codex-storage/constantine
1
0
Fork 0
mirror of https://github.com/codex-storage/constantine.git synced 2025-01-12 20:14:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

style: casing of WordBitWidth/WordBitwidth

Browse Source
This commit is contained in:
Mamy Ratsimbazafy 2023-01-11 19:31:23 +01:00
parent 53a5729442
commit c0b30a08be
No known key found for this signature in database
GPG Key ID: 6227262F49BE273A
34 changed files with 89 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
constantine/mac/mac_poly1305.nim
View File

@ -73,7 +73,7 @@ func partialReduce_1305[N1, N2: static int](r: var Limbs[N1], a: Limbs[N2]) =
# But there is a twist. 5.2⁶² need 65-bit not 64 # But there is a twist. 5.2⁶² need 65-bit not 64
# and 5.2³⁰ need 33-bit not 32 # and 5.2³⁰ need 33-bit not 32
when WordBitwidth == 64: when WordBitWidth == 64:
static: static:
doAssert N1 == 3 doAssert N1 == 3
doAssert N2 == 4 doAssert N2 == 4

4
constantine/math/arithmetic/assembly/limbs_asm_mul_x86.nim
View File

@ -37,7 +37,7 @@ macro mul_gen[rLen, aLen, bLen: static int](r: var Limbs[rLen], a: Limbs[aLen],
## `a`, `b`, `r` can have a different number of limbs ## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len ## if `r`.limbs.len < a.limbs.len + b.limbs.len
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a * b (mod (2^WordBitwidth)^r.limbs.len) ## a * b (mod (2^WordBitWidth)^r.limbs.len)
## ##
## Assumes r doesn't aliases a or b ## Assumes r doesn't aliases a or b
@ -137,7 +137,7 @@ macro sqr_gen*[rLen, aLen: static int](r: var Limbs[rLen], a: Limbs[aLen]) =
## `a` and `r` can have a different number of limbs ## `a` and `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len * 2 ## if `r`.limbs.len < a.limbs.len * 2
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a² (mod (2^WordBitwidth)^r.limbs.len) ## a² (mod (2^WordBitWidth)^r.limbs.len)
## ##
## Assumes r doesn't aliases a ## Assumes r doesn't aliases a

4
constantine/math/arithmetic/assembly/limbs_asm_mul_x86_adx_bmi2.nim
View File

@ -114,7 +114,7 @@ macro mulx_gen[rLen, aLen, bLen: static int](r_PIR: var Limbs[rLen], a_PIR: Limb
## `a`, `b`, `r` can have a different number of limbs ## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len ## if `r`.limbs.len < a.limbs.len + b.limbs.len
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a * b (mod (2^WordBitwidth)^r.limbs.len) ## a * b (mod (2^WordBitWidth)^r.limbs.len)
## ##
## Assumes r doesn't aliases a or b ## Assumes r doesn't aliases a or b
@ -565,7 +565,7 @@ macro sqrx_gen*[rLen, aLen: static int](r_PIR: var Limbs[rLen], a_PIR: Limbs[aLe
## `a` and `r` can have a different number of limbs ## `a` and `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len * 2 ## if `r`.limbs.len < a.limbs.len * 2
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a² (mod (2^WordBitwidth)^r.limbs.len) ## a² (mod (2^WordBitWidth)^r.limbs.len)
## ##
## Assumes r doesn't aliases a ## Assumes r doesn't aliases a
result = newStmtList() result = newStmtList()

2
constantine/math/arithmetic/bigints.nim
View File

@ -292,7 +292,7 @@ func prod_high_words*[rBits, aBits, bBits](r: var BigInt[rBits], a: BigInt[aBits
## `a`, `b`, `r` can have a different number of limbs ## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex ## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitwidth)^r.limbs.len) ## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitWidth)^r.limbs.len)
## ##
# This is useful for # This is useful for
# - Barret reduction # - Barret reduction

10
constantine/math/arithmetic/limbs_exgcd.nim
View File

@ -126,7 +126,7 @@ debug:
let d = 2*k - numIters let d = 2*k - numIters
b[0] = Zero; b[1] = Zero b[0] = Zero; b[1] = Zero
b[d div WordBitwidth] = One shl (d mod WordBitwidth) b[d div WordBitWidth] = One shl (d mod WordBitWidth)
return bool(a == b) return bool(a == b)
@ -433,7 +433,7 @@ func invmod*(
## M MUST be odd, M does not need to be prime. ## M MUST be odd, M does not need to be prime.
## ``a`` MUST be less than M. ## ``a`` MUST be less than M.
const Excess = 2 const Excess = 2
const k = WordBitwidth - Excess const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr # Convert values to unsaturated repr
@ -460,7 +460,7 @@ func invmod*(
## ``a`` MUST be less than M. ## ``a`` MUST be less than M.
const Excess = 2 const Excess = 2
const k = WordBitwidth - Excess const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr # Convert values to unsaturated repr
@ -636,7 +636,7 @@ func legendre*(a, M: Limbs, bits: static int): SecretWord =
## ≡ -1 (mod p), iff a is quadratic non-residue ## ≡ -1 (mod p), iff a is quadratic non-residue
## ≡ 0 (mod p), iff a is 0 ## ≡ 0 (mod p), iff a is 0
const Excess = 2 const Excess = 2
const k = WordBitwidth - Excess const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr # Convert values to unsaturated repr
@ -656,7 +656,7 @@ func legendre*(a: Limbs, M: static Limbs, bits: static int): SecretWord =
## ≡ 0 (mod p), iff a is 0 ## ≡ 0 (mod p), iff a is 0
const Excess = 2 const Excess = 2
const k = WordBitwidth - Excess const k = WordBitWidth - Excess
const NumUnsatWords = (bits + k - 1) div k const NumUnsatWords = (bits + k - 1) div k
# Convert values to unsaturated repr # Convert values to unsaturated repr

6
constantine/math/arithmetic/limbs_extmul.nim
View File

@ -66,7 +66,7 @@ func prod*[rLen, aLen, bLen: static int](r: var Limbs[rLen], a: Limbs[aLen], b:
## `a`, `b`, `r` can have a different number of limbs ## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len ## if `r`.limbs.len < a.limbs.len + b.limbs.len
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a * b (mod (2^WordBitwidth)^r.limbs.len) ## a * b (mod (2^WordBitWidth)^r.limbs.len)
## ##
## `r` must not alias ``a`` or ``b`` ## `r` must not alias ``a`` or ``b``
@ -91,7 +91,7 @@ func prod_high_words*[rLen, aLen, bLen](
## `a`, `b`, `r` can have a different number of limbs ## `a`, `b`, `r` can have a different number of limbs
## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex ## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitwidth)^r.limbs.len) ## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitWidth)^r.limbs.len)
# #
# This is useful for # This is useful for
# - Barret reduction # - Barret reduction
@ -196,7 +196,7 @@ func square*[rLen, aLen](
## ##
## if `r`.limbs.len < a.limbs.len * 2 ## if `r`.limbs.len < a.limbs.len * 2
## The result will be truncated, i.e. it will be ## The result will be truncated, i.e. it will be
## a² (mod (2^WordBitwidth)^r.limbs.len) ## a² (mod (2^WordBitWidth)^r.limbs.len)
## ##
## `r` must not alias ``a`` or ``b`` ## `r` must not alias ``a`` or ``b``
when UseASM_X86_64 and aLen in {4, 6} and rLen == 2*aLen: when UseASM_X86_64 and aLen in {4, 6} and rLen == 2*aLen:

8
constantine/math/arithmetic/limbs_unsaturated.nim
View File

@ -92,9 +92,9 @@ func fromPackedRepr*[LU, E, LP: static int](
static: static:
# Destination and Source size are consistent # Destination and Source size are consistent
doAssert (LU-1) * UnsatBitWidth <= WordBitwidth * LP, block: doAssert (LU-1) * UnsatBitWidth <= WordBitWidth * LP, block:
"\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) & "\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) &
"\n WordBitwidth * LP: " & $WordBitwidth & " * " & $LP & " = " & $(WordBitwidth * LP) "\n WordBitWidth * LP: " & $WordBitWidth & " * " & $LP & " = " & $(WordBitWidth * LP)
var var
srcIdx, dstIdx = 0 srcIdx, dstIdx = 0
@ -143,9 +143,9 @@ func fromUnsatRepr*[LU, E, LP: static int](
static: static:
# Destination and Source size are consistent # Destination and Source size are consistent
doAssert (LU-1) * UnsatBitWidth <= WordBitwidth * LP, block: doAssert (LU-1) * UnsatBitWidth <= WordBitWidth * LP, block:
"\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) & "\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) &
"\n WordBitwidth * LP: " & $WordBitwidth & " * " & $LP & " = " & $(WordBitwidth * LP) "\n WordBitWidth * LP: " & $WordBitWidth & " * " & $LP & " = " & $(WordBitWidth * LP)
var var
srcIdx {.used.}, dstIdx = 0 srcIdx {.used.}, dstIdx = 0

22
tests/math/t_bigints.nim
View File

@ -19,7 +19,7 @@ import
echo "\n------------------------------------------------------\n" echo "\n------------------------------------------------------\n"
proc mainArith() = proc mainArith() =
suite "isZero" & " [" & $WordBitwidth & "-bit mode]": suite "isZero" & " [" & $WordBitWidth & "-bit mode]":
test "isZero for zero": test "isZero for zero":
var x: BigInt[128] var x: BigInt[128]
check: x.isZero().bool check: x.isZero().bool
@ -49,7 +49,7 @@ proc mainArith() =
check: static(not x.isZero().bool) check: static(not x.isZero().bool)
suite "Arithmetic operations - Addition" & " [" & $WordBitwidth & "-bit mode]": suite "Arithmetic operations - Addition" & " [" & $WordBitWidth & "-bit mode]":
test "Adding 2 zeros": test "Adding 2 zeros":
var a = fromHex(BigInt[128], "0x00000000000000000000000000000000") var a = fromHex(BigInt[128], "0x00000000000000000000000000000000")
let b = fromHex(BigInt[128], "0x00000000000000000000000000000000") let b = fromHex(BigInt[128], "0x00000000000000000000000000000000")
@ -149,7 +149,7 @@ proc mainArith() =
bool(a == c) bool(a == c)
not bool(carry) not bool(carry)
suite "BigInt + SecretWord" & " [" & $WordBitwidth & "-bit mode]": suite "BigInt + SecretWord" & " [" & $WordBitWidth & "-bit mode]":
test "Addition limbs carry": test "Addition limbs carry":
block: # P256 / 2 block: # P256 / 2
var a = BigInt[256].fromhex"0x7fffffff800000008000000000000000000000007fffffffffffffffffffffff" var a = BigInt[256].fromhex"0x7fffffff800000008000000000000000000000007fffffffffffffffffffffff"
@ -160,7 +160,7 @@ proc mainArith() =
check: bool(a == expected) check: bool(a == expected)
proc mainMul() = proc mainMul() =
suite "Multi-precision multiplication" & " [" & $WordBitwidth & "-bit mode]": suite "Multi-precision multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Same size operand into double size result": test "Same size operand into double size result":
block: block:
var r = canary(BigInt[256]) var r = canary(BigInt[256])
@ -201,7 +201,7 @@ proc mainMul() =
check: bool(r == expected) check: bool(r == expected)
proc mainMulHigh() = proc mainMulHigh() =
suite "Multi-precision multiplication keeping only high words" & " [" & $WordBitwidth & "-bit mode]": suite "Multi-precision multiplication keeping only high words" & " [" & $WordBitWidth & "-bit mode]":
test "Same size operand into double size result - discard first word": test "Same size operand into double size result - discard first word":
block: block:
var r = canary(BigInt[256]) var r = canary(BigInt[256])
@ -287,7 +287,7 @@ proc mainMulHigh() =
check: bool(r == expected) check: bool(r == expected)
proc mainSquare() = proc mainSquare() =
suite "Multi-precision multiplication" & " [" & $WordBitwidth & "-bit mode]": suite "Multi-precision multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Squaring is consistent with multiplication (rBits = 2*aBits)": test "Squaring is consistent with multiplication (rBits = 2*aBits)":
block: block:
let a = BigInt[200].fromHex"0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDE" let a = BigInt[200].fromHex"0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDE"
@ -309,7 +309,7 @@ proc mainSquare() =
check: bool(rmul == rsqr) check: bool(rmul == rsqr)
proc mainModular() = proc mainModular() =
suite "Modular operations - small modulus" & " [" & $WordBitwidth & "-bit mode]": suite "Modular operations - small modulus" & " [" & $WordBitWidth & "-bit mode]":
# Vectors taken from Stint - https://github.com/status-im/nim-stint # Vectors taken from Stint - https://github.com/status-im/nim-stint
test "100 mod 13": test "100 mod 13":
# Test 1 word and more than 1 word # Test 1 word and more than 1 word
@ -368,7 +368,7 @@ proc mainModular() =
"\n r (low-level repr): " & $r & "\n r (low-level repr): " & $r &
"\n expected (ll repr): " & $expected "\n expected (ll repr): " & $expected
suite "Modular operations - small modulus - Stint specific failures highlighted by property-based testing" & " [" & $WordBitwidth & "-bit mode]": suite "Modular operations - small modulus - Stint specific failures highlighted by property-based testing" & " [" & $WordBitWidth & "-bit mode]":
# Vectors taken from Stint - https://github.com/status-im/nim-stint # Vectors taken from Stint - https://github.com/status-im/nim-stint
test "Modulo: 65696211516342324 mod 174261910798982": test "Modulo: 65696211516342324 mod 174261910798982":
let u = 65696211516342324'u64 let u = 65696211516342324'u64
@ -401,7 +401,7 @@ proc mainModular() =
"\n expected (ll repr): " & $expected "\n expected (ll repr): " & $expected
proc mainNeg() = proc mainNeg() =
suite "Conditional negation" & " [" & $WordBitwidth & "-bit mode]": suite "Conditional negation" & " [" & $WordBitWidth & "-bit mode]":
test "Conditional negation": test "Conditional negation":
block: block:
var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE") var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE")
@ -499,7 +499,7 @@ proc mainNeg() =
bool(b == b2) bool(b == b2)
proc mainCopySwap() = proc mainCopySwap() =
suite "Copy and Swap" & " [" & $WordBitwidth & "-bit mode]": suite "Copy and Swap" & " [" & $WordBitWidth & "-bit mode]":
test "Conditional copy": test "Conditional copy":
block: block:
var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE") var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE")
@ -545,7 +545,7 @@ proc mainCopySwap() =
bool(eB == b) bool(eB == b)
proc mainModularInverse() = proc mainModularInverse() =
suite "Modular Inverse (with odd modulus)" & " [" & $WordBitwidth & "-bit mode]": suite "Modular Inverse (with odd modulus)" & " [" & $WordBitWidth & "-bit mode]":
# Note: We don't define multi-precision multiplication # Note: We don't define multi-precision multiplication
# because who needs it when you have Montgomery? # because who needs it when you have Montgomery?
# ¯\(ツ)/¯ # ¯\(ツ)/¯

6
tests/math/t_bigints_mul_high_words_vs_gmp.nim
View File

@ -95,13 +95,13 @@ proc main() =
mpz_mul(r, a, b) mpz_mul(r, a, b)
var shift: mpz_t var shift: mpz_t
mpz_init(shift) mpz_init(shift)
r.mpz_tdiv_q_2exp(r, WordBitwidth * wordsStartIndex) r.mpz_tdiv_q_2exp(r, WordBitWidth * wordsStartIndex)
# If a*b overflow the result size we truncate # If a*b overflow the result size we truncate
const numWords = wordsRequired(rBits) const numWords = wordsRequired(rBits)
when numWords < wordsRequired(aBits+bBits): when numWords < wordsRequired(aBits+bBits):
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitwidth * numWords, ")" echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitWidth * numWords, ")"
r.mpz_tdiv_r_2exp(r, WordBitwidth * numWords) r.mpz_tdiv_r_2exp(r, WordBitWidth * numWords)
# Constantine # Constantine
var rTest: BigInt[rBits] var rTest: BigInt[rBits]

4
tests/math/t_bigints_mul_vs_gmp.nim
View File

@ -90,8 +90,8 @@ proc main() =
# If a*b overflow the result size we truncate # If a*b overflow the result size we truncate
const numWords = wordsRequired(rBits) const numWords = wordsRequired(rBits)
when numWords < wordsRequired(aBits+bBits): when numWords < wordsRequired(aBits+bBits):
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitwidth * numWords, ")" echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitWidth * numWords, ")"
r.mpz_tdiv_r_2exp(r, WordBitwidth * numWords) r.mpz_tdiv_r_2exp(r, WordBitWidth * numWords)
# Constantine # Constantine
var rTest: BigInt[rBits] var rTest: BigInt[rBits]

2
tests/math/t_bigints_multimod.nim
View File

@ -17,7 +17,7 @@ import
echo "\n------------------------------------------------------\n" echo "\n------------------------------------------------------\n"
proc main() = proc main() =
suite "Bigints - Multiprecision modulo" & " [" & $WordBitwidth & "-bit mode]": suite "Bigints - Multiprecision modulo" & " [" & $WordBitWidth & "-bit mode]":
test "bitsize 237 mod bitsize 192": test "bitsize 237 mod bitsize 192":
let a = BigInt[237].fromHex("0x123456789012345678901234567890123456789012345678901234567890") let a = BigInt[237].fromHex("0x123456789012345678901234567890123456789012345678901234567890")
let m = BigInt[192].fromHex("0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB") let m = BigInt[192].fromHex("0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB")

10
tests/math/t_ec_frobenius.nim
View File

@ -49,7 +49,7 @@ proc test(
R.frobenius_psi(P) R.frobenius_psi(P)
doAssert: bool(R == Q) doAssert: bool(R == Q)
suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " [" & $WordBitwidth & "-bit mode]": suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " [" & $WordBitWidth & "-bit mode]":
# Generated via # Generated via
# - sage sage/frobenius_bn254_snarks.sage # - sage sage/frobenius_bn254_snarks.sage
# - sage sage/frobenius_bls12_377.sage # - sage sage/frobenius_bls12_377.sage
@ -214,7 +214,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
Qy1 = "77ef6850d4a8f181a10196398cd344011a44c50dce00e18578f3526301263492086d44c7c3d1db5b12499b4033116e1" Qy1 = "77ef6850d4a8f181a10196398cd344011a44c50dce00e18578f3526301263492086d44c7c3d1db5b12499b4033116e1"
) )
suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & " [" & $WordBitwidth & "-bit mode]": suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 8 const Iters = 8
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) = proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
for i in 0 ..< Iters: for i in 0 ..< Iters:
@ -247,7 +247,7 @@ suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & "
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2]) testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
testAll(ECP_ShortW_Prj[Fp[BW6_761], G2]) testAll(ECP_ShortW_Prj[Fp[BW6_761], G2])
suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]": suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10 const Iters = 10
proc trace(C: static Curve): auto = proc trace(C: static Curve): auto =
# Returns (abs(trace), isNegativeSign) # Returns (abs(trace), isNegativeSign)
@ -314,7 +314,7 @@ suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2]) testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
testAll(ECP_ShortW_Prj[Fp[BW6_761], G2]) testAll(ECP_ShortW_Prj[Fp[BW6_761], G2])
suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitwidth & "-bit mode]": suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10 const Iters = 10
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) = proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
@ -344,7 +344,7 @@ suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding d
testAll(ECP_ShortW_Prj[Fp2[BLS12_377], G2]) testAll(ECP_ShortW_Prj[Fp2[BLS12_377], G2])
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2]) testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
suite "ψ²(P) - ψ(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=6)" & " [" & $WordBitwidth & "-bit mode]": suite "ψ²(P) - ψ(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=6)" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10 const Iters = 10
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) = proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =

2
tests/math/t_ec_sage_template.nim
View File

@ -196,7 +196,7 @@ proc run_scalar_mul_test_vs_sage*(
const testSuiteDesc = "Scalar Multiplication " & $EC.F.C & " " & G1_or_G2 & " vs SageMath" const testSuiteDesc = "Scalar Multiplication " & $EC.F.C & " " & G1_or_G2 & " vs SageMath"
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
for i in 0 ..< vec.vectors.len: for i in 0 ..< vec.vectors.len:
test "test " & $vec.vectors[i].id & " - " & $EC: test "test " & $vec.vectors[i].id & " - " & $EC:
var var

2
tests/math/t_ec_shortw_prj_edge_cases.nim
View File

@ -61,7 +61,7 @@ func testAddAssociativity[EC](a, b, c: EC) =
doAssert bool(r0 == r3) doAssert bool(r0 == r3)
doAssert bool(r0 == r4) doAssert bool(r0 == r4)
suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitwidth & "-bit mode]": suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitWidth & "-bit mode]":
test "EC Add G2 is associative - #60": test "EC Add G2 is associative - #60":
var a, b, c: ECP_ShortW_Prj[Fp2[BLS12_381], G2] var a, b, c: ECP_ShortW_Prj[Fp2[BLS12_381], G2]

26
tests/math/t_ec_template.nim
View File

@ -91,7 +91,7 @@ proc run_EC_addition_tests*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form with projective coordinates" const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form with projective coordinates"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "The infinity point is the neutral element w.r.t. to EC " & G1_or_G2 & " addition": test "The infinity point is the neutral element w.r.t. to EC " & G1_or_G2 & " addition":
proc test(EC: typedesc, randZ: bool, gen: RandomGen) = proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
var inf {.noInit.}: EC var inf {.noInit.}: EC
@ -248,7 +248,7 @@ proc run_EC_mul_sanity_tests*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form" const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mul [0]P == Inf": test "EC " & G1_or_G2 & " mul [0]P == Inf":
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) = proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
for _ in 0 ..< ItersMul: for _ in 0 ..< ItersMul:
@ -343,7 +343,7 @@ proc run_EC_mul_distributive_tests*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form" const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mul is distributive over EC add": test "EC " & G1_or_G2 & " mul is distributive over EC add":
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) = proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
@ -410,7 +410,7 @@ proc run_EC_mul_vs_ref_impl*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form" const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mul constant-time is equivalent to a simple double-and-add algorithm": test "EC " & G1_or_G2 & " mul constant-time is equivalent to a simple double-and-add algorithm":
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) = proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
for _ in 0 ..< ItersMul: for _ in 0 ..< ItersMul:
@ -454,7 +454,7 @@ proc run_EC_mixed_add_impl*(
const testSuiteDesc = "Elliptic curve mixed addition for Short Weierstrass form" const testSuiteDesc = "Elliptic curve mixed addition for Short Weierstrass form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " mixed addition is consistent with general addition": test "EC " & G1_or_G2 & " mixed addition is consistent with general addition":
proc test(EC: typedesc, randZ: bool, gen: RandomGen) = proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
@ -567,8 +567,8 @@ proc run_EC_subgroups_cofactors_impl*(
const testSuiteDesc = "Elliptic curve subgroup check and cofactor clearing" const testSuiteDesc = "Elliptic curve subgroup check and cofactor clearing"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "Effective cofactor matches accelerated cofactor clearing" & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": test "Effective cofactor matches accelerated cofactor clearing" & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
proc test(EC: typedesc, randZ: bool, gen: RandomGen) = proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
for _ in 0 ..< ItersMul: for _ in 0 ..< ItersMul:
let P = rng.random_point(EC, randZ, gen) let P = rng.random_point(EC, randZ, gen)
@ -642,7 +642,7 @@ proc run_EC_affine_conversion*(
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form" const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
test "EC " & G1_or_G2 & " batchAffine is consistent with single affine conversion": test "EC " & G1_or_G2 & " batchAffine is consistent with single affine conversion":
proc test(EC: typedesc, gen: RandomGen) = proc test(EC: typedesc, gen: RandomGen) =
const batchSize = 10 const batchSize = 10
@ -660,19 +660,19 @@ proc run_EC_affine_conversion*(
doAssert bool(Qs[i] == Rs[i]), block: doAssert bool(Qs[i] == Rs[i]), block:
var s: string var s: string
s &= "Mismatch on iteration " & $i s &= "Mismatch on iteration " & $i
s &= "\nFailing batch for " & $EC & " (" & $WordBitwidth & "-bit)" s &= "\nFailing batch for " & $EC & " (" & $WordBitWidth & "-bit)"
s &= "\n [" s &= "\n ["
for i in 0 ..< batchSize: for i in 0 ..< batchSize:
s &= "\n" & Ps[i].toHex(indent = 4) s &= "\n" & Ps[i].toHex(indent = 4)
if i != batchSize-1: s &= "," if i != batchSize-1: s &= ","
s &= "\n ]" s &= "\n ]"
s &= "\nFailing inversions for " & $EC & " (" & $WordBitwidth & "-bit)" s &= "\nFailing inversions for " & $EC & " (" & $WordBitWidth & "-bit)"
s &= "\n [" s &= "\n ["
for i in 0 ..< batchSize: for i in 0 ..< batchSize:
s &= "\n" & Rs[i].toHex(indent = 4) s &= "\n" & Rs[i].toHex(indent = 4)
if i != batchSize-1: s &= "," if i != batchSize-1: s &= ","
s &= "\n ]" s &= "\n ]"
s &= "\nExpected inversions for " & $EC & " (" & $WordBitwidth & "-bit)" s &= "\nExpected inversions for " & $EC & " (" & $WordBitWidth & "-bit)"
s &= "\n [" s &= "\n ["
for i in 0 ..< batchSize: for i in 0 ..< batchSize:
s &= "\n" & Qs[i].toHex(indent = 4) s &= "\n" & Qs[i].toHex(indent = 4)
@ -691,7 +691,7 @@ proc run_EC_conversion_failures*(
echo "\n------------------------------------------------------\n" echo "\n------------------------------------------------------\n"
echo moduleName echo moduleName
suite moduleName & " - [" & $WordBitwidth & "-bit mode]": suite moduleName & " - [" & $WordBitWidth & "-bit mode]":
test "EC batchAffine fuzzing failures ": test "EC batchAffine fuzzing failures ":
proc test_bn254_snarks_g1(ECP: type) = proc test_bn254_snarks_g1(ECP: type) =
type ECP_Aff = ECP_ShortW_Aff[Fp[BN254_Snarks], G1] type ECP_Aff = ECP_ShortW_Aff[Fp[BN254_Snarks], G1]
@ -810,7 +810,7 @@ proc run_EC_batch_add_impl*[N: static int](
const testSuiteDesc = "Elliptic curve batch addition for Short Weierstrass form" const testSuiteDesc = "Elliptic curve batch addition for Short Weierstrass form"
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
for n in numPoints: for n in numPoints:
test $ec & " batch addition (N=" & $n & ")": test $ec & " batch addition (N=" & $n & ")":
proc test(EC: typedesc, gen: RandomGen) = proc test(EC: typedesc, gen: RandomGen) =

6
tests/math/t_finite_fields_double_precision.nim
View File

@ -125,7 +125,7 @@ sqrTest(random_unsafe)
sqrTest(randomHighHammingWeight) sqrTest(randomHighHammingWeight)
sqrTest(random_long01Seq) sqrTest(random_long01Seq)
suite "Field Addition/Substraction/Negation via double-precision field elements" & " [" & $WordBitwidth & "-bit mode]": suite "Field Addition/Substraction/Negation via double-precision field elements" & " [" & $WordBitWidth & "-bit mode]":
test "With P-224 field modulus": test "With P-224 field modulus":
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
addsubneg_random_unsafe(P224) addsubneg_random_unsafe(P224)
@ -197,7 +197,7 @@ suite "Field Addition/Substraction/Negation via double-precision field elements"
check: bool r.isZero() check: bool r.isZero()
suite "Field Multiplication via double-precision field elements is consistent with single-width." & " [" & $WordBitwidth & "-bit mode]": suite "Field Multiplication via double-precision field elements is consistent with single-width." & " [" & $WordBitWidth & "-bit mode]":
test "With P-224 field modulus": test "With P-224 field modulus":
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
mul_random_unsafe(P224) mul_random_unsafe(P224)
@ -262,7 +262,7 @@ suite "Field Multiplication via double-precision field elements is consistent wi
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
mul_random_long01Seq(Vesta) mul_random_long01Seq(Vesta)
suite "Field Squaring via double-precision field elements is consistent with single-width." & " [" & $WordBitwidth & "-bit mode]": suite "Field Squaring via double-precision field elements is consistent with single-width." & " [" & $WordBitWidth & "-bit mode]":
test "With P-224 field modulus": test "With P-224 field modulus":
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
sqr_random_unsafe(P224) sqr_random_unsafe(P224)

8
tests/math/t_finite_fields_mulsquare.nim
View File

@ -78,7 +78,7 @@ proc sanity(C: static Curve) =
bool(n == expected) bool(n == expected)
proc mainSanity() = proc mainSanity() =
suite "Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitwidth & "-bit mode]": suite "Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitWidth & "-bit mode]":
sanity Fake101 sanity Fake101
sanity Mersenne61 sanity Mersenne61
sanity Mersenne127 sanity Mersenne127
@ -94,7 +94,7 @@ proc mainSanity() =
mainSanity() mainSanity()
proc mainSelectCases() = proc mainSelectCases() =
suite "Modular Squaring: selected tricky cases" & " [" & $WordBitwidth & "-bit mode]": suite "Modular Squaring: selected tricky cases" & " [" & $WordBitWidth & "-bit mode]":
test "P-256 [FastSquaring = " & $(Fp[P256].getSpareBits() >= 2) & "]": test "P-256 [FastSquaring = " & $(Fp[P256].getSpareBits() >= 2) & "]":
block: block:
# Triggered an issue in the (t[N+1], t[N]) = t[N] + (A1, A0) # Triggered an issue in the (t[N+1], t[N]) = t[N] + (A1, A0)
@ -141,7 +141,7 @@ proc random_long01Seq(C: static Curve) =
doAssert bool(r_mul == r_sqr) doAssert bool(r_mul == r_sqr)
suite "Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitwidth & "-bit mode]": suite "Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Random squaring mod P-224 [FastSquaring = " & $(Fp[P224].getSpareBits() >= 2) & "]": test "Random squaring mod P-224 [FastSquaring = " & $(Fp[P224].getSpareBits() >= 2) & "]":
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
randomCurve(P224) randomCurve(P224)
@ -358,7 +358,7 @@ proc random_sumprod(C: static Curve, N: static int) =
sumprod_test(random_long01Seq) sumprod_test(random_long01Seq)
sumProdMax() sumProdMax()
suite "Random sum products is consistent with naive " & " [" & $WordBitwidth & "-bit mode]": suite "Random sum products is consistent with naive " & " [" & $WordBitWidth & "-bit mode]":
const MaxLength = 8 const MaxLength = 8
test "Random sum products mod P-224]": test "Random sum products mod P-224]":

6
tests/math/t_finite_fields_powinv.nim
View File

@ -29,7 +29,7 @@ echo "\n------------------------------------------------------\n"
echo "test_finite_fields_powinv xoshiro512** seed: ", seed echo "test_finite_fields_powinv xoshiro512** seed: ", seed
proc main() = proc main() =
suite "Modular exponentiation over finite fields" & " [" & $WordBitwidth & "-bit mode]": suite "Modular exponentiation over finite fields" & " [" & $WordBitWidth & "-bit mode]":
test "n² mod 101": test "n² mod 101":
let exponent = BigInt[64].fromUint(2'u64) let exponent = BigInt[64].fromUint(2'u64)
@ -202,7 +202,7 @@ proc main() =
testRandomDiv2 Pallas testRandomDiv2 Pallas
testRandomDiv2 Vesta testRandomDiv2 Vesta
suite "Modular inversion over prime fields" & " [" & $WordBitwidth & "-bit mode]": suite "Modular inversion over prime fields" & " [" & $WordBitWidth & "-bit mode]":
test "Specific tests on Fp[BLS12_381]": test "Specific tests on Fp[BLS12_381]":
block: # No inverse exist for 0 --> should return 0 for projective/jacobian to affine coordinate conversion block: # No inverse exist for 0 --> should return 0 for projective/jacobian to affine coordinate conversion
var r, x: Fp[BLS12_381] var r, x: Fp[BLS12_381]
@ -295,7 +295,7 @@ proc main() =
main() main()
proc main_anti_regression = proc main_anti_regression =
suite "Bug highlighted by property-based testing" & " [" & $WordBitwidth & "-bit mode]": suite "Bug highlighted by property-based testing" & " [" & $WordBitWidth & "-bit mode]":
# test "#30 - Euler's Criterion should be 1 for square on FKM12_447": # test "#30 - Euler's Criterion should be 1 for square on FKM12_447":
# var a: Fp[FKM12_447] # var a: Fp[FKM12_447]
# # square of "0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d" # # square of "0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d"

6
tests/math/t_finite_fields_sqrt.nim
View File

@ -146,7 +146,7 @@ proc randomSqrtRatioCheck(C: static Curve) =
testSqrtRatioImpl(u, v) testSqrtRatioImpl(u, v)
proc main() = proc main() =
suite "Modular square root" & " [" & $WordBitwidth & "-bit mode]": suite "Modular square root" & " [" & $WordBitWidth & "-bit mode]":
exhaustiveCheck Fake103, 103 exhaustiveCheck Fake103, 103
# exhaustiveCheck Fake10007, 10007 # exhaustiveCheck Fake10007, 10007
# exhaustiveCheck Fake65519, 65519 # exhaustiveCheck Fake65519, 65519
@ -161,14 +161,14 @@ proc main() =
randomSqrtCheck Pallas randomSqrtCheck Pallas
randomSqrtCheck Vesta randomSqrtCheck Vesta
suite "Modular sqrt(u/v)" & " [" & $WordBitwidth & "-bit mode]": suite "Modular sqrt(u/v)" & " [" & $WordBitWidth & "-bit mode]":
randomSqrtRatioCheck Edwards25519 randomSqrtRatioCheck Edwards25519
randomSqrtRatioCheck Jubjub randomSqrtRatioCheck Jubjub
randomSqrtRatioCheck Bandersnatch randomSqrtRatioCheck Bandersnatch
randomSqrtRatioCheck Pallas randomSqrtRatioCheck Pallas
randomSqrtRatioCheck Vesta randomSqrtRatioCheck Vesta
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]": suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
# test "FKM12_447 - #30": - Deactivated, we don't support the curve as no one uses it. # test "FKM12_447 - #30": - Deactivated, we don't support the curve as no one uses it.
# var a: Fp[FKM12_447] # var a: Fp[FKM12_447]
# a.fromHex"0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d" # a.fromHex"0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d"

2
tests/math/t_fp12_exponentiation.nim
View File

@ -175,7 +175,7 @@ proc test_invpow(C: static Curve, gen: RandomGen) =
doAssert: bool(xa == xqya) doAssert: bool(xa == xqya)
suite "Exponentiation in 𝔽p12" & " [" & $WordBitwidth & "-bit mode]": suite "Exponentiation in 𝔽p12" & " [" & $WordBitWidth & "-bit mode]":
staticFor(curve, TestCurves): staticFor(curve, TestCurves):
test "xᴬ xᴮ = xᴬ⁺ᴮ on " & $curve: test "xᴬ xᴮ = xᴬ⁺ᴮ on " & $curve:
test_sameBaseProduct(curve, gen = Uniform) test_sameBaseProduct(curve, gen = Uniform)

6
tests/math/t_fp2_sqrt.nim
View File

@ -70,14 +70,14 @@ proc randomSqrtCheck(C: static Curve, gen: RandomGen) =
bool(s == a or s == na) bool(s == a or s == na)
proc main() = proc main() =
suite "Modular square root" & " [" & $WordBitwidth & "-bit mode]": suite "Modular square root" & " [" & $WordBitWidth & "-bit mode]":
staticFor(curve, TestCurves): staticFor(curve, TestCurves):
test "[𝔽p2] Random square root check for " & $curve: test "[𝔽p2] Random square root check for " & $curve:
randomSqrtCheck(curve, gen = Uniform) randomSqrtCheck(curve, gen = Uniform)
randomSqrtCheck(curve, gen = HighHammingWeight) randomSqrtCheck(curve, gen = HighHammingWeight)
randomSqrtCheck(curve, gen = Long01Sequence) randomSqrtCheck(curve, gen = Long01Sequence)
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]": suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
test "sqrt_if_square invalid square BLS12_381 - #64": test "sqrt_if_square invalid square BLS12_381 - #64":
var a: Fp2[BLS12_381] var a: Fp2[BLS12_381]
a.fromHex( a.fromHex(
@ -98,7 +98,7 @@ proc main() =
bool not a.isSquare() bool not a.isSquare()
bool not a.sqrt_if_square() bool not a.sqrt_if_square()
suite "Modular square root - Assembly bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]": suite "Modular square root - Assembly bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
test "Don't set Neg(Zero) fields to modulus (non-unique Montgomery repr) - #136": test "Don't set Neg(Zero) fields to modulus (non-unique Montgomery repr) - #136":
# https://github.com/mratsim/constantine/issues/136 # https://github.com/mratsim/constantine/issues/136
# and https://github.com/mratsim/constantine/issues/114 # and https://github.com/mratsim/constantine/issues/114

2
tests/math/t_fp_cubic_root.nim
View File

@ -23,7 +23,7 @@ proc checkCubeRootOfUnity(curve: static Curve) =
check: bool cru.isOne() check: bool cru.isOne()
proc main() = proc main() =
suite "Sanity checks on precomputed values" & " [" & $WordBitwidth & "-bit mode]": suite "Sanity checks on precomputed values" & " [" & $WordBitWidth & "-bit mode]":
checkCubeRootOfUnity(BN254_Snarks) checkCubeRootOfUnity(BN254_Snarks)
checkCubeRootOfUnity(BLS12_377) checkCubeRootOfUnity(BLS12_377)
checkCubeRootOfUnity(BLS12_381) checkCubeRootOfUnity(BLS12_381)

2
tests/math/t_fp_tower_frobenius_template.nim
View File

@ -68,7 +68,7 @@ proc runFrobeniusTowerTests*[N](
rng.seed(seed) rng.seed(seed)
echo moduleName, " xoshiro512** seed: ", seed echo moduleName, " xoshiro512** seed: ", seed
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
test "Frobenius(a) = a^p (mod p^" & $ExtDegree & ")": test "Frobenius(a) = a^p (mod p^" & $ExtDegree & ")":
proc test(Field: typedesc, Iters: static int, gen: RandomGen) = proc test(Field: typedesc, Iters: static int, gen: RandomGen) =
for _ in 0 ..< Iters: for _ in 0 ..< Iters:

2
tests/math/t_fp_tower_template.nim
View File

@ -69,7 +69,7 @@ proc runTowerTests*[N](
rng.seed(seed) rng.seed(seed)
echo moduleName, " xoshiro512** seed: ", seed echo moduleName, " xoshiro512** seed: ", seed
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
test "Comparison sanity checks": test "Comparison sanity checks":
proc test(Field: typedesc) = proc test(Field: typedesc) =
var z, o {.noInit.}: Field var z, o {.noInit.}: Field

4
tests/math/t_fr.nim
View File

@ -76,7 +76,7 @@ proc sanity(C: static Curve) =
bool(n == expected) bool(n == expected)
proc mainSanity() = proc mainSanity() =
suite "Fr: Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitwidth & "-bit mode]": suite "Fr: Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitWidth & "-bit mode]":
sanity BN254_Snarks sanity BN254_Snarks
sanity BLS12_381 sanity BLS12_381
@ -112,7 +112,7 @@ proc random_long01Seq(C: static Curve) =
doAssert bool(r_mul == r_sqr) doAssert bool(r_mul == r_sqr)
suite "Fr: Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitwidth & "-bit mode]": suite "Fr: Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitWidth & "-bit mode]":
test "Random squaring mod r_BN254_Snarks [FastSquaring = " & $(Fr[BN254_Snarks].getSpareBits() >= 2) & "]": test "Random squaring mod r_BN254_Snarks [FastSquaring = " & $(Fr[BN254_Snarks].getSpareBits() >= 2) & "]":
for _ in 0 ..< Iters: for _ in 0 ..< Iters:
randomCurve(BN254_Snarks) randomCurve(BN254_Snarks)

4
tests/math/t_io_bigints.nim
View File

@ -22,7 +22,7 @@ echo "test_io_bigints xoshiro512** seed: ", seed
type T = BaseType type T = BaseType
proc main() = proc main() =
suite "IO Hex - BigInt" & " [" & $WordBitwidth & "-bit mode]": suite "IO Hex - BigInt" & " [" & $WordBitWidth & "-bit mode]":
test "Parsing raw integers": test "Parsing raw integers":
block: # Sanity check block: # Sanity check
let x = 0'u64 let x = 0'u64
@ -98,7 +98,7 @@ proc main() =
check: n == h check: n == h
suite "IO Decimal - BigInt" & " [" & $WordBitwidth & "-bit mode]": suite "IO Decimal - BigInt" & " [" & $WordBitWidth & "-bit mode]":
test "Checks elliptic curve constants": test "Checks elliptic curve constants":
block: # BLS12-381 - https://github.com/ethereum/py_ecc/blob/master/py_ecc/fields/field_properties.py block: # BLS12-381 - https://github.com/ethereum/py_ecc/blob/master/py_ecc/fields/field_properties.py
const p = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787" const p = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787"

2
tests/math/t_io_fields.nim
View File

@ -21,7 +21,7 @@ echo "\n------------------------------------------------------\n"
echo "test_io_fields xoshiro512** seed: ", seed echo "test_io_fields xoshiro512** seed: ", seed
proc main() = proc main() =
suite "IO - Finite fields" & " [" & $WordBitwidth & "-bit mode]": suite "IO - Finite fields" & " [" & $WordBitWidth & "-bit mode]":
test "Parsing and serializing round-trip on uint64": test "Parsing and serializing round-trip on uint64":
# 101 --------------------------------- # 101 ---------------------------------
block: block:

2
tests/math/t_io_unsaturated.nim
View File

@ -56,7 +56,7 @@ proc testRoundtrip(curve: static Curve, gen: static RandomGen) =
"\n b: " & b.toHex() "\n b: " & b.toHex()
proc main() = proc main() =
suite "Packed <-> Unsaturated limbs roundtrips" & " [" & $WordBitwidth & "-bit mode]": suite "Packed <-> Unsaturated limbs roundtrips" & " [" & $WordBitWidth & "-bit mode]":
const Iters = 10000 const Iters = 10000
test "BN254_Snarks": test "BN254_Snarks":
for _ in 0 ..< Iters: for _ in 0 ..< Iters:

2
tests/math/t_pairing_bls12_377_line_functions.nim
View File

@ -65,7 +65,7 @@ func random_point*(rng: var RngState, EC: typedesc, randZ: bool, gen: RandomGen)
else: else:
result = rng.random_long01Seq_with_randZ(EC) result = rng.random_long01Seq_with_randZ(EC)
suite "Pairing - Line Functions on BLS12-377" & " [" & $WordBitwidth & "-bit mode]": suite "Pairing - Line Functions on BLS12-377" & " [" & $WordBitWidth & "-bit mode]":
test "Line double - lt,t(P)": test "Line double - lt,t(P)":
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) = proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters: for _ in 0 ..< Iters:

2
tests/math/t_pairing_bls12_381_line_functions.nim
View File

@ -65,7 +65,7 @@ func random_point*(rng: var RngState, EC: typedesc, randZ: bool, gen: RandomGen)
else: else:
result = rng.random_long01Seq_with_randZ(EC) result = rng.random_long01Seq_with_randZ(EC)
suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitwidth & "-bit mode]": suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitWidth & "-bit mode]":
test "Line double - lt,t(P)": test "Line double - lt,t(P)":
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) = proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters: for _ in 0 ..< Iters:

2
tests/math/t_pairing_cyclotomic_subgroup.nim
View File

@ -49,7 +49,7 @@ func random_elem(rng: var RngState, F: typedesc, gen: RandomGen): F {.inline, no
else: else:
result = rng.random_long01Seq(F) result = rng.random_long01Seq(F)
suite "Pairing - Cyclotomic subgroup - GΦ₁₂(p) = {α ∈ Fp¹² : α^Φ₁₂(p) ≡ 1 (mod p¹²)}" & " [" & $WordBitwidth & "-bit mode]": suite "Pairing - Cyclotomic subgroup - GΦ₁₂(p) = {α ∈ Fp¹² : α^Φ₁₂(p) ≡ 1 (mod p¹²)}" & " [" & $WordBitWidth & "-bit mode]":
test "Easy part of the final exponentiation maps to the cyclotomic subgroup": test "Easy part of the final exponentiation maps to the cyclotomic subgroup":
proc test_final_exp_easy_cycl(C: static Curve, gen: static RandomGen) = proc test_final_exp_easy_cycl(C: static Curve, gen: static RandomGen) =
for _ in 0 ..< Iters: for _ in 0 ..< Iters:

4
tests/math/t_pairing_template.nim
View File

@ -99,7 +99,7 @@ template runPairingTests*(Iters: static int, C: static Curve, G1, G2, GT: typede
doAssert bool(r == r3) doAssert bool(r == r3)
doAssert bool(r2 == r3) doAssert bool(r2 == r3)
suite "Pairing - Optimal Ate on " & $C & " [" & $WordBitwidth & "-bit mode]": suite "Pairing - Optimal Ate on " & $C & " [" & $WordBitWidth & "-bit mode]":
test "Bilinearity e([2]P, Q) = e(P, [2]Q) = e(P, Q)^2": test "Bilinearity e([2]P, Q) = e(P, [2]Q) = e(P, Q)^2":
test_bilinearity_double_impl(randZ = false, gen = Uniform) test_bilinearity_double_impl(randZ = false, gen = Uniform)
test_bilinearity_double_impl(randZ = false, gen = HighHammingWeight) test_bilinearity_double_impl(randZ = false, gen = HighHammingWeight)
@ -139,7 +139,7 @@ template runGTsubgroupTests*(Iters: static int, GT: typedesc, finalExpHard_fn: u
stdout.write '\n' stdout.write '\n'
suite "Pairing - GT subgroup " & $GT.C & " [" & $WordBitwidth & "-bit mode]": suite "Pairing - GT subgroup " & $GT.C & " [" & $WordBitWidth & "-bit mode]":
test "Final Exponentiation and GT-subgroup membership": test "Final Exponentiation and GT-subgroup membership":
test_gt_impl(gen = Uniform) test_gt_impl(gen = Uniform)
test_gt_impl(gen = HighHammingWeight) test_gt_impl(gen = HighHammingWeight)

2
tests/math/t_primitives.nim
View File

@ -21,7 +21,7 @@ template undistinct[T](x: Ct[T]): T =
T(x) T(x)
proc main() = proc main() =
suite "Constant-time unsigned integers" & " [" & $WordBitwidth & "-bit mode]": suite "Constant-time unsigned integers" & " [" & $WordBitWidth & "-bit mode]":
test "High - getting the biggest representable number": test "High - getting the biggest representable number":
check: check:
high(Ct[byte]).undistinct == 0xFF.byte high(Ct[byte]).undistinct == 0xFF.byte

4
tests/t_hash_to_curve.nim
View File

@ -115,7 +115,7 @@ proc run_hash_to_curve_test(
let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors" let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors"
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
doAssert vec.hash == "sha256" doAssert vec.hash == "sha256"
doAssert vec.k == "0x80" # 128 doAssert vec.k == "0x80" # 128
@ -150,7 +150,7 @@ proc run_hash_to_curve_svdw_test(
let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors" let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors"
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]": suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
doAssert vec.hash == "sha256" doAssert vec.hash == "sha256"
doAssert vec.k == "0x80" # 128 doAssert vec.k == "0x80" # 128