diff options
Diffstat (limited to 'libgo/go/crypto/elliptic/p224_test.go')
| -rw-r--r-- | libgo/go/crypto/elliptic/p224_test.go | 306 |
1 files changed, 1 insertions, 305 deletions
diff --git a/libgo/go/crypto/elliptic/p224_test.go b/libgo/go/crypto/elliptic/p224_test.go index b213b27..7971f63 100644 --- a/libgo/go/crypto/elliptic/p224_test.go +++ b/libgo/go/crypto/elliptic/p224_test.go @@ -8,313 +8,9 @@ import ( "encoding/hex" "fmt" "math/big" - "math/bits" - "math/rand" - "reflect" "testing" - "testing/quick" ) -var toFromBigTests = []string{ - "0", - "1", - "23", - "b70e0cb46bb4bf7f321390b94a03c1d356c01122343280d6105c1d21", - "706a46d476dcb76798e6046d89474788d164c18032d268fd10704fa6", -} - -func p224AlternativeToBig(in *p224FieldElement) *big.Int { - ret := new(big.Int) - tmp := new(big.Int) - - for i := len(in) - 1; i >= 0; i-- { - ret.Lsh(ret, 28) - tmp.SetInt64(int64(in[i])) - ret.Add(ret, tmp) - } - ret.Mod(ret, P224().Params().P) - return ret -} - -func TestP224ToFromBig(t *testing.T) { - for i, test := range toFromBigTests { - n, _ := new(big.Int).SetString(test, 16) - var x p224FieldElement - p224FromBig(&x, n) - m := p224ToBig(&x) - if n.Cmp(m) != 0 { - t.Errorf("#%d: %x != %x", i, n, m) - } - q := p224AlternativeToBig(&x) - if n.Cmp(q) != 0 { - t.Errorf("#%d: %x != %x (alternative)", i, n, q) - } - } -} - -// quickCheckConfig32 will make each quickcheck test run (32 * -quickchecks) -// times. The default value of -quickchecks is 100. -var quickCheckConfig32 = &quick.Config{MaxCountScale: 32} - -// weirdLimbs can be combined to generate a range of edge-case field elements. -var weirdLimbs = [...]uint32{ - 0, 1, (1 << 29) - 1, - (1 << 12), (1 << 12) - 1, - (1 << 28), (1 << 28) - 1, -} - -func generateLimb(rand *rand.Rand) uint32 { - const bottom29Bits = 0x1fffffff - n := rand.Intn(len(weirdLimbs) + 3) - switch n { - case len(weirdLimbs): - // Random value. - return uint32(rand.Int31n(1 << 29)) - case len(weirdLimbs) + 1: - // Sum of two values. - k := generateLimb(rand) + generateLimb(rand) - return k & bottom29Bits - case len(weirdLimbs) + 2: - // Difference of two values. - k := generateLimb(rand) - generateLimb(rand) - return k & bottom29Bits - default: - return weirdLimbs[n] - } -} - -func (p224FieldElement) Generate(rand *rand.Rand, size int) reflect.Value { - return reflect.ValueOf(p224FieldElement{ - generateLimb(rand), - generateLimb(rand), - generateLimb(rand), - generateLimb(rand), - generateLimb(rand), - generateLimb(rand), - generateLimb(rand), - generateLimb(rand), - }) -} - -func isInBounds(x *p224FieldElement) bool { - return bits.Len32(x[0]) <= 29 && - bits.Len32(x[1]) <= 29 && - bits.Len32(x[2]) <= 29 && - bits.Len32(x[3]) <= 29 && - bits.Len32(x[4]) <= 29 && - bits.Len32(x[5]) <= 29 && - bits.Len32(x[6]) <= 29 && - bits.Len32(x[7]) <= 29 -} - -func TestP224Mul(t *testing.T) { - mulMatchesBigInt := func(a, b, out p224FieldElement) bool { - var tmp p224LargeFieldElement - p224Mul(&out, &a, &b, &tmp) - - exp := new(big.Int).Mul(p224AlternativeToBig(&a), p224AlternativeToBig(&b)) - exp.Mod(exp, P224().Params().P) - got := p224AlternativeToBig(&out) - if exp.Cmp(got) != 0 || !isInBounds(&out) { - t.Logf("a = %x", a) - t.Logf("b = %x", b) - t.Logf("p224Mul(a, b) = %x = %v", out, got) - t.Logf("a * b = %v", exp) - return false - } - - return true - } - - a := p224FieldElement{0xfffffff, 0xfffffff, 0xf00ffff, 0x20f, 0x0, 0x0, 0x0, 0x0} - b := p224FieldElement{1, 0, 0, 0, 0, 0, 0, 0} - if !mulMatchesBigInt(a, b, p224FieldElement{}) { - t.Fail() - } - - if err := quick.Check(mulMatchesBigInt, quickCheckConfig32); err != nil { - t.Error(err) - } -} - -func TestP224Square(t *testing.T) { - squareMatchesBigInt := func(a, out p224FieldElement) bool { - var tmp p224LargeFieldElement - p224Square(&out, &a, &tmp) - - exp := p224AlternativeToBig(&a) - exp.Mul(exp, exp) - exp.Mod(exp, P224().Params().P) - got := p224AlternativeToBig(&out) - if exp.Cmp(got) != 0 || !isInBounds(&out) { - t.Logf("a = %x", a) - t.Logf("p224Square(a, b) = %x = %v", out, got) - t.Logf("a * a = %v", exp) - return false - } - - return true - } - - if err := quick.Check(squareMatchesBigInt, quickCheckConfig32); err != nil { - t.Error(err) - } -} - -func TestP224Add(t *testing.T) { - addMatchesBigInt := func(a, b, out p224FieldElement) bool { - p224Add(&out, &a, &b) - - exp := new(big.Int).Add(p224AlternativeToBig(&a), p224AlternativeToBig(&b)) - exp.Mod(exp, P224().Params().P) - got := p224AlternativeToBig(&out) - if exp.Cmp(got) != 0 { - t.Logf("a = %x", a) - t.Logf("b = %x", b) - t.Logf("p224Add(a, b) = %x = %v", out, got) - t.Logf("a + b = %v", exp) - return false - } - - return true - } - - if err := quick.Check(addMatchesBigInt, quickCheckConfig32); err != nil { - t.Error(err) - } -} - -func TestP224Reduce(t *testing.T) { - reduceMatchesBigInt := func(a p224FieldElement) bool { - out := a - // TODO: generate higher values for functions like p224Reduce that are - // expected to work with higher input bounds. - p224Reduce(&out) - - exp := p224AlternativeToBig(&a) - got := p224AlternativeToBig(&out) - if exp.Cmp(got) != 0 || !isInBounds(&out) { - t.Logf("a = %x = %v", a, exp) - t.Logf("p224Reduce(a) = %x = %v", out, got) - return false - } - - return true - } - - if err := quick.Check(reduceMatchesBigInt, quickCheckConfig32); err != nil { - t.Error(err) - } -} - -func TestP224Contract(t *testing.T) { - contractMatchesBigInt := func(a, out p224FieldElement) bool { - p224Contract(&out, &a) - - exp := p224AlternativeToBig(&a) - got := p224AlternativeToBig(&out) - if exp.Cmp(got) != 0 { - t.Logf("a = %x = %v", a, exp) - t.Logf("p224Contract(a) = %x = %v", out, got) - return false - } - - // Check that out < P. - for i := range p224P { - k := 8 - i - 1 - if out[k] > p224P[k] { - t.Logf("p224Contract(a) = %x", out) - return false - } - if out[k] < p224P[k] { - return true - } - } - t.Logf("p224Contract(a) = %x", out) - return false - } - - if !contractMatchesBigInt(p224P, p224FieldElement{}) { - t.Error("p224Contract(p) is broken") - } - pMinus1 := p224FieldElement{0, 0, 0, 0xffff000, 0xfffffff, 0xfffffff, 0xfffffff, 0xfffffff} - if !contractMatchesBigInt(pMinus1, p224FieldElement{}) { - t.Error("p224Contract(p - 1) is broken") - } - // Check that we can handle input above p, but lowest limb zero. - a := p224FieldElement{0, 1, 0, 0xffff000, 0xfffffff, 0xfffffff, 0xfffffff, 0xfffffff} - if !contractMatchesBigInt(a, p224FieldElement{}) { - t.Error("p224Contract(p + 2²⁸) is broken") - } - // Check that we can handle input above p, but lowest three limbs zero. - b := p224FieldElement{0, 0, 0, 0xffff001, 0xfffffff, 0xfffffff, 0xfffffff, 0xfffffff} - if !contractMatchesBigInt(b, p224FieldElement{}) { - t.Error("p224Contract(p + 2⁸⁴) is broken") - } - - if err := quick.Check(contractMatchesBigInt, quickCheckConfig32); err != nil { - t.Error(err) - } -} - -func TestP224IsZero(t *testing.T) { - if got := p224IsZero(&p224FieldElement{}); got != 1 { - t.Errorf("p224IsZero(0) = %d, expected 1", got) - } - if got := p224IsZero((*p224FieldElement)(&p224P)); got != 1 { - t.Errorf("p224IsZero(p) = %d, expected 1", got) - } - if got := p224IsZero(&p224FieldElement{1}); got != 0 { - t.Errorf("p224IsZero(1) = %d, expected 0", got) - } - - isZeroMatchesBigInt := func(a p224FieldElement) bool { - isZero := p224IsZero(&a) - - big := p224AlternativeToBig(&a) - if big.Sign() == 0 && isZero != 1 { - return false - } - if big.Sign() != 0 && isZero != 0 { - return false - } - return true - } - - if err := quick.Check(isZeroMatchesBigInt, quickCheckConfig32); err != nil { - t.Error(err) - } -} - -func TestP224Invert(t *testing.T) { - var out p224FieldElement - - p224Invert(&out, &p224FieldElement{}) - if got := p224IsZero(&out); got != 1 { - t.Errorf("p224Invert(0) = %x, expected 0", out) - } - - p224Invert(&out, (*p224FieldElement)(&p224P)) - if got := p224IsZero(&out); got != 1 { - t.Errorf("p224Invert(p) = %x, expected 0", out) - } - - p224Invert(&out, &p224FieldElement{1}) - p224Contract(&out, &out) - if out != (p224FieldElement{1}) { - t.Errorf("p224Invert(1) = %x, expected 1", out) - } - - var tmp p224LargeFieldElement - a := p224FieldElement{1, 2, 3, 4, 5, 6, 7, 8} - p224Invert(&out, &a) - p224Mul(&out, &out, &a, &tmp) - p224Contract(&out, &out) - if out != (p224FieldElement{1}) { - t.Errorf("p224Invert(a) * a = %x, expected 1", out) - } -} - type baseMultTest struct { k string x, y string @@ -602,7 +298,7 @@ func TestP224BaseMult(t *testing.T) { func TestP224GenericBaseMult(t *testing.T) { // We use the P224 CurveParams directly in order to test the generic implementation. - p224 := P224().Params() + p224 := genericParamsForCurve(P224()) for i, e := range p224BaseMultTests { k, ok := new(big.Int).SetString(e.k, 10) if !ok { |