Skip to content

Commit 4866178

Browse files
jonasnickjonasnick
committed
Merge bitcoin-core/secp256k1#955: Add random field multiply/square tests
bdf19f1 Add random field multiply/square tests (Pieter Wuille) Pull request description: ACKs for top commit: real-or-random: ACK bitcoin-core/secp256k1@bdf19f1 jonasnick: ACK bdf19f1 Tree-SHA512: e78ce25f5440e87ad2cad0d4a87e5d95c983bc0be3a3e53d97f9cf6d8b3c3db9a830cb5f2f8c62f2f6dc9c6703c2a507cc23fa18d60bb624716e024539db5c21
2 parents 75ce488 + bdf19f1 commit 4866178

File tree

1 file changed

+65
-0
lines changed

1 file changed

+65
-0
lines changed

src/tests.c

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2508,6 +2508,70 @@ void run_field_misc(void) {
25082508
}
25092509
}
25102510

2511+
void test_fe_mul(const secp256k1_fe* a, const secp256k1_fe* b, int use_sqr)
2512+
{
2513+
secp256k1_fe c, an, bn;
2514+
/* Variables in BE 32-byte format. */
2515+
unsigned char a32[32], b32[32], c32[32];
2516+
/* Variables in LE 16x uint16_t format. */
2517+
uint16_t a16[16], b16[16], c16[16];
2518+
/* Field modulus in LE 16x uint16_t format. */
2519+
static const uint16_t m16[16] = {
2520+
0xfc2f, 0xffff, 0xfffe, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
2521+
0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff, 0xffff,
2522+
};
2523+
uint16_t t16[32];
2524+
int i;
2525+
2526+
/* Compute C = A * B in fe format. */
2527+
c = *a;
2528+
if (use_sqr) {
2529+
secp256k1_fe_sqr(&c, &c);
2530+
} else {
2531+
secp256k1_fe_mul(&c, &c, b);
2532+
}
2533+
2534+
/* Convert A, B, C into LE 16x uint16_t format. */
2535+
an = *a;
2536+
bn = *b;
2537+
secp256k1_fe_normalize_var(&c);
2538+
secp256k1_fe_normalize_var(&an);
2539+
secp256k1_fe_normalize_var(&bn);
2540+
secp256k1_fe_get_b32(a32, &an);
2541+
secp256k1_fe_get_b32(b32, &bn);
2542+
secp256k1_fe_get_b32(c32, &c);
2543+
for (i = 0; i < 16; ++i) {
2544+
a16[i] = a32[31 - 2*i] + ((uint16_t)a32[30 - 2*i] << 8);
2545+
b16[i] = b32[31 - 2*i] + ((uint16_t)b32[30 - 2*i] << 8);
2546+
c16[i] = c32[31 - 2*i] + ((uint16_t)c32[30 - 2*i] << 8);
2547+
}
2548+
/* Compute T = A * B in LE 16x uint16_t format. */
2549+
mulmod256(t16, a16, b16, m16);
2550+
/* Compare */
2551+
CHECK(secp256k1_memcmp_var(t16, c16, 32) == 0);
2552+
}
2553+
2554+
void run_fe_mul(void) {
2555+
int i;
2556+
for (i = 0; i < 100 * count; ++i) {
2557+
secp256k1_fe a, b, c, d;
2558+
random_fe(&a);
2559+
random_field_element_magnitude(&a);
2560+
random_fe(&b);
2561+
random_field_element_magnitude(&b);
2562+
random_fe_test(&c);
2563+
random_field_element_magnitude(&c);
2564+
random_fe_test(&d);
2565+
random_field_element_magnitude(&d);
2566+
test_fe_mul(&a, &a, 1);
2567+
test_fe_mul(&c, &c, 1);
2568+
test_fe_mul(&a, &b, 0);
2569+
test_fe_mul(&a, &c, 0);
2570+
test_fe_mul(&c, &b, 0);
2571+
test_fe_mul(&c, &d, 0);
2572+
}
2573+
}
2574+
25112575
void run_sqr(void) {
25122576
secp256k1_fe x, s;
25132577

@@ -6512,6 +6576,7 @@ int main(int argc, char **argv) {
65126576
/* field tests */
65136577
run_field_misc();
65146578
run_field_convert();
6579+
run_fe_mul();
65156580
run_sqr();
65166581
run_sqrt();
65176582

0 commit comments

Comments
 (0)