mirror of
https://github.com/codex-storage/constantine.git
synced 2025-01-28 19:46:19 +00:00
7e97cd4ac5
* Fix #114 - Negating 0 left the prime modulus, which is working most of the time for everything except for comparison. (also somehow triggers and workaround weird compiler bug where exceptions tracking is activated in macros and all the curve enums were stringified as their ordinal value) * https://github.com/mratsim/constantine/issues/136 was also fixed, add to anti-regression * add comment in test * Fix the pure Nim fallback as well
188 lines
7.8 KiB
Nim
188 lines
7.8 KiB
Nim
# Constantine
|
|
# Copyright (c) 2018-2019 Status Research & Development GmbH
|
|
# Copyright (c) 2020-Present Mamy André-Ratsimbazafy
|
|
# Licensed and distributed under either of
|
|
# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).
|
|
# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).
|
|
# at your option. This file may not be copied, modified, or distributed except according to those terms.
|
|
|
|
import
|
|
# stdlib
|
|
std/unittest,
|
|
# Internals
|
|
../constantine/config/[common, type_ff],
|
|
../constantine/towers,
|
|
../constantine/config/curves,
|
|
../constantine/io/io_towers,
|
|
../constantine/towers
|
|
|
|
# ###############################################################
|
|
#
|
|
# Edge cases highlighted by property-based testing or fuzzing
|
|
#
|
|
# ###############################################################
|
|
|
|
# Fuzzing failure #114: Fp12 BN254 Mul and add/sub are consistent
|
|
# Highlighted by the Long01Seq skewed RNG
|
|
# with random seeds
|
|
# - 1611183150
|
|
# - 1611267611
|
|
# - 1611393788
|
|
# - 1611420927
|
|
# - 1611402369
|
|
|
|
proc test114(factor: int, a: Fp12[BN254_Snarks]): bool =
|
|
var sum{.noInit.}, one{.noInit.}, f{.noInit.}: Fp12[BN254_Snarks]
|
|
one.setOne()
|
|
|
|
if factor < 0:
|
|
sum.neg(a)
|
|
f.neg(one)
|
|
for i in 1 ..< -factor:
|
|
sum -= a
|
|
f -= one
|
|
else:
|
|
sum = a
|
|
f = one
|
|
for i in 1 ..< factor:
|
|
sum += a
|
|
f += one
|
|
|
|
var r{.noInit.}: Fp12[BN254_Snarks]
|
|
|
|
r.prod(a, f)
|
|
|
|
result = bool(r == sum)
|
|
|
|
if not result:
|
|
echo "Failure for"
|
|
echo "==================="
|
|
echo "r: ", r.toHex()
|
|
echo "-------------------"
|
|
echo "sum: ", sum.toHex()
|
|
echo "-------------------"
|
|
debug:
|
|
echo "r (raw montgomery): ", $r
|
|
echo "-------------------"
|
|
echo "sum (raw montgomery):", $sum
|
|
echo "-------------------"
|
|
echo "\n\n"
|
|
|
|
# Requires a Fp -> Fp2 -> Fp4 -> Fp12 towering
|
|
var t114_cases: seq[tuple[factor: int, a: Fp12[BN254_Snarks]]]
|
|
|
|
t114_cases.add (
|
|
# seed 1611183150
|
|
-13,
|
|
Fp12[BN254_Snarks].fromHex(
|
|
"0x0000000000ffffffffffffffff3f00c00100000000fcffff0700000000000000",
|
|
"0x0000000000ffffffffffff7f000000e0ffff03000000fcff07e0ffffff9fffff",
|
|
"0x0080ffffffffff1f00f00080ffffffffffffffffffffffffffffffffffffffff",
|
|
"0x0c0a77c19a07df2f666ea36f7899461c0a78ec28b5d70b3dd35d430dc58f0d9d",
|
|
"0x000007fc00000000000000000000003ffffffffffff1ffffff8000000001ffff",
|
|
"0x000000c0ffffffdfffffffff0100feffff03c0ffffffffffffffff3f00000000",
|
|
"0x000000000000000000000080ffffffffff3f0000f0dfff0f80ffffffffff0700",
|
|
"0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
"0x0e0a77c199c7df2f666ee36f7879422c0a78ed28f5c70b3dd2dd448dc58eed9d",
|
|
"0x0e0a77a19a07df2f866ea36f7839462c0a78eb28f5d70b3dd3dd438dc58f0d9c",
|
|
"0x000000000000000000000000003fc0000003f80000000000000007ffffffffff",
|
|
"0x0000001fff0000000000000000038000003ffffffffffff800000000000ff000"
|
|
)
|
|
)
|
|
|
|
var x = Fp12[BN254_Snarks].fromHex(
|
|
"0x30644e72d431a029b85045b68b4e4e9d8a816a915b98ca99e1208c16d87cfd47",
|
|
"0x30644e72d431a029b8504c4381814cf0978e43916864f199d5b38c16dd5cfd54",
|
|
"0x29d74e72e131ab96ac203f298181585d97816a916871ca8d3c208c16d87cfd54",
|
|
"0x250924f6b2602b3eada2ca30e63cd209d5e1ac3465db981134c5c8a859b04423",
|
|
"0x3063e6a6e131a029b85045b68181551d97816a916927ca8d42a08c16d862fd54",
|
|
"0x306444a5e131a1c9b85045c37474655da4509d916871ca8d3c2095e3d87cfd47",
|
|
"0x30644e72e131a029b8503f298181585da14e6a852d11d6c3af208c16d889a247",
|
|
"0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
"0x0b0924f6b5a02b3ead9f8a30e7dd0539d5e19f3126ab98113b45b52859b1e423",
|
|
"0x0b092696b2602b3d0da2ca30eb1cd139d5e1b93125db98112e45c22859b04430",
|
|
"0x30644e72e131a029b85045b67e44985d974dd2916871ca8d3c202416d87cfd54",
|
|
"0x30644cd2ee31a029b85045b68153d85d94416a916871caf53c208c16d7adcd47"
|
|
)
|
|
|
|
t114_cases.add (
|
|
# seed 1611267611
|
|
-7,
|
|
Fp12[BN254_Snarks].fromHex(
|
|
"0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
"0x0e0477c19a07de6e666ea46eb77947290a786a28f5c70b3dd35d4486c58f0cdc",
|
|
"0x00fffffffffffffffffffffff80000000003ffffffffffffc0000000007fffff",
|
|
"0x00ffff00000080ffffffffffffffffffffff1f00000000000000000000c03f00",
|
|
"0x00000000c0ff00c0ff07000000000000000000000000000000feffffffffffff",
|
|
"0x000000000007ffffffffff000000e003f83fffffe0000000001ffff803ffc000",
|
|
"0x0000003fffffffffffffffffffffffffffff801fffffffc01f00000007ffffff",
|
|
"0x00000000003fffffffe00000000000ffffffe08003fff800007fffffffffffff",
|
|
"0x0e0a57c19a47dfaf666ea36f787945ac8a78eb28f5c70b3dd2dd438dc58f0d9d",
|
|
"0x0000000000feffffffffff1f0000000000000000000080ffff03f8ffffffffff",
|
|
"0x000000f87f0000c0ffffffffffffffffffffffffffffffffffffff07fcffffff",
|
|
"0x01fffffffe0000000001fcffffffffffffffffc003ffffff8001ffffffffffff"
|
|
)
|
|
)
|
|
|
|
t114_cases.add (
|
|
# seed 1611393788
|
|
-15,
|
|
Fp12[BN254_Snarks].fromHex(
|
|
"0x0e0a77c192085f2f666e63777879462c0a78eb08f5c70b3dd35d438dd58f0d9c",
|
|
"0x0fffe03ffe0000000000000000001fffffff0000000fffffe0000fffffffffff",
|
|
"0x000000000003ffffffffffff00000000000000000000000000000ffffffeffff",
|
|
"0x00f0ffffffff3f0000f0ffffffffff0700000000000000000000600000001f00",
|
|
"0x0f9bb18c1ece5fd647afba4d7e7ea7a0687ebd6a978e3572c3df73e9278306b8",
|
|
"0x00e0ff3f00f0ffffffffff010000000080ffffffffffffffffffff000000ffff",
|
|
"0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
"0x0dca77c19a07e02f6666a56f7878462c0a792b28f5c6cb3dd35d438dcd8f0d80",
|
|
"0x0e0a76c19a07df2f6e6ea36f7879462c0a78eb28f5c70b3dd359438dc59f0d7d",
|
|
"0x0e0a77c11a07df2f666ea36f8075462c0a78eb28f5c70b3dd35d538dc58f0dac",
|
|
"0x0e0a77819a083f2f766e9b6f7879462c0a78eb28f5c70b3dd35d438dc592119c",
|
|
"0x000000000ffffffffffffe000000003ffffc0000000000000000000000000000"
|
|
)
|
|
)
|
|
|
|
t114_cases.add (
|
|
# seed 1611420927
|
|
-25,
|
|
Fp12[BN254_Snarks].fromHex(
|
|
"0x0000000000ffffc00000000000000fffffffffffffffffffff00007fffe003ff",
|
|
"0x00000000ffff1fc0ffffff1ff8ffffffffffff00fc010000feffffffff0300f0",
|
|
"0x000000000000001800000000e00300feffffffffffff1f00f0ffffffffffffff",
|
|
"0x0e0a75c1da07df2f666ea36f7879461c0a78ec28f5c70b35d35d438dc590ed9d",
|
|
"0x0e09f6c19a085f30666f846f7780c72c097feb29f5c70b3cd65dc48d44900cbc",
|
|
"0x0000000001ffffe7e0000000000000003fffffffffffff000000000001fff800",
|
|
"0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
"0x0e09b6c28b07df2f666ea36f7879462c0a780ae9f5c70b3dd35c638cc48f0da3",
|
|
"0x0e0a77c19a07df2f666da46f7879462c0a78eb2976c60a7cd35d438eb68f0c9d",
|
|
"0x0007f00007fffff00000000000000003ffffffff8000000fffffc001ffffffff",
|
|
"0x0e0a77c19a07df2f666ea36f7879462c0a68ec28f5c70b3dd35c438dcd4f0e1c",
|
|
"0x1ffffffffffffffffffffffffffffff000000000000000000fc000ffffffffff"
|
|
)
|
|
)
|
|
|
|
t114_cases.add (
|
|
# seed 1611402369
|
|
-10,
|
|
Fp12[BN254_Snarks].fromHex(
|
|
"0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
"0x00000000000020000007fffff800000000000001ffffffffffffffffffffe000",
|
|
"0x0000000000000000000000f8fffffffffffffff7ffffffffffff1f0000000200",
|
|
"0x0000030000000003fffc00000000003ffffffe000000000000ffc00000000000",
|
|
"0x0e0a76e09a07df2f666ea3705881432c0a78e828f5c70b3d125e348d058f0cbc",
|
|
"0x0000000f01fffc7fffffffffffffffffffffffe000000000000fffffc0000000",
|
|
"0x0e0a77c0b907e02c666ea36f77f8462c0a78eb28f5c70b3e545d438dc58f0d9c",
|
|
"0x0e0a77a19a07df2f668ea36f78793a2c0a78eb2875c74b3dd355438dc59f0d9c",
|
|
"0x0e0a75c19a07df31662ea36f7879462c0a78eb28f5c70c1dd361438dc58f0d9c",
|
|
"0x00000000000000000000000000feffff00001c000007e0ffffffffff07000000",
|
|
"0x00001ffffffff000007fffffffff0000007f000000000000ffffffffffffffff",
|
|
"0x0e0996c19a08d02e756ea36f7879462c0a78eb28f5c70b3dd43dc28dc58f0d9d"
|
|
)
|
|
)
|
|
|
|
suite "Fuzzing failure #114: Fp12 BN254 Mul and add/sub are consistent":
|
|
test $t114_cases.len & " failure cases are now successful":
|
|
for i in 0..<t114_cases.len:
|
|
check: test114(t114_cases[i].factor, t114_cases[i].a)
|