7 #include "knuth-lfib.h"
14 /* -1 means invalid */
15 static const signed char hex_digits[0x100] =
17 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
18 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
19 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
20 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,-1,-1,-1,-1,-1,-1,
21 -1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1,
22 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
23 -1,10,11,12,13,14,15,-1,-1,-1,-1,-1,-1,-1,-1,-1,
24 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
25 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
26 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
27 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
28 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
29 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
30 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
31 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,
32 -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1
38 void *p = malloc(size);
41 fprintf(stderr, "Virtual memory exhausted.\n");
49 decode_hex_length(const char *h)
51 const unsigned char *hex = (const unsigned char *) h;
55 for (count = i = 0; hex[i]; i++)
59 if (hex_digits[hex[i]] < 0)
70 decode_hex(uint8_t *dst, const char *h)
72 const unsigned char *hex = (const unsigned char *) h;
79 while (*hex && isspace(*hex))
85 high = hex_digits[*hex++];
89 while (*hex && isspace(*hex))
95 low = hex_digits[*hex++];
99 dst[i++] = (high << 4) | low;
104 decode_hex_dup(const char *hex)
107 unsigned length = decode_hex_length(hex);
111 if (decode_hex(p, hex))
121 print_hex(unsigned length, const uint8_t *data)
125 for (i = 0; i < length; i++)
138 printf("%02x", data[i]);
146 main(int argc, char **argv)
150 if (argc == 2 && !strcmp(argv[1], "-v"))
154 fprintf(stderr, "Invalid argument `%s', only accepted option is `-v'.\n",
164 test_cipher(const struct nettle_cipher *cipher,
168 const uint8_t *cleartext,
169 const uint8_t *ciphertext)
171 void *ctx = xalloc(cipher->context_size);
172 uint8_t *data = xalloc(length);
174 cipher->set_encrypt_key(ctx, key_length, key);
175 cipher->encrypt(ctx, length, data, cleartext);
177 if (!MEMEQ(length, data, ciphertext))
179 fprintf(stderr, "Encrypt failed:\nInput:");
180 print_hex(length, cleartext);
181 fprintf(stderr, "\nOutput: ");
182 print_hex(length, data);
183 fprintf(stderr, "\nExpected:");
184 print_hex(length, ciphertext);
185 fprintf(stderr, "\n");
188 cipher->set_decrypt_key(ctx, key_length, key);
189 cipher->decrypt(ctx, length, data, data);
191 if (!MEMEQ(length, data, cleartext))
193 fprintf(stderr, "Decrypt failed:\nInput:");
194 print_hex(length, ciphertext);
195 fprintf(stderr, "\nOutput: ");
196 print_hex(length, data);
197 fprintf(stderr, "\nExpected:");
198 print_hex(length, cleartext);
199 fprintf(stderr, "\n");
208 test_cipher_cbc(const struct nettle_cipher *cipher,
212 const uint8_t *cleartext,
213 const uint8_t *ciphertext,
216 void *ctx = xalloc(cipher->context_size);
217 uint8_t *data = xalloc(length);
218 uint8_t *iv = xalloc(cipher->block_size);
220 cipher->set_encrypt_key(ctx, key_length, key);
221 memcpy(iv, iiv, cipher->block_size);
223 cbc_encrypt(ctx, cipher->encrypt,
224 cipher->block_size, iv,
225 length, data, cleartext);
227 if (!MEMEQ(length, data, ciphertext))
230 cipher->set_decrypt_key(ctx, key_length, key);
231 memcpy(iv, iiv, cipher->block_size);
233 cbc_decrypt(ctx, cipher->decrypt,
234 cipher->block_size, iv,
237 if (!MEMEQ(length, data, cleartext))
246 test_cipher_ctr(const struct nettle_cipher *cipher,
250 const uint8_t *cleartext,
251 const uint8_t *ciphertext,
254 void *ctx = xalloc(cipher->context_size);
255 uint8_t *data = xalloc(length);
256 uint8_t *ctr = xalloc(cipher->block_size);
258 cipher->set_encrypt_key(ctx, key_length, key);
259 memcpy(ctr, ictr, cipher->block_size);
261 ctr_crypt(ctx, cipher->encrypt,
262 cipher->block_size, ctr,
263 length, data, cleartext);
265 if (!MEMEQ(length, data, ciphertext))
268 memcpy(ctr, ictr, cipher->block_size);
270 ctr_crypt(ctx, cipher->encrypt,
271 cipher->block_size, ctr,
274 if (!MEMEQ(length, data, cleartext))
283 test_cipher_stream(const struct nettle_cipher *cipher,
287 const uint8_t *cleartext,
288 const uint8_t *ciphertext)
292 void *ctx = xalloc(cipher->context_size);
293 uint8_t *data = xalloc(length + 1);
295 for (block = 1; block <= length; block++)
299 memset(data, 0x17, length + 1);
300 cipher->set_encrypt_key(ctx, key_length, key);
302 for (i = 0; i + block < length; i += block)
304 cipher->encrypt(ctx, block, data + i, cleartext + i);
305 if (data[i + block] != 0x17)
308 cipher->encrypt(ctx, length - i, data + i, cleartext + i);
309 if (data[length] != 0x17)
312 if (!MEMEQ(length, data, ciphertext))
316 cipher->set_decrypt_key(ctx, key_length, key);
317 cipher->decrypt(ctx, length, data, data);
319 if (data[length] != 0x17)
322 if (!MEMEQ(length, data, cleartext))
330 test_hash(const struct nettle_hash *hash,
333 const uint8_t *digest)
335 void *ctx = xalloc(hash->context_size);
336 uint8_t *buffer = xalloc(hash->digest_size);
339 hash->update(ctx, length, data);
340 hash->digest(ctx, hash->digest_size, buffer);
342 if (!MEMEQ(hash->digest_size, digest, buffer))
345 memset(buffer, 0, hash->digest_size);
348 hash->update(ctx, length, data);
349 hash->digest(ctx, hash->digest_size - 1, buffer);
351 if (!MEMEQ(hash->digest_size - 1, digest, buffer))
354 if (buffer[hash->digest_size - 1])
362 test_hash_large(const struct nettle_hash *hash,
363 unsigned count, unsigned length,
365 const uint8_t *digest)
367 void *ctx = xalloc(hash->context_size);
368 uint8_t *buffer = xalloc(hash->digest_size);
369 uint8_t *data = xalloc(length);
372 memset(data, c, length);
375 for (i = 0; i < count; i++)
376 hash->update(ctx, length, data);
377 hash->digest(ctx, hash->digest_size, buffer);
379 print_hex(hash->digest_size, buffer);
381 if (!MEMEQ(hash->digest_size, digest, buffer))
390 test_mac(const struct nettle_mac *mac,
391 unsigned key_length, const uint8_t *key,
392 unsigned msg_length, const uint8_t *msg,
393 const uint8_t *digest)
395 void *ctx = xalloc(mac->context_size);
396 uint8_t *buffer = xalloc(mac->digest_size);
398 mac->set_key(ctx, key_length, key);
399 mac->update(ctx, msg_length, msg);
400 mac->digest(ctx, mac->digest_size, buffer);
401 ASSERT(MEMEQ(mac->digest_size, digest, buffer));
408 test_armor(const struct nettle_armor *armor,
409 unsigned data_length,
411 const uint8_t *ascii)
413 unsigned ascii_length = strlen(ascii);
414 uint8_t *buffer = xalloc(1 + ascii_length);
415 uint8_t *check = xalloc(1 + armor->decode_length(ascii_length));
416 void *encode = xalloc(armor->encode_context_size);
417 void *decode = xalloc(armor->decode_context_size);
421 <= (armor->encode_length(data_length) + armor->encode_final_length));
422 ASSERT(data_length <= armor->decode_length(ascii_length));
424 memset(buffer, 0x33, 1 + ascii_length);
425 memset(check, 0x55, 1 + data_length);
427 armor->encode_init(encode);
429 done = armor->encode_update(encode, buffer, data_length, data);
430 done += armor->encode_final(encode, buffer + done);
431 ASSERT(done == ascii_length);
433 if (!MEMEQ(ascii_length, buffer, ascii))
436 if (0x33 != buffer[strlen(ascii)])
439 armor->decode_init(decode);
440 done = armor->decode_length(ascii_length);
442 ASSERT(armor->decode_update(decode, &done, check, ascii_length, buffer));
443 ASSERT(done == data_length);
444 ASSERT(armor->decode_final(decode));
446 if (!MEMEQ(data_length, check, data))
449 if (0x55 != check[data_length])
459 /* Missing in current gmp */
461 mpz_togglebit (mpz_t x, unsigned long int bit)
463 if (mpz_tstbit(x, bit))
468 #endif /* HAVE_LIBGMP */
471 #define SIGN(key, hash, msg, signature) do { \
472 hash##_update(&hash, LDATA(msg)); \
473 ASSERT(rsa_##hash##_sign(key, &hash, signature)); \
476 #define VERIFY(key, hash, msg, signature) ( \
477 hash##_update(&hash, LDATA(msg)), \
478 rsa_##hash##_verify(key, &hash, signature) \
482 test_rsa_set_key_1(struct rsa_public_key *pub,
483 struct rsa_private_key *key)
485 /* Initialize key pair for test programs */
486 /* 1000-bit key, generated by
488 * lsh-keygen -a rsa -l 1000 -f advanced-hex
490 * (private-key (rsa-pkcs1
491 * (n #69abd505285af665 36ddc7c8f027e6f0 ed435d6748b16088
492 * 4fd60842b3a8d7fb bd8a3c98f0cc50ae 4f6a9f7dd73122cc
493 * ec8afa3f77134406 f53721973115fc2d 8cfbba23b145f28d
494 * 84f81d3b6ae8ce1e 2850580c026e809b cfbb52566ea3a3b3
495 * df7edf52971872a7 e35c1451b8636d22 279a8fb299368238
498 * (d #3240a56f4cd0dcc2 4a413eb4ea545259 5c83d771a1c2ba7b
499 * ec47c5b43eb4b374 09bd2aa1e236dd86 481eb1768811412f
500 * f8d91be3545912af b55c014cb55ceac6 54216af3b85d5c4f
501 * 4a32894e3b5dfcde 5b2875aa4dc8d9a8 6afd0ca92ef50d35
502 * bd09f1c47efb4c8d c631e07698d362aa 4a83fd304e66d6c5
504 * (p #0a66399919be4b4d e5a78c5ea5c85bf9 aba8c013cb4a8732
505 * 14557a12bd67711e bb4073fd39ad9a86 f4e80253ad809e5b
506 * f2fad3bc37f6f013 273c9552c9f489#)
507 * (q #0a294f069f118625 f5eae2538db9338c 776a298eae953329
508 * 9fd1eed4eba04e82 b2593bc98ba8db27 de034da7daaea795
509 * 2d55b07b5f9a5875 d1ca5f6dcab897#)
510 * (a #011b6c48eb592eee e85d1bb35cfb6e07 344ea0b5e5f03a28
511 * 5b405396cbc78c5c 868e961db160ba8d 4b984250930cf79a
512 * 1bf8a9f28963de53 128aa7d690eb87#)
513 * (b #0409ecf3d2557c88 214f1af5e1f17853 d8b2d63782fa5628
514 * 60cf579b0833b7ff 5c0529f2a97c6452 2fa1a8878a9635ab
515 * ce56debf431bdec2 70b308fa5bf387#)
516 * (c #04e103ee925cb5e6 6653949fa5e1a462 c9e65e1adcd60058
517 * e2df9607cee95fa8 daec7a389a7d9afc 8dd21fef9d83805a
518 * 40d46f49676a2f6b 2926f70c572c00#)))
522 "69abd505285af665" "36ddc7c8f027e6f0" "ed435d6748b16088"
523 "4fd60842b3a8d7fb" "bd8a3c98f0cc50ae" "4f6a9f7dd73122cc"
524 "ec8afa3f77134406" "f53721973115fc2d" "8cfbba23b145f28d"
525 "84f81d3b6ae8ce1e" "2850580c026e809b" "cfbb52566ea3a3b3"
526 "df7edf52971872a7" "e35c1451b8636d22" "279a8fb299368238"
528 mpz_set_str(pub->e, "0db2ad57", 16);
530 if (!rsa_public_key_prepare(pub))
536 "3240a56f4cd0dcc2" "4a413eb4ea545259" "5c83d771a1c2ba7b"
537 "ec47c5b43eb4b374" "09bd2aa1e236dd86" "481eb1768811412f"
538 "f8d91be3545912af" "b55c014cb55ceac6" "54216af3b85d5c4f"
539 "4a32894e3b5dfcde" "5b2875aa4dc8d9a8" "6afd0ca92ef50d35"
540 "bd09f1c47efb4c8d" "c631e07698d362aa" "4a83fd304e66d6c5"
545 "0a66399919be4b4d" "e5a78c5ea5c85bf9" "aba8c013cb4a8732"
546 "14557a12bd67711e" "bb4073fd39ad9a86" "f4e80253ad809e5b"
547 "f2fad3bc37f6f013" "273c9552c9f489", 16);
550 "0a294f069f118625" "f5eae2538db9338c" "776a298eae953329"
551 "9fd1eed4eba04e82" "b2593bc98ba8db27" "de034da7daaea795"
552 "2d55b07b5f9a5875" "d1ca5f6dcab897", 16);
555 "011b6c48eb592eee" "e85d1bb35cfb6e07" "344ea0b5e5f03a28"
556 "5b405396cbc78c5c" "868e961db160ba8d" "4b984250930cf79a"
557 "1bf8a9f28963de53" "128aa7d690eb87", 16);
560 "0409ecf3d2557c88" "214f1af5e1f17853" "d8b2d63782fa5628"
561 "60cf579b0833b7ff" "5c0529f2a97c6452" "2fa1a8878a9635ab"
562 "ce56debf431bdec2" "70b308fa5bf387", 16);
565 "04e103ee925cb5e6" "6653949fa5e1a462" "c9e65e1adcd60058"
566 "e2df9607cee95fa8" "daec7a389a7d9afc" "8dd21fef9d83805a"
567 "40d46f49676a2f6b" "2926f70c572c00", 16);
569 if (!rsa_private_key_prepare(key))
572 if (pub->size != key->size)
577 test_rsa_md5(struct rsa_public_key *pub,
578 struct rsa_private_key *key,
587 SIGN(key, md5, "The magic words are squeamish ossifrage", signature);
591 fprintf(stderr, "rsa-md5 signature: ");
592 mpz_out_str(stderr, 16, signature);
593 fprintf(stderr, "\n");
596 if (mpz_cmp(signature, expected))
601 "The magick words are squeamish ossifrage", signature))
604 /* Try correct data */
605 if (!VERIFY(pub, md5,
606 "The magic words are squeamish ossifrage", signature))
609 /* Try bad signature */
610 mpz_togglebit(signature, 17);
613 "The magic words are squeamish ossifrage", signature))
616 mpz_clear(signature);
620 test_rsa_sha1(struct rsa_public_key *pub,
621 struct rsa_private_key *key,
624 struct sha1_ctx sha1;
630 SIGN(key, sha1, "The magic words are squeamish ossifrage", signature);
634 fprintf(stderr, "rsa-sha1 signature: ");
635 mpz_out_str(stderr, 16, signature);
636 fprintf(stderr, "\n");
639 if (mpz_cmp(signature, expected))
643 if (VERIFY(pub, sha1,
644 "The magick words are squeamish ossifrage", signature))
647 /* Try correct data */
648 if (!VERIFY(pub, sha1,
649 "The magic words are squeamish ossifrage", signature))
652 /* Try bad signature */
653 mpz_togglebit(signature, 17);
655 if (VERIFY(pub, sha1,
656 "The magic words are squeamish ossifrage", signature))
659 mpz_clear(signature);
663 test_rsa_sha256(struct rsa_public_key *pub,
664 struct rsa_private_key *key,
667 struct sha256_ctx sha256;
670 sha256_init(&sha256);
673 SIGN(key, sha256, "The magic words are squeamish ossifrage", signature);
677 fprintf(stderr, "rsa-sha256 signature: ");
678 mpz_out_str(stderr, 16, signature);
679 fprintf(stderr, "\n");
682 if (mpz_cmp(signature, expected))
686 if (VERIFY(pub, sha256,
687 "The magick words are squeamish ossifrage", signature))
690 /* Try correct data */
691 if (!VERIFY(pub, sha256,
692 "The magic words are squeamish ossifrage", signature))
695 /* Try bad signature */
696 mpz_togglebit(signature, 17);
698 if (VERIFY(pub, sha256,
699 "The magic words are squeamish ossifrage", signature))
702 mpz_clear(signature);
706 test_rsa_sha512(struct rsa_public_key *pub,
707 struct rsa_private_key *key,
710 struct sha512_ctx sha512;
713 sha512_init(&sha512);
716 SIGN(key, sha512, "The magic words are squeamish ossifrage", signature);
720 fprintf(stderr, "rsa-sha512 signature: ");
721 mpz_out_str(stderr, 16, signature);
722 fprintf(stderr, "\n");
725 if (mpz_cmp(signature, expected))
729 if (VERIFY(pub, sha512,
730 "The magick words are squeamish ossifrage", signature))
733 /* Try correct data */
734 if (!VERIFY(pub, sha512,
735 "The magic words are squeamish ossifrage", signature))
738 /* Try bad signature */
739 mpz_togglebit(signature, 17);
741 if (VERIFY(pub, sha512,
742 "The magic words are squeamish ossifrage", signature))
745 mpz_clear(signature);
752 test_rsa_key(struct rsa_public_key *pub,
753 struct rsa_private_key *key)
758 mpz_init(tmp); mpz_init(phi);
762 /* FIXME: Use gmp_printf */
763 fprintf(stderr, "Public key: n=");
764 mpz_out_str(stderr, 16, pub->n);
765 fprintf(stderr, "\n e=");
766 mpz_out_str(stderr, 16, pub->e);
768 fprintf(stderr, "\n\nPrivate key: d=");
769 mpz_out_str(stderr, 16, key->d);
770 fprintf(stderr, "\n p=");
771 mpz_out_str(stderr, 16, key->p);
772 fprintf(stderr, "\n q=");
773 mpz_out_str(stderr, 16, key->q);
774 fprintf(stderr, "\n a=");
775 mpz_out_str(stderr, 16, key->a);
776 fprintf(stderr, "\n b=");
777 mpz_out_str(stderr, 16, key->b);
778 fprintf(stderr, "\n c=");
779 mpz_out_str(stderr, 16, key->c);
780 fprintf(stderr, "\n\n");
784 mpz_mul(tmp, key->p, key->q);
785 if (mpz_cmp(tmp, pub->n))
788 /* Check c q = 1 mod p */
789 mpz_mul(tmp, key->c, key->q);
790 mpz_fdiv_r(tmp, tmp, key->p);
791 if (mpz_cmp_ui(tmp, 1))
794 /* Check ed = 1 (mod phi) */
795 mpz_sub_ui(phi, key->p, 1);
796 mpz_sub_ui(tmp, key->q, 1);
798 mpz_mul(phi, phi, tmp);
800 mpz_mul(tmp, pub->e, key->d);
801 mpz_fdiv_r(tmp, tmp, phi);
802 if (mpz_cmp_ui(tmp, 1))
805 /* Check a e = 1 (mod (p-1) ) */
806 mpz_sub_ui(phi, key->p, 1);
807 mpz_mul(tmp, pub->e, key->a);
808 mpz_fdiv_r(tmp, tmp, phi);
809 if (mpz_cmp_ui(tmp, 1))
812 /* Check b e = 1 (mod (q-1) ) */
813 mpz_sub_ui(phi, key->q, 1);
814 mpz_mul(tmp, pub->e, key->b);
815 mpz_fdiv_r(tmp, tmp, phi);
816 if (mpz_cmp_ui(tmp, 1))
819 mpz_clear(tmp); mpz_clear(phi);
822 /* Requires that the context is named like the hash algorithm. */
823 #define DSA_VERIFY(key, hash, msg, signature) \
824 (hash##_update(&hash, LDATA(msg)), \
825 dsa_##hash##_verify(key, &hash, signature))
828 test_dsa160(const struct dsa_public_key *pub,
829 const struct dsa_private_key *key,
830 const struct dsa_signature *expected)
832 struct sha1_ctx sha1;
833 struct dsa_signature signature;
834 struct knuth_lfib_ctx lfib;
837 dsa_signature_init(&signature);
838 knuth_lfib_init(&lfib, 1111);
840 sha1_update(&sha1, LDATA("The magic words are squeamish ossifrage"));
841 ASSERT (dsa_sha1_sign(pub, key,
842 &lfib, (nettle_random_func *) knuth_lfib_random,
847 fprintf(stderr, "dsa160 signature: ");
848 mpz_out_str(stderr, 16, signature.r);
849 fprintf(stderr, ", ");
850 mpz_out_str(stderr, 16, signature.s);
851 fprintf(stderr, "\n");
855 if (mpz_cmp (signature.r, expected->r)
856 || mpz_cmp (signature.s, expected->s))
860 if (DSA_VERIFY(pub, sha1,
861 "The magick words are squeamish ossifrage", &signature))
864 /* Try correct data */
865 if (!DSA_VERIFY(pub, sha1,
866 "The magic words are squeamish ossifrage", &signature))
869 /* Try bad signature */
870 mpz_togglebit(signature.r, 17);
872 if (DSA_VERIFY(pub, sha1,
873 "The magic words are squeamish ossifrage", &signature))
876 dsa_signature_clear(&signature);
880 test_dsa256(const struct dsa_public_key *pub,
881 const struct dsa_private_key *key,
882 const struct dsa_signature *expected)
884 struct sha256_ctx sha256;
885 struct dsa_signature signature;
886 struct knuth_lfib_ctx lfib;
888 sha256_init(&sha256);
889 dsa_signature_init(&signature);
890 knuth_lfib_init(&lfib, 1111);
892 sha256_update(&sha256, LDATA("The magic words are squeamish ossifrage"));
893 ASSERT (dsa_sha256_sign(pub, key,
894 &lfib, (nettle_random_func *) knuth_lfib_random,
895 &sha256, &signature));
899 fprintf(stderr, "dsa256 signature: ");
900 mpz_out_str(stderr, 16, signature.r);
901 fprintf(stderr, ", ");
902 mpz_out_str(stderr, 16, signature.s);
903 fprintf(stderr, "\n");
907 if (mpz_cmp (signature.r, expected->r)
908 || mpz_cmp (signature.s, expected->s))
912 if (DSA_VERIFY(pub, sha256,
913 "The magick words are squeamish ossifrage", &signature))
916 /* Try correct data */
917 if (!DSA_VERIFY(pub, sha256,
918 "The magic words are squeamish ossifrage", &signature))
921 /* Try bad signature */
922 mpz_togglebit(signature.r, 17);
924 if (DSA_VERIFY(pub, sha256,
925 "The magic words are squeamish ossifrage", &signature))
928 dsa_signature_clear(&signature);
932 test_dsa_key(struct dsa_public_key *pub,
933 struct dsa_private_key *key,
940 ASSERT(mpz_sizeinbase(pub->q, 2) == q_size);
941 ASSERT(mpz_sizeinbase(pub->p, 2) >= DSA_SHA1_MIN_P_BITS);
943 ASSERT(mpz_probab_prime_p(pub->p, 10));
945 ASSERT(mpz_probab_prime_p(pub->q, 10));
947 mpz_fdiv_r(t, pub->p, pub->q);
949 ASSERT(0 == mpz_cmp_ui(t, 1));
951 ASSERT(mpz_cmp_ui(pub->g, 1) > 0);
953 mpz_powm(t, pub->g, pub->q, pub->p);
954 ASSERT(0 == mpz_cmp_ui(t, 1));
956 mpz_powm(t, pub->g, key->x, pub->p);
957 ASSERT(0 == mpz_cmp(t, pub->y));
960 #endif /* WITH_HOGWEED */