Differential D9384 Diff 28111 src/secp256k1/src/tests.c

Changeset View

Standalone View

src/secp256k1/src/tests.c

Show First 20 Lines • Show All 1,958 Lines • ▼ Show 20 Lines	for (i = 0; i < 10*count; i++) {
random_fe_non_zero(&x);		random_fe_non_zero(&x);
secp256k1_fe_inv_var(&xi, &x);		secp256k1_fe_inv_var(&xi, &x);
CHECK(check_fe_inverse(&x, &xi));		CHECK(check_fe_inverse(&x, &xi));
secp256k1_fe_inv_var(&xii, &xi);		secp256k1_fe_inv_var(&xii, &xi);
CHECK(check_fe_equal(&x, &xii));		CHECK(check_fe_equal(&x, &xii));
}		}
}		}

void run_field_inv_all_var(void) {
secp256k1_fe x[16], xi[16], xii[16];
int i;
/* Check it's safe to call for 0 elements */
secp256k1_fe_inv_all_var(xi, x, 0);
for (i = 0; i < count; i++) {
size_t j;
size_t len = secp256k1_testrand_int(15) + 1;
for (j = 0; j < len; j++) {
random_fe_non_zero(&x[j]);
}
secp256k1_fe_inv_all_var(xi, x, len);
for (j = 0; j < len; j++) {
CHECK(check_fe_inverse(&x[j], &xi[j]));
}
secp256k1_fe_inv_all_var(xii, xi, len);
for (j = 0; j < len; j++) {
CHECK(check_fe_equal(&x[j], &xii[j]));
}
}
}

void run_sqr(void) {		void run_sqr(void) {
secp256k1_fe x, s;		secp256k1_fe x, s;

{		{
int i;		int i;
secp256k1_fe_set_int(&x, 1);		secp256k1_fe_set_int(&x, 1);
secp256k1_fe_negate(&x, &x, 1);		secp256k1_fe_negate(&x, &x, 1);

▲ Show 20 Lines • Show All 109 Lines • ▼ Show 20 Lines	void test_ge(void) {
/* 25 points are used:		/* 25 points are used:
* - infinity		* - infinity
* - for each of four random points p1 p2 p3 p4, we add the point, its		* - for each of four random points p1 p2 p3 p4, we add the point, its
* negation, and then those two again but with randomized Z coordinate.		* negation, and then those two again but with randomized Z coordinate.
* - The same is then done for lambdap1 and lambda^2p1.		* - The same is then done for lambdap1 and lambda^2p1.
*/		*/
secp256k1_ge ge = (secp256k1_ge )checked_malloc(&ctx->error_callback, sizeof(secp256k1_ge) * (1 + 4 * runs));		secp256k1_ge ge = (secp256k1_ge )checked_malloc(&ctx->error_callback, sizeof(secp256k1_ge) * (1 + 4 * runs));
secp256k1_gej gej = (secp256k1_gej )checked_malloc(&ctx->error_callback, sizeof(secp256k1_gej) * (1 + 4 * runs));		secp256k1_gej gej = (secp256k1_gej )checked_malloc(&ctx->error_callback, sizeof(secp256k1_gej) * (1 + 4 * runs));
secp256k1_fe zinv = (secp256k1_fe )checked_malloc(&ctx->error_callback, sizeof(secp256k1_fe) * (1 + 4 * runs));
secp256k1_fe zf;		secp256k1_fe zf;
secp256k1_fe zfi2, zfi3;		secp256k1_fe zfi2, zfi3;

secp256k1_gej_set_infinity(&gej[0]);		secp256k1_gej_set_infinity(&gej[0]);
secp256k1_ge_clear(&ge[0]);		secp256k1_ge_clear(&ge[0]);
secp256k1_ge_set_gej_var(&ge[0], &gej[0]);		secp256k1_ge_set_gej_var(&ge[0], &gej[0]);
for (i = 0; i < runs; i++) {		for (i = 0; i < runs; i++) {
int j;		int j;
Show All 17 Lines	for (i = 0; i < runs; i++) {
random_field_element_magnitude(&ge[1 + j + 4 * i].x);		random_field_element_magnitude(&ge[1 + j + 4 * i].x);
random_field_element_magnitude(&ge[1 + j + 4 * i].y);		random_field_element_magnitude(&ge[1 + j + 4 * i].y);
random_field_element_magnitude(&gej[1 + j + 4 * i].x);		random_field_element_magnitude(&gej[1 + j + 4 * i].x);
random_field_element_magnitude(&gej[1 + j + 4 * i].y);		random_field_element_magnitude(&gej[1 + j + 4 * i].y);
random_field_element_magnitude(&gej[1 + j + 4 * i].z);		random_field_element_magnitude(&gej[1 + j + 4 * i].z);
}		}
}		}

/* Compute z inverses. */
{
secp256k1_fe zs = checked_malloc(&ctx->error_callback, sizeof(secp256k1_fe) (1 + 4 * runs));
for (i = 0; i < 4 * runs + 1; i++) {
if (i == 0) {
/* The point at infinity does not have a meaningful z inverse. Any should do. */
do {
random_field_element_test(&zs[i]);
} while(secp256k1_fe_is_zero(&zs[i]));
} else {
zs[i] = gej[i].z;
}
}
secp256k1_fe_inv_all_var(zinv, zs, 4 * runs + 1);
free(zs);
}

/* Generate random zf, and zfi2 = 1/zf^2, zfi3 = 1/zf^3 */		/* Generate random zf, and zfi2 = 1/zf^2, zfi3 = 1/zf^3 */
do {		do {
random_field_element_test(&zf);		random_field_element_test(&zf);
} while(secp256k1_fe_is_zero(&zf));		} while(secp256k1_fe_is_zero(&zf));
random_field_element_magnitude(&zf);		random_field_element_magnitude(&zf);
secp256k1_fe_inv_var(&zfi3, &zf);		secp256k1_fe_inv_var(&zfi3, &zf);
secp256k1_fe_sqr(&zfi2, &zfi3);		secp256k1_fe_sqr(&zfi2, &zfi3);
secp256k1_fe_mul(&zfi3, &zfi3, &zfi2);		secp256k1_fe_mul(&zfi3, &zfi3, &zfi2);
▲ Show 20 Lines • Show All 92 Lines • ▼ Show 20 Lines	/* Test adding all points together in random order equals infinity. */
}		}
for (i = 0; i < 4 * runs + 1; i++) {		for (i = 0; i < 4 * runs + 1; i++) {
secp256k1_gej_add_var(&sum, &sum, &gej_shuffled[i], NULL);		secp256k1_gej_add_var(&sum, &sum, &gej_shuffled[i], NULL);
}		}
CHECK(secp256k1_gej_is_infinity(&sum));		CHECK(secp256k1_gej_is_infinity(&sum));
free(gej_shuffled);		free(gej_shuffled);
}		}

/* Test batch gej -> ge conversion with and without known z ratios. */		/* Test batch gej -> ge conversion without known z ratios. */
{		{
secp256k1_fe zr = (secp256k1_fe )checked_malloc(&ctx->error_callback, (4 * runs + 1) * sizeof(secp256k1_fe));
secp256k1_ge ge_set_all = (secp256k1_ge )checked_malloc(&ctx->error_callback, (4 * runs + 1) * sizeof(secp256k1_ge));		secp256k1_ge ge_set_all = (secp256k1_ge )checked_malloc(&ctx->error_callback, (4 * runs + 1) * sizeof(secp256k1_ge));
for (i = 0; i < 4 * runs + 1; i++) {
/* Compute gej[i + 1].z / gez[i].z (with gej[n].z taken to be 1). */
if (i < 4 * runs) {
secp256k1_fe_mul(&zr[i + 1], &zinv[i], &gej[i + 1].z);
}
}
secp256k1_ge_set_all_gej_var(ge_set_all, gej, 4 * runs + 1);		secp256k1_ge_set_all_gej_var(ge_set_all, gej, 4 * runs + 1);
for (i = 0; i < 4 * runs + 1; i++) {		for (i = 0; i < 4 * runs + 1; i++) {
secp256k1_fe s;		secp256k1_fe s;
random_fe_non_zero(&s);		random_fe_non_zero(&s);
secp256k1_gej_rescale(&gej[i], &s);		secp256k1_gej_rescale(&gej[i], &s);
ge_equals_gej(&ge_set_all[i], &gej[i]);		ge_equals_gej(&ge_set_all[i], &gej[i]);
}		}
free(ge_set_all);		free(ge_set_all);
free(zr);
}		}

/* Test batch gej -> ge conversion with many infinities. */		/* Test batch gej -> ge conversion with many infinities. */
for (i = 0; i < 4 * runs + 1; i++) {		for (i = 0; i < 4 * runs + 1; i++) {
random_group_element_test(&ge[i]);		random_group_element_test(&ge[i]);
/* randomly set half the points to infinity */		/* randomly set half the points to infinity */
if(secp256k1_fe_is_odd(&ge[i].x)) {		if(secp256k1_fe_is_odd(&ge[i].x)) {
secp256k1_ge_set_infinity(&ge[i]);		secp256k1_ge_set_infinity(&ge[i]);
}		}
secp256k1_gej_set_ge(&gej[i], &ge[i]);		secp256k1_gej_set_ge(&gej[i], &ge[i]);
}		}
/* batch invert */		/* batch invert */
secp256k1_ge_set_all_gej_var(ge, gej, 4 * runs + 1);		secp256k1_ge_set_all_gej_var(ge, gej, 4 * runs + 1);
/* check result */		/* check result */
for (i = 0; i < 4 * runs + 1; i++) {		for (i = 0; i < 4 * runs + 1; i++) {
ge_equals_gej(&ge[i], &gej[i]);		ge_equals_gej(&ge[i], &gej[i]);
}		}

free(ge);		free(ge);
free(gej);		free(gej);
free(zinv);
}		}


void test_intialized_inf(void) {		void test_intialized_inf(void) {
secp256k1_ge p;		secp256k1_ge p;
secp256k1_gej pj, npj, infj1, infj2, infj3;		secp256k1_gej pj, npj, infj1, infj2, infj3;
secp256k1_fe zinv;		secp256k1_fe zinv;

▲ Show 20 Lines • Show All 3,353 Lines • ▼ Show 20 Lines
#endif		#endif

/* scalar tests */		/* scalar tests */
run_scalar_tests();		run_scalar_tests();

/* field tests */		/* field tests */
run_field_inv();		run_field_inv();
run_field_inv_var();		run_field_inv_var();
run_field_inv_all_var();
run_field_misc();		run_field_misc();
run_field_convert();		run_field_convert();
run_sqr();		run_sqr();
run_sqrt();		run_sqrt();

/* group tests */		/* group tests */
run_ge();		run_ge();
run_group_decompress();		run_group_decompress();
▲ Show 20 Lines • Show All 74 Lines • Show Last 20 Lines