 10 6e 34 70 df c1 36 9f - 12 c0 62 f8 0e e9`), - J: internal.HI(`870145cb 93f25fb2 9509261c 4510929e b5451582 b0fede90 54a45927 2b87bd40 - 0c7005d1 a7eae156 8d3e2600 f7d0e0ad 74e5a2fe 88ae771d e1dd2652 be027d59 - 66c95190 1774e690 45c15353 b5fb92e0 5cdff939 e9d54647 ae18a2db 9df24ff3 - ba5413b3 307088bd 5e04fe25 d7a29595 703317b9 d821fea2 e5d70753 23660cf7 - 0898322f c0b4fdf7 b7f1fab0 b8f3e9be 012e3164 ca8218d6 fd17a3a2 d0660776 - eadab6f3 1b76797a a9a8bc54 3b1de074 40a60b43 a7afa1b9 9b3f52e3 4315047e - a15222d0 ed54b5ca c864f1bd b0453eaa 90765e78 677b5d1d 8407eefd 2befadb1 - 36516e13`), - Count: 80383, - P: internal.HI(`8da8c1b5 c95d11be 46661df5 8c9f803e b729b800 dd92751b 3a4f10c6 a5448e9f - 3bc0e916 f042e399 b34af9be e582ccfc 3ff5000c ff235694 94351cfe a5529ea3 - 47dcf43f 302f5894 380709ea 2e1c416b 51a5cdfc 7593b18b 7e3788d5 1b9cc9ae - 828b4f8f b06e0e90 57f7fa0f 93bb0397 031fe7d5 0a6828da 0c1160a0 e66d4e5d - 2a18ad17 a811e70b 14f4f431 1a028260 3233444f 98763c5a 1e829c76 4cf36adb - 56980bd4 c54bbe29 7e790228 4292d75c a3600ff4 59310b09 291cbefb c721528a - 13403b8b 93b711c3 03a2182b 6e6397e0 83380bf2 886af3b9 afcc9f50 55d8b713 - 6c0ebd08 c5cf0b38 888cd115 72787f6d f384c97c 91b58c31 dee5655e cbf3fa53`), - Q: internal.HI(`864f1884 1ec103cd fd1be7fe e54650f2 2a3bb997 537f32cc 79a51f53`), - - H: internal.HB(`8cd78a90 87aca828 9c0f5422 1e008eaa f46c56c0 581ea864 4a5e31a0 ca2c4805 - f088edf8 31982079 00b51688 5d600a68 48998c38 12609c96 be143a82 f89cd4fc - c0b23380 fb5620bb 847b9b84 9be0a6db 40d3e2d0 7354ace8 5263048e 462ceac2 - c8fc9984 d85a401d 764675a0 f9c038b1 582d8950 4568dc7d c031eeba c9888ea8 - f06dbc24 ba7e782e 12246fc6 f858eca7 6c1af700 376a90e7 6c1fb75c 2f30525f - 80cf3ae4 5ffcb0a8 ceb7b4fa 6e10c0da 9c8c85d0 586dd871 3800b9a0 b5c6285d - c01ad8a8 59fc0842 806cc64e 046a12e8 ecd4ec10 629340c6 66e0db04 f8bb047b - 2024bb80 73320013 545cf834 c314fe16 c05a92f8 8c2eb468 4ae06466 967500f2`), - G: internal.HI(`0e9be1f8 7a414d16 7a9a5a96 8b079e4a d385a357 3edb21aa 67a6f61c 0d00c14a - 7a225044 b6e9eb03 68c1eb57 b24b45cd 854fd93c 1b2dfb0a 3ea302d2 367e4ec7 - 2f6e7ee8 ea7f8002 f7704e99 0b954f25 bada8da6 2baeb6f0 6953c0c8 5104ad03 - f36618f7 6c62f4ec f3480183 69850a56 17c999db e68ba17d 5bc72556 74ef4839 - 22c6a3f9 9d3c3c6f 358896c4 e63c605e e7db16fc bd9be354 e281f7fe 7813d054 - 27ed1912 b5c7653a 167b9434 9147eeaf 85cc9ce2 e81661f3 21512d5d 2c0580b0 - 3d1704ee f2317f45 185c8258 387e7ec9 79c04707 ef546241 2784afe4 1a7b45c8 - 3b9cbe48 f9127cb4 400be9e9 6ac5de17 f2c9dea3 5e3734e7 9b64673f 85681c4e`), - - XKEY: internal.HB(`f910456a 20d9ba54 d61495ea 046d5de1 4b90ffdf eff64b4c a89150be`), - X: internal.HI(`2f1991c1 af401872 8a5a431b 9b5459df b16f6d25 6797fe57 0ec6bc65`), - Y: internal.HI(`04ede5c6 7ea29297 a8cacb6b de6f4666 aea27d10 3dd1e9e9 582f76a2 f22b8b1b - 32230bc5 8f06b768 f8102b49 fa1cae5e 18921494 7f6239b6 c6ce7c9b c2d230e8 - 9a40bee2 c33a8861 fd4f7d35 b788fe95 b2d5885d 8c8faea8 1c90be4c ee2784e3 - 3577a71d 3b7f085d 71e9a1d4 7815c73f a087acaa b9fcb565 5ac9570e 6852be7c - 9c0aecea 8bd9aa75 a44fc314 7f733e90 6adb0fd7 6d613561 b1db364b bdc9afd3 - ce8f5f17 e3e71203 4a999350 8059fa52 441fa90d dfe9a0f2 a0b9192f e2220c08 - 1bd0c0f0 e07cb5f1 ee4ff405 23591f17 8a4fc7cb 5065f6a3 8216e9a0 99c205b2 - 9b8746d8 65e1af6d 903e5a13 8004910b 70eb5b84 eed9760e a60578bf 08852898`), - Z: internal.HI(`1b d0 c0 f0 e0 7c b5 f1 ee 4f f4 05 23 59 1f 17 8a 4f c7 cb 50 65 f6 a3 - 82 16 e9 a0 99 c2 05 b2 9b 87 46 d8 65 e1 af 6d 90 3e 5a 13 80 04 91 0b - 70 eb 5b 84 ee d9 76 0e a6 05 78 bf 08 85 28 98`), - - KKEY: internal.HI(`49561994 fd2bad5e 410ca1c1 5c3fd3f1 2e70263f 2820ad5c 566ded80`), - R: internal.HI(`ed b7 6a 2d 39 f3 d7 fa 16 d0 82 59 41 18 b0 cf 8b a5 76 92 cf 3b aa ec - 6f 6d d9 51`), - S: internal.HI(`5260a2df 2e923de8 77b130ac 8b5e8b17 63973b88 d5d4627a dfbacf52`), - }, - // p.36 - // Ⅱ.2 소수 p, q의 길이 (α, β) = (2048, 224), SHA-256 적용 예 - { - Sizes: kcdsa.L2048N224SHA256, - M: M, - - Seed_: internal.HB(`e1 75 ca d0 ea cb 74 dd b4 5f 15 f1 f2 57 22 bf 15 56 ef 86 0a 0f e0 - 31 71 18 44 9b`), - J: internal.HI(`853cd825 d245b074 cbc4f83d f6a9f182 4591223b ef5aafe9 5b0c14fc 6e63fc86 - 2f6233ac e777dc96 530b6830 0050adb0 7caf66b6 cf68bdc7 2c0053ac 2a9a02b9 - b06e5c77 7c8cb831 ba645aa1 b5f5df54 38681e1f 36577f86 0212e30f dab29b2f - a3a190ff 608b9a00 962043d1 868a7087 bddd2fb6 2fdd12ef c6b20789 420e9487 - d1398f07 a813e4a6 7d79be8e a28cd3ed 7ffef03e 5f17a36e ce0cc76e 848ca342 - b6a7d064 1515c050 18a0e634 eec1e67c 55b51b3c e1e15305 47dbdf0f 85bd3da0 - 5d7a797f 3242dcd0 358f8e7a 85b431e7 89f8a6b1 19e915a4 47fc2c6d 431cf567 - ccf49ced `), - Count: 38197, - P: internal.HI(`c3159a30 cdbcc00c e2a99043 9634f7d3 fb16feb1 2c579932 2c14f8b8 a0d9b98e - 35f724bf e14c4afc 475d78f9 3a83f8fb 4636a5de f357bd6f b0c6245c ac4ef29c - 8f7da5e9 b39f3158 f4fd27c8 4088bcbb 6286d964 29c90e82 b7f31bf3 e76e93c6 - 8a3163cf b82370e2 75159d66 08f82601 013476d5 50b386ca 34736388 6df337d7 - a54db7e9 8cc2df0d 828c31eb c62f3bc2 3f070c89 9648e276 2b26ffed a9d88ffb - f684c570 4937fedc 03f60c10 5b69542e d40f910b 4c66fc09 1f5e1c12 47628abc - e989b74a b0ef6f1a 14e2567f c083991e 1c846242 0bb8fbf9 b3f67b66 b02de042 - 0a18d49a 6d4896d0 d1dddbed 24ee1611 8090221f 9fe9a1e1 2194e0d2 b3c61c13`), - Q: internal.HI(`bb6a5c40 316bd80e 78246e92 ac9bf881 a9eb0cb9 6c7212eb 1e46ae0d`), - - H: internal.HB(`8cd78a90 87aca828 9c0f5422 1e008eaa f46c56c0 581ea864 4a5e31a0 ca2c4805 - f088edf8 31982079 00b51688 5d600a68 48998c38 12609c96 be143a82 f89cd4fc - c0b23380 fb5620bb 847b9b84 9be0a6db 40d3e2d0 7354ace8 5263048e 462ceac2 - c8fc9984 d85a401d 764675a0 f9c038b1 582d8950 4568dc7d c031eeba c9888ea8 - f06dbc24 ba7e782e 12246fc6 f858eca7 6c1af700 376a90e7 6c1fb75c 2f30525f - 80cf3ae4 5ffcb0a8 ceb7b4fa 6e10c0da 9c8c85d0 586dd871 3800b9a0 b5c6285d - c01ad8a8 59fc0842 806cc64e 046a12e8 ecd4ec10 629340c6 66e0db04 f8bb047b - 2024bb80 73320013 545cf834 c314fe16 c05a92f8 8c2eb468 4ae06466 967500f2`), - G: internal.HI(`487844c0 b67465b7 18f04dbd 453342b7 49076ee1 f4226f18 1db282e1 c51b0f29 - 0dae9601 ac73ed1f 1b25adad d50bfb42 1e8a09fa 07689a93 e5fb52a5 f8012956 - b90641f8 45c4b7e4 45cafe2e 3284775b dd70bce4 0ef3274e 52cbc3d5 738da7a8 - 61bc46c0 a9693aa8 7e0aae62 bd371fa0 14ffc69f 3625d5a1 fbaaac80 d81c78a5 - 9badeae5 fdfea922 ebc330a1 37e7699a 2790e86b db270c21 35eab4e0 bcd28b77 - 13a8b241 1534c63f 2edf4e00 5902f6cc 1a155c29 f3eae17f 88acb5c6 70f5cf19 - a5a54e87 6692ab82 08c4a9ef 75a29e74 f08f92ac 1a38592d 46a2557c 3a18c06e - d6529b40 bc5ecff9 715329a2 c01b4245 874250ed 515537ee 7458f898 6ff920bc`), - - XKEY: internal.HB(`f910456a 20d9ba54 d61495ea 046d5de1 4b90ffdf eff64b4c a89150be`), - X: internal.HI(`b55d61ec 0114e020 efc4c9bb 5f2f3d2e 38409e17 d3954174 6d94ff7c`), - Y: internal.HI(`0712496f cf76ce98 8be97ac0 9f0dbbe6 2d58707a 767d608a 3301115d 479cc871 - 4ce3a10b eb152552 46c2623e fe50bfd2 5a83c355 551574e6 e3560e7b d1cd5e7e - 8e1269a4 a6f1976c 84e8fe8e 32e55aed d548fced cc92a6e4 e1bf2d1f 2aa30c0c - 0a991c29 b2595029 f903b634 189aa70c fc429531 93016c1f 7bb6276d f3ebfae7 - c060b987 d89088a0 558fc132 27b86f7a 57dde307 1cc022e0 39be4b68 3858d782 - f52aa730 49d508ef 994a5039 cab5faf2 89bdac07 75efbb51 eb4d5ff9 99b71d59 - c4d833b5 d069202a 968f3ac3 5fa77baf bdd9c096 0752c5da f783929d e2dad916 - f1159e75 a345445d 63c5b422 e0bcd2ba d9379d14 43892ed5 d12f8285 3d51a705`), - Z: internal.HI(`c4 d8 33 b5 d0 69 20 2a 96 8f 3a c3 5f a7 7b af bd d9 c0 96 07 52 c5 da - f7 83 92 9d e2 da d9 16 f1 15 9e 75 a3 45 44 5d 63 c5 b4 22 e0 bc d2 ba - d9 37 9d 14 43 89 2e d5 d1 2f 82 85 3d 51 a7 05`), - - KKEY: internal.HI(`a5c22f64 dde15693 3ad15bcb 928d6a3b 5acf0d7a 2302615c e74ccad6`), - R: internal.HI(`53 f7 31 8e 64 b6 1c cc 83 67 ac 08 51 19 a1 cb bb 25 51 0f e1 be c1 24 - c2 99 89 e0`), - S: internal.HI(`b750f725 1585204c 236e4204 884166a2 6c6cf08b d281167a 5efadd52`), - }, - // p.42 - // Ⅱ.3 소수 p, q의 길이 (α, β) = (2048, 256), SHA-256 적용 예 - { - Sizes: kcdsa.L2048N256SHA256, - M: M, - - Seed_: internal.HB(`f7 5a bd a0 03 2c e2 18 ce 04 ba f0 a6 dc 92 c8 7e b4 6a a0 56 8c 42 - 78 2e 64 4c c2 b8 2e 24 9a`), - J: internal.HI(`804e0d9f 553ee7d2 3d093a41 cfdc7ef9 cc389257 f6a67cfc 392e06b9 b292899c - 1d7e8163 9d48603d f18ec5fb 5e7833dc af967568 2c1491e9 366dc57e 9e20cd9c - 04048f43 b8abdf4d 8f5ba69e 87b5d391 4bd91f24 58921154 1bc8ce9b 2e1707c7 - 90cab99f 453e8f88 0db8754d 509b029f ab06bcd9 26ab39f3 669bf3fe a49a3c00 - 0dea9378 01a9e3f9 ab247edb 1458a7a9 2bdc0b15 e859c6e3 bb842832 0951ec98 - 5a24f453 e20cb508 400ad47a 5cec76f4 bd4e6505 b59423a8 67f1fad5 59f19b76 - 03f9095a 8ca9aa18 1fa1632e 573e446b 61deefef c55ed7a4 02e46d4c 5706a0ab`), - Count: 52733, - P: internal.HI(`d06eb9f2 75b3ac7f 2970b578 ad1c3173 2a012684 4776f95c f07b4194 c6def6f4 - 16a66751 458b0667 cdbc44af 3f6b5877 0e674a86 1c8febf4 eea0e504 50ec5272 - 26b84707 17ee768c f39cfd32 bc2540d2 924e0968 e64d47ee 4cf0ab6c d192284b - 826c7508 2e18840b 67bc4cb1 f1708173 f08825ba 4f6e5fb8 6a357f02 c06f8283 - f3cd58a1 ed4d3062 f4a5c0d2 f26e54c0 fa511b5e d5cfd270 19d4a90d da7aca50 - 561397ab eede9cff 45ec6cf3 e22dac5c af454b7b 9b3b5ffe 16128197 768114c9 - cd4be4e9 ecdc431a 0cc0ed54 4fd4da1c 9e98a2c3 cb4297fe 1d1387d8 1c51d492 - 5ede6a8b baf660ef 675549b4 aea5267f b5f778d5 308dd691 75de580e c316c4ef`), - Q: internal.HI(`cfefed9c 75b5610f db100d91 c4cb8187 a0077917 33128ff1 43ffedf9 7f6ffd65`), - - H: internal.HB(`cfbaee38 b256284b cd948b7d cc4bad84 8bc4908c 3c901434 101cac10 bd2b840d - ebccdd2b 942d4aa8 36d2b8ce da48e662 fc8fe9d4 efb92ccf 09042f30 2040c840 - e8e0e010 789cc107 8431e7ec 2147d472 76f8aa1e 286246d8 9a159c53 8594d375 - 0cd3e504 2c183074 e8703c38 308426fc 45be04d5 d68ce56e f846c4c8 9ea41876 - 04e877fa bc97a2d4 37ca6c57 72e0c0d0 c028c020 10300019 2edc49e6 04f91eac - 29bc289a 3c18123c 880abc78 1bc25c5b 8a941bd2 4c5b78d0 d408d05c 185064a8 - 747db63c cd8e849d e64c5694 d86e34e8 0654781e f4a43f0a 7c9ff2d4 7f5aac40 - 104068c0 6010f000 38463461 be1cd1b6 84c12e6c 8aec08c2 ac387aec e8b24a24`), - G: internal.HI(`023fec34 dfa5e5ce 369dd782 b07034af 037ac187 28d43204 5739b986 1b0df1dc - aeeb5c9e d3e025d8 3adcdae0 419c158b 09ee35ff 84ab9caa 9ed4e535 f982fb99 - e30d3195 37c05780 a2cf31cf 6bb226c6 6b7b3ed7 6b65dc65 8b216b86 7f186d98 - 0d30d1a9 5285a081 c5aba363 939660a5 7596c621 2207e4e3 58b729bc 079778b4 - f385824c 0862cdce 08aeb2c6 58c18559 d3ed865c d6bed194 da447fd4 1789c74d - 352ed26b 56c2d128 f1154f73 3fe71f10 bf676c9f 7e4268c0 53d13152 997a2d9b - fb73fccb 0dcea4c1 32f68f28 2a6db325 cc467fb7 f1fe2da5 f80fd32c ae781a75 - 74845a3d 45712054 3987b348 d5d75b1b 954cba47 3f83951a 8c1be717 b953206c`), - - XKEY: internal.HB(`f0f30814 a667cf10 587274d3 3bf2ab78 8b904cf1 2e97da0b c0a936e2 b948da94`), - X: internal.HI(`21e2cf86 8d004318 aca87261 476dfc67 c1983364 82fe1dcb 3cbb5ba0 f081158a`), - Y: internal.HI(`44ce4c95 da1ff8bf bc6b7277 ccc6694e 1b1e6dfa cf617533 354da0cf 6966e156 - 2124003d b09e3330 9a24f87c 467917ae dfeb911f d5344422 06345275 7c40f0a0 - bb45acc8 e462c5ac 4d8dd0f9 2fcc80f3 3e4160f5 98682bf5 71163c43 bd703c2c - 1827db2e 2336511d 84520afa 97dc4962 40ea4a82 ca2ffc64 6363f822 d037c813 - 8f3458a3 e41bd3a0 23b63cc1 13b33ecb 3fcccc5c bed325e7 ec1f07e2 03e9aa8e - 451c96fb dec927d6 ee741540 a90673b4 f2feac07 b6f4eda0 8db28fdf aed8634e - 7ff40582 ae33d8db f377a761 9ad1c006 68633779 2943e6cd 016d5534 e4122bca - 18d12075 79ea4c90 610a1496 b63c23dc 996b686e feb34c36 1f9afdcf 7e8fbf9a`), - Z: internal.HI(`7f f4 05 82 ae 33 d8 db f3 77 a7 61 9a d1 c0 06 68 63 37 79 29 43 e6 cd - 01 6d 55 34 e4 12 2b ca 18 d1 20 75 79 ea 4c 90 61 0a 14 96 b6 3c 23 dc - 99 6b 68 6e fe b3 4c 36 1f 9a fd cf 7e 8f bf 9a`), - - KKEY: internal.HI(`0d30f8f9 2313f7a5 abe0b0de ec219e40 c4640c89 39222aa0 dd6a3329 55778025`), - R: internal.HI(`59 49 00 77 f9 8c 21 78 85 09 cb 47 8c cd e7 7a 4f b5 41 4e 13 cf 92 81 - cb 80 97 5b 33 70 d9 7d`), - S: internal.HI(`185f21b5 dbf4255b 954a4d62 cf363c32 73211147 cba054e8 3a87da2d d7e0741d`), - }, - // p.48 - // Ⅱ.4 소수 p, q의 길이 (α, β) = (3072, 256), SHA-256 적용 예 - { - Sizes: kcdsa.L3072N256SHA256, - M: M, - - Seed_: internal.HB(`b8 56 20 16 38 55 a7 c0 05 76 13 dc d1 f2 ae 61 80 c4 34 d0 98 90 ea - 70 22 00 83 f2 8d 27 54 ad`), - J: internal.HI(`85eee24d 8bc775c7 adab8963 9c4013f6 ad8f98c8 350bcd4d db7ed3ca 1e56bd46 - 97fdb8aa 9896e1de 0514d829 6c47d0db 8a68bbb0 1b6b4ffd 400c4cf0 c14d2d01 - 7f50c3c5 cd8fcce8 b2bba2a5 18ac63fe 409e8e5a 3c9cc823 20f4fd45 7cdf86d0 - 0802c95a ee823b0f 057f83a9 433fda61 08de1fed b745c808 6308e828 22503ddf - 8f775a61 1800db09 2ceaa133 6cf03140 79c198b8 71222b50 49738967 32c39201 - 53e1c174 cb77f7c2 1f16e012 5607afee c73e0e1a 9dcabf02 88c27815 0972525d - 315801d9 b2989b72 eca68929 4f795af4 163c8489 fd37861f 9f6ac78d beb18ff6 - e80f8747 83b08f05 520b59c6 7b2fb4b3 9dc8f7a6 5dd206c7 6f614d8e 92fad067 - 1286d375 50ba9bad df01a7e6 3d3d344e eadbdb75 a2ec4943 bc07a2d9 8a5e8e63 - ba941d85 c9740d50 b15a0ec2 9e7e3f70 054b1ec8 4dba0662 cfe5d301 cfe78255 - 41fe867b 7b1ec83c ecc813ae 92f91c37 3891dfd6 790d83d2 67c3b52a 557f8701`), - Count: 3448, - P: internal.HI(`cbaeace3 677e98ad b2e49c00 2b8b0f43 4143b466 515839bf 813b097d 2d1ee681 - 5008c27a 3415bc22 31609874 5e5844f3 3ecc8887 c16dfb1c fb77dc4c 3f3571cc - eefd4291 8f6c48c3 702ab6ef 0919b7e8 402fc89b 35d09a0e 5040e309 1ee4674b - e891933c 1007e017 edd40818 7e4114b6 be5548d7 8db58b84 8475a422 62d7eb79 - 5f08d161 1055efea 8a6aeb20 eb0f1c22 f002a2e8 195bcbba 830b8461 3531bdd9 - ec71e5a9 7a9dccc6 5d6117b8 5d0ca66c 3fdaa347 6e97adcd 05a1f490 2bd04b92 - f400c42b a0c9940a 32600443 3b6d3001 28bf930f 484eaa63 02cd7a31 9ee5e561 - a12a3625 594020c2 40dba3be bd8a4751 5841f198 ebe43218 2639616f 6a7f9bd7 - 434f0534 8f7f1db3 115a9fee ba984a2b 73784334 de7737ee 3704535f ca2f4904 - cb4ad58f 172f2648 e1d62d05 8539ac78 3d032d18 33d2b9aa d96982c9 692e0ddb - b6615508 83ed66f7 aa8bce8f f0663a0a dda226c7 bd0e06df c72594a3 87c676a3 - ca06a300 62be1d85 f23e3e02 c4d65e06 1b619b04 e83a318e c55eca06 9eb85603`), - Q: internal.HI(`c2a8caf4 87180079 66f2ec13 4eaba3cb b07f31a8 f2667acb 5d9b872f a760a401`), - - H: internal.HB(`cafddcde a0226466 28aaec4c f61afea2 062a0eb2 d5cb81fc 02c84e94 9a60d8f0 - c860b894 3ca4cc07 81bbb56f e923d05a 5834d02c 4824c01c 38140907 c543817f - 3dbbf940 d0806000 60806000 0afcae20 5263e527 29eb4a5e 32c61a2e 027498ba - 30665c12 88beb46a ad24bc14 2c049cf4 0ce44f79 ee68a29c 56d00a38 c4101c62 - bedab652 ae31df4d 7b6917be bc7ac0d0 a0308090 60f04071 e31507b9 2b5d4f01 - 7302ac00 14e87cd0 e4b80a30 16bcc7bd 73e91f34 bc040cd4 5c3810a8 006a147e - a8923ca6 d00d3a46 129eeaf6 c24e9abb 9ac8b664 d200ee9c 0a8040c0 00d060b0 - c090c9eb cd6fd1f3 94063834 b8fc00c4 488c9002 56a74db3 d9bf65cb f1d71cc0 - 88105860 28b0f800 9af46913 7da7913b a502be3a 76724894 a06c8caa 882684a2 - 80275543 b8f8f8b8 38787838 b8e88aec 0ef092f4 16f82458 4c86cace 92165a5e - df354b21 2c5238de 448840b8 f0e8a018 844c536d 47e13b55 2fc92360 bcf8f4b0 - 2c686420 9cecba29 4725c321 3f1d3060 50004040 0080c0c0 287a8c5e f042e385`), - G: internal.HI(`17a1c167 af836cc8 5149be43 63f1bb4f 0010848f c9b678b4 e026f1f3 87133749 - a4b1bba4 c23252a4 c86f31e2 1e8acacb 4e33ad89 b7c3d79a 5409268b fba82b45 - 814e4352 0c09d631 613fa35d b9caf18f 791c2729 a4b014bc 79a85a90 cd541037 - 119eccde 0778863f fcb9c259 31fcd33a 6706e5fe 1f495bb8 bcb3d0ee c9b6d5a9 - 373127a2 121e37d9 8a840330 258dbfce e7e06f81 5b69c16c 5d17289c 4cc37e71 - 9b856298 d4e1574e 4f4f8515 baf9a850 d11dda09 55bc30fa 5b16792d 673a3b1f - 41512fc3 eb89452d 51509f97 4d878b48 2d2ad2ed 32be1905 6f574504 2bff804f - b7482796 612b746f e8d70a83 8cc6f496 dd0ffc3d 95c1e0b1 98184d73 523656a0 - 6431bc52 5c2bc161 9729e8c0 88f6df91 5645e060 922a4af3 edd63047 c7b6077c - 667c07d8 8eb00f4c fe59d32e 5f545012 c566516b 7874fb3d aed51403 31f29528 - b30fc8b8 a9371c28 18017b09 53a84ffc 9fbff84b 64bf0238 aa7e2af2 ecadc15a - 1c06dadc f1f2e7b1 240a5e64 5a6469c9 b002215d 9a91c2a4 ed2fb547 a942d777`), - - XKEY: internal.HB(`80f96d39 d9e9230d 47c7ac5b c40e94d7 c3ca4c8e fa2bb0cd f1a369ab 14dfce52`), - X: internal.HI(`7c28569a 94b46fa7 45c8d306 ad7dc189 96ce046e ebe04383 8391c232 078db05a`), - Y: internal.HI(`2574e10e 806f1c42 58f7cf8f a4a6cf2b eb177dbe 60e4ec17 df21dcdb a72073f6 - 5565506d a3df98d5 a6c8eee6 1b6b5d88 b98c47c2 b2f6fc6f 504fa4fb c7f411e2 - 3eaa3b18 7a353dae d41533a9 558ab932 0a154cae cc544e43 0008889a 2c899373 - ec75a24c ff26247c f297d293 747ecc05 b3483647 a87bcbb8 d4500092 09f5e449 - a00a659b 637ce139 cf6487ac a70f9c00 cb670c7f 3b95bfd7 cf236a0a 6f3c93be - 8d9cf591 c9d30686 9415b1aa 97264b90 4167850a 4794c780 be4527df feb67be6 - e66786c5 cce0378c cb49920d 855558f4 dac4c42f 92dd229b 483b2257 db0ce35d - c737f980 1a261a02 bdf718c2 fd4d69c5 2e0d9712 b42c4897 bae7c684 d3d35bc5 - 726ce899 2696b044 d722afba 78efa858 c4d10f19 72112ce8 ffd39792 49bf14e4 - 9d8e0d9a cb1b0a9c a90d0551 1803845d 7c670bcf 1b066497 a7743b08 a219e764 - ea0a3a2a 617661c1 6a372fe0 58b547a2 8b626ecf 442222e1 8eef487c c101dbfb - 715bc33a b85928ec f0bd4dea 30f250a6 a5c86178 83ea0f87 3e7a4651 98c4644b`), - Z: internal.HI(`ea 0a 3a 2a 61 76 61 c1 6a 37 2f e0 58 b5 47 a2 8b 62 6e cf 44 22 22 e1 - 8e ef 48 7c c1 01 db fb 71 5b c3 3a b8 59 28 ec f0 bd 4d ea 30 f2 50 a6 - a5 c8 61 78 83 ea 0f 87 3e 7a 46 51 98 c4 64 4b`), - - KKEY: internal.HI(`83f3008f cebae57e c7a64a3a f7ee6ee1 9cc197a6 d5eba3a5 b3ef79b2 f8f3dd53`), - R: internal.HI(`54 7a 99 02 07 de dd 6d ff 97 89 c4 78 79 ac d9 60 d7 92 51 4b d9 1c 51 - de c2 a2 4f 90 4c 03 f1`), - S: internal.HI(`1668797b 26641e72 94aa68d3 8562eae3 caa842d0 f446949c 4268ae3d 0392434f`), - }, - } -) diff --git a/kcdsa/key.go b/kcdsa/key.go index 012b3eb..77bf689 100644 --- a/kcdsa/key.go +++ b/kcdsa/key.go @@ -7,8 +7,17 @@ import ( "github.com/RyuaNerin/go-krypto/internal" ) +// only for GenerateParametersTTAK or GenerateParametersTTAKPQG +type TTAKParameters struct { + J *big.Int + Seed []byte + Count int +} + type Parameters struct { P, Q, G *big.Int + + TTAKParams TTAKParameters } // PublicKey represents a KCDSA public key. diff --git a/kcdsa/internal/testcases_2048_224_SHA224_test.go b/kcdsa/testcases_2048_224_SHA224_test.go similarity index 98% rename from kcdsa/internal/testcases_2048_224_SHA224_test.go rename to kcdsa/testcases_2048_224_SHA224_test.go index 65e6c77..c3f1db2 100644 --- a/kcdsa/internal/testcases_2048_224_SHA224_test.go +++ b/kcdsa/testcases_2048_224_SHA224_test.go @@ -1,4 +1,4 @@ -package internal +package kcdsa import ( "testing" @@ -12,7 +12,7 @@ var testCase_2048_224_SHA224 = []testCase{ //////////////////////////////////////////////////////////////////////////////////////////////////// // KCDSA_(2048)(224)(SHA-224)_SGT.txt { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`99811DA76C8218A64F16C765831F140AA833095E3D3126DAC600CAAE8BDDC68E364AB88DDD4AFC56BFFADF17E76DA84C515D41B8A291CF536CB7E087060EC6CEEFE80D1B58A33108C35FD13E897B7B88B51BE194BD693DA5754EC008EBC712C96A4A3BC24B67AABFD2FD9DA28FA1F9EC8032A8E96F6B89AC2AC941AB66E83B8E1BEC0DEE9241110003071BE1B028FC29C7DD046E829D43046014D1BF30FDF2C68C4F60CBE42DCC1E83A9A3E0F9E745BADA12BC7629E801D1AFC244BDEBD1274CE415CA476A807CADA8F2C42E8E43E1F41E66DB4C4389814301DEFFD48B24270EF46A1A387EE8F188FAE13A4C4CDD16FB93212D41F7F6FEB48FC9C41771FBFB97`), Q: internal.HI(`9361B81F5CACD41B174CA3ECE9A6D00C2659025F4E971AD576C011EF`), G: internal.HI(`85433986A2AD22D6966D09ADC7FEA96C819F3EA05D48BB4F6DA7320338C1F15FCA3E0A0997E0F3E534147560B3BF001364080E5EFFEB22D741BB6B847E510EBC5760E7DB680D4B9D5BA056C67FECFD43E5BA603BE1F45E033DC54DF46BA15BA1DB7B03FC8622CF8D7FF722790ADB1A3C7A6F3C6A45BAFCD4B334E37E542A07E8981B1A9B662287B79EC23503DEECE39323EF41113B1CE7B6B1F97DD616CEFBEB7E6E6DA548E5707D51C0B30147D280284E68E939DC3B3F372BDD8DBAE6E81E6D81C311FE425D21D9911FC62D9FC9F75C692E93C035A80092E6FE1C9B4EDFE3EDBA2BA8B73AA981F134A1994E70412ED1342207F991610EF9CA9739FCB322F324`), @@ -23,7 +23,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`85AD4A43FB7971E336CE6E727B35084CE610C2174727FD4E2E5FBC0C`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`87C7CC1148C5CE5CB839BB27A8A15330A27BE9F99C80000DEE4790DF95BEE0E164807AD109CDBCD3E9B235AE6C1845C47718D2547A24FDB90B93318501C9487D43992C634D19AFA368F256BC75832D503F8DEC3B3F57ADC40C3098EF6F072C30FEA3DE6482BFA3C2762F28A0E67DBA0EE1CB07E8B19976BC8ABD4D6B096B5490E2D4FFD50F586D15CC6BCFA4C4B9BE073AD1C8C1C7B98F9341CF99DEFC7B354B48A9E0123676A2DB1DF714B8402A7D1024ED737EAB1E344640A84DF721E5CB0961D0AB88357B273797477C5BA01B3F2A08CE5C24A1FC70B43F7482A8EAFDE7928F5F3D9C28EC94FDB8E23DF05ADA929F2D07B8148DC801A3496EE9CF8FA9A117`), Q: internal.HI(`811F50F2207676A6FD0DA5A28D844AD5D5EDEDD9E7460723FF8D6BCB`), G: internal.HI(`6DCC0503FDA95C0CD23B5790FF9A5878019A14D27E9DA8334BB10B2F07643A65BA583026F7E23BAE464BAA2B89BCB68A7368E3191E993FD4F135BBE75600F57030470F6A6F733954C6CF37E920358F45F74FD0E1314D8CF0E73D19FFA42FDA7BCAB34D8FBD53CCC1FBE0525ED17B320F14A6F6E00332EA932F9EC7060233D4FD422ABADD4262B3CB4A3C2F11EE85F1757706992C955CA7A4ABEE268CF45943AE852975FDB191F026A97261F56441F5BC480F12275048F0032F15ABF8700FFCF38ECC785B5E8DD2B96BF985EE8B0BC504A7E04CD07370CB6CF7F53041DC24060EB31A4307D3EBCD0EA8C513F0C39E5F81156B7C6E79CB7BB9D744670DEE87BEA`), @@ -34,7 +34,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`2CE1D9E021F479E42ECAC7A9DB62F1E62EB2A039AC729EB6EF337205`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`EC1C873E596CC8537C4473F474D3116D7F0B3FD3FA7ACD6F7FEEB7D27636059BAD32971AA6DA022F5F618F731D1C4180FDBD3F0C7D1F374744620BDC8D643FC768BBE7711A67CF4E19CF89DE48AA9FB64F533D7ACEE4518A7CB472F017F5BB2E659E935CF4B7F74DA2D38A9ED38B5B91F4918AA14C903211C89B11355817D0F46CDD1B7B4214D47E4861DDC81D67CB60D2CA0E9541FC748EED592141CEEE7B3C38B7C66E625140CF1FA176405373B11151FE9508709F51CD2EA39C42255B1AB63BF0BB4E9AAFF2A6787FD24B670B399F1D0E067A8586E94C831886F4477C1511BD23BDCB0EB595CDCADD8C52AE25AA5FF3A4EA6A5048FF9095193FB9E7A4EF27`), Q: internal.HI(`E67B2502EE1752A619A5406C2FCB167DB93B96D92A6009F59C876CC3`), G: internal.HI(`D2BA0E8C1A2CBA475C55530F3EA965F4DD1AEAC82B73121778C7D10F4DC8D07D124F7067FC88CE8E4FBD89D88B785BB56D9532F3B48136099868C60E93257ECAC576278BBA8DAA5774EED117DCD8DA50A26B7D7D502CA75606BC9D52365B5CDA8DE29778569064CDB9DFD5DA4783C05746153BBBBE116B95048C397AFCA508B04412DCBA609436BB5AF519454157C45F3111B8A1414061A3E6E589D7FFD7AB0D1F4272747DD5B36F1EDE8AB4D6F63E6033DA086EB180BE088CCD7836F9C2ABC330B46B5BD90F3E3E7993C9EEB9A73E9579B291D846C57DF2DAF1F6933D2DFC3CC9A63FC0722CF4CDE2651068810E06D1B2C1A63B2ECD8D8DB8943ADB13CF2724`), @@ -45,7 +45,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`903E9CC7D40BE8590DA548BADA9C08EE7F91195BFE89F6E348F875A8`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`E116EC9C01DF34A5408C8D61B97E031344B95B0E29EA83A55405A7A7EAA5E2CAAF91492F7FB71280591A1E95C251E4E21FFCE82379677CD58C77360001D54B9E3BD0CF297027585A5E51B41BF4EA1FB5D4817FDCF4B2171694E5F61C4338D8828C15873826E82B7F6B42CE6BA39D5D7DE2DBF1D1BF3CE952EFE83CD62F26A2F3283D6550CC1D74FC19D69D693F4502E5D3760F44B1EF0EEC28523FC7B0EC6B104677925F4F67A65FE09100C8C9022C2A7D979425D978B27ECACA526CCCFE4EBF906B5BCA69918FABA1EFAB50AFD7AC2334BD094830DE4C0D3A884B27B602D47D4D3F6BB29460095382EB8EF936D8BB67DF44E4AD763A680D4AF4686D7A94E177`), Q: internal.HI(`CCBE1FC2E2F547ABD9697389E70C7E35C454AF6794B4DEFB11F674BB`), G: internal.HI(`172DE2ABEB6A37C237C719130635F389ED4F29EACC57BA5D1A78C098F3B40B53BCAB26A9B7E25468C41992F488DA9893998622764D53DC2D5A75C4947B31E05C24C7CB123FA9965AB25E945A4407260C1BF4C16F67262145484F832C70F0AF669F89ACC9E71DBC6F38EF5A0E4D95E82E28B4CAC8E8C461D08A82DD8EE015831161E735CE29D4FD889C0B7AB251713A69B747D214368B9AF23B17811435C74CB960EDB66EC06FB03B9753A13ACDA59536D2DDC3A62AB944C96A89DDC6F126B262034154F425A4028A4FC721817FDE84613C16011146D5ABE04B2A161B6C6466F34B5D6834A8E1FB7FDA0731FE16967F53B2FFA5E56928484BBD903E717AFFAF78`), @@ -56,7 +56,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`A8A43D25C406C906F9F9C394FB88044F4CB0521011E64B5E2D04F6C0`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`C748086250F4C7F5C1DDE5CF1BBC199FF6712DA2ED589956DF2D7135F311A44756F5C168B1D63A94C1293CDE59E3AB07051415BDAF68F8B216720DC4F465C355E6790F999809521F4C309C03EA80D9D1944CADF29907726C0FF99780A05357E8F5FB7FCFF12A160F4DA01CD1EBE6036DF5E34C0B982BC720F72AE08F500932B1A0EAA5DF2397EF935706D03F800FA06CDB6B4CED8E50B9AADF12AAC9B0604DF9214F2952CACA1A2E6EA74090F6F26DA85786CCCE804C93432AF744951FA1186374BB5EE856FF6DF5B78027BE339C15E9C8DB90020A840DFAE8DE792222D9E36D374907ED6CD0826A72C3BCA803BEA328DB67A4DE6F321CBFBD1BDC62D685884B`), Q: internal.HI(`B5C30C21D727F8789D1B3CB3D1593C2BF2B081035539E46BE52BC753`), G: internal.HI(`37BB6074B75D2FF541430735D15D78232CAA77F17EA632C15C8DC3DD7CE407E00D03334F811636EAB0A50A8555FF8890FD2C5D19BE8070771C9C7192A7B312522C6018C5FAD436AE02CFE75AF56114B1DC7DFE4677F5AEEDBAC65B932541138AD1FDBA1A5A442F6F9CBC3AA03F4DFE344B55E4742452817E8E9DB30DDBF582FFDFF99FF5A25424A72DED8E42FBD7FC87973257265F04064C67CBEB239B3FCAE06ECCC70DDAADF57A57D06D758B84AA158C93EAAA2C99C7C8C40B3648F824C849E5D83BBCF978D385C977373F64EBA6C0F1F0235DCB923CF6923EF184753F6E7F3CC996297D20BEDACBCD6C8F6047D94CE361782E1E6ECF7B46FB8E4D3EFEA28`), @@ -67,7 +67,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`224F5B5DA1426E48113F15C868505A76AA28A1E4AAF256131B57FD81`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`B71D892A9DD10BACBB8F3358574A83831BB1565EE6084C1F23EBFBF67724C87FF78252689C34E227CDF624FD22C6BA3D56FC61D86E98310E29854CF9694B3BAFFCEE8BCAE85AB0F6CDBACBB0268DC91CC8299B38D8CE2E1D13BD24AC166BDEED48FE1A0CF51350B6366DFE10C5D0BB99F21854ABC700C7D6C8D780DA5AA499F004A05F528730EE3F082DA12D51A9CF1E1D0DB11867014EF48EBD95B915D8364D4B83545F2F2DD5AFD31E6DA0A8F07E62F1DBDF255B6FA74AA91F9700F27B6782CCEB4702C416ABE12D0645793E41A218A3ACB8ACAB544BEDD89CA7A86FC09079FDAF3C6C1E0DF2C35A66571E6F644EA1CD638745DF805866E552DA75FE1C04B7`), Q: internal.HI(`A935B8B087204D8BC36FF5662CA4A95595A096D90B53031FAD407EA5`), G: internal.HI(`50E3AC18BA0092CF2888D665A8B8D68D4C972D60A70F3878EDE9F5F96352A0F5BB2D3BDDB6952CCD9EA8DE124F878835DADE26B5A8F8BC0E009F7DA4430E1BE9C6F9DED3EAC59F8B07F16A9BB453FC3B71CD734512AB5727207C0E4FA0108C60F2AF5293F8C867FE065E6AFCF4A3693C3DFF7ACD5F8F9833CED3937C09A9BFA06CD45367381809ACACBB0C8C64A66A3DF308EAF44FE19E4822A002D63C0EDE2B3F0B7D23EDBC5152AAAC5B93544DA0309CD939F93E8EAFD88B23AA9EE55F47339E060F222BD8408E6E606A730545915853BA8050180F5374699DB3F61834033773C96A3BEF6809710B1F63F9191F16921DF29DE6E72977624CABECEDF4237AE`), @@ -78,7 +78,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`42E64053B94EFD1B9D3EE67712D9E21F39FB0336271D09E376195652`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`AC32E42A0CE2C7E403CA40C2661DF3AAACF31769E2F1F51D49DD251225CFE0E909B981A7112CEAD4DEA9CB08506A05651B64C648BA4FD01C5F17EF6DE7625DB2E5F72ECF73ED8EDF57CB890EFDA6B7E4345CA2DDDE44B5933757424C31B83AA4612F5A384AEA9600C4B3120874DDA2975771BEB325FB74126A979F7B1326504A6F9C3C50C8DA8FFED2E83D9298914E34574B91A5D840D76764B560651A1E959AC26ED422AF7FB866E2A6F315F3A2A88B49DE742668F491431D67AE440D900DF0B559BB3D482B428E0AFB0BF629D4D9B03714CF0DFEC61271AC578AF154522A3E2982E117ABBA4320ACBEBC1FAF3D924AF8DA2641017D4668EAA9CB56394916C3`), Q: internal.HI(`A58A83F5E4B9BF0B3158E975339F471E7F592AF24AE4111E6EED5D2F`), G: internal.HI(`10C592682957A7103048B64FEA9CF3636CC9A31B89A607FD2BF6AFCD7B220A1D29C654C2B8F379EA13AE40A5CFAD555D3AA736367DADF5B81B8F53ADAC4E08B6B6CBCB24C806628DDF593A5F49FADF1A81D6D48DBC3DCA5649D8D44E081856D2492AF98216D5B438200E3A4F207EBFCEC49BA5E3B19064CD3C269C4DADF4F42BE8C968EA2DC9AB313A4421CAA5A3CC4BBC14DA93819DBB88A41ED24112BB4ABE0F77CC99FC9D124564D8F846159AFB989864A6D191434421427CCF8C5A53BE53D3B617B4B7685A2C7BA1C19370DD23C2852097A2E7C74D84C1F6157E3864A5C7FB239EB2D9F156A4A17C668536DCAB2BC9F822DA97C1E58316680B0CA1B61151`), @@ -89,7 +89,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`7C8EFD8C957FB6A472CBA2B06337B2A93BA76040500E35CD4963899C`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`B7544568DA85E4D52B25D3AF6D6F17F1F55EB96F246FBDA1CA5CEA3AEB06167829B2E2CF4F2DD20C8A56A57CCEFF6DB43F949D1C4475D515A4C5576E84ACCF06268A61C2679B39BE6BBBE6CA2727B9D53EA738CED863C16DD30893BA917FD642D531165693C1728F297A13B822FB3781EE6C1CD02765F03DE7530B125C5C5589E3BC48052E011F1752B6BABB5222E1959E4817EAB18D515EC3F4F6CEDC8483D380E0BDB8D67D94B530AA241EA1A5FF3DF5F1F9FC94C17607ED0329D333C858057D957E277B6FB803E0817BBE56F9833A786B2C8FC070669C15DD9B2C8D1BAD843A4BF2EBE2B5D4D6BDFAB40D4FB5D28CCB0151F5BA2AE928D35693DE0DCE524F`), Q: internal.HI(`A719193936A10FA91741D456991423729DA012C02C7F1A38719A1ACB`), G: internal.HI(`578E5B373B7FE22DA9BAC269B3AD426AB8E6714D82A3F45DDEEE147E11F7855EBBBA60334727122C9312B86DE19D21C284C6E1057AAEE84D9DEB5B2D81AC2F21EAB4C8DF4C5BAF9876050B0FFD1BD214B40EEFA352285B5E327CFDC168DC81C50413AD312FC7F06394D0638BE965C2A17C6184605593CACACD8CB8045271BCCA9F828231604E47EA6BDE0C469A13D873D7A70D1D5ADECA5B170FC04C3268BEC6F422C40D5B6CE30F344561DC4DEB93BBFBBF8F6ADF7FC20AC86C377A9D9A3724AB091A44F80EDAFC0889A3F86DA765FD969EBF49313774921DEA7CB43ED5948147AA1EAADD6117AB7E2B873BEEA8C31FD13D07140148DC552B074C364D169B8C`), @@ -100,7 +100,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`753B2DAC65F0C677A220625A405B43B6F6938A445015A49C19ED0BD4`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`A92ED90C8C6D83C3EBB71F816742A759648A333761FDB15179529141AD0420B2BF39F7DDF02263740C59E0A92C9A96F46A8A37F0E977C1ECEB5517B3C1807269F1E5CEB9027B15C2C800B2382B8A263CB3996807C27E8C939912EB4B0D57F86181A0D9D51AF73967F56FD44C2D11228D45EE17DCC9B9327BC9FA43DE003D98B6642AB09E7A7EC78D8E15764F2DF36866D7F82CE11CD5DC613D355C0A61B4FFF26B60AA10A94431DD09DCBF652E9F444E2B029D7D9C269B9C669773CE1ADCB3ED6C9889F7830DA0F848B3F89CAA292A07C39430CD7094DA568E9C034EC1E59AEAA2FEC3E83E5B7BEFEA812A6E7D0D1326BBE0464FB69485C96429099FDF83C48B`), Q: internal.HI(`A5038E4A4AE2E034027E0438013E38464C0FBCFA4FFC631636ADB6A9`), G: internal.HI(`23C9B7B700E25870331E72E2B29B691B1C691EC1B542FC1C9009C03E6F17F059D660D1D1DCEC4F5B2A9AA77BD193D4A6F81810D7A00119B01997D37C285EBB55A8A64D809692BEFD7027E2EE19EC70B3D805EBA4C42BABEC8799D90B5518566C65BA8451D19652133CB97DDD8EFF2F694F455360E877E4087EFBC213B4D5A0839D7C412593EBE99E6A360B08A0365D2A0609D3DBC99F4C4EDC488B7FBCB72BC5EDBA252BA1C5C18E84291C7946933F80FF45552720E5531F7A1D16EC47EE7B9121DF82968049CE5B516043D05B436469F50654EF65C5E7715058B1AB41D9A0D87F2526F4EECF4B90BF9676B47B1F72FEFFE93609AC066ACA9D1A18A37F728B67`), @@ -111,7 +111,7 @@ var testCase_2048_224_SHA224 = []testCase{ S: internal.HI(`81C7BC918676EBACABCDCAD0B2489DB53ADD8B79B3062341740408E4`), }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`DBF0035414F968FD804701035BC45F09371B7CF5081B8664DD3FBBA25E217B9828416EB342811A0F3D45C3E865B35DCEEECDE1E6B295B409DCF24499CF02A4467B2C26FA3764AFC2637363C0DAD0A6AFB95475EE6320029B81A8C41B4C4625A4086C0D826072140025C5D25A01A32673F4F9CF44BB9C12F70AE8B98856A4ED6BF67694D04C644DE7E4F2FF153C71DEDED59B018B855A43D2C51D2871A3C9328B81D8F6CAC0028BB2EAFD9C7496E69C381DCC8D827CDEDDD1B0B65FB31CDD2D6BF1F06FCAF01F6491D468FEF36440754A2915A38B40565A5ACBB85BEF1A7CEAEEB337EE5B69D46DE396C9F94799C1277F7C7FD5C423F82F1FB42CFA205537AB87`), Q: internal.HI(`CDED6E70EA33B2CAA7357D79A3C0A3EE602E9A8F599AF96BE371968F`), G: internal.HI(`D45240D3BCDCD0AF5F7152417BB84FD26B7E9FE3A279F2EB1463240780B6186D6F4E1D756419E5708D405A7DF5F5B46E7D6ACA6947540E3B4ABF11DE386E4F90059AD7EE1001522C822A93A0DCC30682BD684EE73E92BFF11AC2A1695D1D1691CBFA583CE70647EFD96DCB795C766D022E075D6BAA846062367B409EB11FF5BE7E3268F9FB17A2B040517ECEB87100744E434C723BDE4E0E3EE67977790E0A9E97890CE4916FF9C83A2508B8062F251E0EA5346CCE366776EFA0DB3A7BE61BCB641C354053FAB6285B9EDC053D7AA189A80BBD457EAF77FBB24F43635313E602BEDF0BA45E655E81E62FFF00BCB12CB6A7FDF0D30D2A37307F4DF6BD1FD0D93E`), @@ -124,7 +124,7 @@ var testCase_2048_224_SHA224 = []testCase{ //////////////////////////////////////////////////////////////////////////////////////////////////// // KCDSA_(2048)(224)(SHA-224)_SVT.txt { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -136,7 +136,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -148,7 +148,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -160,7 +160,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: true, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -172,7 +172,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -184,7 +184,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -196,7 +196,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -208,7 +208,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: true, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -220,7 +220,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -232,7 +232,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -244,7 +244,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -256,7 +256,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -268,7 +268,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: true, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -280,7 +280,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: true, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), @@ -292,7 +292,7 @@ var testCase_2048_224_SHA224 = []testCase{ Fail: false, }, { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, P: internal.HI(`8EBAF0658E1C4D432BFC2835FEE088CC9E5EDB8FD06AEB48177594F9B2DC31E37517ECEDFB018F827380A24DABA5D916AEDEAA9D7DC767DC760E81E635BD7610EFAB9C199C03F6A6AE2B1FC825E9824E08C756F69AE4356A0DCC7BC46C227B6FABEDCC1CD61D04720A1B790C254BFCE0811BB657761A57D3764E438CE2C0B33D04BA28EF043A575FE8A062727FA4BB122C2EADEB1EB30B81E36702A25A4AAD20A96A9EE28594B232385ED740D8291FD6CB97B25AC18207C1AF33E2E86B16DDAD55BF4C49938F3F31B1DFD806DC9A637220F693005D33863655920EB5A0FF2E4922C138D12BA99112F9312CCEB2EE55DBC079E3D6A3C5D1CBDDDEC6B6E7BDD19F`), Q: internal.HI(`8D492391758CDFAFDF2F1DED9C7C1A6B28A3FAF259DA6FF1878EEE07`), G: internal.HI(`6EC9C5EA61CDAA4163DCC4DA8C5FEC6CC5469CDC3D86169A9E022DA08DC218C2757183DB9F7E9B49CF9E860C528E92F771EF4ED6C2D796A903D588BC0514219B239AB94084B7AB83F90ABEF19BC012347C0D2ECFD0EE80D65C08861D54272FB648759E1ADE2D55BAD3C050E4F066670B36468398BE6CBA75FD518B8DAE123773C95CC81D789776C62CBFBA0A8CC7CE0A2EC1040D87320D0E91A851C36F4BD1D1C23140B548F9D994B8E4ECC3C73356B709B47563F56CEBBE1048BE3FCCF3E0217B996A1C022ED9026131F00677A17387D884336D28BC0F386B07B30C3EA36118D057299D24685E9BE7B1652508AB3ABA36D03E37C8F9EE0579BBAEDB58AFF7DC`), diff --git a/kcdsa/internal/testcases_2048_256_SHA256_test.go b/kcdsa/testcases_2048_256_SHA256_test.go similarity index 98% rename from kcdsa/internal/testcases_2048_256_SHA256_test.go rename to kcdsa/testcases_2048_256_SHA256_test.go index dfa9181..439f7ee 100644 --- a/kcdsa/internal/testcases_2048_256_SHA256_test.go +++ b/kcdsa/testcases_2048_256_SHA256_test.go @@ -1,4 +1,4 @@ -package internal +package kcdsa import ( "testing" @@ -12,7 +12,7 @@ var testCase_2048_256_SHA256 = []testCase{ //////////////////////////////////////////////////////////////////////////////////////////////////// // KCDSA_(2048)(256)(SHA-256)_SGT.txt { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`8FC3DD39F1EB67436524503260C8F561C3DF7AAA55C6B7695ACED51D2ED107344C86290C46E749B3612A304FA9AEBCAC858F6F732A95F4A2471348AD1FC1BAF8708E9D7F3977F3EB978E50B426CF36ABE22DA6C4973489C8E561F092074DF25B91520B798AA46C7C3F95ECD5B5436F7F660FECF957168AF75DB5025BE1218CBBB6E8C22164154A4A107E5BDC80A26F7E58DED90EC0E5797EB1A335ADCA8C1C653ED0D28638730064A1A5622DBF7AEF2573D10D519C4ADA4572CAB694D9CFB228F678DD47A2D15FAAE1570FD0CED042775B3F6BBCCB24A994C27A27BF2CE832027F5B4E4BFCDC74B79D606FEE203F3962D7774201B81646F554DD765EBAE2C5EB`), Q: internal.HI(`884460255C6079174FC9DF905F36387CF284202B089F5A1B5618E0047EDB965D`), G: internal.HI(`75D6337A746CB90DD912AA5D308D05F82C3316E6D661D0BC0938E676474E65A6B5EE97B0E0CE402FB32362245FCE040619C0DB353BF2AC9DE98BBCF3C0EDD15C65FE3BED4C428DB9539961032125780EB4DC9EF59D9EB866F91AB4FF603DE81F14D6D9F473CEAC03DF848A102EB2B60E04DE7AD0A1CF8D1DE00C88E6AE962FD3906C8649A98DA4E5D99588F1593D84C0C636E0B1CE28C3CCABD6E35CC7EC788076B181CAE1F718768E6F90B74B0E7C870B0BE279B510BE79DC07819A4D6F89D5D799B3E007544564ABD435E98E9B5618AAA48F5527DD20E0676A31288269E3F1B7BC655A518AD896878591924344BB09D86785A9C7EF8159C5CF15791D542353`), @@ -23,7 +23,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`4C9EA075978BF533092844F2E25E3A111AB88A549EF5CA79A7917C9B3B1D2123`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`F758845BEFAC328718F3422298689208184FB6D851020E4DAD3BC9991E1AC30591F190EF8829BE08543699108830758CBAE9A5100FF546D2AB69DA8F543386BDD4EA92BDF5D88728F7E537DFAE5434DB907DE3474729DEE0D6538D5BD86BFC458622A80ACE0C14EB5D42A1DC38E30E0EBD4562A473A52B1C6908C47C631501A4A05B9CE97EBC714A5B2C17C13D9DDAE1FBF6FC2807E3005636B27C05F63AE5C4F809BD97DA66E1791E93ABAE971FB1D4E35DBAF20319CC01ACFBC60BDBE9A6A1133517FD495B1719F30D5ACE8B5BC44352FEBE766F3FDB878214E0FB09102F56051DBE6422BE4C64097274E83027E55E59F51297D35D045327D16232C635F8E7`), Q: internal.HI(`DF151FF03880D70302069CFAFDCF5B2B7934D07BACD568D5F7C7C01FA7FF932B`), G: internal.HI(`64896F685EC3781A227510C7F1F7EDF0B8AD4CB0C70B9C91A5C77DFFDF66D4EDA02EB5EBBB3034D2E70BDB53D2DF1EB7D288643ABB93FAD49680D83BA210F6F8BDFF7B43ED1A45D8432CFA3EC71F4E937B03267DA3A2CD29C9FA146D0D17A11BBF43832452F10D6C9E984A1B61E86499F5CBB0B0A732D0311439737715EE7B93CF4BDC5318862802FC596E72D12656D69E793D0E753EAC594734CC776CE01F5005ABEE7B62349582BD9825C91EDDF35A9578221887DA9289A168BDD5C73CBCB65000A356EE391856FA3E4B118579D1BD4DE7F5E1B9049D394940A773524B6DAB63F8C0D4060AE918079FDFBB25EB91531359B6B35A44D095F5733E3662CC1A28`), @@ -34,7 +34,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`146BD1E6EDF72A4D73E1C17DE1F973CD0F684FA9477E49CA67E4F91B0DEDCA7C`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`E0B09144F0160B377246AC29E8B90BE3CF66B6EE8E70595B12AC322DA470485665CCBDE67D34219E712DB126F191C7A7D0C18D662A77E8F2B4B3FC7EFE734E4224FDB028E6F55D8F2AFB546D7F3C649F9A85BB1F69B30F794042530AABCB53A026DD1908CDC0EF93D91427CA24FBCB2535DC9E89133BAC7C38D700BDD894656DAFE5B83FF3708E29A7F2901500733CF98B4106EE19D020C590343B4B53A1E28764B518A885E40003D2EB3FD34729F3264521DB1B9BA8FC0676733A7FEB7D8F353727D9B73393E0E19D0C6ED609E716A2FD2C5E55A942D9271C611F1D2D770DF0B6B2B237447352DF112A49654BCB176BBD688C7B53061D5867045720E072CF83`), Q: internal.HI(`CE058726D9C6F8C032BECBD4E040DC52EF9C37AF7755BB7AABE91C67D7D04679`), G: internal.HI(`7F824D0A2FE3BF8BF7D286858D3EF755A14EDF417A945F2D0697D8DDF134A880592BC8319A5E9433290E06F79A0AEBAEF65F9B47F143BB8D811A358F16EBDEFFF6E208530F42DCB015C5D8E03C1144A1CBD0FA4C9763BF52A181CF1383D3A2B65615514915DF7F8B71C6504F65BA321081BEA6D9D18BA740C8EB01D35A89346D1BF65CD41E0B0A81E062026C840B67841EA04FD8BCF4850D26ED8513C21352D7DF769286CD36C4B749307AF8DFEB59CD09D1818B2B3431A2C6541381354C83C31DC831EF069CAEDCA53F289E7B509AB680691C2556E4126630B3416F56CD7995626CFCDAB74FBE535B6950CE62EAA833F31D278F32F50CCC78EE45D8970A0F6C`), @@ -45,7 +45,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`B42E9437EB2264AAA75ECB017BAAC64E7086E2E742C26AA406997BF209E39C4E`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`DF5AB8B4DE25684F5D4A5243B7F1909FA77D8BDD929B6626C71462EE7517CB814727ECB4A3CCD6ED946EDF2878B7FBCD70CBE42AF20A8BE51CAE88CB989F8DF84DCFDDC975EC8A15E8CEC361F9F8E7403ABF135F3B1BF5974719E209AEABCD1D940B4421D473BBA49402A6140201D3CA91FCCA96F6CC765B84FAF1FA48EC7BBA2D7C68BD31F2EB6CB744CFEDDD960F5199CD0F07D6757624B61CCC3E71A0A6B2ADF4C4F0829C689E1FF6F7516D7F2F518887ADD00FD08003CB0BB12C65334C5431DB601083279377BEEEE7203D4BBC2F39D24FA7AE2C93A0E91F7C59EBD6422E028E25D880D0A972920D0F73CC58619A4D1A7BF18E26A6CED8EB31C5BD3FCFE7`), Q: internal.HI(`CB72BA022C2B127F3438C4D8EB38AE79AF7F451053C9CBF763F6D2155B2CA3F1`), G: internal.HI(`80CCE2C9CBABF63C93553747ACE5E6E6AD60E738C15AE918791AB7C5A4D6D6F4B60E54C9D3CC2BC82F689570DD5C2228626B49878EFEBE32D5BF5CAA8BB0E765C28071ABE96E191AD4756C4F6B7017CECAAEA6F211935442A8303A6A1B88ECA359EA643B15534896F4A03E14376A00441A35398A87DE6EEE8F5E5F403BB071E5680973D1BF6D741A333100F2DF17478DEAA60FA26F8049588E98057E0261B84D3D33D9B65252CFF4CCDC10BAD6674DE55A0DD5ECB83E9232A154DDBC155AAF252CF4DC4AD40E9288F861FAD07E868BA0CB20C423355313B11066E0F54A14DD3EC3782829018323AD3D80ACE7863BAAAD09F3BC42F245D03AD5800D95ADAD2F02`), @@ -56,7 +56,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`42DEDF134E330432A765343A2669EE60637C0DE16AC302A9DC19703DCBBBA749`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`A96AF2C692C57E6721E8335DF76975B35A472F64180C975B9215C7AAE5FE54000609CBABBACD2871ACDFABA5A1B5BF4A430ED1157ABF0CFEC280B343E0ACC891C74DD880B0045A8223C52E65335F054BECE3CC4DB4C7C02DCCF7916F359DC1C06AE3B97E1C50FB64FEE9AFD7F72A6E51A45C1265F4B7AB7D4328C20F330C84D023E397F1CA5E987645D99CF32C15A6C85A020C0B192406135825951F73A243AE66CF08BA50798D23563F0D3F88038D24762735CDEECD64007643F844694A828726B155E4FE0D8D0DB1973B15346CFA3BE49246EE2F14219B8082DADEE81488AD925A7F77DA0675E73580EB169A52AFCD1DEE8D61AAA53AC5C27EC07C39BF1FBB`), Q: internal.HI(`A9398B11F06556020E250B4A1D05752A170788731C6E0A2B8D7F742AD7A22DD9`), G: internal.HI(`9FDFE3B6D27A1EA202FA0246918491A8A731A769DE697C7C8065761D23C6A3322553B9ECB9D7D445A2F817E3B52427530DC251E3DE74CA45AC55E84087644013CF8EEF01064EB803FD87B538996909F470935F74BA0FD1B23D1CB5228751ED6BD79940D14A513C4DAABE48386888B108D82AA5A50DE7E68D506AF871A5412CBE26ECF3F68C3472D7D0AB570304A33E646A9C68D146BD03F91BBD7B2318B982026A948B177B11183AA659C769DA70D9A3EF61F8C2A4E59AC94E3D8D28F98EAE4957E3AC8AADEEBC2669D7FF27EE19D303A4DF097057E190E689865655AE84EFAA5940933AB35D830EB934B4456F9819F0BA446D1FAF0835F4A6A6D3D3945DB4B5`), @@ -67,7 +67,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`53DAF172423A441A39160235190E6B40ED7B13C03C8407E8340E2993A900C64D`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`B7C49481D51BF9FD0C127404202F22E78019BE35103D8BDC77E3F3E60ADF726DFFD731D1C1DDD251CDEFB65599052CFCD95FD38E8FACC8A8B4C63920A57BA32DC273A26D73B882EE2956FC317EEC64C697849DFF71332A4230F49778EE719C5D9CA4E020FD1A0FF88C6CAD826CF67D1C980791BAF0D655B623E63AAFF78068443E0E4102A10101D7BB173AA5F461BF22D537C07778BE39A35C31F9C60DB280AB6C02F4F1DFE6502561BA192A844A20001A167C447A007F5CF56085BE7AEC1FC164376FE04A97F8FAF25A00C15D02981310EF06859F265017DA438A2E02DC19C74C60BF0234BAB212B1AF000262F47BD3DB4C455A770E3F2800F8E0CFC8BFFC93`), Q: internal.HI(`A76DA05A17BD266F5997E1DFD63FDFC520E37250921590E03A0965678BA6C6F3`), G: internal.HI(`1FFC41A6A2EE9B55956E2437C3FF9B3C37F6E820962A00F1FAE5C6AEF687C6C9AD8A7C5674E6683BEB9368FEF1A4A05F0815B376F4EE147EFA546E591BEF1E50A7F67BED7CE4F2B12613547CFB4239B9CDEAB884E1F3443529657F3C950130784F6AB42450341E98029873712B36A3089C1D10F74A6B39DFFB093CBFB95F9D57635BB652D081785D43D209E6A6C6685EDE8E404C56B28E33DDBF64ECE9297F97664B42B9EDA6493D6B059B78BBF1E8020E8A88AB9B92946CE09CD5D8F90BD53481AB6F22B897FFEA59CD001CAB8831DCF55A2BD452F21255B3E06BB1FD46ACDA1EF7D3E018F2B22AA9D3DFF55964B296F2D96A8992BAA5B2516F6886E9EA80E9`), @@ -78,7 +78,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`26FB45EB47EBAF9AFCC8C899B21C34636F0B7018004DA195D0DC17E93ECAAA69`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`EC3C8A2FDB6D2292CE16537E6624313442B2213B44638690419217DC50D9DC200573009E324E28667214C486DB0E99BD37D0B5EB1E2AE65AF0896D4E906DC93405A0F7088F46F929B2DFDE16BD1A43F257EE5C9C65BF0BE1EDF8A3FD94EAEAA4DEE9F05317C2A5328BD45C49E9DBA30857512F07253769D00854625A530BC478CA0FDC409C5E9659AC03305728C74BCB04AF5FB6AE4500FA37D36349C826529861BE1A29ACADE11218757133FDD060EA57A132271E04BA67E9889820136EFEB44AC26E6DFED2B4C6A59923BA778C4DE5C89512285910ADAE0F253F94100B28FDDA1A565554DE30D2B54E79052B2D76759D346BF59BEEBA51B1B05B22E32FDA17`), Q: internal.HI(`DDF09AAD8B048B1A62522BA4882E4FCC47046D38A3E1A5F8743B549DAFD23F81`), G: internal.HI(`7138E4415F878CEAF4FBBD5C8902CE6DB5CB1A7F9FA276DE2F0B9C4BDE2E730C1A2EC369FB2911F22FC69D5EEE47D8707FD3E87B3577675AEE0BC5840A7BF641C144FB8F037DBC3A221F07BA6D48AC9F5C21578B8E9EC20FFAF89273000854A73BC846FD437CBE23F5E2D33247E31CB12D96E08C15431085DEE5E4EB9010452DD607FBBD380D148BD508BBAADE11602D637163BAE2D921BD9653C794359A7C891D77C8917BA98778A2F2CC890D2F8070193B41CCE8F8733B1A14582B3476FD4A2513EABFAEDA81FDC92B130E240946AFC7EBF1A5EDFE72B75F1B64CDDD406352EC08C9E774953DA7D18399F3BC4ECEF755F98E29A474FE63043FA2FD275C2BF1`), @@ -89,7 +89,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`CB6F9BC374F7B640400F97669ACFDBF9894B00FAE31C31FC4FA700FFF7232594`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`FB18C7DA5DED5135431E9FD3F566F77B878FD47C7DED4D19922725A64BD5EDC9D6BD5D2D0BA98B6FD3D8A319913A1E4E5DD243A1A01087AFD0606CF3C5A18A1B461263F80E997BB8FC38C59CE424E5B408125EF0E271494BEEA7BA64B2911C24E4D0052F87CF8A00EB70AC906962071DE97830B277D037DBE49045950CF49650D039C8558BBA2FEBECCF9A270174C7D738C68A6E6AE913C5CD1A97282085CAEEECC33B2C5624E71583782E389EEE9B65C87937089DC6E3CDEC86516512A9C1D693874E615D212C77119D3D2B014FC3DC612977DB563858210B18AFC34BCD7A6B607D421DA9249A45AF08F482918FEFB0DEFE45CFE808904DD35D3BDF0CB0EF0B`), Q: internal.HI(`F415AB07DB434A5F07B6FD38ED303FA17E5FA55B0DE1A82EC299FCC8493A15DD`), G: internal.HI(`93EF9556D8FA2B06AF63EB9C8E912B18C90E3A6BBA85D01A94C3D22F90C76CCA06AA8D99BC0DD2EF526649CE119BA13A7BB654DA7EE300ECCB3D4A19231B61BB5A35177D8E1755C7E8F8BF18EAF1CFEC26F5909867DCFF4AD78DF073B85DFAF9A210DD65D9BA3D0FD29078E7D6861306E2FA06223F26B8443F4BAAB8E8E3A17C6970859C2E839DEFC691E10DD9B2AEF66681690235459171A3E05F6503CE8FD95062E5D1D6F5762A0C0D5712B6D8352699862BB93D5506D0501DF89AD1F399797126E6E70C48D0ECC66098FCBD4AA588C3A4C3BC7E16539124D044D71969C857B75F7E18F85AC73E86FE17893CF76165D34C591620E2274FAAA5B3857B43BAF`), @@ -100,7 +100,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`9329114F1484060576C65D177034BF7863D8E1680C799B7D8D8A902D02D2177C`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`BE66A314B64965EF75BCB16C512F21FE31F3C29FEC63219CD386DA69B7B35B7D6C0C2C33895B1CB9FF2D4538FD110A14B820551C8F1DE61BCF65183FC8D558B7A0220B18538F9B2EA29DE8F4E5938C896590013B85EC9C380E6A91503D0A7DF358F07D2B639FB8632E0F494936277308E4D3E0D18A997978A9444871C0392700AAE73F19962D532497AD601F486D28B8CE30CD0732B0967B37C6F3D7D6D01F9EB1FA566178595FA469676057B03AC6C3EBA88BEF8E0DD097206646E1EBA78CD71DA12EDD1C382C8C40421EE93C938F31A3A72B706C3CF14908CAB9D5EADCA33A2F36B1FF68F7C75473A45978B5ACC1A07E2C3AF65116BB68FC988FAA4BC10DAF`), Q: internal.HI(`BBB0A8CE033A1D66D455604BE393DB6D6081CFE51390EE8F3D25E1257EA2CA2F`), G: internal.HI(`2646B14B1ACD5620F1723BAFF35D9D41CE18D8AF87416A932312187212F7326D81A15B5ADD512C4584E936B77A880AE8503400A5565C178A1A5B70CDCB4A208B6DA3E4A01E6E5E15CCE7F26E437578EDA05CF57E88B3C5F97F200D0687EA03E0EF8A0DE29E230D2603F2842B0A996D644A5EE90BB77A18C4B0E3EA355699919762FB047C7DEE1CCBD53F527D261C4A666F26298AA9EC30E476D8001A1673E3C8F17224B677517F770C2CC0F514CF1269EA96DCBABA2F7ECEDC1F3A557EBE852AE06DC1C04D33C771B61A1040FC0E19E743E10308CD87CC936FE72D3F536E49AA883D62292380D6BB81BD18E219E5FDCAB083F33711A97EE005D9187416159756`), @@ -111,7 +111,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`4DB3AB15FC71B5D476EE6D776137D23C1AE47CEB5959D111E5AEE02FDCE8DD70`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`9A7796FD58BE26B9223DA3F2DE5B53EB54DA5DD6C5A8651FD7573120950B121FE383942A6AA26271AF403D1592B4C3456130BEEFD696FB6FD1A0AA98A05979823617F58E128223FC1B35E283413FC727069864428B8478F22F51B9E0E7AE5C6DD9A700CA82EFBEF243469AD5A8C4666C2DC7D5F19FA12E6155B3265878441B3EAAD9DF44168EDB6E57E14954A280ADE37F4F1E14992243B02D5A1AA5EDAACDDBFAB13FB14EF0D14E7007F1BE951A9B025A74550D1F1117F2F39927A3BC836B688BAC6612EE94A95C2710CE2F22E2B9C15AB335676E9C213C54A4D18F801274B2B4DB2B8EF5A4E1D324FA8916755B143100C62995C7228D86195CCD3D6EA84ABF`), Q: internal.HI(`9315C34E52AD8D10AFFA9800FDC92C7418FCBB09524CBA279670DD4CBC4B4B8D`), G: internal.HI(`50B6765AA2A5FBF123BF1DE6DDB167C4DA7D67260A97F9F1C55454CEEFAD08B6F8A52F96AB8B7BC297E33516E7BFB29CDFC1A833F31F42C84C0C026CA452C73192053DFA051CEFFD41A0EE730E0D76E8CB378C58B8A543BCE484913E99CACA2D78C256C18893F157FE3FDCDB3F945FA6736B024765BD4E6DCE99150F73EAA4CEA379AD9992B61519A5D4AE9BC803143AA7FD0BEB49E08371B2CBE472C2503D218526EE780733A1074801731BF1455D26AD7541E38EBD340907DC22C111DB8F23AF76AD1C4136561693498AFBB3AA02E36F9DA04F39FCEEE6943D084C4287692D5197FA05690EA2CEEB8681CDE3901CAC9FF89CCE52BB1801B9D8C890974DD516`), @@ -125,7 +125,7 @@ var testCase_2048_256_SHA256 = []testCase{ //////////////////////////////////////////////////////////////////////////////////////////////////// // KCDSA_(2048)(256)(SHA-256)_SVT.txt { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -136,7 +136,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`147DA0DD0D162E933FEDC4E784B7AC2C82BF9ECB2D9C313FED7E1AF128243C9D`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -147,7 +147,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`8E5D1F7058740C2A72E5F3CCB4FE0356CE50BCB4156EE20A0E058B97F60FB647`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -159,7 +159,7 @@ var testCase_2048_256_SHA256 = []testCase{ Fail: true, }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -170,7 +170,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`56357EFFB650482FCC325EC25E1D6C9530D462B6DC4EB72208E75FA05B8D621E`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -181,7 +181,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`B45DD1BCE9497F380F72DD2681FE5093962051759ED580447A1CB2F95D45EFAD`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -193,7 +193,7 @@ var testCase_2048_256_SHA256 = []testCase{ Fail: true, }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -205,7 +205,7 @@ var testCase_2048_256_SHA256 = []testCase{ Fail: true, }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -216,7 +216,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`0CFE7D848F3B3F965F1CEC66687C8C7FE9D5E57360FA23A01C0260F1457E2A3E`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -228,7 +228,7 @@ var testCase_2048_256_SHA256 = []testCase{ Fail: true, }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -239,7 +239,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`5B2A28435BEFCC970408E04F3B45A90DFB36C74ABAA1C4ADB07B69A5770508C6`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -250,7 +250,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`A5D543E45F91B7EA82FF66B6E02421380AF53A6DB8D4844AA703F40B45AF18A7`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -262,7 +262,7 @@ var testCase_2048_256_SHA256 = []testCase{ Fail: true, }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -273,7 +273,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`88FC577C385CFBD21CB5B5C21BCC906435E6811A0EC382AE51931086FD4D0F05`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), @@ -284,7 +284,7 @@ var testCase_2048_256_SHA256 = []testCase{ S: internal.HI(`4A32186E6505654EECB0E26AA1A9C412F9FF341A7926C004EBF443D9ECBE934B`), }, { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, P: internal.HI(`D837AD8CB841C9B7632FA91C157BA723ADCDFDFC97ED24EDA2FEFC7CB50A84A885628D851BDC2225ADF6CB179CFCBC3E28CEEE4531C1FEFCD06E4908AB7429298492C74D6FE3B7BFD56206487A4C4F2497B1175C30F7C5F3EC333F4D1CF07E1AE09DE590321035025562708060DEBCAA543CFC8E3937643F156C448EBB7CC710B5C5DE216752DCFAEC0B5C342FA42A8B6BE0E10E3FB49D758A76F2CACA6A19F9B506BC6BD7C7C92C5AFB37A3F917C33AD5928F991DE4C8BF88783F1507A80495984019E9ABE3FE255C6BFF7EC895740BE187E3CB06BDF29BE3B41141D6A2BF7638F17D049E185C852FBBE358913CBFB2EDDF2E91F069B2D5C4908A390A3A5B5B`), Q: internal.HI(`C2FBF4F74B4217A5A6BDEC4B4485D5D1F31976BCBE726BB2C276800D083BD341`), G: internal.HI(`90AE2720DA48AB2B9C30EC6D05C3EBDA7B044AA3FBD5BB1C750C246CF54125F49EBF4A45B3A50493F76C9A94DC7F8BCCBC37B003AD914B5F5BB51428937FC116EDFAE6641641F54E96F8DE0027CA580821C5612F938D8A8A99D2E8D9C8F5B2263C4076D9E0E664D751F49E0F3FBEF889029C0448E1DD1F1A99FCC4051594F385EFAC480AD66DDB920C3069F81F24F1191F0E256DC9A3095ACA55081A1CA1F9B3D6654B83CFCDEFE83AE16D9E5562900F933F4258B1D48EFE5E7CA77A0550003B86D9023C641F9A80B97CD34C8F9CF3C2A350A27A74E7F438166C5DCB1C184E005C03E97EBD2494A1F849CD2A2B05AE9D3B793285E9B56AAB7FB305FBD1F6F09A`), diff --git a/kcdsa/internal/testcases_ttak_test.go b/kcdsa/testcases_ttak_test.go similarity index 98% rename from kcdsa/internal/testcases_ttak_test.go rename to kcdsa/testcases_ttak_test.go index 69dfbac..73956f5 100644 --- a/kcdsa/internal/testcases_ttak_test.go +++ b/kcdsa/testcases_ttak_test.go @@ -1,4 +1,4 @@ -package internal +package kcdsa import ( "testing" @@ -12,9 +12,20 @@ func Test_Verify_TestVectors(t *testing.T) { func Test_Sign_Verify_TestVectors(t *testing.T) { for idx, tc := range testCase_TestVector { K := tc.KKEY - domain, _ := GetDomain(int(tc.Sizes)) - R, S, err := Sign(tc.P, tc.Q, tc.G, tc.Y, tc.X, K, domain.NewHash(), tc.M) + priv := PrivateKey{ + PublicKey: PublicKey{ + Parameters: Parameters{ + P: tc.P, + Q: tc.Q, + G: tc.G, + }, + Y: tc.Y, + }, + X: tc.X, + } + + R, S, err := sign(&priv, K, tc.Sizes.Hash(), tc.M) if err != nil { t.Errorf("%d: error signing: %s", idx, err) return @@ -25,7 +36,7 @@ func Test_Sign_Verify_TestVectors(t *testing.T) { return } - ok := Verify(tc.P, tc.Q, tc.G, tc.Y, domain.NewHash(), tc.M, tc.R, tc.S) + ok := Verify(&priv.PublicKey, tc.Sizes.Hash(), tc.M, tc.R, tc.S) if ok == tc.Fail { t.Errorf("%d: Verify failed, got:%v want:%v", idx, ok, !tc.Fail) return @@ -52,7 +63,7 @@ var ( // p.30 // Ⅱ.1 소수 p, q의 길이 (α, β) = (2048, 224), SHA-224 적용 예 { - Sizes: _L2048N224SHA224, + Sizes: L2048N224SHA224, M: M, Seed_: internal.HB(`c0 52 a2 76 41 00 f0 f4 ec 90 6b 9c 5c 6b 10 6e 34 70 df c1 36 9f @@ -115,7 +126,7 @@ var ( // p.36 // Ⅱ.2 소수 p, q의 길이 (α, β) = (2048, 224), SHA-256 적용 예 { - Sizes: _L2048N224SHA256, + Sizes: L2048N224SHA256, M: M, Seed_: internal.HB(`e1 75 ca d0 ea cb 74 dd b4 5f 15 f1 f2 57 22 bf 15 56 ef 86 0a 0f e0 @@ -178,7 +189,7 @@ var ( // p.42 // Ⅱ.3 소수 p, q의 길이 (α, β) = (2048, 256), SHA-256 적용 예 { - Sizes: _L2048N256SHA256, + Sizes: L2048N256SHA256, M: M, Seed_: internal.HB(`f7 5a bd a0 03 2c e2 18 ce 04 ba f0 a6 dc 92 c8 7e b4 6a a0 56 8c 42 @@ -240,7 +251,7 @@ var ( // p.48 // Ⅱ.4 소수 p, q의 길이 (α, β) = (3072, 256), SHA-256 적용 예 { - Sizes: _L3072N256SHA256, + Sizes: L3072N256SHA256, M: M, Seed_: internal.HB(`b8 56 20 16 38 55 a7 c0 05 76 13 dc d1 f2 ae 61 80 c4 34 d0 98 90 ea diff --git a/kcdsa/ttak.go b/kcdsa/ttak.go new file mode 100644 index 0000000..4fd6a17 --- /dev/null +++ b/kcdsa/ttak.go @@ -0,0 +1,334 @@ +package kcdsa + +import ( + "crypto/rand" + "encoding/binary" + "errors" + "hash" + "io" + "math/big" + + "github.com/RyuaNerin/go-krypto/internal" +) + +var ( + ErrTTAKParametersNotSetUp = errors.New("krypto/kcdsa: ttakparameters not set up before generating key") + + two = big.NewInt(2) + three = big.NewInt(3) +) + +// Generate the paramters +// using the prime number generator defined in TTAK.KO12.0001/R4 +func GenerateParametersTTAK(params *Parameters, rand io.Reader, sizes ParameterSizes) (err error) { + domain, ok := sizes.domain() + if !ok { + return ErrInvalidParameterSizes + } + + h := domain.NewHash() + + // p. 13 + var seed []byte + var ubuf []byte + for { + seed, err = internal.ReadBits(seed, rand, domain.B) + if err != nil { + return err + } + + // 2 ~ 4 + J, ubuf2, ok := generateJ(seed, ubuf, h, domain) + if !ok { + ubuf = ubuf2 + continue + } + /** + J, ubuf2, ok, err := generateJAlt(rand, seed, ubuf[:0], domain) + if err != nil { + return err + } + if !ok { + ubuf = ubuf2 + continue + } + */ + + // 5 ~ 12 + P, Q, count, ok := generatePQ(J, seed, h, domain) + if !ok { + continue + } + + _, G, err := generateHG(rand, P, J) + if err != nil { + return err + } + + params.TTAKParams = TTAKParameters{ + J: J, + Seed: seed, + Count: count, + } + + params.P = P + params.Q = Q + params.G = G + + return nil + } +} + +// TTAKParameters -> P, Q, G(randomly) +func RegenerateParametersTTAK(params *Parameters, rand io.Reader, sizes ParameterSizes) error { + domain, ok := sizes.domain() + if !ok { + return ErrInvalidParameterSizes + } + + if params.TTAKParams.Count == 0 || params.TTAKParams.J == nil || params.TTAKParams.Seed == nil || params.TTAKParams.J.Sign() <= 0 { + return ErrInvalidTTAKParameters + } + if params.TTAKParams.J.Sign() <= 0 { + return ErrInvalidTTAKParameters + } + + if len(params.TTAKParams.Seed) != internal.Bytes(domain.B) { + return ErrInvalidTTAKParameters + } + + q := new(big.Int) + p := new(big.Int) + + seedCount := make([]byte, len(params.TTAKParams.Seed)+4) + copy(seedCount, params.TTAKParams.Seed) + binary.BigEndian.PutUint32(seedCount[len(params.TTAKParams.Seed):], uint32(params.TTAKParams.Count)) + + uBuf := make([]byte, internal.Bytes(domain.B)) + + // 8: Seed에 Count를 연접한 것을 일방향 함수 PPGF의 입력으로 하여 비트 길이가 + // β인 난수 U를 생성한다. (U ← PPGF(Seed ‖ Count, β)) + U := ppgf(uBuf[:0], seedCount, domain.B, domain.NewHash()) + + // 9: U의 최상위 및 최하위 비트를 1로 만들어 이를 q로 둔다. + // (q ← 2^(β-1) ∨ U ∨ 1) + U[0] |= 0b1000_0000 + U[len(U)-1] |= 1 + q.SetBytes(U) + + // 10: p ← (2Jq + 1)의 비트 길이가 α보다 길면 단계 6으로 간다. + p.Add(p.Lsh(p.Mul(params.TTAKParams.J, q), 1), one) + if p.BitLen() > domain.A { + return ErrInvalidTTAKParameters + } + + // 11: 강한 소수 판정 알고리즘으로 q를 판정하여 소수가 아니면 단계 6으로 간다. + if !q.ProbablyPrime(internal.NumMRTests) { + return ErrInvalidTTAKParameters + } + + // 12: 강한 소수 판정 알고리즘으로 p를 판정하여 소수가 아니면 단계 6으로 간다 + if !p.ProbablyPrime(internal.NumMRTests) { + return ErrInvalidTTAKParameters + } + + _, g, err := generateHG(rand, p, params.TTAKParams.J) + if err != nil { + return err + } + + params.P = p + params.Q = q + params.G = g + return nil +} + +func ppgf(buf []byte, seed []byte, nBits int, h hash.Hash) []byte { + // p.12 + // from java + i := internal.Bytes(nBits) + iBuf := make([]byte, 1) + + if i < len(buf) { + buf = buf[:i] + } else if len(buf) < i { + if i <= cap(buf) { + buf = buf[:i] + } else { + buf = make([]byte, i) + } + } + + LH := h.Size() + + hbuf := make([]byte, 0, LH) + count := 0 + + for { + iBuf[0] = byte(count) + + h.Reset() + h.Write(seed) + h.Write(iBuf) + hbuf = h.Sum(hbuf[:0]) + + if i >= LH { + i -= LH + copy(buf[i:], hbuf) + if i == 0 { + break + } + } else { + copy(buf, hbuf[len(hbuf)-i:]) + break + } + + count++ + } + + return internal.TruncateLeft(buf, nBits) +} + +// performance issue of ppgf... +func generateJAlt(rand io.Reader, seed []byte, ubuf []byte, d domain) (J *big.Int, UBytes []byte, ok bool, err error) { + UBytes, err = internal.ReadBits(ubuf[:0], rand, d.A-d.B-4) + if err != nil { + return + } + + U := new(big.Int).SetBytes(UBytes) + + // 3: U의 상위에 4 비트 '1000'을 붙이고 최하위 비트는 1로 만들어 이를 J로 둔다. + // (J ← 2^(α-β-1) ∨ U ∨ 1) + //fmt.Println("--------------------------------------------------") + //fmt.Println("J ← 2^(α-β-1) ∨ U ∨ 1") + J = big.NewInt(0b1) + J.Lsh(J, uint(d.A-d.B-1)) + J.Or(J, U) + J.Or(J, one) + //fmt.Println("J = 0x" + hex.EncodeToString(J.Bytes())) + + // 4: 강한 소수 판정 알고리즘으로 J를 판정하여 소수가 아니면 단계 1로 간다. + if !J.ProbablyPrime(internal.NumMRTests) { + return + } + + ok = true + return +} + +func generateJ(seed, UBytes []byte, h hash.Hash, d domain) (J *big.Int, UBytes2 []byte, ok bool) { + // 2: Seed를 일방향 함수 PPGF의 입력으로 하여 비트 길이가 n = (α - β - 4)인 난수 U를 생성한다. + // (U ← PPGF(Seed, n)) + //fmt.Println("--------------------------------------------------") + //fmt.Println("U ← PPGF(Seed, n)") + U := new(big.Int).SetBytes(ppgf(UBytes[:0], seed, d.A-d.B-4, h)) + //fmt.Println(U.BitLen()) + //fmt.Println("U = 0x" + hex.EncodeToString(U.Bytes())) + + // 3: U의 상위에 4 비트 '1000'을 붙이고 최하위 비트는 1로 만들어 이를 J로 둔다. + // (J ← 2^(α-β-1) ∨ U ∨ 1) + //fmt.Println("--------------------------------------------------") + //fmt.Println("J ← 2^(α-β-1) ∨ U ∨ 1") + J = big.NewInt(0b1) + J.Lsh(J, uint(d.A-d.B-1)) + J.Or(J, U) + J.Or(J, one) + //fmt.Println("J = 0x" + hex.EncodeToString(J.Bytes())) + + // 4: 강한 소수 판정 알고리즘으로 J를 판정하여 소수가 아니면 단계 1로 간다. + if !J.ProbablyPrime(internal.NumMRTests) { + return + } + + ok = true + return +} + +func generatePQ(J *big.Int, seed []byte, h hash.Hash, d domain) (p, q *big.Int, count int, ok bool) { + // 5: Count를 0으로 둔다. (Count ← 0) + count = 0 + + seedCount := make([]byte, len(seed)+4) + copy(seedCount, seed) + + q = new(big.Int) + p = new(big.Int) + + uBuf := make([]byte, internal.Bytes(d.B)) + + // 7: Count > 2^24이면 단계 1로 간다. + for count <= (1 << 24) { + // 6: Count를 1 증가시킨다. (Count ← (Count + 1)) + count += 1 + binary.BigEndian.PutUint32(seedCount[len(seedCount)-4:], uint32(count)) + + // 8: Seed에 Count를 연접한 것을 일방향 함수 PPGF의 입력으로 하여 비트 길이가 + // β인 난수 U를 생성한다. (U ← PPGF(Seed ‖ Count, β)) + U := ppgf(uBuf[:0], seedCount, d.B, h) + + // 9: U의 최상위 및 최하위 비트를 1로 만들어 이를 q로 둔다. + // (q ← 2^(β-1) ∨ U ∨ 1) + U[0] |= 0b1000_0000 + U[len(U)-1] |= 1 + q.SetBytes(U) + + // 10: p ← (2Jq + 1)의 비트 길이가 α보다 길면 단계 6으로 간다. + p.Add(p.Lsh(p.Mul(J, q), 1), one) + if p.BitLen() > d.A { + continue + } + + // 11: 강한 소수 판정 알고리즘으로 q를 판정하여 소수가 아니면 단계 6으로 간다. + if !q.ProbablyPrime(internal.NumMRTests) { + continue + } + + // 12: 강한 소수 판정 알고리즘으로 p를 판정하여 소수가 아니면 단계 6으로 간다 + if !p.ProbablyPrime(internal.NumMRTests) { + continue + } + + ok = true + return + } + + return +} + +func generateHG(randReader io.Reader, P, J *big.Int) (H *big.Int, G *big.Int, err error) { + pSub3 := new(big.Int).Sub(P, three) + + for { + // 1: p보다 작은 임의의 수 h를 생성한다. + // 1 < h < (p - 1) + // -1 < h < p - 3 + // is same with 0 <= h < p-3 + // than, h + 2 + H, err = rand.Int(randReader, pSub3) + if err != nil { + return + } + H.Add(H, two) + + G, ok := generateG(P, J, H) + if !ok { + continue + } + + return H, G, nil + } +} +func generateG(P, J *big.Int, H *big.Int) (G *big.Int, ok bool) { + // 2: g ← h^(2J) mod p를 계산한다. + g := new(big.Int).Set(J) + g.Lsh(g, 1) + g.Exp(H, g, P) + + // 3: g = 1이면 단계 1로 간다. + if g.Cmp(one) == 0 { + return nil, false + } + + return g, true +} diff --git a/kcdsa/ttak_bench_test.go b/kcdsa/ttak_bench_test.go new file mode 100644 index 0000000..9b8c053 --- /dev/null +++ b/kcdsa/ttak_bench_test.go @@ -0,0 +1,80 @@ +package kcdsa + +import ( + "crypto/rand" + "io" + "testing" + + . "github.com/RyuaNerin/testingutil" +) + +func Benchmark_GenerateParametersTTAK(b *testing.B) { + BA(b, as, func(b *testing.B, sz int) { + var params Parameters + b.ReportAllocs() + b.ResetTimer() + for i := 0; i < b.N; i++ { + if err := GenerateParametersTTAK(¶ms, rnd, ParameterSizes(sz)); err != nil { + b.Error(err) + return + } + } + }, false) +} + +func Benchmark_RegenerateParametersTTAK(b *testing.B) { + BA(b, as, func(b *testing.B, sz int) { + var params Parameters + if err := GenerateParametersTTAK(¶ms, rnd, ParameterSizes(sz)); err != nil { + b.Error(err) + return + } + + b.ReportAllocs() + b.ResetTimer() + for i := 0; i < b.N; i++ { + if err := RegenerateParametersTTAK(¶ms, rnd, ParameterSizes(sz)); err != nil { + b.Error(err) + return + } + } + }, false) +} + +const testBits = 4096 + +func Benchmark_ppgf(b *testing.B) { + BA(b, as, func(b *testing.B, sz int) { + buf := make([]byte, testBits/8) + seed := make([]byte, testBits/8) + if _, err := io.ReadFull(rnd, seed); err != nil { + b.Error(err) + return + } + + d, _ := ParameterSizes(sz).domain() + h := d.NewHash() + + b.ReportAllocs() + b.ResetTimer() + b.SetBytes(testBits) + for i := 0; i < b.N; i++ { + buf = ppgf(buf, seed, testBits, h) + copy(seed, buf) + } + }, false) +} + +func Benchmark_ppgf_readfull(b *testing.B) { + buf := make([]byte, testBits/8) + + b.ReportAllocs() + b.ResetTimer() + b.SetBytes(testBits) + for i := 0; i < b.N; i++ { + if _, err := io.ReadFull(rand.Reader, buf); err != nil { + b.Error(err) + return + } + } +} diff --git a/kcdsa/ttak_test.go b/kcdsa/ttak_test.go new file mode 100644 index 0000000..f85952a --- /dev/null +++ b/kcdsa/ttak_test.go @@ -0,0 +1,108 @@ +package kcdsa + +import ( + "crypto/rand" + "math/big" + "testing" +) + +func Test_TTAK_GenerateJ(t *testing.T) { + if testing.Short() { + t.Skip("skipping ttak parameter generation test in short mode") + return + } + + for _, tc := range testCase_TestVector { + d, _ := tc.Sizes.domain() + J, _, ok := generateJ(tc.Seed_, nil, d.NewHash(), d) + if !ok { + t.Fail() + return + } + if J.Cmp(tc.J) != 0 { + t.Errorf("GenerateTTAKJ failed") + return + } + } +} + +func Test_TTAK_GeneratePQ(t *testing.T) { + if testing.Short() { + t.Skip("skipping ttak parameter generation test in short mode") + return + } + + for _, tc := range testCase_TestVector { + d, _ := tc.Sizes.domain() + P, Q, count, ok := generatePQ(tc.J, tc.Seed_, d.NewHash(), d) + if !ok { + t.Fail() + return + } + if P.Cmp(tc.P) != 0 || Q.Cmp(tc.Q) != 0 || count != tc.Count { + t.Errorf("GenerateTTAKPQ failed") + return + } + } +} + +func Test_TTAK_GenerateHG(t *testing.T) { + if testing.Short() { + t.Skip("skipping ttak parameter generation test in short mode") + return + } + + for _, tc := range testCase_TestVector { + _, _, err := generateHG(rand.Reader, tc.P, tc.J) + if err != nil { + t.Error(err) + return + } + } +} + +func Test_TTAK_GenerateG(t *testing.T) { + if testing.Short() { + t.Skip("skipping ttak parameter generation test in short mode") + return + } + + for _, tc := range testCase_TestVector { + G, ok := generateG(tc.P, tc.J, new(big.Int).SetBytes(tc.H)) + if !ok { + t.Fail() + return + } + if G.Cmp(tc.G) != 0 { + t.Errorf("GenerateTTAKG failed") + return + } + } +} + +func Test_RegenerateParametersTTAK(t *testing.T) { + if testing.Short() { + t.Skip("skipping ttak parameter generation test in short mode") + return + } + + for _, tc := range testCase_TestVector { + params := Parameters{ + TTAKParams: TTAKParameters{ + J: tc.J, + Seed: tc.Seed_, + Count: tc.Count, + }, + } + err := RegenerateParametersTTAK(¶ms, rnd, tc.Sizes) + if err != nil { + t.Error(err) + return + } + + if params.P.Cmp(tc.P) != 0 || params.Q.Cmp(tc.Q) != 0 { + t.Errorf("GenerateTTAKG failed") + return + } + } +}