github.com/cloudflare/circl@v1.5.0/dh/csidh/curve_test.go (about) 1 package csidh 2 3 import ( 4 "math/big" 5 "testing" 6 ) 7 8 // Actual test implementation. 9 func TestXAdd(t *testing.T) { 10 var P, Q, PdQ point 11 var PaQ point 12 var expPaQ big.Int 13 14 // points from a Elliptic Curve defined in sage as follows: 15 // A = 0x6055947AAFEBF773CE912680A6A32656073233D2FD6FDF4A143BE82D25B44ECC0431DE564C0F0D6591ACC62D6876E86F5D06B68C9EAF20D0DB0A6B99ED558512 16 // E = EllipticCurve(GF(p), [0, A, 0, 1, 0]) 17 // where p is CSIDH's 511-bit prime 18 19 checkXAdd := func() { 20 xAdd(&PaQ, &P, &Q, &PdQ) 21 ret := toNormX(&PaQ) 22 if ret.Cmp(&expPaQ) != 0 { 23 t.Errorf("\nExp: %s\nGot: %s", expPaQ.Text(16), ret.Text(16)) 24 } 25 } 26 27 expPaQ.SetString("0x41C98C5D7FF118B1A3987733581FD69C0CC27D7B63BCCA525106B9945869C6DAEDAA3D5D9D2679237EF0D013BE68EF12731DBFB26E12576BAD1E824C67ABD125", 0) 28 P.x = toFp("0x5840FD8E0165F7F474260F99337461AF195233F791FABE735EC2634B74A95559568B4CEB23959C8A01C5C57E215D22639868ED840D74FE2BAC04830CF75047AD") 29 P.z = toFp("1") 30 Q.x = toFp("0x3C1A003C71436698B4A181CEB12BA4B4D1FF7BB14AAAF6FBDA6957C4EBA20AD8E3893DF6F64E67E81163E024C19C7E975F3EC61862F75502C3ED802370E75A3F") 31 Q.z = toFp("1") 32 PdQ.x = toFp("0x519B1928F752B0B2143C1C23EB247B370DBB5B9C29B9A3A064D7FBC1B67FAC34B6D3DDA0F3CB87C387B425B36F31B93A8E73252BA701927B767A9DE89D5A92AE") 33 PdQ.z = toFp("1") 34 checkXAdd() 35 36 expPaQ.SetString("0x5840FD8E0165F7F474260F99337461AF195233F791FABE735EC2634B74A95559568B4CEB23959C8A01C5C57E215D22639868ED840D74FE2BAC04830CF75047AD", 0) 37 P.x = toFp("0x5840FD8E0165F7F474260F99337461AF195233F791FABE735EC2634B74A95559568B4CEB23959C8A01C5C57E215D22639868ED840D74FE2BAC04830CF75047AD") 38 P.z = toFp("1") 39 Q.x = toFp("1") 40 Q.z = toFp("0x0") 41 PdQ.x = toFp(expPaQ.Text(10)) 42 PdQ.z = toFp("1") 43 checkXAdd() 44 } 45 46 func TestXDbl(t *testing.T) { 47 var P, A point 48 var PaP point 49 var expPaP big.Int 50 51 // points from a Elliptic Curve defined in sage as follows: 52 // A = 0x599841D7D1FCD92A85759B7A3D2D5E4C56EFB17F19F86EB70E121EA16305EDE45A55868BE069313F821F7D94069EC220A4AC3B85500376710538246E9B3BC138 53 // E = EllipticCurve(GF(p), [0, A, 0, 1, 0]) 54 // where p is CSIDH's 511-bit prime 55 56 expPaP.SetString("0x6115B5D8BB613D11BDFEA70D436D87C1515553F6A15061727B4001E0AF745AAA9F39EB9464982829D931F77DAB9D71B24FF0D1D34C347F2A51FD45821F2EA06F", 0) 57 P.x = toFp("0x6C5B4D4AB0765AAB23C10F8455BE522D3A5363324D7AD641CC67C0A52FC1FFE9F3F8EDFE641478CA93D4D0016D83F21487FD4AF4E02F8A2C237CF27C5604BCC") 58 P.z = toFp("1") 59 A.x = toFp("0x599841D7D1FCD92A85759B7A3D2D5E4C56EFB17F19F86EB70E121EA16305EDE45A55868BE069313F821F7D94069EC220A4AC3B85500376710538246E9B3BC138") 60 A.z = toFp("1") 61 62 xDbl(&PaP, &P, &A) 63 ret := toNormX(&PaP) 64 if ret.Cmp(&expPaP) != 0 { 65 t.Errorf("\nExp: %s\nGot: %s", expPaP.Text(16), ret.Text(16)) 66 } 67 } 68 69 func TestXDblAddNominal(t *testing.T) { 70 var P, Q, PdQ point 71 var PaP, PaQ point 72 var expPaP, expPaQ big.Int 73 var A coeff 74 75 checkXDblAdd := func() { 76 var A24 coeff 77 78 // A24.a = 2*A.z + A.a 79 addRdc(&A24.a, &A.c, &A.c) 80 addRdc(&A24.a, &A24.a, &A.a) 81 // A24.z = 4*A.z 82 mulRdc(&A24.c, &A.c, &four) 83 84 // Additionally will check if input can be same as output 85 PaP = P 86 PaQ = Q 87 88 xDblAdd(&PaP, &PaQ, &PaP, &PaQ, &PdQ, &A24) 89 retPaP := toNormX(&PaP) 90 retPaQ := toNormX(&PaQ) 91 if retPaP.Cmp(&expPaP) != 0 { 92 t.Errorf("\nExp: %s\nGot: %s", expPaP.Text(16), retPaP.Text(16)) 93 } 94 95 if retPaQ.Cmp(&expPaQ) != 0 { 96 t.Errorf("\nExp: %s\nGot: %s", expPaQ.Text(16), retPaQ.Text(16)) 97 } 98 } 99 100 // 2*P 101 expPaP.SetString("0x38F5B37271A3D8FA50107F88045D6F6B08355DD026C02E0306CE5875F47422736AD841B4122B2BD7DE6166BB6498F6A283378FF8250948E834F15CEA2D59A57B", 0) 102 // P+Q 103 expPaQ.SetString("0x53D9B44C5F61651612243CF7987F619FE6ACB5CF29538F96A63E7278E131F41A17D64388E31B028A5183EF9096AE82724BC34D8DDFD67AD68BD552A33C345B8C", 0) 104 P.x = toFp("0x4FE17B4CC66E85960F57033CD45996C99248DA09DF2E36F8840657B52F74ED8173E0D322FA57D7B4D0EE7F12967BBD59140B42F2626E29167D6419E851E5A4C9") 105 P.z = toFp("1") 106 Q.x = toFp("0x465047949CD6574FDBE00EA365CAF7A95DC9DEBE96A188823CA8C9DD9F527CF81290D49864F61DF0C08C1D6052139230735CA6CFDBDC1A8820610CCD71861176") 107 Q.z = toFp("1") 108 PdQ.x = toFp("0x49D3B999A0A020B34473568A8F75B5405F2D3BE5A006595015FC6DDC6BED8AB2A51A887B6DC62C64354466865FFD69E50AD37F6F4FBD74119EB65EBC9367B556") 109 PdQ.z = toFp("1") 110 A.a = toFp("0x118F955D498D902FD42E5B2926F297CC814CD7649EC5B070295622F97C4A0D9BD34058A7E0E00CB73ED32FCC237F9F6B7D2A15F5CC7C4EC61ECEF80ACBB0EFA4") 111 A.c = toFp("1") 112 checkXDblAdd() 113 114 // Case P=value, Q=(x=1, z=0). In this case PaQ==P; PaP=2*P 115 expPaP.SetString("0x38F5B37271A3D8FA50107F88045D6F6B08355DD026C02E0306CE5875F47422736AD841B4122B2BD7DE6166BB6498F6A283378FF8250948E834F15CEA2D59A57B", 0) 116 expPaQ.SetString("0x4FE17B4CC66E85960F57033CD45996C99248DA09DF2E36F8840657B52F74ED8173E0D322FA57D7B4D0EE7F12967BBD59140B42F2626E29167D6419E851E5A4C9", 0) 117 P.x = toFp("0x4FE17B4CC66E85960F57033CD45996C99248DA09DF2E36F8840657B52F74ED8173E0D322FA57D7B4D0EE7F12967BBD59140B42F2626E29167D6419E851E5A4C9") 118 P.z = toFp("1") 119 Q.x = toFp("1") 120 Q.z = toFp("0") 121 PdQ.x = toFp("0x4FE17B4CC66E85960F57033CD45996C99248DA09DF2E36F8840657B52F74ED8173E0D322FA57D7B4D0EE7F12967BBD59140B42F2626E29167D6419E851E5A4C9") 122 PdQ.z = toFp("1") 123 A.a = toFp("0x118F955D498D902FD42E5B2926F297CC814CD7649EC5B070295622F97C4A0D9BD34058A7E0E00CB73ED32FCC237F9F6B7D2A15F5CC7C4EC61ECEF80ACBB0EFA4") 124 A.c = toFp("1") 125 checkXDblAdd() 126 } 127 128 func TestXDblAddVSxDblxAdd(t *testing.T) { 129 var P, Q, PdQ point 130 var PaP1, PaQ1 point 131 var PaP2, PaQ2 point 132 var A point 133 var A24 coeff 134 135 P.x = toFp("0x4FE17B4CC66E85960F57033CD45996C99248DA09DF2E36F8840657B52F74ED8173E0D322FA57D7B4D0EE7F12967BBD59140B42F2626E29167D6419E851E5A4C9") 136 P.z = toFp("1") 137 Q.x = toFp("0x465047949CD6574FDBE00EA365CAF7A95DC9DEBE96A188823CA8C9DD9F527CF81290D49864F61DF0C08C1D6052139230735CA6CFDBDC1A8820610CCD71861176") 138 Q.z = toFp("1") 139 PdQ.x = toFp("0x49D3B999A0A020B34473568A8F75B5405F2D3BE5A006595015FC6DDC6BED8AB2A51A887B6DC62C64354466865FFD69E50AD37F6F4FBD74119EB65EBC9367B556") 140 PdQ.z = toFp("1") 141 A.x = toFp("0x118F955D498D902FD42E5B2926F297CC814CD7649EC5B070295622F97C4A0D9BD34058A7E0E00CB73ED32FCC237F9F6B7D2A15F5CC7C4EC61ECEF80ACBB0EFA4") 142 A.z = toFp("1") 143 144 // Precompute A24 for xDblAdd 145 // (A+2C:4C) => (A24.x = A.x+2A.z; A24.z = 4*A.z) 146 addRdc(&A24.a, &A.z, &A.z) 147 addRdc(&A24.a, &A24.a, &A.x) 148 mulRdc(&A24.c, &A.z, &four) 149 150 for i := 0; i < numIter; i++ { 151 xAdd(&PaQ2, &P, &Q, &PdQ) 152 xDbl(&PaP2, &P, &A) 153 xDblAdd(&PaP1, &PaQ1, &P, &Q, &PdQ, &A24) 154 155 if !ceqpoint(&PaQ1, &PaQ2) { 156 exp := toNormX(&PaQ1) 157 got := toNormX(&PaQ2) 158 t.Errorf("\nExp: \n\t%s\nGot from xAdd: \n\t%s", exp.Text(16), got.Text(16)) 159 } 160 161 if !ceqpoint(&PaP1, &PaP2) { 162 exp := toNormX(&PaP1) 163 got := toNormX(&PaP2) 164 t.Errorf("\nExp: \n\t%s\nGot from xDbl: \n\t%s", exp.Text(16), got.Text(16)) 165 } 166 167 // Swap values for next operation 168 PdQ = Q 169 Q = P 170 P = PaP1 171 } 172 } 173 174 func TestXMul(t *testing.T) { 175 var P point 176 var co coeff 177 var expKP big.Int 178 var k fp 179 180 checkXMul := func() { 181 var kP point 182 183 xMul(&kP, &P, &co, &k) 184 retKP := toNormX(&kP) 185 if expKP.Cmp(&retKP) != 0 { 186 t.Errorf("\nExp: %s\nGot: %s", expKP.Text(16), retKP.Text(16)) 187 } 188 189 // Check if first and second argument can overlap 190 xMul(&P, &P, &co, &k) 191 retKP = toNormX(&P) 192 if expKP.Cmp(&retKP) != 0 { 193 t.Errorf("\nExp: %s\nGot: %s", expKP.Text(16), retKP.Text(16)) 194 } 195 } 196 197 // Case C=1 198 expKP.SetString("0x582B866603E6FBEBD21FE660FB34EF9466FDEC55FFBCE1073134CC557071147821BBAD225E30F7B2B6790B00ED9C39A29AA043F58AF995E440AFB13DA8E6D788", 0) 199 P.x = toFp("0x1C5CA539C1D5B52DE4750C390C24C05251E8B1D33E48971FA86F5ADDED2D06C8CD31E94887541468BB2925EBD693C9DDFF5BD9508430F25FE28EE30C0760C0FE") 200 P.z = toFp("1") 201 co.a = toFp("0x538F785D52996919C8D5C73D842A0249669B5B6BB05338B74EAE8094AE5009A3BA2D73730F527D7403E8184D9B1FA11C0C4C40E7B328A84874A6DBCE99E1DF92") 202 co.c = toFp("1") 203 k = fp{0x7A36C930A83EFBD5, 0xD0E80041ED0DDF9F, 0x5AA17134F1B8F877, 0x975711EC94168E51, 0xB3CAD962BED4BAC5, 0x3026DFDD7E4F5687, 0xE67F91AB8EC9C3AF, 0x34671D3FD8C317E7} 204 checkXMul() 205 206 // Check if algorithms works correctly with k=1 207 expKP.SetString("0x1C5CA539C1D5B52DE4750C390C24C05251E8B1D33E48971FA86F5ADDED2D06C8CD31E94887541468BB2925EBD693C9DDFF5BD9508430F25FE28EE30C0760C0FE", 0) 208 P.x = toFp("0x1C5CA539C1D5B52DE4750C390C24C05251E8B1D33E48971FA86F5ADDED2D06C8CD31E94887541468BB2925EBD693C9DDFF5BD9508430F25FE28EE30C0760C0FE") 209 P.z = toFp("1") 210 co.a = toFp("0x538F785D52996919C8D5C73D842A0249669B5B6BB05338B74EAE8094AE5009A3BA2D73730F527D7403E8184D9B1FA11C0C4C40E7B328A84874A6DBCE99E1DF92") 211 co.c = toFp("1") 212 k = fp{1, 0, 0, 0, 0, 0, 0, 0} 213 checkXMul() 214 215 // Check if algorithms works correctly with value of k for which few small and high 216 // order bits are 0 (test for odd number of cswaps in xMul) 217 expKP.SetString("0x1925EDA0928C10F427B4E642E7E1481A670D1249956DED6A2292B9BAB841F6AA86A9F41459400845ED4A5E2531A14165F64FE4E43DBD85321B429C6DAE2E8987", 0) 218 P.x = toFp("0x4CE8603817B9BB06515E921AA201D26B31F3CE181D1E18CD5CD704708CCAD47546CEEAB42B98EE67925A5259E0684A0489F574A999DE127F708B849ACAA12A63") 219 P.z = toFp("1") 220 co.a = toFp("0x538F785D52996919C8D5C73D842A0249669B5B6BB05338B74EAE8094AE5009A3BA2D73730F527D7403E8184D9B1FA11C0C4C40E7B328A84874A6DBCE99E1DF92") 221 co.c = toFp("1") 222 k = fp{0, 7, 0, 0, 0, 0, 0, 0} 223 checkXMul() 224 225 // Check if algorithms works correctly with value of k for which few small and high 226 // order bits are 0 (test for even number of cswaps in xMul) 227 expKP.SetString("0x30C02915C5967C3B6EB2196A934ADF38A183E9C7E814B54121F93048A8FC12D5036992FABF8D807581017A4C1F93D07352413F38F6A902FC76A8894FE8D94805", 0) 228 P.x = toFp("0x2DDD15ED7C169BE6D9EC02CFE3DC507EC4A7A4D96DE3FAAB9BFCEA1B047807EA301E89830F2FDD0E7E642A85E7ACDE16BAD76DF140F719C4A7AB85153E7D69DC") 229 P.z = toFp("1") 230 co.a = toFp("0x538F785D52996919C8D5C73D842A0249669B5B6BB05338B74EAE8094AE5009A3BA2D73730F527D7403E8184D9B1FA11C0C4C40E7B328A84874A6DBCE99E1DF92") 231 co.c = toFp("1") 232 k = fp{0, 15, 0, 0, 0, 0, 0, 0} 233 checkXMul() 234 235 // xMul512 does NOT work correctly for k==0. In such case function will return 2*P. But 236 // thanks to that fact we don't need to handle k==0 case, we get some speedup. 237 expKP.SetString("0x6115B5D8BB613D11BDFEA70D436D87C1515553F6A15061727B4001E0AF745AAA9F39EB9464982829D931F77DAB9D71B24FF0D1D34C347F2A51FD45821F2EA06F", 0) 238 P.x = toFp("0x6C5B4D4AB0765AAB23C10F8455BE522D3A5363324D7AD641CC67C0A52FC1FFE9F3F8EDFE641478CA93D4D0016D83F21487FD4AF4E02F8A2C237CF27C5604BCC") 239 P.z = toFp("1") 240 co.a = toFp("0x599841D7D1FCD92A85759B7A3D2D5E4C56EFB17F19F86EB70E121EA16305EDE45A55868BE069313F821F7D94069EC220A4AC3B85500376710538246E9B3BC138") 241 co.c = toFp("1") 242 k = fp{0, 0, 0, 0, 0, 0, 0, 0} 243 checkXMul() 244 } 245 246 func TestMappointHardcoded3(t *testing.T) { 247 P := point{ 248 x: fp{0xca1a2fdec38c669b, 0xf2fe3678ebeb978b, 0xfda3e9a6f0c719d, 0x6f7bffa41772570b, 0x3d90cdd6283dc150, 0x21b55b738eb1ded9, 0x209515d0a9f41dd6, 0x5275cf397d154a12}, 249 z: fp{0x1fff8309761576e, 0xef239cbeda7c2ba1, 0x6136ae2d76e95873, 0x1f8f6ac909570cec, 0x780fdf0cc7d676d8, 0x548098fe92ed04e1, 0xb39da564701ef35d, 0x5fec19626df41306}, 250 } 251 A := coeff{ 252 a: fp{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 253 c: fp{0xc8fc8df598726f0a, 0x7b1bc81750a6af95, 0x5d319e67c1e961b4, 0xb0aa7275301955f1, 0x4a080672d9ba6c64, 0x97a5ef8a246ee77b, 0x6ea9e5d4383676a, 0x3496e2e117e0ec80}, 254 } 255 K := point{ 256 x: fp{0x597616608e291c6f, 0xd14230b008736798, 0xa63099b1ace67e6e, 0xe37c13afd768bcfa, 0xc6ef718894f08135, 0x53a4fd09091f3522, 0xc9a1f9f670645fe1, 0x628c4a8efd83e5f0}, 257 z: fp{0x8f18a654312ac1ad, 0xbc20a9b2472785c9, 0xdaf97c29bbf9e492, 0xf91a8c799e2f6119, 0xc8dc675cc8e528e6, 0x9a7b2c2f0df95171, 0x85629cd38cdd9fdb, 0x656d5253d3fd1a6e}, 258 } 259 var k uint64 = 3 260 261 expA := coeff{ 262 a: fp{0x6fa92a66e77cfc1, 0x9efbfb7118f1832c, 0x441894cc5d1d24ae, 0x5a2f0fafa26761de, 0x8095c36d3a20a78a, 0xb22be0023612a135, 0x5eb844d06ef0f430, 0x52e53309d1c90cf8}, 263 c: fp{0x98173d5664a23e5c, 0xd8fe1c6306bbc11a, 0xa774fbc502648059, 0x766a0d839aa62c83, 0x4b074f9b93d1633d, 0xf306019dbf87f505, 0x77c720ca059234b0, 0x3d47ab65269c5908}, 264 } 265 expP := point{ 266 x: fp{0x91aba9b39f280495, 0xfbd8ea69d2990aeb, 0xb03e1b8ed7fe3dba, 0x3d30a41499f08998, 0xb15a42630de9c606, 0xa7dd487fef16f5c8, 0x8673948afed8e968, 0x57ecc8710004cd4d}, 267 z: fp{0xce8819869a942526, 0xb98ca2ff79ef8969, 0xd49c9703743a1812, 0x21dbb090f9152e03, 0xbabdcac831b1adea, 0x8cee90762baa2ddd, 0xa0dd2ddcef809d96, 0x1de2a8887a32f19b}, 268 } 269 xIso(&P, &A, &K, k) 270 if !eqFp(&P.x, &expP.x) || !eqFp(&P.z, &expP.z) { 271 normP := toNormX(&P) 272 normPExp := toNormX(&expP) 273 t.Errorf("P != expP [\n %s != %s\n]", normP.Text(16), normPExp.Text(16)) 274 } 275 if !eqFp(&A.a, &expA.a) || !eqFp(&A.c, &expA.c) { 276 t.Errorf("A != expA %X %X", A.a[0], expA.a[0]) 277 } 278 } 279 280 func TestMappointHardcoded5(t *testing.T) { 281 P := point{ 282 x: fp{0xca1a2fdec38c669b, 0xf2fe3678ebeb978b, 0xfda3e9a6f0c719d, 0x6f7bffa41772570b, 0x3d90cdd6283dc150, 0x21b55b738eb1ded9, 0x209515d0a9f41dd6, 0x5275cf397d154a12}, 283 z: fp{0x1fff8309761576e, 0xef239cbeda7c2ba1, 0x6136ae2d76e95873, 0x1f8f6ac909570cec, 0x780fdf0cc7d676d8, 0x548098fe92ed04e1, 0xb39da564701ef35d, 0x5fec19626df41306}, 284 } 285 A := coeff{ 286 a: fp{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 287 c: fp{0xc8fc8df598726f0a, 0x7b1bc81750a6af95, 0x5d319e67c1e961b4, 0xb0aa7275301955f1, 0x4a080672d9ba6c64, 0x97a5ef8a246ee77b, 0x6ea9e5d4383676a, 0x3496e2e117e0ec80}, 288 } 289 K := point{ 290 x: fp{0x597616608e291c6f, 0xd14230b008736798, 0xa63099b1ace67e6e, 0xe37c13afd768bcfa, 0xc6ef718894f08135, 0x53a4fd09091f3522, 0xc9a1f9f670645fe1, 0x628c4a8efd83e5f0}, 291 z: fp{0x8f18a654312ac1ad, 0xbc20a9b2472785c9, 0xdaf97c29bbf9e492, 0xf91a8c799e2f6119, 0xc8dc675cc8e528e6, 0x9a7b2c2f0df95171, 0x85629cd38cdd9fdb, 0x656d5253d3fd1a6e}, 292 } 293 var k uint64 = 5 294 295 expA := coeff{ 296 a: fp{0x32076f58298ed474, 0x5094a1fc8696d307, 0x82e510594157944a, 0xb60ce760f88c83a9, 0xae8a28c325186983, 0xe31d2446a4ad2f18, 0xb266c612b5f141c1, 0x64283e618db5a705}, 297 c: fp{0x4472b49b65272190, 0x2bd5919309778f56, 0x6132753691fe016c, 0x8f654849c09e6d34, 0xfa208dd9aea1ef12, 0xf7df0dd10071411a, 0x75afb7860500922c, 0x52fb7d34b129fb65}, 298 } 299 expP := point{ 300 x: fp{0x3b75fc94b2a6df2d, 0x96d53dc9b0e867a0, 0x22e87202421d274e, 0x30a361440697ee1a, 0x8b52ee078bdbddcd, 0x64425d500e6b934d, 0xf47d1f568f6df391, 0x5d9d3607431395ab}, 301 z: fp{0x746e02dafa040976, 0xcd408f2cddbf3a8e, 0xf643354e0e13a93f, 0x7c39ed96ce9a5e29, 0xfcdf26f1a1a550ca, 0x2fc8aafc4ca0a559, 0x5d204a2b14cf19ba, 0xbd2c3406762f05d}, 302 } 303 304 xIso(&P, &A, &K, k) 305 if !eqFp(&P.x, &expP.x) || !eqFp(&P.z, &expP.z) { 306 normP := toNormX(&P) 307 normPExp := toNormX(&expP) 308 t.Errorf("P != expP [\n %s != %s\n]", normP.Text(16), normPExp.Text(16)) 309 } 310 if !eqFp(&A.a, &expA.a) || !eqFp(&A.c, &expA.c) { 311 t.Errorf("A != expA %X %X", A.a[0], expA.a[0]) 312 } 313 } 314 315 func BenchmarkXMul(b *testing.B) { 316 var kP, P point 317 var co coeff 318 var expKP big.Int 319 var k fp 320 321 // Case C=1 322 expKP.SetString("0x582B866603E6FBEBD21FE660FB34EF9466FDEC55FFBCE1073134CC557071147821BBAD225E30F7B2B6790B00ED9C39A29AA043F58AF995E440AFB13DA8E6D788", 0) 323 P.x = toFp("0x1C5CA539C1D5B52DE4750C390C24C05251E8B1D33E48971FA86F5ADDED2D06C8CD31E94887541468BB2925EBD693C9DDFF5BD9508430F25FE28EE30C0760C0FE") 324 P.z = toFp("1") 325 co.a = toFp("0x538F785D52996919C8D5C73D842A0249669B5B6BB05338B74EAE8094AE5009A3BA2D73730F527D7403E8184D9B1FA11C0C4C40E7B328A84874A6DBCE99E1DF92") 326 co.c = toFp("1") 327 k = fp{0x7A36C930A83EFBD5, 0xD0E80041ED0DDF9F, 0x5AA17134F1B8F877, 0x975711EC94168E51, 0xB3CAD962BED4BAC5, 0x3026DFDD7E4F5687, 0xE67F91AB8EC9C3AF, 0x34671D3FD8C317E7} 328 329 for n := 0; n < b.N; n++ { 330 xMul(&kP, &P, &co, &k) 331 } 332 } 333 334 func BenchmarkXAdd(b *testing.B) { 335 var P, Q, PdQ point 336 var PaQ point 337 338 P.x = toFp("0x5840FD8E0165F7F474260F99337461AF195233F791FABE735EC2634B74A95559568B4CEB23959C8A01C5C57E215D22639868ED840D74FE2BAC04830CF75047AD") 339 P.z = toFp("1") 340 Q.x = toFp("0x3C1A003C71436698B4A181CEB12BA4B4D1FF7BB14AAAF6FBDA6957C4EBA20AD8E3893DF6F64E67E81163E024C19C7E975F3EC61862F75502C3ED802370E75A3F") 341 Q.z = toFp("1") 342 PdQ.x = toFp("0x519B1928F752B0B2143C1C23EB247B370DBB5B9C29B9A3A064D7FBC1B67FAC34B6D3DDA0F3CB87C387B425B36F31B93A8E73252BA701927B767A9DE89D5A92AE") 343 PdQ.z = toFp("1") 344 345 for n := 0; n < b.N; n++ { 346 xAdd(&PaQ, &P, &Q, &PdQ) 347 } 348 } 349 350 func BenchmarkXDbl(b *testing.B) { 351 var P, A point 352 var PaP point 353 354 P.x = toFp("0x6C5B4D4AB0765AAB23C10F8455BE522D3A5363324D7AD641CC67C0A52FC1FFE9F3F8EDFE641478CA93D4D0016D83F21487FD4AF4E02F8A2C237CF27C5604BCC") 355 P.z = toFp("1") 356 A.x = toFp("0x599841D7D1FCD92A85759B7A3D2D5E4C56EFB17F19F86EB70E121EA16305EDE45A55868BE069313F821F7D94069EC220A4AC3B85500376710538246E9B3BC138") 357 A.z = toFp("1") 358 359 for n := 0; n < b.N; n++ { 360 xDbl(&PaP, &P, &A) 361 } 362 } 363 364 func BenchmarkIsom(b *testing.B) { 365 var P, kern point 366 var expPhiP big.Int 367 var co coeff 368 k := uint64(2) 369 370 expPhiP.SetString("0x5FEBD68F795F9AEB732ECF0D1507904922F2B0736704E0751EF242B4E191E6F630D83778B5E5681161FD071CDEF7DF4C3A41D0ECEB30E90B119C5BF86C5AB51A", 0) 371 P.x = toFp("0x5FD8D226C228FD6AA3CCDCAB931C5D3AA000A46B47041F59D9724E517594F696D38F2CB45C987ACF68BB1057D8D518F926D8F55171F337D05354E0022BC66B23") 372 P.z = toFp("1") 373 co.a = toFp("0x9E8DBC4914E3C4F080592642DD0B08B9564AB3ADF75EE9B58A685443BA6E39A1ACD1201B7F034077AF344123880AF9D8C77575E6E782E00186881ECE8B87CA3") 374 co.c = toFp("1") 375 kern.x = toFp("0x594F77A49EABBF2A12025BC00E1DBC119CDA674B9FE8A00791724B42FEB7D225C4C9940B01B09B8F00B30B0E961212FB63E42614814E38EC9E5E5B0FEBF98C58") 376 kern.z = toFp("1") 377 378 for n := 0; n < b.N; n++ { 379 xIso(&P, &co, &kern, k) 380 } 381 }