codex-storage
/
constantine
mirror of https://github.com/codex-storage/constantine.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Random init was producing invalid montgomery form for field elements

This commit is contained in:
Mamy André-Ratsimbazafy 2020-02-26 10:28:54 +01:00
parent 945d36c2f2
commit 6de97b5d1e
No known key found for this signature in database
GPG Key ID: 7B88AD1FE79492E1
2 changed files with 27 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tests/prng.nim
View File

@ -84,14 +84,15 @@ func next(rng: var RngState): uint64 =
func random[T](rng: var RngState, a: var T, C: static Curve) {.noInit.}= func random[T](rng: var RngState, a: var T, C: static Curve) {.noInit.}=
## Recursively initialize a BigInt or Field element ## Recursively initialize a BigInt or Field element
when T is BigInt: when T is BigInt:
var unreduced{.noInit.}: T var reduced, unreduced{.noInit.}: T
unreduced.setInternalBitLength() unreduced.setInternalBitLength()
for i in 0 ..< unreduced.limbs.len: for i in 0 ..< unreduced.limbs.len:
unreduced.limbs[i] = Word(rng.next()) unreduced.limbs[i] = Word(rng.next())
# Note: a simple modulo will be biaised but it's simple and "fast" # Note: a simple modulo will be biaised but it's simple and "fast"
a.reduce(unreduced, C.Mod.mres) reduced.reduce(unreduced, C.Mod.mres)
a.montyResidue(reduced, C.Mod.mres, C.getR2modP(), C.getNegInvModWord())
else: else:
for field in fields(a): for field in fields(a):

52
tests/test_fp2.nim
View File

@ -106,49 +106,45 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
test(BN254): test(BN254):
r.prod(Zero, x) r.prod(Zero, x)
check: bool(r == Zero) check: bool(r == Zero)
# test(BN254): test(BN254):
# r.prod(x, One) r.prod(x, One)
# echo "r: ", r check: bool(r == x)
# echo "x: ", x test(BN254):
# check: bool(r == x) r.prod(One, x)
# test(BN254): check: bool(r == x)
# r.prod(One, x)
# echo "r: ", r
# echo "x: ", x
# check: bool(r == x)
test(BLS12_381): test(BLS12_381):
r.prod(x, Zero) r.prod(x, Zero)
check: bool(r == Zero) check: bool(r == Zero)
test(BLS12_381): test(BLS12_381):
r.prod(Zero, x) r.prod(Zero, x)
check: bool(r == Zero) check: bool(r == Zero)
# test(BLS12_381): test(BLS12_381):
# r.prod(x, One) r.prod(x, One)
# check: bool(r == x) check: bool(r == x)
# test(BLS12_381): test(BLS12_381):
# r.prod(One, x) r.prod(One, x)
# check: bool(r == x) check: bool(r == x)
test(P256): test(P256):
r.prod(x, Zero) r.prod(x, Zero)
check: bool(r == Zero) check: bool(r == Zero)
test(P256): test(P256):
r.prod(Zero, x) r.prod(Zero, x)
check: bool(r == Zero) check: bool(r == Zero)
# test(P256): test(P256):
# r.prod(x, One) r.prod(x, One)
# check: bool(r == x) check: bool(r == x)
# test(P256): test(P256):
# r.prod(One, x) r.prod(One, x)
# check: bool(r == x) check: bool(r == x)
test(Secp256k1): test(Secp256k1):
r.prod(x, Zero) r.prod(x, Zero)
check: bool(r == Zero) check: bool(r == Zero)
test(Secp256k1): test(Secp256k1):
r.prod(Zero, x) r.prod(Zero, x)
check: bool(r == Zero) check: bool(r == Zero)
# test(Secp256k1): test(Secp256k1):
# r.prod(x, One) r.prod(x, One)
# check: bool(r == x) check: bool(r == x)
# test(Secp256k1): test(Secp256k1):
# r.prod(One, x) r.prod(One, x)
# check: bool(r == x) check: bool(r == x)