style: casing of WordBitWidth/WordBitwidth

This commit is contained in:
Mamy Ratsimbazafy 2023-01-11 19:31:23 +01:00
parent 53a5729442
commit c0b30a08be
No known key found for this signature in database
GPG Key ID: 6227262F49BE273A
34 changed files with 89 additions and 89 deletions

View File

@ -73,7 +73,7 @@ func partialReduce_1305[N1, N2: static int](r: var Limbs[N1], a: Limbs[N2]) =
# But there is a twist. 5.2⁶² need 65-bit not 64
# and 5.2³⁰ need 33-bit not 32
when WordBitwidth == 64:
when WordBitWidth == 64:
static:
doAssert N1 == 3
doAssert N2 == 4

View File

@ -37,7 +37,7 @@ macro mul_gen[rLen, aLen, bLen: static int](r: var Limbs[rLen], a: Limbs[aLen],
## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len
## The result will be truncated, i.e. it will be
## a * b (mod (2^WordBitwidth)^r.limbs.len)
## a * b (mod (2^WordBitWidth)^r.limbs.len)
##
## Assumes r doesn't aliases a or b
@ -137,7 +137,7 @@ macro sqr_gen*[rLen, aLen: static int](r: var Limbs[rLen], a: Limbs[aLen]) =
## `a` and `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len * 2
## The result will be truncated, i.e. it will be
## a² (mod (2^WordBitwidth)^r.limbs.len)
## a² (mod (2^WordBitWidth)^r.limbs.len)
##
## Assumes r doesn't aliases a

View File

@ -114,7 +114,7 @@ macro mulx_gen[rLen, aLen, bLen: static int](r_PIR: var Limbs[rLen], a_PIR: Limb
## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len
## The result will be truncated, i.e. it will be
## a * b (mod (2^WordBitwidth)^r.limbs.len)
## a * b (mod (2^WordBitWidth)^r.limbs.len)
##
## Assumes r doesn't aliases a or b
@ -565,7 +565,7 @@ macro sqrx_gen*[rLen, aLen: static int](r_PIR: var Limbs[rLen], a_PIR: Limbs[aLe
## `a` and `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len * 2
## The result will be truncated, i.e. it will be
## a² (mod (2^WordBitwidth)^r.limbs.len)
## a² (mod (2^WordBitWidth)^r.limbs.len)
##
## Assumes r doesn't aliases a
result = newStmtList()

View File

@ -292,7 +292,7 @@ func prod_high_words*[rBits, aBits, bBits](r: var BigInt[rBits], a: BigInt[aBits
## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex
## The result will be truncated, i.e. it will be
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitwidth)^r.limbs.len)
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitWidth)^r.limbs.len)
##
# This is useful for
# - Barret reduction

View File

@ -126,7 +126,7 @@ debug:
let d = 2*k - numIters
b[0] = Zero; b[1] = Zero
b[d div WordBitwidth] = One shl (d mod WordBitwidth)
b[d div WordBitWidth] = One shl (d mod WordBitWidth)
return bool(a == b)
@ -433,7 +433,7 @@ func invmod*(
## M MUST be odd, M does not need to be prime.
## ``a`` MUST be less than M.
const Excess = 2
const k = WordBitwidth - Excess
const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr
@ -460,7 +460,7 @@ func invmod*(
## ``a`` MUST be less than M.
const Excess = 2
const k = WordBitwidth - Excess
const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr
@ -636,7 +636,7 @@ func legendre*(a, M: Limbs, bits: static int): SecretWord =
## ≡ -1 (mod p), iff a is quadratic non-residue
## ≡ 0 (mod p), iff a is 0
const Excess = 2
const k = WordBitwidth - Excess
const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr
@ -656,7 +656,7 @@ func legendre*(a: Limbs, M: static Limbs, bits: static int): SecretWord =
## ≡ 0 (mod p), iff a is 0
const Excess = 2
const k = WordBitwidth - Excess
const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr

View File

@ -66,7 +66,7 @@ func prod*[rLen, aLen, bLen: static int](r: var Limbs[rLen], a: Limbs[aLen], b:
## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len
## The result will be truncated, i.e. it will be
## a * b (mod (2^WordBitwidth)^r.limbs.len)
## a * b (mod (2^WordBitWidth)^r.limbs.len)
##
## `r` must not alias ``a`` or ``b``
@ -91,7 +91,7 @@ func prod_high_words*[rLen, aLen, bLen](
## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex
## The result will be truncated, i.e. it will be
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitwidth)^r.limbs.len)
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitWidth)^r.limbs.len)
#
# This is useful for
# - Barret reduction
@ -196,7 +196,7 @@ func square*[rLen, aLen](
##
## if `r`.limbs.len < a.limbs.len * 2
## The result will be truncated, i.e. it will be
## a² (mod (2^WordBitwidth)^r.limbs.len)
## a² (mod (2^WordBitWidth)^r.limbs.len)
##
## `r` must not alias ``a`` or ``b``
when UseASM_X86_64 and aLen in {4, 6} and rLen == 2*aLen:

View File

@ -92,9 +92,9 @@ func fromPackedRepr*[LU, E, LP: static int](
static:
# Destination and Source size are consistent
doAssert (LU-1) * UnsatBitWidth <= WordBitwidth * LP, block:
doAssert (LU-1) * UnsatBitWidth <= WordBitWidth * LP, block:
"\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) &
"\n WordBitwidth * LP: " & $WordBitwidth & " * " & $LP & " = " & $(WordBitwidth * LP)
"\n WordBitWidth * LP: " & $WordBitWidth & " * " & $LP & " = " & $(WordBitWidth * LP)
var
srcIdx, dstIdx = 0
@ -143,9 +143,9 @@ func fromUnsatRepr*[LU, E, LP: static int](
static:
# Destination and Source size are consistent
doAssert (LU-1) * UnsatBitWidth <= WordBitwidth * LP, block:
doAssert (LU-1) * UnsatBitWidth <= WordBitWidth * LP, block:
"\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) &
"\n WordBitwidth * LP: " & $WordBitwidth & " * " & $LP & " = " & $(WordBitwidth * LP)
"\n WordBitWidth * LP: " & $WordBitWidth & " * " & $LP & " = " & $(WordBitWidth * LP)
var
srcIdx {.used.}, dstIdx = 0

View File

@ -19,7 +19,7 @@ import
echo "\n------------------------------------------------------\n"
proc mainArith() =
suite "isZero" & " [" & $WordBitwidth & "-bit mode]":
suite "isZero" & " [" & $WordBitWidth & "-bit mode]":
test "isZero for zero":
var x: BigInt[128]
check: x.isZero().bool
@ -49,7 +49,7 @@ proc mainArith() =
check: static(not x.isZero().bool)
suite "Arithmetic operations - Addition" & " [" & $WordBitwidth & "-bit mode]":
suite "Arithmetic operations - Addition" & " [" & $WordBitWidth & "-bit mode]":
test "Adding 2 zeros":
var a = fromHex(BigInt[128], "0x00000000000000000000000000000000")
let b = fromHex(BigInt[128], "0x00000000000000000000000000000000")
@ -149,7 +149,7 @@ proc mainArith() =
bool(a == c)
not bool(carry)
suite "BigInt + SecretWord" & " [" & $WordBitwidth & "-bit mode]":
suite "BigInt + SecretWord" & " [" & $WordBitWidth & "-bit mode]":
test "Addition limbs carry":
block: # P256 / 2
var a = BigInt[256].fromhex"0x7fffffff800000008000000000000000000000007fffffffffffffffffffffff"
@ -160,7 +160,7 @@ proc mainArith() =
check: bool(a == expected)
proc mainMul() =
suite "Multi-precision multiplication" & " [" & $WordBitwidth & "-bit mode]":
suite "Multi-precision multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Same size operand into double size result":
block:
var r = canary(BigInt[256])
@ -201,7 +201,7 @@ proc mainMul() =
check: bool(r == expected)
proc mainMulHigh() =
suite "Multi-precision multiplication keeping only high words" & " [" & $WordBitwidth & "-bit mode]":
suite "Multi-precision multiplication keeping only high words" & " [" & $WordBitWidth & "-bit mode]":
test "Same size operand into double size result - discard first word":
block:
var r = canary(BigInt[256])
@ -287,7 +287,7 @@ proc mainMulHigh() =
check: bool(r == expected)
proc mainSquare() =
suite "Multi-precision multiplication" & " [" & $WordBitwidth & "-bit mode]":
suite "Multi-precision multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Squaring is consistent with multiplication (rBits = 2*aBits)":
block:
let a = BigInt[200].fromHex"0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDE"
@ -309,7 +309,7 @@ proc mainSquare() =
check: bool(rmul == rsqr)
proc mainModular() =
suite "Modular operations - small modulus" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular operations - small modulus" & " [" & $WordBitWidth & "-bit mode]":
# Vectors taken from Stint - https://github.com/status-im/nim-stint
test "100 mod 13":
# Test 1 word and more than 1 word
@ -368,7 +368,7 @@ proc mainModular() =
"\n r (low-level repr): " & $r &
"\n expected (ll repr): " & $expected
suite "Modular operations - small modulus - Stint specific failures highlighted by property-based testing" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular operations - small modulus - Stint specific failures highlighted by property-based testing" & " [" & $WordBitWidth & "-bit mode]":
# Vectors taken from Stint - https://github.com/status-im/nim-stint
test "Modulo: 65696211516342324 mod 174261910798982":
let u = 65696211516342324'u64
@ -401,7 +401,7 @@ proc mainModular() =
"\n expected (ll repr): " & $expected
proc mainNeg() =
suite "Conditional negation" & " [" & $WordBitwidth & "-bit mode]":
suite "Conditional negation" & " [" & $WordBitWidth & "-bit mode]":
test "Conditional negation":
block:
var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE")
@ -499,7 +499,7 @@ proc mainNeg() =
bool(b == b2)
proc mainCopySwap() =
suite "Copy and Swap" & " [" & $WordBitwidth & "-bit mode]":
suite "Copy and Swap" & " [" & $WordBitWidth & "-bit mode]":
test "Conditional copy":
block:
var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE")
@ -545,7 +545,7 @@ proc mainCopySwap() =
bool(eB == b)
proc mainModularInverse() =
suite "Modular Inverse (with odd modulus)" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular Inverse (with odd modulus)" & " [" & $WordBitWidth & "-bit mode]":
# Note: We don't define multi-precision multiplication
# because who needs it when you have Montgomery?
# ¯\(ツ)/¯

View File

@ -95,13 +95,13 @@ proc main() =
mpz_mul(r, a, b)
var shift: mpz_t
mpz_init(shift)
r.mpz_tdiv_q_2exp(r, WordBitwidth * wordsStartIndex)
r.mpz_tdiv_q_2exp(r, WordBitWidth * wordsStartIndex)
# If a*b overflow the result size we truncate
const numWords = wordsRequired(rBits)
when numWords < wordsRequired(aBits+bBits):
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitwidth * numWords, ")"
r.mpz_tdiv_r_2exp(r, WordBitwidth * numWords)
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitWidth * numWords, ")"
r.mpz_tdiv_r_2exp(r, WordBitWidth * numWords)
# Constantine
var rTest: BigInt[rBits]

View File

@ -90,8 +90,8 @@ proc main() =
# If a*b overflow the result size we truncate
const numWords = wordsRequired(rBits)
when numWords < wordsRequired(aBits+bBits):
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitwidth * numWords, ")"
r.mpz_tdiv_r_2exp(r, WordBitwidth * numWords)
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitWidth * numWords, ")"
r.mpz_tdiv_r_2exp(r, WordBitWidth * numWords)
# Constantine
var rTest: BigInt[rBits]

View File

@ -17,7 +17,7 @@ import
echo "\n------------------------------------------------------\n"
proc main() =
suite "Bigints - Multiprecision modulo" & " [" & $WordBitwidth & "-bit mode]":
suite "Bigints - Multiprecision modulo" & " [" & $WordBitWidth & "-bit mode]":
test "bitsize 237 mod bitsize 192":
let a = BigInt[237].fromHex("0x123456789012345678901234567890123456789012345678901234567890")
let m = BigInt[192].fromHex("0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB")

View File

@ -49,7 +49,7 @@ proc test(
R.frobenius_psi(P)
doAssert: bool(R == Q)
suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " [" & $WordBitwidth & "-bit mode]":
suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " [" & $WordBitWidth & "-bit mode]":
# Generated via
# - sage sage/frobenius_bn254_snarks.sage
# - sage sage/frobenius_bls12_377.sage
@ -214,7 +214,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
Qy1 = "77ef6850d4a8f181a10196398cd344011a44c50dce00e18578f3526301263492086d44c7c3d1db5b12499b4033116e1"
)
suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & " [" & $WordBitwidth & "-bit mode]":
suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 8
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
for i in 0 ..< Iters:
@ -247,7 +247,7 @@ suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & "
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
testAll(ECP_ShortW_Prj[Fp[BW6_761], G2])
suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10
proc trace(C: static Curve): auto =
# Returns (abs(trace), isNegativeSign)
@ -314,7 +314,7 @@ suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
testAll(ECP_ShortW_Prj[Fp[BW6_761], G2])
suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitwidth & "-bit mode]":
suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
@ -344,7 +344,7 @@ suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding d
testAll(ECP_ShortW_Prj[Fp2[BLS12_377], G2])
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
suite "ψ²(P) - ψ(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=6)" & " [" & $WordBitwidth & "-bit mode]":
suite "ψ²(P) - ψ(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=6)" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =

View File

@ -196,7 +196,7 @@ proc run_scalar_mul_test_vs_sage*(
const testSuiteDesc = "Scalar Multiplication " & $EC.F.C & " " & G1_or_G2 & " vs SageMath"
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
for i in 0 ..< vec.vectors.len:
test "test " & $vec.vectors[i].id & " - " & $EC:
var

View File

@ -61,7 +61,7 @@ func testAddAssociativity[EC](a, b, c: EC) =
doAssert bool(r0 == r3)
doAssert bool(r0 == r4)
suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitwidth & "-bit mode]":
suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitWidth & "-bit mode]":
test "EC Add G2 is associative - #60":
var a, b, c: ECP_ShortW_Prj[Fp2[BLS12_381], G2]

View File

@ -91,7 +91,7 @@ proc run_EC_addition_tests*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form with projective coordinates"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "The infinity point is the neutral element w.r.t. to EC " & G1_or_G2 & " addition":
proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
var inf {.noInit.}: EC
@ -248,7 +248,7 @@ proc run_EC_mul_sanity_tests*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mul [0]P == Inf":
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
for _ in 0 ..< ItersMul:
@ -343,7 +343,7 @@ proc run_EC_mul_distributive_tests*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mul is distributive over EC add":
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
@ -410,7 +410,7 @@ proc run_EC_mul_vs_ref_impl*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mul constant-time is equivalent to a simple double-and-add algorithm":
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
for _ in 0 ..< ItersMul:
@ -454,7 +454,7 @@ proc run_EC_mixed_add_impl*(
const testSuiteDesc = "Elliptic curve mixed addition for Short Weierstrass form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mixed addition is consistent with general addition":
proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters:
@ -567,8 +567,8 @@ proc run_EC_subgroups_cofactors_impl*(
const testSuiteDesc = "Elliptic curve subgroup check and cofactor clearing"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
test "Effective cofactor matches accelerated cofactor clearing" & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "Effective cofactor matches accelerated cofactor clearing" & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
for _ in 0 ..< ItersMul:
let P = rng.random_point(EC, randZ, gen)
@ -642,7 +642,7 @@ proc run_EC_affine_conversion*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " batchAffine is consistent with single affine conversion":
proc test(EC: typedesc, gen: RandomGen) =
const batchSize = 10
@ -660,19 +660,19 @@ proc run_EC_affine_conversion*(
doAssert bool(Qs[i] == Rs[i]), block:
var s: string
s &= "Mismatch on iteration " & $i
s &= "\nFailing batch for " & $EC & " (" & $WordBitwidth & "-bit)"
s &= "\nFailing batch for " & $EC & " (" & $WordBitWidth & "-bit)"
s &= "\n ["
for i in 0 ..< batchSize:
s &= "\n" & Ps[i].toHex(indent = 4)
if i != batchSize-1: s &= ","
s &= "\n ]"
s &= "\nFailing inversions for " & $EC & " (" & $WordBitwidth & "-bit)"
s &= "\nFailing inversions for " & $EC & " (" & $WordBitWidth & "-bit)"
s &= "\n ["
for i in 0 ..< batchSize:
s &= "\n" & Rs[i].toHex(indent = 4)
if i != batchSize-1: s &= ","
s &= "\n ]"
s &= "\nExpected inversions for " & $EC & " (" & $WordBitwidth & "-bit)"
s &= "\nExpected inversions for " & $EC & " (" & $WordBitWidth & "-bit)"
s &= "\n ["
for i in 0 ..< batchSize:
s &= "\n" & Qs[i].toHex(indent = 4)
@ -691,7 +691,7 @@ proc run_EC_conversion_failures*(
echo "\n------------------------------------------------------\n"
echo moduleName
suite moduleName & " - [" & $WordBitwidth & "-bit mode]":
suite moduleName & " - [" & $WordBitWidth & "-bit mode]":
test "EC batchAffine fuzzing failures ":
proc test_bn254_snarks_g1(ECP: type) =
type ECP_Aff = ECP_ShortW_Aff[Fp[BN254_Snarks], G1]
@ -810,7 +810,7 @@ proc run_EC_batch_add_impl*[N: static int](
const testSuiteDesc = "Elliptic curve batch addition for Short Weierstrass form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
for n in numPoints:
test $ec & " batch addition (N=" & $n & ")":
proc test(EC: typedesc, gen: RandomGen) =

View File

@ -125,7 +125,7 @@ sqrTest(random_unsafe)
sqrTest(randomHighHammingWeight)
sqrTest(random_long01Seq)
suite "Field Addition/Substraction/Negation via double-precision field elements" & " [" & $WordBitwidth & "-bit mode]":
suite "Field Addition/Substraction/Negation via double-precision field elements" & " [" & $WordBitWidth & "-bit mode]":
test "With P-224 field modulus":
for _ in 0 ..< Iters:
addsubneg_random_unsafe(P224)
@ -197,7 +197,7 @@ suite "Field Addition/Substraction/Negation via double-precision field elements"
check: bool r.isZero()
suite "Field Multiplication via double-precision field elements is consistent with single-width." & " [" & $WordBitwidth & "-bit mode]":
suite "Field Multiplication via double-precision field elements is consistent with single-width." & " [" & $WordBitWidth & "-bit mode]":
test "With P-224 field modulus":
for _ in 0 ..< Iters:
mul_random_unsafe(P224)
@ -262,7 +262,7 @@ suite "Field Multiplication via double-precision field elements is consistent wi
for _ in 0 ..< Iters:
mul_random_long01Seq(Vesta)
suite "Field Squaring via double-precision field elements is consistent with single-width." & " [" & $WordBitwidth & "-bit mode]":
suite "Field Squaring via double-precision field elements is consistent with single-width." & " [" & $WordBitWidth & "-bit mode]":
test "With P-224 field modulus":
for _ in 0 ..< Iters:
sqr_random_unsafe(P224)

View File

@ -78,7 +78,7 @@ proc sanity(C: static Curve) =
bool(n == expected)
proc mainSanity() =
suite "Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitWidth & "-bit mode]":
sanity Fake101
sanity Mersenne61
sanity Mersenne127
@ -94,7 +94,7 @@ proc mainSanity() =
mainSanity()
proc mainSelectCases() =
suite "Modular Squaring: selected tricky cases" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular Squaring: selected tricky cases" & " [" & $WordBitWidth & "-bit mode]":
test "P-256 [FastSquaring = " & $(Fp[P256].getSpareBits() >= 2) & "]":
block:
# Triggered an issue in the (t[N+1], t[N]) = t[N] + (A1, A0)
@ -141,7 +141,7 @@ proc random_long01Seq(C: static Curve) =
doAssert bool(r_mul == r_sqr)
suite "Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitwidth & "-bit mode]":
suite "Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Random squaring mod P-224 [FastSquaring = " & $(Fp[P224].getSpareBits() >= 2) & "]":
for _ in 0 ..< Iters:
randomCurve(P224)
@ -358,7 +358,7 @@ proc random_sumprod(C: static Curve, N: static int) =
sumprod_test(random_long01Seq)
sumProdMax()
suite "Random sum products is consistent with naive " & " [" & $WordBitwidth & "-bit mode]":
suite "Random sum products is consistent with naive " & " [" & $WordBitWidth & "-bit mode]":
const MaxLength = 8
test "Random sum products mod P-224]":

View File

@ -29,7 +29,7 @@ echo "\n------------------------------------------------------\n"
echo "test_finite_fields_powinv xoshiro512** seed: ", seed
proc main() =
suite "Modular exponentiation over finite fields" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular exponentiation over finite fields" & " [" & $WordBitWidth & "-bit mode]":
test "n² mod 101":
let exponent = BigInt[64].fromUint(2'u64)
@ -202,7 +202,7 @@ proc main() =
testRandomDiv2 Pallas
testRandomDiv2 Vesta
suite "Modular inversion over prime fields" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular inversion over prime fields" & " [" & $WordBitWidth & "-bit mode]":
test "Specific tests on Fp[BLS12_381]":
block: # No inverse exist for 0 --> should return 0 for projective/jacobian to affine coordinate conversion
var r, x: Fp[BLS12_381]
@ -295,7 +295,7 @@ proc main() =
main()
proc main_anti_regression =
suite "Bug highlighted by property-based testing" & " [" & $WordBitwidth & "-bit mode]":
suite "Bug highlighted by property-based testing" & " [" & $WordBitWidth & "-bit mode]":
# test "#30 - Euler's Criterion should be 1 for square on FKM12_447":
# var a: Fp[FKM12_447]
# # square of "0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d"

View File

@ -146,7 +146,7 @@ proc randomSqrtRatioCheck(C: static Curve) =
testSqrtRatioImpl(u, v)
proc main() =
suite "Modular square root" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular square root" & " [" & $WordBitWidth & "-bit mode]":
exhaustiveCheck Fake103, 103
# exhaustiveCheck Fake10007, 10007
# exhaustiveCheck Fake65519, 65519
@ -161,14 +161,14 @@ proc main() =
randomSqrtCheck Pallas
randomSqrtCheck Vesta
suite "Modular sqrt(u/v)" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular sqrt(u/v)" & " [" & $WordBitWidth & "-bit mode]":
randomSqrtRatioCheck Edwards25519
randomSqrtRatioCheck Jubjub
randomSqrtRatioCheck Bandersnatch
randomSqrtRatioCheck Pallas
randomSqrtRatioCheck Vesta
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]":
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
# test "FKM12_447 - #30": - Deactivated, we don't support the curve as no one uses it.
# var a: Fp[FKM12_447]
# a.fromHex"0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d"

View File

@ -175,7 +175,7 @@ proc test_invpow(C: static Curve, gen: RandomGen) =
doAssert: bool(xa == xqya)
suite "Exponentiation in 𝔽p12" & " [" & $WordBitwidth & "-bit mode]":
suite "Exponentiation in 𝔽p12" & " [" & $WordBitWidth & "-bit mode]":
staticFor(curve, TestCurves):
test "xᴬ xᴮ = xᴬ⁺ᴮ on " & $curve:
test_sameBaseProduct(curve, gen = Uniform)

View File

@ -70,14 +70,14 @@ proc randomSqrtCheck(C: static Curve, gen: RandomGen) =
bool(s == a or s == na)
proc main() =
suite "Modular square root" & " [" & $WordBitwidth & "-bit mode]":
suite "Modular square root" & " [" & $WordBitWidth & "-bit mode]":
staticFor(curve, TestCurves):
test "[𝔽p2] Random square root check for " & $curve:
randomSqrtCheck(curve, gen = Uniform)
randomSqrtCheck(curve, gen = HighHammingWeight)
randomSqrtCheck(curve, gen = Long01Sequence)
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]":
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
test "sqrt_if_square invalid square BLS12_381 - #64":
var a: Fp2[BLS12_381]
a.fromHex(
@ -98,7 +98,7 @@ proc main() =
bool not a.isSquare()
bool not a.sqrt_if_square()
suite "Modular square root - Assembly bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]":
suite "Modular square root - Assembly bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
test "Don't set Neg(Zero) fields to modulus (non-unique Montgomery repr) - #136":
# https://github.com/mratsim/constantine/issues/136
# and https://github.com/mratsim/constantine/issues/114

View File

@ -23,7 +23,7 @@ proc checkCubeRootOfUnity(curve: static Curve) =
check: bool cru.isOne()
proc main() =
suite "Sanity checks on precomputed values" & " [" & $WordBitwidth & "-bit mode]":
suite "Sanity checks on precomputed values" & " [" & $WordBitWidth & "-bit mode]":
checkCubeRootOfUnity(BN254_Snarks)
checkCubeRootOfUnity(BLS12_377)
checkCubeRootOfUnity(BLS12_381)

View File

@ -68,7 +68,7 @@ proc runFrobeniusTowerTests*[N](
rng.seed(seed)
echo moduleName, " xoshiro512** seed: ", seed
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
test "Frobenius(a) = a^p (mod p^" & $ExtDegree & ")":
proc test(Field: typedesc, Iters: static int, gen: RandomGen) =
for _ in 0 ..< Iters:

View File

@ -69,7 +69,7 @@ proc runTowerTests*[N](
rng.seed(seed)
echo moduleName, " xoshiro512** seed: ", seed
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
test "Comparison sanity checks":
proc test(Field: typedesc) =
var z, o {.noInit.}: Field

View File

@ -76,7 +76,7 @@ proc sanity(C: static Curve) =
bool(n == expected)
proc mainSanity() =
suite "Fr: Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitwidth & "-bit mode]":
suite "Fr: Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitWidth & "-bit mode]":
sanity BN254_Snarks
sanity BLS12_381
@ -112,7 +112,7 @@ proc random_long01Seq(C: static Curve) =
doAssert bool(r_mul == r_sqr)
suite "Fr: Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitwidth & "-bit mode]":
suite "Fr: Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Random squaring mod r_BN254_Snarks [FastSquaring = " & $(Fr[BN254_Snarks].getSpareBits() >= 2) & "]":
for _ in 0 ..< Iters:
randomCurve(BN254_Snarks)

View File

@ -22,7 +22,7 @@ echo "test_io_bigints xoshiro512** seed: ", seed
type T = BaseType
proc main() =
suite "IO Hex - BigInt" & " [" & $WordBitwidth & "-bit mode]":
suite "IO Hex - BigInt" & " [" & $WordBitWidth & "-bit mode]":
test "Parsing raw integers":
block: # Sanity check
let x = 0'u64
@ -98,7 +98,7 @@ proc main() =
check: n == h
suite "IO Decimal - BigInt" & " [" & $WordBitwidth & "-bit mode]":
suite "IO Decimal - BigInt" & " [" & $WordBitWidth & "-bit mode]":
test "Checks elliptic curve constants":
block: # BLS12-381 - https://github.com/ethereum/py_ecc/blob/master/py_ecc/fields/field_properties.py
const p = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787"

View File

@ -21,7 +21,7 @@ echo "\n------------------------------------------------------\n"
echo "test_io_fields xoshiro512** seed: ", seed
proc main() =
suite "IO - Finite fields" & " [" & $WordBitwidth & "-bit mode]":
suite "IO - Finite fields" & " [" & $WordBitWidth & "-bit mode]":
test "Parsing and serializing round-trip on uint64":
# 101 ---------------------------------
block:

View File

@ -56,7 +56,7 @@ proc testRoundtrip(curve: static Curve, gen: static RandomGen) =
"\n b: " & b.toHex()
proc main() =
suite "Packed <-> Unsaturated limbs roundtrips" & " [" & $WordBitwidth & "-bit mode]":
suite "Packed <-> Unsaturated limbs roundtrips" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10000
test "BN254_Snarks":
for _ in 0 ..< Iters:

View File

@ -65,7 +65,7 @@ func random_point*(rng: var RngState, EC: typedesc, randZ: bool, gen: RandomGen)
else:
result = rng.random_long01Seq_with_randZ(EC)
suite "Pairing - Line Functions on BLS12-377" & " [" & $WordBitwidth & "-bit mode]":
suite "Pairing - Line Functions on BLS12-377" & " [" & $WordBitWidth & "-bit mode]":
test "Line double - lt,t(P)":
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters:

View File

@ -65,7 +65,7 @@ func random_point*(rng: var RngState, EC: typedesc, randZ: bool, gen: RandomGen)
else:
result = rng.random_long01Seq_with_randZ(EC)
suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitwidth & "-bit mode]":
suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitWidth & "-bit mode]":
test "Line double - lt,t(P)":
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters:

View File

@ -49,7 +49,7 @@ func random_elem(rng: var RngState, F: typedesc, gen: RandomGen): F {.inline, no
else:
result = rng.random_long01Seq(F)
suite "Pairing - Cyclotomic subgroup - GΦ₁₂(p) = {α ∈ Fp¹² : α^Φ₁₂(p) ≡ 1 (mod p¹²)}" & " [" & $WordBitwidth & "-bit mode]":
suite "Pairing - Cyclotomic subgroup - GΦ₁₂(p) = {α ∈ Fp¹² : α^Φ₁₂(p) ≡ 1 (mod p¹²)}" & " [" & $WordBitWidth & "-bit mode]":
test "Easy part of the final exponentiation maps to the cyclotomic subgroup":
proc test_final_exp_easy_cycl(C: static Curve, gen: static RandomGen) =
for _ in 0 ..< Iters:

View File

@ -99,7 +99,7 @@ template runPairingTests*(Iters: static int, C: static Curve, G1, G2, GT: typede
doAssert bool(r == r3)
doAssert bool(r2 == r3)
suite "Pairing - Optimal Ate on " & $C & " [" & $WordBitwidth & "-bit mode]":
suite "Pairing - Optimal Ate on " & $C & " [" & $WordBitWidth & "-bit mode]":
test "Bilinearity e([2]P, Q) = e(P, [2]Q) = e(P, Q)^2":
test_bilinearity_double_impl(randZ = false, gen = Uniform)
test_bilinearity_double_impl(randZ = false, gen = HighHammingWeight)
@ -139,7 +139,7 @@ template runGTsubgroupTests*(Iters: static int, GT: typedesc, finalExpHard_fn: u
stdout.write '\n'
suite "Pairing - GT subgroup " & $GT.C & " [" & $WordBitwidth & "-bit mode]":
suite "Pairing - GT subgroup " & $GT.C & " [" & $WordBitWidth & "-bit mode]":
test "Final Exponentiation and GT-subgroup membership":
test_gt_impl(gen = Uniform)
test_gt_impl(gen = HighHammingWeight)

View File

@ -21,7 +21,7 @@ template undistinct[T](x: Ct[T]): T =
T(x)
proc main() =
suite "Constant-time unsigned integers" & " [" & $WordBitwidth & "-bit mode]":
suite "Constant-time unsigned integers" & " [" & $WordBitWidth & "-bit mode]":
test "High - getting the biggest representable number":
check:
high(Ct[byte]).undistinct == 0xFF.byte

View File

@ -115,7 +115,7 @@ proc run_hash_to_curve_test(
let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors"
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
doAssert vec.hash == "sha256"
doAssert vec.k == "0x80" # 128
@ -150,7 +150,7 @@ proc run_hash_to_curve_svdw_test(
let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors"
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
doAssert vec.hash == "sha256"
doAssert vec.k == "0x80" # 128