github.com/hxx258456/ccgo@v0.0.5-0.20230213014102-48b35f46f66f/sm2/p256_asm_table_test.go (about)

     1  // Copyright 2021 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build amd64 || arm64
     6  // +build amd64 arm64
     7  
     8  package sm2
     9  
    10  import (
    11  	"encoding/binary"
    12  	"reflect"
    13  	"testing"
    14  )
    15  
    16  func TestP256PrecomputedTable(t *testing.T) {
    17  
    18  	basePoint := []uint64{
    19  		0x61328990f418029e, 0x3e7981eddca6c050, 0xd6a1ed99ac24c3c3, 0x91167a5ee1c13b05,
    20  		0xc1354e593c2d0ddd, 0xc1f5e5788d3295fa, 0x8d4cfb066e2a48f8, 0x63cd65d481d735bd,
    21  		0x0000000000000001, 0x00000000ffffffff, 0x0000000000000000, 0x0000000100000000,
    22  	}
    23  	t1 := make([]uint64, 12)
    24  	t2 := make([]uint64, 12)
    25  	copy(t2, basePoint)
    26  
    27  	zInv := make([]uint64, 4)
    28  	zInvSq := make([]uint64, 4)
    29  	for j := 0; j < 32; j++ {
    30  		copy(t1, t2)
    31  		for i := 0; i < 43; i++ {
    32  			// The window size is 6 so we need to double 6 times.
    33  			if i != 0 {
    34  				for k := 0; k < 6; k++ {
    35  					p256PointDoubleAsm(t1, t1)
    36  				}
    37  			}
    38  			// Convert the point to affine form. (Its values are
    39  			// still in Montgomery form however.)
    40  			p256Inverse(zInv, t1[8:12])
    41  			p256Sqr(zInvSq, zInv, 1)
    42  			p256Mul(zInv, zInv, zInvSq)
    43  
    44  			p256Mul(t1[:4], t1[:4], zInvSq)
    45  			p256Mul(t1[4:8], t1[4:8], zInv)
    46  
    47  			copy(t1[8:12], basePoint[8:12])
    48  
    49  			buf := make([]byte, 8*8)
    50  			for i, u := range t1[:8] {
    51  				binary.LittleEndian.PutUint64(buf[i*8:i*8+8], u)
    52  			}
    53  			start := i*32*8*8 + j*8*8
    54  			if got, want := p256Precomputed[start:start+64], string(buf); !reflect.DeepEqual(got, want) {
    55  				t.Fatalf("Unexpected table entry at [%d][%d:%d]: got %v, want %v", i, j*8, (j*8)+8, got, want)
    56  			}
    57  		}
    58  		if j == 0 {
    59  			p256PointDoubleAsm(t2, basePoint)
    60  		} else {
    61  			p256PointAddAsm(t2, t2, basePoint)
    62  		}
    63  	}
    64  
    65  }