github.com/hellobchain/newcryptosm@v0.0.0-20221019060107-edb949a317e9/sm9/sm9_test.go (about) 1 package sm9 2 3 import ( 4 "bytes" 5 "crypto/rand" 6 "encoding/hex" 7 "fmt" 8 "math/big" 9 "testing" 10 "time" 11 ) 12 13 func TestG1Imp(t *testing.T) { //check:0924; 14 fmt.Printf("Enter G1Imp test:\n") 15 g := &curvePoint{ 16 x: *G1x, 17 y: *G1y, 18 z: *newGFp(1), 19 t: *newGFp(1), 20 } 21 test := g.IsOnCurve() 22 fmt.Println(test) 23 24 var one = big.NewInt(2) 25 26 Gtest := new(G1).Set(&G1{curveGen}).ScalarBaseMult(one) 27 test1 := Gtest.p.IsOnCurve() 28 fmt.Println(test1) 29 30 mtest := Gtest.Marshal() 31 g1 := new(G1).Set(&G1{curveGen}) 32 g2 := new(G1).Set(&G1{curveGen}) 33 34 g3 := new(G1).Add(g1, g2) 35 mgen := g3.Marshal() 36 37 mulg := new(G1).ScalarMult(&G1{g}, one) 38 www := mulg.p.IsOnCurve() 39 fmt.Println(www) 40 41 if !bytes.Equal(mtest, mgen) { 42 //t.Fatal("bytes are different") 43 fmt.Println("test error") 44 } 45 46 } 47 48 func TestG1Marshal(t *testing.T) { 49 _, Ga, err := RandomG1(rand.Reader) 50 if err != nil { 51 t.Fatal(err) 52 } 53 ma := Ga.Marshal() 54 test := Ga.p.IsOnCurve() 55 fmt.Println(test) 56 57 Gb := new(G1) 58 _, err = Gb.Unmarshal(ma) 59 if err != nil { 60 //t.Fatal(err) 61 fmt.Println("test error1") 62 } 63 mb := Gb.Marshal() 64 65 if !bytes.Equal(ma, mb) { 66 //t.Fatal("bytes are different") 67 fmt.Println("test error") 68 } 69 } 70 func TestG1_kGtest(t *testing.T) { //check:0924; 71 fmt.Printf("\nEnter G1 kG test:\n") 72 g := &curvePoint{ 73 x: *G1x, 74 y: *G1y, 75 z: *newGFp(1), 76 t: *newGFp(1), 77 } 78 var j int64 79 var k = bigFromBase16("291FE3CAC8F58AD2DC462C8D4D578A94DAFD5624DDC28E328D2936688A86CF1A") 80 for j = 0; j < 1000; j++ { 81 test, err := randomK(rand.Reader) 82 //fmt.Printf("%x\n", test) 83 if err != nil { 84 return 85 } 86 Gtest := new(G1).Set(&G1{curveGen}).ScalarBaseMult(test) 87 //test1 := Gtest.p.IsOnCurve() 88 //fmt.Println(test1) 89 mtest := Gtest.Marshal() 90 91 mulg := new(G1).ScalarMult(&G1{g}, test) 92 test1 := mulg.p.IsOnCurve() 93 if test1 == false { 94 fmt.Println("randmul fail") 95 } 96 mgen1 := mulg.Marshal() 97 98 if !bytes.Equal(mtest, mgen1) { 99 fmt.Println("kG correctness failed!") 100 } else { 101 //fmt.Printf("kG correctness is OK!\n") 102 } 103 } 104 //speed test 105 106 t1 := time.Now() 107 for j = 0; j < 100000; j++ { 108 var test = big.NewInt(j) 109 test.Add(k, test) 110 e := new(G1).ScalarMult(&G1{g}, test) 111 e.p.MakeAffine() 112 if j == 0 { 113 fmt.Printf("j = %d: %x, %x, %x\n", j, e.p.x, e.p.y, e.p.z) 114 } 115 } 116 elapsed := time.Since(t1) 117 fmt.Println("100000 randGmul spend time: ", elapsed) 118 119 } 120 func TestG1_baseGtest_alone(t *testing.T) { //simon:1213 121 fmt.Println("\nEnter TestG1_baseG1 test:") 122 123 two := big.NewInt(4) 124 var k = bigFromBase16("291FE3CAC8F58AD2DC462C8D4D578A94DAFD5624DDC28E328D2936688A86CF1A") 125 k.Sub(k, two) 126 e := new(G1).ScalarMult(&G1{curveGen}, two) 127 e.p.MakeAffine() 128 fmt.Printf("e:%x\n", e.p.x) 129 //e:[8fdf2548f0fde68 c80ddebf804d6dd4 c8cef5282905b7ca 6007e08434132464] 130 131 } 132 133 func TestG1_baseGtest(t *testing.T) { //simon:1213 134 fmt.Println("\nEnter TestG1_baseG test:") 135 136 var j int64 137 var k = bigFromBase16("291FE3CAC8F58AD2DC462C8D4D578A94DAFD5624DDC28E328D2936688A86CF1A") 138 139 e := new(G1).ScalarBaseMult(k) 140 e.p.MakeAffine() 141 //fmt.Printf("kbaseG mogo result:%x, %x\n", j, e.p.x, e.p.y) 142 out := e.Marshal() 143 //fmt.Printf("kbaseG nomogo result:%x\n", out) 144 test := new(big.Int).SetBytes(out) 145 if test.Cmp(kbaseG) == 0 { 146 fmt.Printf("k baseG result is OK!\n") 147 } else { 148 fmt.Printf("k baseG result is NOT OK!\n") 149 } 150 t1 := time.Now() 151 for j = 0; j < 100000; j++ { 152 var test = big.NewInt(j) 153 test.Add(k, test) 154 e := new(G1).ScalarBaseMult(test) 155 e.p.MakeAffine() 156 } 157 elapsed := time.Since(t1) 158 fmt.Println("100000 basemul spend time:", elapsed) 159 } 160 161 func TestG1CombinedMult(t *testing.T) { 162 fmt.Println("\nEnter TestG1CombinedMult test:") 163 g := &curvePoint{ 164 x: *G1x, 165 y: *G1y, 166 z: *newGFp(1), 167 t: *newGFp(1), 168 } 169 170 zero := big.NewInt(0) 171 one := big.NewInt(1) 172 //two := big.NewInt(2) 173 174 // 0×G + 0×G = ∞ 175 e := new(G1).CombinedMult(&G1{g}, zero, zero) //H=G 176 e.p.MakeAffine() 177 if e.p.x[0] != 0 { 178 fmt.Printf("0×G + 0×G = (%x, %x), should be ∞", e.p.x, e.p.y) 179 } 180 181 // 1×G + 0×H = G 182 e1 := new(G1).CombinedMult(&G1{g}, one, zero) 183 e1.p.MakeAffine() 184 if e1.p.x != *G1x || e1.p.y != *G1y { 185 fmt.Printf("1×G + 0×G = (%x, %x), should be (%x,%x)", e1.p.x, e1.p.y, *G1x, *G1y) 186 } 187 188 // 0×G + 1×H = H =G 189 e2 := new(G1).CombinedMult(&G1{g}, zero, one) 190 e2.p.MakeAffine() 191 if e2.p.x != *G1x || e2.p.y != *G1y { 192 fmt.Printf("e2:0×G + 1×G = (%x, %x), should be (%x,%x)", e2.p.x, e2.p.y, *G1x, *G1y) 193 } 194 195 // 1×G + 1×H = 2×G 196 e3 := new(G1).CombinedMult(&G1{g}, one, one) 197 e3.p.MakeAffine() 198 //fmt.Printf("2G: %x,%x", e3.p.x, e3.p.y) 199 if e3.p.x == *DoubleGx { 200 fmt.Printf("1×G + 1×H = 2×G is OK!\n") 201 } 202 var k = bigFromBase16("291FE3CAC8F58AD2DC462C8D4D578A94DAFD5624DDC28E328D2936688A86CF1A") 203 var j int64 204 for j = 0; j < 1; j++ { //for large-scale test 205 randk := big.NewInt(j) 206 basek := new(big.Int).Sub(k, randk) 207 208 e4 := new(G1).CombinedMult(&G1{g}, basek, randk) 209 e4.p.MakeAffine() 210 211 out := e4.Marshal() 212 // fmt.Printf("kG: %x,%x\n", e4.p.x, e4.p.y) 213 // fmt.Printf("%x\n", out) 214 result := new(big.Int).SetBytes(out) 215 if result.Cmp(kbaseG) == 0 { 216 fmt.Printf("j=%d:jG +(k-j)G result is OK!\n", j) 217 } else { 218 fmt.Printf("j=%d:jG +(k-j)G result is NOT OK!\n", j) 219 } 220 } 221 222 //fmt.Printf("CombinedMult End.\n") 223 } 224 225 func gfpMul_speed_test() { 226 g1 := new(G1).Set(&G1{curveGen}) 227 g2 := new(G1).Set(&G1{curveGen}) 228 t1 := time.Now() 229 for i := 0; i < 1000000; i++ { 230 //new(G1).Add(g1, g2) 231 g2.p.Double(g1.p) 232 } 233 234 elapsed := time.Since(t1) 235 fmt.Println("1000000 point add spend time: ", elapsed) 236 z12, z22 := &gfP{}, &gfP{} 237 t2 := time.Now() 238 for i := 0; i < 1000000; i++ { 239 240 g1.p.z.Invert(&g1.p.z) 241 gfpMul(z12, &g1.p.z, &g1.p.z) 242 gfpMul(z22, &g2.p.z, &g2.p.z) 243 } 244 245 elapsed1 := time.Since(t2) 246 fmt.Println("1000000 gfPInvert spend time: ", elapsed1) 247 248 } 249 250 func TestG2Imp(t *testing.T) { //check:0924; 251 fmt.Println("\nEnter TestG2Imp:") 252 g := new(G2).Set(&G2{twistGen}) 253 254 test := g.p.IsOnCurve() 255 fmt.Println(test) 256 257 var one = big.NewInt(2) 258 //Gtest := new(G1).ScalarBaseMult(one) 259 Gtest := new(G2).ScalarBaseMult(one) 260 test1 := Gtest.p.IsOnCurve() 261 fmt.Println(test1) 262 263 mtest := Gtest.Marshal() 264 g1 := new(G2).Set(&G2{twistGen}) 265 g2 := new(G2).Set(&G2{twistGen}) 266 267 g3 := new(G2).Add(g1, g2) 268 mgen := g3.Marshal() 269 270 if !bytes.Equal(mtest, mgen) { 271 //t.Fatal("bytes are different") 272 fmt.Println("G2Imp test NOT OK!") 273 } else { 274 fmt.Printf("G2Imp is OK!\n") 275 } 276 277 } 278 279 func TestG2(t *testing.T) { 280 fmt.Println("\nEnter TestG2:") 281 k, Ga, err := RandomG2(rand.Reader) 282 if err != nil { 283 fmt.Println("test error1") 284 t.Fatal(err) 285 } 286 ma := Ga.Marshal() 287 288 t1 := time.Now() 289 for j := 0; j < 1000; j++ { 290 new(G2).ScalarBaseMult(k) 291 } 292 elapsed := time.Since(t1) 293 fmt.Println("1000 kG2 spend time: ", elapsed) 294 295 Gb := new(G2).ScalarBaseMult(k) 296 mb := Gb.Marshal() 297 //mb = append([]byte{0x01}, mb...)//simon:cf have a bug here;1023 298 299 if !bytes.Equal(ma, mb) { 300 //t.Fatal("bytes are different") 301 fmt.Println("test error") 302 } 303 } 304 305 func TestG2Marshal(t *testing.T) { 306 _, Ga, err := RandomG2(rand.Reader) 307 if err != nil { 308 t.Fatal(err) 309 } 310 ma := Ga.Marshal() 311 312 Gb := new(G2) 313 _, err = Gb.Unmarshal(ma) 314 if err != nil { 315 t.Fatal(err) 316 } 317 mb := Gb.Marshal() 318 319 if !bytes.Equal(ma, mb) { 320 t.Fatal("bytes are different") 321 } 322 } 323 324 func TestGT(t *testing.T) { 325 k, Ga, err := RandomGT(rand.Reader) 326 if err != nil { 327 t.Fatal(err) 328 } 329 ma := Ga.Marshal() 330 331 //Gb := new(GT).Unmarshal((>{gfP12Gen}).Marshal()) 332 Gb := new(GT).Set((>{gfP12Gen})) 333 Gb.ScalarMult(Gb, k) 334 mb := Gb.Marshal() 335 336 if !bytes.Equal(ma, mb) { 337 fmt.Println("test error") 338 t.Fatal("bytes are different") 339 } 340 } 341 func TestGT_basemul(t *testing.T) { 342 343 //var k = bigFromBase16("0130E78459D78545CB54C587E02CF480CE0B66340F319F348A1D5B1F2DC5F4") 344 var k1 = bigFromBase16("1") 345 gt := new(GT).ScalarBaseMult(k1) 346 ret := gt.Marshal() 347 348 fmt.Printf("%x\n", ret) 349 350 } 351 352 func TestGTMarshal(t *testing.T) { 353 _, Ga, err := RandomGT(rand.Reader) 354 if err != nil { 355 t.Fatal(err) 356 } 357 ma := Ga.Marshal() 358 359 Gb := new(GT) 360 _, err = Gb.Unmarshal(ma) 361 if err != nil { 362 t.Fatal(err) 363 } 364 mb := Gb.Marshal() 365 366 if !bytes.Equal(ma, mb) { 367 fmt.Println("test error") 368 t.Fatal("bytes are different") 369 } 370 } 371 372 func TestPair_Miller1(t *testing.T) { 373 374 var milldata = bigFromBase16("aa401110b9e23db43679bec6e2a761680dd2eb64463b192e28c7e66dee8ecb344f3017b4f0ecd8c724b5e54d9cdb5ed898317d344e1b9e5e54dc1f3bcc3bee21398a8a2443d028097a4b7181c47a441bdd2f4a65e7c7f83c5efedad73f52b5cc3ce08a2c7b295e7f890b4dc2ae2e21faba80ba06fbae4d5ff3bb97a2a530b4cdade6e3d4125ee965c594be8c6ddd50e330d5577df7567a1ded515522c73cfd183ff68217c2bd563092c9b87be26d76879ab68321b6268968efa8f0b736b4d0c92d3bb20d74ba9ed3ebde5654980249f4d5c4c43fe6921dfc64150f74e7248205ae0add7f05baf1bd722b709c245fe34f22496ffdc89fcb94f89d12f3582980d50567b492ca068a3263dedf6b1fae8ef4225122d0ef000ecad63dd64994fb1d9f876e11d0ff891caa37a047cd84690faf0bb1dc9091afc78cd4e4a8a4431410f5b2c987074e65a17212759cb9c4224e7858c25f1ce04c5392363de1462f8beebbb14ba7e0f02f856fab3e2f6a74eeb6b04cdf2d7dc8ff2b93788f3b009a68bbe1") 375 bytes := milldata.Bytes() 376 gtnew := new(GT) 377 gtnew.Unmarshal(bytes) 378 379 e1 := Pair(&G1{curveGen}, &G2{twistGen}) 380 test1 := e1.Marshal() 381 //e2 := Miller(&G1{curveGen}, &G2{twistGen}) 382 e3 := finalExponentiation(gtnew.p) 383 384 test := new(GT).Set(>{e3}).Marshal() 385 386 fmt.Printf("%x\n", test) 387 fmt.Printf("%x\n", test1) 388 389 } 390 391 func TestPair(t *testing.T) { 392 fmt.Printf("\nEnter Pair test:\n") 393 t1 := time.Now() 394 for i := 0; i < 1000; i++ { 395 Pair(&G1{curveGen}, &G2{twistGen}) 396 } 397 elapsed := time.Since(t1) 398 fmt.Println("1000 pair spend time: ", elapsed) 399 test := Pair(&G1{curveGen}, &G2{twistGen}).Marshal() 400 401 fmt.Printf("sm9 standards g(G1,G2)result:\n%x\n", test) 402 } 403 func TestPair_Miller2(t *testing.T) { //Pair = Miller.finalExp 404 405 e1 := Pair(&G1{curveGen}, &G2{twistGen}) 406 test1 := e1.Marshal() 407 e2 := Miller(&G1{curveGen}, &G2{twistGen}) 408 e3 := finalExponentiation(e2.p) 409 410 test := new(GT).Set(>{e3}).Marshal() 411 412 fmt.Printf("%x\n", test) 413 fmt.Printf("%x\n", test1) 414 415 } 416 417 func TestBilinearity(t *testing.T) { 418 fmt.Printf("\nEnter TestBilinearity:\n") 419 var count = 0 420 421 for i := 0; i < 100; i++ { 422 a, p1, _ := RandomG1(rand.Reader) 423 b, p2, _ := RandomG2(rand.Reader) 424 e1 := Pair(p1, p2) 425 426 e2 := Pair(&G1{curveGen}, &G2{twistGen}) 427 428 e2.ScalarMult(e2, a) 429 e2.ScalarMult(e2, b) 430 431 if *e1.p != *e2.p { 432 fmt.Println("test error") 433 fmt.Printf("a=%x,\n,b=%x,\n", a, b) 434 count = 1 435 //t.Fatalf("bad pairing result: %s", e1) 436 } else { 437 //fmt.Printf("Bilinearity is OK!\n") 438 } 439 } 440 if count == 0 { 441 fmt.Printf("Bilinearity is OK!\n") 442 } 443 } 444 445 func TestTripartiteDiffieHellman(t *testing.T) { 446 fmt.Printf("\nEnter TestTripartiteDiffieHellman:\n") 447 for i := 0; i < 1000; i++ { 448 a, _ := rand.Int(rand.Reader, Order) 449 b, _ := rand.Int(rand.Reader, Order) 450 c, _ := rand.Int(rand.Reader, Order) 451 452 pa, pb, pc := new(G1), new(G1), new(G1) 453 qa, qb, qc := new(G2), new(G2), new(G2) 454 455 pa.Unmarshal(new(G1).ScalarBaseMult(a).Marshal()) 456 qa.Unmarshal(new(G2).ScalarBaseMult(a).Marshal()) 457 pb.Unmarshal(new(G1).ScalarBaseMult(b).Marshal()) 458 qb.Unmarshal(new(G2).ScalarBaseMult(b).Marshal()) 459 pc.Unmarshal(new(G1).ScalarBaseMult(c).Marshal()) 460 qc.Unmarshal(new(G2).ScalarBaseMult(c).Marshal()) 461 462 k1 := Pair(pb, qc) 463 k1.ScalarMult(k1, a) 464 k1Bytes := k1.Marshal() 465 466 k2 := Pair(pc, qa) 467 k2.ScalarMult(k2, b) 468 k2Bytes := k2.Marshal() 469 470 k3 := Pair(pa, qb) 471 k3.ScalarMult(k3, c) 472 k3Bytes := k3.Marshal() 473 474 if !bytes.Equal(k1Bytes, k2Bytes) || !bytes.Equal(k2Bytes, k3Bytes) { 475 t.Errorf("keys didn't agree") 476 fmt.Printf("error") 477 } 478 } 479 fmt.Printf("TestTripartiteDiffieHellman end. Noprint is the best!\n") 480 } 481 482 func BenchmarkG1(b *testing.B) { 483 x, _ := rand.Int(rand.Reader, Order) 484 b.ResetTimer() 485 486 for i := 0; i < b.N; i++ { 487 new(G1).ScalarBaseMult(x) 488 } 489 } 490 491 func BenchmarkG2(b *testing.B) { 492 x, _ := rand.Int(rand.Reader, Order) 493 b.ResetTimer() 494 495 for i := 0; i < b.N; i++ { 496 new(G2).ScalarBaseMult(x) 497 } 498 } 499 500 func BenchmarkGT(b *testing.B) { 501 x, _ := rand.Int(rand.Reader, Order) 502 b.ResetTimer() 503 504 for i := 0; i < b.N; i++ { 505 new(GT).ScalarBaseMult(x) 506 } 507 } 508 509 func BenchmarkPairing(b *testing.B) { 510 for i := 0; i < b.N; i++ { 511 gt := Pair(&G1{curveGen}, &G2{twistGen}) 512 gt.p.String() 513 } 514 } 515 516 /********************************************************/ 517 func TestCurveInterface(t *testing.T) { //check:1225; 518 fmt.Printf("Enter curve interface test:\n") 519 g := &curvePoint{ 520 x: *G1x, 521 y: *G1y, 522 z: *newGFp(1), 523 t: *newGFp(1), 524 } 525 //var testp *ECCInternalPoint 526 527 point := &[12]uint64{} 528 //point1 := &ECCInternalPoint{} 529 fmt.Printf("%x\n", point) 530 copy(point[0:4], g.x[:]) 531 copy(point[4:8], g.y[:]) 532 copy(point[8:12], g.z[:]) 533 t.Logf("point is %x", point) 534 x, y := PointToAffine(point) 535 fmt.Printf("P2A:%x,%x\n", x, y) 536 537 point1 := AffineToPoint(x, y) //point1=G 538 fmt.Printf("A2P:%x\n", point1) 539 point3 := JacobianAdd(point, point1) //G+G=2G 540 fmt.Printf("JJAdd:%x\n", point3) 541 point3d := JacobianDouble(point) //2G 542 fmt.Printf("Double:%x\n", point3d) 543 //2G-G=G 544 PointNegCondition(point, 1) 545 fmt.Printf("Negcondition:%x\n", point) 546 //point3 = csp.JacobianAdd(point, point3d) 547 //x1, y1 := csp.PointToAffine(point3) 548 //fmt.Printf("2G-G:%x\n", point3.XYZ) 549 //fmt.Printf("x1:%x,%x\n", x1, y1) 550 551 testmul := []uint64{0x4b1315758013ba8a, 0xc1766d14e5c40522, 0xc2934a22bcdb3562, 0x2b25f38ad2488ddf} 552 mulresult := make([]uint64, 4) 553 X := make([]uint64, 4) 554 for i := 0; i < 4; i++ { 555 X[i] = g.z[i] 556 } 557 FieldMul(mulresult, testmul, X) 558 fmt.Printf("FieldMul: %x\n", mulresult) 559 mulresult = MontgomaryR() 560 fmt.Printf("MogoR: %x\n", mulresult) 561 mulresult = MontgomaryR2() //data correctness? 562 fmt.Printf("MogoR2: %x\n", mulresult) 563 564 var three = big.NewInt(3) //Note:2 is not Permiited 565 566 sqrresult := ModSqrtP(three) 567 fmt.Println(sqrresult) 568 sqrresult.Mul(sqrresult, sqrresult) 569 sqrresult.Mod(sqrresult, p) 570 571 fmt.Printf("sqrt result:%d\n", sqrresult) 572 ////////////////////////////////////////////////////////////// 573 var test11 = []uint64{0x1a9064d81caeba83, 0xde0d6cb4e5851124, 0x29fc54b00a7138ba, 0x49bffffffd5c590e} 574 invresult := ModInverseP(test11) //if three ==1 ,return R2,think? 575 fmt.Printf("InvertP: %x\n", invresult) 576 orderinv := ModInverseOrder(three) 577 fmt.Printf("InvertOrder: %x\n", orderinv) 578 orderinv.Mul(orderinv, three) 579 orderinv.Mod(orderinv, Order) 580 fmt.Printf("%x\n", orderinv) 581 582 } 583 584 func Test_TMP1(t *testing.T) { 585 a, _ := randomK(rand.Reader) 586 b, _ := randomK(rand.Reader) 587 c, _ := randomK(rand.Reader) 588 589 g1Gen := new(G1).ScalarBaseMult(new(big.Int).SetInt64(1)) 590 g2Gen := new(G2).ScalarBaseMult(new(big.Int).SetInt64(1)) 591 592 aG1 := new(G1).ScalarBaseMult(a) 593 bAc := new(big.Int).Mod(new(big.Int).Add(b, c), Order) 594 bAcG2 := new(G2).ScalarBaseMult(bAc) 595 left := Pair(aG1, bAcG2) 596 597 ab := new(big.Int).Mod(new(big.Int).Mul(a, b), Order) 598 abG1 := new(G1).ScalarBaseMult(ab) 599 right1 := Pair(abG1, g2Gen) 600 601 ac := new(big.Int).Mod(new(big.Int).Mul(a, c), Order) 602 tmp := Pair(g1Gen, g2Gen) 603 right2 := new(GT).ScalarMult(tmp, ac) 604 605 right := new(GT).Add(right1, right2) 606 607 t.Logf("left = %s", left.String()) 608 t.Logf("right = %s", right.String()) 609 610 leftBytes := left.Marshal() 611 rightBytes := right.Marshal() 612 613 if !bytes.Equal(leftBytes, rightBytes) { 614 t.Fail() 615 } 616 617 t.Logf("bytes = %s", hex.EncodeToString(leftBytes)) 618 619 } 620 621 func Test_TMP2(t *testing.T) { 622 a, _ := randomK(rand.Reader) 623 b, _ := randomK(rand.Reader) 624 c, _ := randomK(rand.Reader) 625 626 g2Gen := new(G2).ScalarBaseMult(new(big.Int).SetInt64(1)) 627 628 aG1 := new(G1).ScalarBaseMult(a) 629 bAc := new(big.Int).Mod(new(big.Int).Add(b, c), Order) 630 bAcG2 := new(G2).ScalarBaseMult(bAc) 631 left := Pair(aG1, bAcG2) 632 633 ab := new(big.Int).Mod(new(big.Int).Mul(a, b), Order) 634 abG1 := new(G1).ScalarBaseMult(ab) 635 right1 := Pair(abG1, g2Gen) 636 637 ac := new(big.Int).Mod(new(big.Int).Mul(a, c), Order) 638 acG1 := new(G1).ScalarBaseMult(ac) 639 right2 := Pair(acG1, g2Gen) 640 641 right := new(GT).Add(right1, right2) 642 643 t.Logf("left = %s", left.String()) 644 t.Logf("right = %s", right.String()) 645 646 leftBytes := left.Marshal() 647 rightBytes := right.Marshal() 648 649 if !bytes.Equal(leftBytes, rightBytes) { 650 t.Fail() 651 } 652 653 t.Logf("bytes = %s", hex.EncodeToString(leftBytes)) 654 655 }