style: casing of WordBitWidth/WordBitwidth
This commit is contained in:
parent
53a5729442
commit
c0b30a08be
|
@ -73,7 +73,7 @@ func partialReduce_1305[N1, N2: static int](r: var Limbs[N1], a: Limbs[N2]) =
|
|||
# But there is a twist. 5.2⁶² need 65-bit not 64
|
||||
# and 5.2³⁰ need 33-bit not 32
|
||||
|
||||
when WordBitwidth == 64:
|
||||
when WordBitWidth == 64:
|
||||
static:
|
||||
doAssert N1 == 3
|
||||
doAssert N2 == 4
|
||||
|
|
|
@ -37,7 +37,7 @@ macro mul_gen[rLen, aLen, bLen: static int](r: var Limbs[rLen], a: Limbs[aLen],
|
|||
## `a`, `b`, `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len + b.limbs.len
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a * b (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a * b (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
## Assumes r doesn't aliases a or b
|
||||
|
||||
|
@ -137,7 +137,7 @@ macro sqr_gen*[rLen, aLen: static int](r: var Limbs[rLen], a: Limbs[aLen]) =
|
|||
## `a` and `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len * 2
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a² (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a² (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
## Assumes r doesn't aliases a
|
||||
|
||||
|
|
|
@ -114,7 +114,7 @@ macro mulx_gen[rLen, aLen, bLen: static int](r_PIR: var Limbs[rLen], a_PIR: Limb
|
|||
## `a`, `b`, `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len + b.limbs.len
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a * b (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a * b (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
## Assumes r doesn't aliases a or b
|
||||
|
||||
|
@ -565,7 +565,7 @@ macro sqrx_gen*[rLen, aLen: static int](r_PIR: var Limbs[rLen], a_PIR: Limbs[aLe
|
|||
## `a` and `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len * 2
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a² (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a² (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
## Assumes r doesn't aliases a
|
||||
result = newStmtList()
|
||||
|
|
|
@ -292,7 +292,7 @@ func prod_high_words*[rBits, aBits, bBits](r: var BigInt[rBits], a: BigInt[aBits
|
|||
## `a`, `b`, `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
# This is useful for
|
||||
# - Barret reduction
|
||||
|
|
|
@ -126,7 +126,7 @@ debug:
|
|||
|
||||
let d = 2*k - numIters
|
||||
b[0] = Zero; b[1] = Zero
|
||||
b[d div WordBitwidth] = One shl (d mod WordBitwidth)
|
||||
b[d div WordBitWidth] = One shl (d mod WordBitWidth)
|
||||
|
||||
return bool(a == b)
|
||||
|
||||
|
@ -433,7 +433,7 @@ func invmod*(
|
|||
## M MUST be odd, M does not need to be prime.
|
||||
## ``a`` MUST be less than M.
|
||||
const Excess = 2
|
||||
const k = WordBitwidth - Excess
|
||||
const k = WordBitWidth - Excess
|
||||
const NumUnsatWords = (bits + k - 1) div k
|
||||
|
||||
# Convert values to unsaturated repr
|
||||
|
@ -460,7 +460,7 @@ func invmod*(
|
|||
## ``a`` MUST be less than M.
|
||||
|
||||
const Excess = 2
|
||||
const k = WordBitwidth - Excess
|
||||
const k = WordBitWidth - Excess
|
||||
const NumUnsatWords = (bits + k - 1) div k
|
||||
|
||||
# Convert values to unsaturated repr
|
||||
|
@ -636,7 +636,7 @@ func legendre*(a, M: Limbs, bits: static int): SecretWord =
|
|||
## ≡ -1 (mod p), iff a is quadratic non-residue
|
||||
## ≡ 0 (mod p), iff a is 0
|
||||
const Excess = 2
|
||||
const k = WordBitwidth - Excess
|
||||
const k = WordBitWidth - Excess
|
||||
const NumUnsatWords = (bits + k - 1) div k
|
||||
|
||||
# Convert values to unsaturated repr
|
||||
|
@ -656,7 +656,7 @@ func legendre*(a: Limbs, M: static Limbs, bits: static int): SecretWord =
|
|||
## ≡ 0 (mod p), iff a is 0
|
||||
|
||||
const Excess = 2
|
||||
const k = WordBitwidth - Excess
|
||||
const k = WordBitWidth - Excess
|
||||
const NumUnsatWords = (bits + k - 1) div k
|
||||
|
||||
# Convert values to unsaturated repr
|
||||
|
|
|
@ -66,7 +66,7 @@ func prod*[rLen, aLen, bLen: static int](r: var Limbs[rLen], a: Limbs[aLen], b:
|
|||
## `a`, `b`, `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len + b.limbs.len
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a * b (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a * b (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
## `r` must not alias ``a`` or ``b``
|
||||
|
||||
|
@ -91,7 +91,7 @@ func prod_high_words*[rLen, aLen, bLen](
|
|||
## `a`, `b`, `r` can have a different number of limbs
|
||||
## if `r`.limbs.len < a.limbs.len + b.limbs.len - lowestWordIndex
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a * b >> (2^WordBitWidth)^lowestWordIndex (mod (2^WordBitWidth)^r.limbs.len)
|
||||
#
|
||||
# This is useful for
|
||||
# - Barret reduction
|
||||
|
@ -196,7 +196,7 @@ func square*[rLen, aLen](
|
|||
##
|
||||
## if `r`.limbs.len < a.limbs.len * 2
|
||||
## The result will be truncated, i.e. it will be
|
||||
## a² (mod (2^WordBitwidth)^r.limbs.len)
|
||||
## a² (mod (2^WordBitWidth)^r.limbs.len)
|
||||
##
|
||||
## `r` must not alias ``a`` or ``b``
|
||||
when UseASM_X86_64 and aLen in {4, 6} and rLen == 2*aLen:
|
||||
|
|
|
@ -92,9 +92,9 @@ func fromPackedRepr*[LU, E, LP: static int](
|
|||
|
||||
static:
|
||||
# Destination and Source size are consistent
|
||||
doAssert (LU-1) * UnsatBitWidth <= WordBitwidth * LP, block:
|
||||
doAssert (LU-1) * UnsatBitWidth <= WordBitWidth * LP, block:
|
||||
"\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) &
|
||||
"\n WordBitwidth * LP: " & $WordBitwidth & " * " & $LP & " = " & $(WordBitwidth * LP)
|
||||
"\n WordBitWidth * LP: " & $WordBitWidth & " * " & $LP & " = " & $(WordBitWidth * LP)
|
||||
|
||||
var
|
||||
srcIdx, dstIdx = 0
|
||||
|
@ -143,9 +143,9 @@ func fromUnsatRepr*[LU, E, LP: static int](
|
|||
|
||||
static:
|
||||
# Destination and Source size are consistent
|
||||
doAssert (LU-1) * UnsatBitWidth <= WordBitwidth * LP, block:
|
||||
doAssert (LU-1) * UnsatBitWidth <= WordBitWidth * LP, block:
|
||||
"\n (LU-1) * UnsatBitWidth: " & $(LU-1) & " * " & $UnsatBitWidth & " = " & $((LU-1) * UnsatBitWidth) &
|
||||
"\n WordBitwidth * LP: " & $WordBitwidth & " * " & $LP & " = " & $(WordBitwidth * LP)
|
||||
"\n WordBitWidth * LP: " & $WordBitWidth & " * " & $LP & " = " & $(WordBitWidth * LP)
|
||||
|
||||
var
|
||||
srcIdx {.used.}, dstIdx = 0
|
||||
|
|
|
@ -19,7 +19,7 @@ import
|
|||
echo "\n------------------------------------------------------\n"
|
||||
|
||||
proc mainArith() =
|
||||
suite "isZero" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "isZero" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "isZero for zero":
|
||||
var x: BigInt[128]
|
||||
check: x.isZero().bool
|
||||
|
@ -49,7 +49,7 @@ proc mainArith() =
|
|||
check: static(not x.isZero().bool)
|
||||
|
||||
|
||||
suite "Arithmetic operations - Addition" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Arithmetic operations - Addition" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Adding 2 zeros":
|
||||
var a = fromHex(BigInt[128], "0x00000000000000000000000000000000")
|
||||
let b = fromHex(BigInt[128], "0x00000000000000000000000000000000")
|
||||
|
@ -149,7 +149,7 @@ proc mainArith() =
|
|||
bool(a == c)
|
||||
not bool(carry)
|
||||
|
||||
suite "BigInt + SecretWord" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "BigInt + SecretWord" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Addition limbs carry":
|
||||
block: # P256 / 2
|
||||
var a = BigInt[256].fromhex"0x7fffffff800000008000000000000000000000007fffffffffffffffffffffff"
|
||||
|
@ -160,7 +160,7 @@ proc mainArith() =
|
|||
check: bool(a == expected)
|
||||
|
||||
proc mainMul() =
|
||||
suite "Multi-precision multiplication" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Multi-precision multiplication" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Same size operand into double size result":
|
||||
block:
|
||||
var r = canary(BigInt[256])
|
||||
|
@ -201,7 +201,7 @@ proc mainMul() =
|
|||
check: bool(r == expected)
|
||||
|
||||
proc mainMulHigh() =
|
||||
suite "Multi-precision multiplication keeping only high words" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Multi-precision multiplication keeping only high words" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Same size operand into double size result - discard first word":
|
||||
block:
|
||||
var r = canary(BigInt[256])
|
||||
|
@ -287,7 +287,7 @@ proc mainMulHigh() =
|
|||
check: bool(r == expected)
|
||||
|
||||
proc mainSquare() =
|
||||
suite "Multi-precision multiplication" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Multi-precision multiplication" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Squaring is consistent with multiplication (rBits = 2*aBits)":
|
||||
block:
|
||||
let a = BigInt[200].fromHex"0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEFDE"
|
||||
|
@ -309,7 +309,7 @@ proc mainSquare() =
|
|||
check: bool(rmul == rsqr)
|
||||
|
||||
proc mainModular() =
|
||||
suite "Modular operations - small modulus" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular operations - small modulus" & " [" & $WordBitWidth & "-bit mode]":
|
||||
# Vectors taken from Stint - https://github.com/status-im/nim-stint
|
||||
test "100 mod 13":
|
||||
# Test 1 word and more than 1 word
|
||||
|
@ -368,7 +368,7 @@ proc mainModular() =
|
|||
"\n r (low-level repr): " & $r &
|
||||
"\n expected (ll repr): " & $expected
|
||||
|
||||
suite "Modular operations - small modulus - Stint specific failures highlighted by property-based testing" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular operations - small modulus - Stint specific failures highlighted by property-based testing" & " [" & $WordBitWidth & "-bit mode]":
|
||||
# Vectors taken from Stint - https://github.com/status-im/nim-stint
|
||||
test "Modulo: 65696211516342324 mod 174261910798982":
|
||||
let u = 65696211516342324'u64
|
||||
|
@ -401,7 +401,7 @@ proc mainModular() =
|
|||
"\n expected (ll repr): " & $expected
|
||||
|
||||
proc mainNeg() =
|
||||
suite "Conditional negation" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Conditional negation" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Conditional negation":
|
||||
block:
|
||||
var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE")
|
||||
|
@ -499,7 +499,7 @@ proc mainNeg() =
|
|||
bool(b == b2)
|
||||
|
||||
proc mainCopySwap() =
|
||||
suite "Copy and Swap" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Copy and Swap" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Conditional copy":
|
||||
block:
|
||||
var a = fromHex(BigInt[128], "0x12345678FF11FFAA00321321CAFECAFE")
|
||||
|
@ -545,7 +545,7 @@ proc mainCopySwap() =
|
|||
bool(eB == b)
|
||||
|
||||
proc mainModularInverse() =
|
||||
suite "Modular Inverse (with odd modulus)" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular Inverse (with odd modulus)" & " [" & $WordBitWidth & "-bit mode]":
|
||||
# Note: We don't define multi-precision multiplication
|
||||
# because who needs it when you have Montgomery?
|
||||
# ¯\(ツ)/¯
|
||||
|
|
|
@ -95,13 +95,13 @@ proc main() =
|
|||
mpz_mul(r, a, b)
|
||||
var shift: mpz_t
|
||||
mpz_init(shift)
|
||||
r.mpz_tdiv_q_2exp(r, WordBitwidth * wordsStartIndex)
|
||||
r.mpz_tdiv_q_2exp(r, WordBitWidth * wordsStartIndex)
|
||||
|
||||
# If a*b overflow the result size we truncate
|
||||
const numWords = wordsRequired(rBits)
|
||||
when numWords < wordsRequired(aBits+bBits):
|
||||
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitwidth * numWords, ")"
|
||||
r.mpz_tdiv_r_2exp(r, WordBitwidth * numWords)
|
||||
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitWidth * numWords, ")"
|
||||
r.mpz_tdiv_r_2exp(r, WordBitWidth * numWords)
|
||||
|
||||
# Constantine
|
||||
var rTest: BigInt[rBits]
|
||||
|
|
|
@ -90,8 +90,8 @@ proc main() =
|
|||
# If a*b overflow the result size we truncate
|
||||
const numWords = wordsRequired(rBits)
|
||||
when numWords < wordsRequired(aBits+bBits):
|
||||
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitwidth * numWords, ")"
|
||||
r.mpz_tdiv_r_2exp(r, WordBitwidth * numWords)
|
||||
echo " truncating from ", wordsRequired(aBits+bBits), " words to ", numWords, " (2^", WordBitWidth * numWords, ")"
|
||||
r.mpz_tdiv_r_2exp(r, WordBitWidth * numWords)
|
||||
|
||||
# Constantine
|
||||
var rTest: BigInt[rBits]
|
||||
|
|
|
@ -17,7 +17,7 @@ import
|
|||
echo "\n------------------------------------------------------\n"
|
||||
|
||||
proc main() =
|
||||
suite "Bigints - Multiprecision modulo" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Bigints - Multiprecision modulo" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "bitsize 237 mod bitsize 192":
|
||||
let a = BigInt[237].fromHex("0x123456789012345678901234567890123456789012345678901234567890")
|
||||
let m = BigInt[192].fromHex("0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB")
|
||||
|
|
|
@ -49,7 +49,7 @@ proc test(
|
|||
R.frobenius_psi(P)
|
||||
doAssert: bool(R == Q)
|
||||
|
||||
suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " [" & $WordBitWidth & "-bit mode]":
|
||||
# Generated via
|
||||
# - sage sage/frobenius_bn254_snarks.sage
|
||||
# - sage sage/frobenius_bls12_377.sage
|
||||
|
@ -214,7 +214,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
|
|||
Qy1 = "77ef6850d4a8f181a10196398cd344011a44c50dce00e18578f3526301263492086d44c7c3d1db5b12499b4033116e1"
|
||||
)
|
||||
|
||||
suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & " [" & $WordBitWidth & "-bit mode]":
|
||||
const Iters = 8
|
||||
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
|
||||
for i in 0 ..< Iters:
|
||||
|
@ -247,7 +247,7 @@ suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & "
|
|||
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
|
||||
testAll(ECP_ShortW_Prj[Fp[BW6_761], G2])
|
||||
|
||||
suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitWidth & "-bit mode]":
|
||||
const Iters = 10
|
||||
proc trace(C: static Curve): auto =
|
||||
# Returns (abs(trace), isNegativeSign)
|
||||
|
@ -314,7 +314,7 @@ suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
|
|||
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
|
||||
testAll(ECP_ShortW_Prj[Fp[BW6_761], G2])
|
||||
|
||||
suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitWidth & "-bit mode]":
|
||||
const Iters = 10
|
||||
|
||||
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
|
||||
|
@ -344,7 +344,7 @@ suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding d
|
|||
testAll(ECP_ShortW_Prj[Fp2[BLS12_377], G2])
|
||||
testAll(ECP_ShortW_Prj[Fp2[BLS12_381], G2])
|
||||
|
||||
suite "ψ²(P) - ψ(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=6)" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "ψ²(P) - ψ(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=6)" & " [" & $WordBitWidth & "-bit mode]":
|
||||
const Iters = 10
|
||||
|
||||
proc test(EC: typedesc, randZ: static bool, gen: static RandomGen) =
|
||||
|
|
|
@ -196,7 +196,7 @@ proc run_scalar_mul_test_vs_sage*(
|
|||
|
||||
const testSuiteDesc = "Scalar Multiplication " & $EC.F.C & " " & G1_or_G2 & " vs SageMath"
|
||||
|
||||
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
|
||||
for i in 0 ..< vec.vectors.len:
|
||||
test "test " & $vec.vectors[i].id & " - " & $EC:
|
||||
var
|
||||
|
|
|
@ -61,7 +61,7 @@ func testAddAssociativity[EC](a, b, c: EC) =
|
|||
doAssert bool(r0 == r3)
|
||||
doAssert bool(r0 == r4)
|
||||
|
||||
suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitWidth & "-bit mode]":
|
||||
test "EC Add G2 is associative - #60":
|
||||
|
||||
var a, b, c: ECP_ShortW_Prj[Fp2[BLS12_381], G2]
|
||||
|
|
|
@ -91,7 +91,7 @@ proc run_EC_addition_tests*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form with projective coordinates"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "The infinity point is the neutral element w.r.t. to EC " & G1_or_G2 & " addition":
|
||||
proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
|
||||
var inf {.noInit.}: EC
|
||||
|
@ -248,7 +248,7 @@ proc run_EC_mul_sanity_tests*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "EC " & G1_or_G2 & " mul [0]P == Inf":
|
||||
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
|
||||
for _ in 0 ..< ItersMul:
|
||||
|
@ -343,7 +343,7 @@ proc run_EC_mul_distributive_tests*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
|
||||
test "EC " & G1_or_G2 & " mul is distributive over EC add":
|
||||
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
|
||||
|
@ -410,7 +410,7 @@ proc run_EC_mul_vs_ref_impl*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "EC " & G1_or_G2 & " mul constant-time is equivalent to a simple double-and-add algorithm":
|
||||
proc test(EC: typedesc, bits: static int, randZ: bool, gen: RandomGen) =
|
||||
for _ in 0 ..< ItersMul:
|
||||
|
@ -454,7 +454,7 @@ proc run_EC_mixed_add_impl*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve mixed addition for Short Weierstrass form"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "EC " & G1_or_G2 & " mixed addition is consistent with general addition":
|
||||
proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
|
||||
for _ in 0 ..< Iters:
|
||||
|
@ -567,8 +567,8 @@ proc run_EC_subgroups_cofactors_impl*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve subgroup check and cofactor clearing"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
test "Effective cofactor matches accelerated cofactor clearing" & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "Effective cofactor matches accelerated cofactor clearing" & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
proc test(EC: typedesc, randZ: bool, gen: RandomGen) =
|
||||
for _ in 0 ..< ItersMul:
|
||||
let P = rng.random_point(EC, randZ, gen)
|
||||
|
@ -642,7 +642,7 @@ proc run_EC_affine_conversion*(
|
|||
|
||||
const testSuiteDesc = "Elliptic curve in " & $ec.F.C.getEquationForm() & " form"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "EC " & G1_or_G2 & " batchAffine is consistent with single affine conversion":
|
||||
proc test(EC: typedesc, gen: RandomGen) =
|
||||
const batchSize = 10
|
||||
|
@ -660,19 +660,19 @@ proc run_EC_affine_conversion*(
|
|||
doAssert bool(Qs[i] == Rs[i]), block:
|
||||
var s: string
|
||||
s &= "Mismatch on iteration " & $i
|
||||
s &= "\nFailing batch for " & $EC & " (" & $WordBitwidth & "-bit)"
|
||||
s &= "\nFailing batch for " & $EC & " (" & $WordBitWidth & "-bit)"
|
||||
s &= "\n ["
|
||||
for i in 0 ..< batchSize:
|
||||
s &= "\n" & Ps[i].toHex(indent = 4)
|
||||
if i != batchSize-1: s &= ","
|
||||
s &= "\n ]"
|
||||
s &= "\nFailing inversions for " & $EC & " (" & $WordBitwidth & "-bit)"
|
||||
s &= "\nFailing inversions for " & $EC & " (" & $WordBitWidth & "-bit)"
|
||||
s &= "\n ["
|
||||
for i in 0 ..< batchSize:
|
||||
s &= "\n" & Rs[i].toHex(indent = 4)
|
||||
if i != batchSize-1: s &= ","
|
||||
s &= "\n ]"
|
||||
s &= "\nExpected inversions for " & $EC & " (" & $WordBitwidth & "-bit)"
|
||||
s &= "\nExpected inversions for " & $EC & " (" & $WordBitWidth & "-bit)"
|
||||
s &= "\n ["
|
||||
for i in 0 ..< batchSize:
|
||||
s &= "\n" & Qs[i].toHex(indent = 4)
|
||||
|
@ -691,7 +691,7 @@ proc run_EC_conversion_failures*(
|
|||
echo "\n------------------------------------------------------\n"
|
||||
echo moduleName
|
||||
|
||||
suite moduleName & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite moduleName & " - [" & $WordBitWidth & "-bit mode]":
|
||||
test "EC batchAffine fuzzing failures ":
|
||||
proc test_bn254_snarks_g1(ECP: type) =
|
||||
type ECP_Aff = ECP_ShortW_Aff[Fp[BN254_Snarks], G1]
|
||||
|
@ -810,7 +810,7 @@ proc run_EC_batch_add_impl*[N: static int](
|
|||
|
||||
const testSuiteDesc = "Elliptic curve batch addition for Short Weierstrass form"
|
||||
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " - " & $ec & " - [" & $WordBitWidth & "-bit mode]":
|
||||
for n in numPoints:
|
||||
test $ec & " batch addition (N=" & $n & ")":
|
||||
proc test(EC: typedesc, gen: RandomGen) =
|
||||
|
|
|
@ -125,7 +125,7 @@ sqrTest(random_unsafe)
|
|||
sqrTest(randomHighHammingWeight)
|
||||
sqrTest(random_long01Seq)
|
||||
|
||||
suite "Field Addition/Substraction/Negation via double-precision field elements" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Field Addition/Substraction/Negation via double-precision field elements" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "With P-224 field modulus":
|
||||
for _ in 0 ..< Iters:
|
||||
addsubneg_random_unsafe(P224)
|
||||
|
@ -197,7 +197,7 @@ suite "Field Addition/Substraction/Negation via double-precision field elements"
|
|||
|
||||
check: bool r.isZero()
|
||||
|
||||
suite "Field Multiplication via double-precision field elements is consistent with single-width." & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Field Multiplication via double-precision field elements is consistent with single-width." & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "With P-224 field modulus":
|
||||
for _ in 0 ..< Iters:
|
||||
mul_random_unsafe(P224)
|
||||
|
@ -262,7 +262,7 @@ suite "Field Multiplication via double-precision field elements is consistent wi
|
|||
for _ in 0 ..< Iters:
|
||||
mul_random_long01Seq(Vesta)
|
||||
|
||||
suite "Field Squaring via double-precision field elements is consistent with single-width." & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Field Squaring via double-precision field elements is consistent with single-width." & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "With P-224 field modulus":
|
||||
for _ in 0 ..< Iters:
|
||||
sqr_random_unsafe(P224)
|
||||
|
|
|
@ -78,7 +78,7 @@ proc sanity(C: static Curve) =
|
|||
bool(n == expected)
|
||||
|
||||
proc mainSanity() =
|
||||
suite "Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitWidth & "-bit mode]":
|
||||
sanity Fake101
|
||||
sanity Mersenne61
|
||||
sanity Mersenne127
|
||||
|
@ -94,7 +94,7 @@ proc mainSanity() =
|
|||
mainSanity()
|
||||
|
||||
proc mainSelectCases() =
|
||||
suite "Modular Squaring: selected tricky cases" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular Squaring: selected tricky cases" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "P-256 [FastSquaring = " & $(Fp[P256].getSpareBits() >= 2) & "]":
|
||||
block:
|
||||
# Triggered an issue in the (t[N+1], t[N]) = t[N] + (A1, A0)
|
||||
|
@ -141,7 +141,7 @@ proc random_long01Seq(C: static Curve) =
|
|||
|
||||
doAssert bool(r_mul == r_sqr)
|
||||
|
||||
suite "Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Random squaring mod P-224 [FastSquaring = " & $(Fp[P224].getSpareBits() >= 2) & "]":
|
||||
for _ in 0 ..< Iters:
|
||||
randomCurve(P224)
|
||||
|
@ -358,7 +358,7 @@ proc random_sumprod(C: static Curve, N: static int) =
|
|||
sumprod_test(random_long01Seq)
|
||||
sumProdMax()
|
||||
|
||||
suite "Random sum products is consistent with naive " & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Random sum products is consistent with naive " & " [" & $WordBitWidth & "-bit mode]":
|
||||
|
||||
const MaxLength = 8
|
||||
test "Random sum products mod P-224]":
|
||||
|
|
|
@ -29,7 +29,7 @@ echo "\n------------------------------------------------------\n"
|
|||
echo "test_finite_fields_powinv xoshiro512** seed: ", seed
|
||||
|
||||
proc main() =
|
||||
suite "Modular exponentiation over finite fields" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular exponentiation over finite fields" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "n² mod 101":
|
||||
let exponent = BigInt[64].fromUint(2'u64)
|
||||
|
||||
|
@ -202,7 +202,7 @@ proc main() =
|
|||
testRandomDiv2 Pallas
|
||||
testRandomDiv2 Vesta
|
||||
|
||||
suite "Modular inversion over prime fields" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular inversion over prime fields" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Specific tests on Fp[BLS12_381]":
|
||||
block: # No inverse exist for 0 --> should return 0 for projective/jacobian to affine coordinate conversion
|
||||
var r, x: Fp[BLS12_381]
|
||||
|
@ -295,7 +295,7 @@ proc main() =
|
|||
main()
|
||||
|
||||
proc main_anti_regression =
|
||||
suite "Bug highlighted by property-based testing" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Bug highlighted by property-based testing" & " [" & $WordBitWidth & "-bit mode]":
|
||||
# test "#30 - Euler's Criterion should be 1 for square on FKM12_447":
|
||||
# var a: Fp[FKM12_447]
|
||||
# # square of "0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d"
|
||||
|
|
|
@ -146,7 +146,7 @@ proc randomSqrtRatioCheck(C: static Curve) =
|
|||
testSqrtRatioImpl(u, v)
|
||||
|
||||
proc main() =
|
||||
suite "Modular square root" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular square root" & " [" & $WordBitWidth & "-bit mode]":
|
||||
exhaustiveCheck Fake103, 103
|
||||
# exhaustiveCheck Fake10007, 10007
|
||||
# exhaustiveCheck Fake65519, 65519
|
||||
|
@ -161,14 +161,14 @@ proc main() =
|
|||
randomSqrtCheck Pallas
|
||||
randomSqrtCheck Vesta
|
||||
|
||||
suite "Modular sqrt(u/v)" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular sqrt(u/v)" & " [" & $WordBitWidth & "-bit mode]":
|
||||
randomSqrtRatioCheck Edwards25519
|
||||
randomSqrtRatioCheck Jubjub
|
||||
randomSqrtRatioCheck Bandersnatch
|
||||
randomSqrtRatioCheck Pallas
|
||||
randomSqrtRatioCheck Vesta
|
||||
|
||||
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
|
||||
# test "FKM12_447 - #30": - Deactivated, we don't support the curve as no one uses it.
|
||||
# var a: Fp[FKM12_447]
|
||||
# a.fromHex"0x406e5e74ee09c84fa0c59f2db3ac814a4937e2f57ecd3c0af4265e04598d643c5b772a6549a2d9b825445c34b8ba100fe8d912e61cfda43d"
|
||||
|
|
|
@ -175,7 +175,7 @@ proc test_invpow(C: static Curve, gen: RandomGen) =
|
|||
|
||||
doAssert: bool(xa == xqya)
|
||||
|
||||
suite "Exponentiation in 𝔽p12" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Exponentiation in 𝔽p12" & " [" & $WordBitWidth & "-bit mode]":
|
||||
staticFor(curve, TestCurves):
|
||||
test "xᴬ xᴮ = xᴬ⁺ᴮ on " & $curve:
|
||||
test_sameBaseProduct(curve, gen = Uniform)
|
||||
|
|
|
@ -70,14 +70,14 @@ proc randomSqrtCheck(C: static Curve, gen: RandomGen) =
|
|||
bool(s == a or s == na)
|
||||
|
||||
proc main() =
|
||||
suite "Modular square root" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular square root" & " [" & $WordBitWidth & "-bit mode]":
|
||||
staticFor(curve, TestCurves):
|
||||
test "[𝔽p2] Random square root check for " & $curve:
|
||||
randomSqrtCheck(curve, gen = Uniform)
|
||||
randomSqrtCheck(curve, gen = HighHammingWeight)
|
||||
randomSqrtCheck(curve, gen = Long01Sequence)
|
||||
|
||||
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular square root - 32-bit bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "sqrt_if_square invalid square BLS12_381 - #64":
|
||||
var a: Fp2[BLS12_381]
|
||||
a.fromHex(
|
||||
|
@ -98,7 +98,7 @@ proc main() =
|
|||
bool not a.isSquare()
|
||||
bool not a.sqrt_if_square()
|
||||
|
||||
suite "Modular square root - Assembly bugs highlighted by property-based testing " & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Modular square root - Assembly bugs highlighted by property-based testing " & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Don't set Neg(Zero) fields to modulus (non-unique Montgomery repr) - #136":
|
||||
# https://github.com/mratsim/constantine/issues/136
|
||||
# and https://github.com/mratsim/constantine/issues/114
|
||||
|
|
|
@ -23,7 +23,7 @@ proc checkCubeRootOfUnity(curve: static Curve) =
|
|||
check: bool cru.isOne()
|
||||
|
||||
proc main() =
|
||||
suite "Sanity checks on precomputed values" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Sanity checks on precomputed values" & " [" & $WordBitWidth & "-bit mode]":
|
||||
checkCubeRootOfUnity(BN254_Snarks)
|
||||
checkCubeRootOfUnity(BLS12_377)
|
||||
checkCubeRootOfUnity(BLS12_381)
|
||||
|
|
|
@ -68,7 +68,7 @@ proc runFrobeniusTowerTests*[N](
|
|||
rng.seed(seed)
|
||||
echo moduleName, " xoshiro512** seed: ", seed
|
||||
|
||||
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Frobenius(a) = a^p (mod p^" & $ExtDegree & ")":
|
||||
proc test(Field: typedesc, Iters: static int, gen: RandomGen) =
|
||||
for _ in 0 ..< Iters:
|
||||
|
|
|
@ -69,7 +69,7 @@ proc runTowerTests*[N](
|
|||
rng.seed(seed)
|
||||
echo moduleName, " xoshiro512** seed: ", seed
|
||||
|
||||
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Comparison sanity checks":
|
||||
proc test(Field: typedesc) =
|
||||
var z, o {.noInit.}: Field
|
||||
|
|
|
@ -76,7 +76,7 @@ proc sanity(C: static Curve) =
|
|||
bool(n == expected)
|
||||
|
||||
proc mainSanity() =
|
||||
suite "Fr: Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Fr: Modular squaring is consistent with multiplication on special elements" & " [" & $WordBitWidth & "-bit mode]":
|
||||
sanity BN254_Snarks
|
||||
sanity BLS12_381
|
||||
|
||||
|
@ -112,7 +112,7 @@ proc random_long01Seq(C: static Curve) =
|
|||
|
||||
doAssert bool(r_mul == r_sqr)
|
||||
|
||||
suite "Fr: Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Fr: Random Modular Squaring is consistent with Modular Multiplication" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Random squaring mod r_BN254_Snarks [FastSquaring = " & $(Fr[BN254_Snarks].getSpareBits() >= 2) & "]":
|
||||
for _ in 0 ..< Iters:
|
||||
randomCurve(BN254_Snarks)
|
||||
|
|
|
@ -22,7 +22,7 @@ echo "test_io_bigints xoshiro512** seed: ", seed
|
|||
type T = BaseType
|
||||
|
||||
proc main() =
|
||||
suite "IO Hex - BigInt" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "IO Hex - BigInt" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Parsing raw integers":
|
||||
block: # Sanity check
|
||||
let x = 0'u64
|
||||
|
@ -98,7 +98,7 @@ proc main() =
|
|||
|
||||
check: n == h
|
||||
|
||||
suite "IO Decimal - BigInt" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "IO Decimal - BigInt" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Checks elliptic curve constants":
|
||||
block: # BLS12-381 - https://github.com/ethereum/py_ecc/blob/master/py_ecc/fields/field_properties.py
|
||||
const p = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787"
|
||||
|
|
|
@ -21,7 +21,7 @@ echo "\n------------------------------------------------------\n"
|
|||
echo "test_io_fields xoshiro512** seed: ", seed
|
||||
|
||||
proc main() =
|
||||
suite "IO - Finite fields" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "IO - Finite fields" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Parsing and serializing round-trip on uint64":
|
||||
# 101 ---------------------------------
|
||||
block:
|
||||
|
|
|
@ -56,7 +56,7 @@ proc testRoundtrip(curve: static Curve, gen: static RandomGen) =
|
|||
"\n b: " & b.toHex()
|
||||
|
||||
proc main() =
|
||||
suite "Packed <-> Unsaturated limbs roundtrips" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Packed <-> Unsaturated limbs roundtrips" & " [" & $WordBitWidth & "-bit mode]":
|
||||
const Iters = 10000
|
||||
test "BN254_Snarks":
|
||||
for _ in 0 ..< Iters:
|
||||
|
|
|
@ -65,7 +65,7 @@ func random_point*(rng: var RngState, EC: typedesc, randZ: bool, gen: RandomGen)
|
|||
else:
|
||||
result = rng.random_long01Seq_with_randZ(EC)
|
||||
|
||||
suite "Pairing - Line Functions on BLS12-377" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Pairing - Line Functions on BLS12-377" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Line double - lt,t(P)":
|
||||
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
|
||||
for _ in 0 ..< Iters:
|
||||
|
|
|
@ -65,7 +65,7 @@ func random_point*(rng: var RngState, EC: typedesc, randZ: bool, gen: RandomGen)
|
|||
else:
|
||||
result = rng.random_long01Seq_with_randZ(EC)
|
||||
|
||||
suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Line double - lt,t(P)":
|
||||
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
|
||||
for _ in 0 ..< Iters:
|
||||
|
|
|
@ -49,7 +49,7 @@ func random_elem(rng: var RngState, F: typedesc, gen: RandomGen): F {.inline, no
|
|||
else:
|
||||
result = rng.random_long01Seq(F)
|
||||
|
||||
suite "Pairing - Cyclotomic subgroup - GΦ₁₂(p) = {α ∈ Fp¹² : α^Φ₁₂(p) ≡ 1 (mod p¹²)}" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Pairing - Cyclotomic subgroup - GΦ₁₂(p) = {α ∈ Fp¹² : α^Φ₁₂(p) ≡ 1 (mod p¹²)}" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Easy part of the final exponentiation maps to the cyclotomic subgroup":
|
||||
proc test_final_exp_easy_cycl(C: static Curve, gen: static RandomGen) =
|
||||
for _ in 0 ..< Iters:
|
||||
|
|
|
@ -99,7 +99,7 @@ template runPairingTests*(Iters: static int, C: static Curve, G1, G2, GT: typede
|
|||
doAssert bool(r == r3)
|
||||
doAssert bool(r2 == r3)
|
||||
|
||||
suite "Pairing - Optimal Ate on " & $C & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Pairing - Optimal Ate on " & $C & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Bilinearity e([2]P, Q) = e(P, [2]Q) = e(P, Q)^2":
|
||||
test_bilinearity_double_impl(randZ = false, gen = Uniform)
|
||||
test_bilinearity_double_impl(randZ = false, gen = HighHammingWeight)
|
||||
|
@ -139,7 +139,7 @@ template runGTsubgroupTests*(Iters: static int, GT: typedesc, finalExpHard_fn: u
|
|||
|
||||
stdout.write '\n'
|
||||
|
||||
suite "Pairing - GT subgroup " & $GT.C & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Pairing - GT subgroup " & $GT.C & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "Final Exponentiation and GT-subgroup membership":
|
||||
test_gt_impl(gen = Uniform)
|
||||
test_gt_impl(gen = HighHammingWeight)
|
||||
|
|
|
@ -21,7 +21,7 @@ template undistinct[T](x: Ct[T]): T =
|
|||
T(x)
|
||||
|
||||
proc main() =
|
||||
suite "Constant-time unsigned integers" & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite "Constant-time unsigned integers" & " [" & $WordBitWidth & "-bit mode]":
|
||||
test "High - getting the biggest representable number":
|
||||
check:
|
||||
high(Ct[byte]).undistinct == 0xFF.byte
|
||||
|
|
|
@ -115,7 +115,7 @@ proc run_hash_to_curve_test(
|
|||
|
||||
let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors"
|
||||
|
||||
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
|
||||
|
||||
doAssert vec.hash == "sha256"
|
||||
doAssert vec.k == "0x80" # 128
|
||||
|
@ -150,7 +150,7 @@ proc run_hash_to_curve_svdw_test(
|
|||
|
||||
let testSuiteDesc = "Hash to Curve " & $EC.F.C & " " & G1_or_G2 & " - official specs " & spec_version & " test vectors"
|
||||
|
||||
suite testSuiteDesc & " [" & $WordBitwidth & "-bit mode]":
|
||||
suite testSuiteDesc & " [" & $WordBitWidth & "-bit mode]":
|
||||
|
||||
doAssert vec.hash == "sha256"
|
||||
doAssert vec.k == "0x80" # 128
|
||||
|
|
Loading…
Reference in New Issue