From 14b195ee656f2b61153e3ecbfa98a41c3518f164 Mon Sep 17 00:00:00 2001
From: Pieter Wuille <pieter.wuille@gmail.com>
Date: Sun, 10 Mar 2013 21:41:54 +0100
Subject: [PATCH] fix tests

---
 num.h         |  4 ++--
 num_openssl.h |  2 +-
 tests.cpp     | 26 +++++++++++++++++++++-----
 3 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/num.h b/num.h
index db1563b..3bb8af3 100644
--- a/num.h
+++ b/num.h
@@ -1,7 +1,7 @@
 #ifndef _SECP256K1_NUM_
 #define _SECP256K1_NUM_
 
-#include "num_gmp.h"
-// #include "num_openssl.h"
+// #include "num_gmp.h"
+#include "num_openssl.h"
 
 #endif
diff --git a/num_openssl.h b/num_openssl.h
index 00dacd8..0ce1a8f 100644
--- a/num_openssl.h
+++ b/num_openssl.h
@@ -95,7 +95,7 @@ public:
         BN_div(bn, NULL, a1.bn, a2.bn, ctx);
     }
     void SetMod(Context &ctx, const Number &a, const Number &m) {
-        BN_nnmod(bn, m.bn, a.bn, ctx);
+        BN_nnmod(bn, a.bn, m.bn, ctx);
     }
     int Compare(const Number &a) const {
         return BN_cmp(bn, a.bn);
diff --git a/tests.cpp b/tests.cpp
index 5c46b81..be97fec 100644
--- a/tests.cpp
+++ b/tests.cpp
@@ -13,18 +13,34 @@ void test_ecmult() {
     FieldElem ax; ax.SetHex("8b30bbe9ae2a990696b22f670709dff3727fd8bc04d3362c6c7bf458e2846004");
     FieldElem ay; ay.SetHex("a357ae915c4a65281309edf20504740f0eb3343990216b4f81063cb65f2f7e0f");
     GroupElemJac a(ax,ay);
-    Number an(ctx); an.SetHex("84cc5452f7fde1edb4d38a8ce9b1b84ccef31f146e569be9705d357a42985407");
+    Number xn(ctx); xn.SetHex("84cc5452f7fde1edb4d38a8ce9b1b84ccef31f146e569be9705d357a42985407");
     Number gn(ctx); gn.SetHex("a1e58d22553dcd42b23980625d4c57a96e9323d42b3152e5ca2c3990edc7c9de");
-    Number af(ctx); af.SetHex("1337");
+    Number xf(ctx); xf.SetHex("1337");
     Number gf(ctx); gf.SetHex("7113");
+    Number ae(ctx); ae.SetHex("01");
+    Number ge(ctx); ge.SetHex("00");
+    GroupElemJac x = a;
     const Number &order = GetGroupConst().order;
     for (int i=0; i<1000; i++) {
-        ECMult(ctx, a, a, an, gn);
-        an.SetModMul(ctx, an, af, order);
+        // in each iteration, compute X = xn*X + gn*G;
+        ECMult(ctx, x, x, xn, gn);
+        // also compute ae and ge: the actual accumulated factors for A and G
+        // if X was (ae*A+ge*G), xn*X + gn*G results in (xn*ae*A + (xn*ge+gn)*G)
+        ae.SetModMul(ctx, ae, xn, order);
+        ge.SetModMul(ctx, ge, xn, order);
+        ge.SetAdd(ctx, ge, gn);
+        ge.SetMod(ctx, ge, order);
+        // modify xn and gn
+        xn.SetModMul(ctx, xn, xf, order);
         gn.SetModMul(ctx, gn, gf, order);
     }
-    std::string res = a.ToString();
+    std::string res = x.ToString();
     assert(res == "(D37F97BBF58B4ECA238329D272C9AF0194F062B851EDF9B40F2294FA00BBFCA2,B127748E9A9F347257051588D44A1B822CA731833B2653AA3646C59A8ADAF295)");
+    // redo the computation, but directly with the resulting ae and ge coefficients:
+    GroupElemJac x2; ECMult(ctx, x2, a, ae, ge);
+    std::string res2 = x2.ToString();
+    printf("res=%s res2=%s\n", res.c_str(), res2.c_str());
+    assert(res == res2);
 }