Changeset View
Changeset View
Standalone View
Standalone View
src/secp256k1/src/tests.c
| Show First 20 Lines • Show All 3,111 Lines • ▼ Show 20 Lines | for(i = 0; i < n_points; i++) { | ||||
| random_scalar_order(&sc[i]); | random_scalar_order(&sc[i]); | ||||
| secp256k1_ecmult(&ctx->ecmult_ctx, &ptgj, &ptgj, &sc[i], NULL); | secp256k1_ecmult(&ctx->ecmult_ctx, &ptgj, &ptgj, &sc[i], NULL); | ||||
| secp256k1_gej_add_var(&r2, &r2, &ptgj, NULL); | secp256k1_gej_add_var(&r2, &r2, &ptgj, NULL); | ||||
| } | } | ||||
| data.sc = sc; | data.sc = sc; | ||||
| data.pt = pt; | data.pt = pt; | ||||
| secp256k1_gej_neg(&r2, &r2); | secp256k1_gej_neg(&r2, &r2); | ||||
| /* Test with empty scratch space. It should compute the correct result using | /* Test with empty scratch space. It should compute the correct result using | ||||
| * ecmult_mult_simple algorithm which doesn't require a scratch space. */ | * ecmult_mult_simple algorithm which doesn't require a scratch space. */ | ||||
| scratch = secp256k1_scratch_create(&ctx->error_callback, 0); | scratch = secp256k1_scratch_create(&ctx->error_callback, 0); | ||||
| CHECK(secp256k1_ecmult_multi_var(&ctx->error_callback, &ctx->ecmult_ctx, scratch, &r, &scG, ecmult_multi_callback, &data, n_points)); | CHECK(secp256k1_ecmult_multi_var(&ctx->error_callback, &ctx->ecmult_ctx, scratch, &r, &scG, ecmult_multi_callback, &data, n_points)); | ||||
| secp256k1_gej_add_var(&r, &r, &r2, NULL); | secp256k1_gej_add_var(&r, &r, &r2, NULL); | ||||
| CHECK(secp256k1_gej_is_infinity(&r)); | CHECK(secp256k1_gej_is_infinity(&r)); | ||||
| secp256k1_scratch_destroy(&ctx->error_callback, scratch); | secp256k1_scratch_destroy(&ctx->error_callback, scratch); | ||||
| /* Test with space for 1 point in pippenger. That's not enough because | /* Test with space for 1 point in pippenger. That's not enough because | ||||
| ▲ Show 20 Lines • Show All 2,165 Lines • ▼ Show 20 Lines | void run_memczero_test(void) { | ||||
| CHECK(memcmp(buf1, buf2, sizeof(buf1)) == 0); | CHECK(memcmp(buf1, buf2, sizeof(buf1)) == 0); | ||||
| /* memczero(..., ..., 1) zeros the buffer. */ | /* memczero(..., ..., 1) zeros the buffer. */ | ||||
| memset(buf2, 0, sizeof(buf2)); | memset(buf2, 0, sizeof(buf2)); | ||||
| memczero(buf1, sizeof(buf1) , 1); | memczero(buf1, sizeof(buf1) , 1); | ||||
| CHECK(memcmp(buf1, buf2, sizeof(buf1)) == 0); | CHECK(memcmp(buf1, buf2, sizeof(buf1)) == 0); | ||||
| } | } | ||||
| void int_cmov_test(void) { | |||||
| int r = INT_MAX; | |||||
| int a = 0; | |||||
| secp256k1_int_cmov(&r, &a, 0); | |||||
| CHECK(r == INT_MAX); | |||||
| r = 0; a = INT_MAX; | |||||
| secp256k1_int_cmov(&r, &a, 1); | |||||
| CHECK(r == INT_MAX); | |||||
| a = 0; | |||||
| secp256k1_int_cmov(&r, &a, 1); | |||||
| CHECK(r == 0); | |||||
| a = 1; | |||||
| secp256k1_int_cmov(&r, &a, 1); | |||||
| CHECK(r == 1); | |||||
| r = 1; a = 0; | |||||
| secp256k1_int_cmov(&r, &a, 0); | |||||
| CHECK(r == 1); | |||||
| } | |||||
| void fe_cmov_test(void) { | |||||
| static const secp256k1_fe zero = SECP256K1_FE_CONST(0, 0, 0, 0, 0, 0, 0, 0); | |||||
| static const secp256k1_fe one = SECP256K1_FE_CONST(0, 0, 0, 0, 0, 0, 0, 1); | |||||
| static const secp256k1_fe max = SECP256K1_FE_CONST( | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL | |||||
| ); | |||||
| secp256k1_fe r = max; | |||||
| secp256k1_fe a = zero; | |||||
| secp256k1_fe_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| r = zero; a = max; | |||||
| secp256k1_fe_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| a = zero; | |||||
| secp256k1_fe_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &zero, sizeof(r)) == 0); | |||||
| a = one; | |||||
| secp256k1_fe_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| r = one; a = zero; | |||||
| secp256k1_fe_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| } | |||||
| void fe_storage_cmov_test(void) { | |||||
| static const secp256k1_fe_storage zero = SECP256K1_FE_STORAGE_CONST(0, 0, 0, 0, 0, 0, 0, 0); | |||||
| static const secp256k1_fe_storage one = SECP256K1_FE_STORAGE_CONST(0, 0, 0, 0, 0, 0, 0, 1); | |||||
| static const secp256k1_fe_storage max = SECP256K1_FE_STORAGE_CONST( | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL | |||||
| ); | |||||
| secp256k1_fe_storage r = max; | |||||
| secp256k1_fe_storage a = zero; | |||||
| secp256k1_fe_storage_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| r = zero; a = max; | |||||
| secp256k1_fe_storage_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| a = zero; | |||||
| secp256k1_fe_storage_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &zero, sizeof(r)) == 0); | |||||
| a = one; | |||||
| secp256k1_fe_storage_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| r = one; a = zero; | |||||
| secp256k1_fe_storage_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| } | |||||
| void scalar_cmov_test(void) { | |||||
| static const secp256k1_scalar zero = SECP256K1_SCALAR_CONST(0, 0, 0, 0, 0, 0, 0, 0); | |||||
| static const secp256k1_scalar one = SECP256K1_SCALAR_CONST(0, 0, 0, 0, 0, 0, 0, 1); | |||||
| static const secp256k1_scalar max = SECP256K1_SCALAR_CONST( | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL | |||||
| ); | |||||
| secp256k1_scalar r = max; | |||||
| secp256k1_scalar a = zero; | |||||
| secp256k1_scalar_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| r = zero; a = max; | |||||
| secp256k1_scalar_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| a = zero; | |||||
| secp256k1_scalar_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &zero, sizeof(r)) == 0); | |||||
| a = one; | |||||
| secp256k1_scalar_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| r = one; a = zero; | |||||
| secp256k1_scalar_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| } | |||||
| void ge_storage_cmov_test(void) { | |||||
| static const secp256k1_ge_storage zero = SECP256K1_GE_STORAGE_CONST(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); | |||||
| static const secp256k1_ge_storage one = SECP256K1_GE_STORAGE_CONST(0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1); | |||||
| static const secp256k1_ge_storage max = SECP256K1_GE_STORAGE_CONST( | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, | |||||
| 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL, 0xFFFFFFFFUL | |||||
| ); | |||||
| secp256k1_ge_storage r = max; | |||||
| secp256k1_ge_storage a = zero; | |||||
| secp256k1_ge_storage_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| r = zero; a = max; | |||||
| secp256k1_ge_storage_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &max, sizeof(r)) == 0); | |||||
| a = zero; | |||||
| secp256k1_ge_storage_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &zero, sizeof(r)) == 0); | |||||
| a = one; | |||||
| secp256k1_ge_storage_cmov(&r, &a, 1); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| r = one; a = zero; | |||||
| secp256k1_ge_storage_cmov(&r, &a, 0); | |||||
| CHECK(memcmp(&r, &one, sizeof(r)) == 0); | |||||
| } | |||||
| void run_cmov_tests(void) { | |||||
| int_cmov_test(); | |||||
| fe_cmov_test(); | |||||
| fe_storage_cmov_test(); | |||||
| scalar_cmov_test(); | |||||
| ge_storage_cmov_test(); | |||||
| } | |||||
| int main(int argc, char **argv) { | int main(int argc, char **argv) { | ||||
| unsigned char seed16[16] = {0}; | unsigned char seed16[16] = {0}; | ||||
| unsigned char run32[32] = {0}; | unsigned char run32[32] = {0}; | ||||
| /* Disable buffering for stdout to improve reliability of getting | /* Disable buffering for stdout to improve reliability of getting | ||||
| * diagnostic information. Happens right at the start of main because | * diagnostic information. Happens right at the start of main because | ||||
| * setbuf must be used before any other operation on the stream. */ | * setbuf must be used before any other operation on the stream. */ | ||||
| setbuf(stdout, NULL); | setbuf(stdout, NULL); | ||||
| ▲ Show 20 Lines • Show All 132 Lines • ▼ Show 20 Lines | |||||
| #ifdef ENABLE_MODULE_SCHNORR | #ifdef ENABLE_MODULE_SCHNORR | ||||
| /* Schnorr signature tests */ | /* Schnorr signature tests */ | ||||
| run_schnorr_tests(); | run_schnorr_tests(); | ||||
| #endif | #endif | ||||
| /* util tests */ | /* util tests */ | ||||
| run_memczero_test(); | run_memczero_test(); | ||||
| run_cmov_tests(); | |||||
| secp256k1_rand256(run32); | secp256k1_rand256(run32); | ||||
| printf("random run = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", run32[0], run32[1], run32[2], run32[3], run32[4], run32[5], run32[6], run32[7], run32[8], run32[9], run32[10], run32[11], run32[12], run32[13], run32[14], run32[15]); | printf("random run = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", run32[0], run32[1], run32[2], run32[3], run32[4], run32[5], run32[6], run32[7], run32[8], run32[9], run32[10], run32[11], run32[12], run32[13], run32[14], run32[15]); | ||||
| /* shutdown */ | /* shutdown */ | ||||
| secp256k1_context_destroy(ctx); | secp256k1_context_destroy(ctx); | ||||
| printf("no problems found\n"); | printf("no problems found\n"); | ||||
| return 0; | return 0; | ||||
| } | } | ||||