Random init was producing invalid montgomery form for field elements
This commit is contained in:
parent
945d36c2f2
commit
6de97b5d1e
|
@ -84,14 +84,15 @@ func next(rng: var RngState): uint64 =
|
||||||
func random[T](rng: var RngState, a: var T, C: static Curve) {.noInit.}=
|
func random[T](rng: var RngState, a: var T, C: static Curve) {.noInit.}=
|
||||||
## Recursively initialize a BigInt or Field element
|
## Recursively initialize a BigInt or Field element
|
||||||
when T is BigInt:
|
when T is BigInt:
|
||||||
var unreduced{.noInit.}: T
|
var reduced, unreduced{.noInit.}: T
|
||||||
|
|
||||||
unreduced.setInternalBitLength()
|
unreduced.setInternalBitLength()
|
||||||
for i in 0 ..< unreduced.limbs.len:
|
for i in 0 ..< unreduced.limbs.len:
|
||||||
unreduced.limbs[i] = Word(rng.next())
|
unreduced.limbs[i] = Word(rng.next())
|
||||||
|
|
||||||
# Note: a simple modulo will be biaised but it's simple and "fast"
|
# Note: a simple modulo will be biaised but it's simple and "fast"
|
||||||
a.reduce(unreduced, C.Mod.mres)
|
reduced.reduce(unreduced, C.Mod.mres)
|
||||||
|
a.montyResidue(reduced, C.Mod.mres, C.getR2modP(), C.getNegInvModWord())
|
||||||
|
|
||||||
else:
|
else:
|
||||||
for field in fields(a):
|
for field in fields(a):
|
||||||
|
|
|
@ -106,49 +106,45 @@ suite "𝔽p2 = 𝔽p[𝑖] (irreducible polynomial x²+1)":
|
||||||
test(BN254):
|
test(BN254):
|
||||||
r.prod(Zero, x)
|
r.prod(Zero, x)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
# test(BN254):
|
test(BN254):
|
||||||
# r.prod(x, One)
|
r.prod(x, One)
|
||||||
# echo "r: ", r
|
check: bool(r == x)
|
||||||
# echo "x: ", x
|
test(BN254):
|
||||||
# check: bool(r == x)
|
r.prod(One, x)
|
||||||
# test(BN254):
|
check: bool(r == x)
|
||||||
# r.prod(One, x)
|
|
||||||
# echo "r: ", r
|
|
||||||
# echo "x: ", x
|
|
||||||
# check: bool(r == x)
|
|
||||||
test(BLS12_381):
|
test(BLS12_381):
|
||||||
r.prod(x, Zero)
|
r.prod(x, Zero)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
test(BLS12_381):
|
test(BLS12_381):
|
||||||
r.prod(Zero, x)
|
r.prod(Zero, x)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
# test(BLS12_381):
|
test(BLS12_381):
|
||||||
# r.prod(x, One)
|
r.prod(x, One)
|
||||||
# check: bool(r == x)
|
check: bool(r == x)
|
||||||
# test(BLS12_381):
|
test(BLS12_381):
|
||||||
# r.prod(One, x)
|
r.prod(One, x)
|
||||||
# check: bool(r == x)
|
check: bool(r == x)
|
||||||
test(P256):
|
test(P256):
|
||||||
r.prod(x, Zero)
|
r.prod(x, Zero)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
test(P256):
|
test(P256):
|
||||||
r.prod(Zero, x)
|
r.prod(Zero, x)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
# test(P256):
|
test(P256):
|
||||||
# r.prod(x, One)
|
r.prod(x, One)
|
||||||
# check: bool(r == x)
|
check: bool(r == x)
|
||||||
# test(P256):
|
test(P256):
|
||||||
# r.prod(One, x)
|
r.prod(One, x)
|
||||||
# check: bool(r == x)
|
check: bool(r == x)
|
||||||
test(Secp256k1):
|
test(Secp256k1):
|
||||||
r.prod(x, Zero)
|
r.prod(x, Zero)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
test(Secp256k1):
|
test(Secp256k1):
|
||||||
r.prod(Zero, x)
|
r.prod(Zero, x)
|
||||||
check: bool(r == Zero)
|
check: bool(r == Zero)
|
||||||
# test(Secp256k1):
|
test(Secp256k1):
|
||||||
# r.prod(x, One)
|
r.prod(x, One)
|
||||||
# check: bool(r == x)
|
check: bool(r == x)
|
||||||
# test(Secp256k1):
|
test(Secp256k1):
|
||||||
# r.prod(One, x)
|
r.prod(One, x)
|
||||||
# check: bool(r == x)
|
check: bool(r == x)
|
||||||
|
|
Loading…
Reference in New Issue