github.com/linapex/ethereum-go-chinese@v0.0.0-20190316121929-f8b7a73c3fa1/crypto/bn256/google/bn256_test.go (about) 1 2 //<developer> 3 // <name>linapex 曹一峰</name> 4 // <email>linapex@163.com</email> 5 // <wx>superexc</wx> 6 // <qqgroup>128148617</qqgroup> 7 // <url>https://jsq.ink</url> 8 // <role>pku engineer</role> 9 // <date>2019-03-16 19:16:36</date> 10 //</624450084381134848> 11 12 //版权所有2012 Go作者。版权所有。 13 //此源代码的使用受BSD样式的控制 14 //可以在许可文件中找到的许可证。 15 16 package bn256 17 18 import ( 19 "bytes" 20 "crypto/rand" 21 "math/big" 22 "testing" 23 ) 24 25 func TestGFp2Invert(t *testing.T) { 26 pool := new(bnPool) 27 28 a := newGFp2(pool) 29 a.x.SetString("23423492374", 10) 30 a.y.SetString("12934872398472394827398470", 10) 31 32 inv := newGFp2(pool) 33 inv.Invert(a, pool) 34 35 b := newGFp2(pool).Mul(inv, a, pool) 36 if b.x.Int64() != 0 || b.y.Int64() != 1 { 37 t.Fatalf("bad result for a^-1*a: %s %s", b.x, b.y) 38 } 39 40 a.Put(pool) 41 b.Put(pool) 42 inv.Put(pool) 43 44 if c := pool.Count(); c > 0 { 45 t.Errorf("Pool count non-zero: %d\n", c) 46 } 47 } 48 49 func isZero(n *big.Int) bool { 50 return new(big.Int).Mod(n, P).Int64() == 0 51 } 52 53 func isOne(n *big.Int) bool { 54 return new(big.Int).Mod(n, P).Int64() == 1 55 } 56 57 func TestGFp6Invert(t *testing.T) { 58 pool := new(bnPool) 59 60 a := newGFp6(pool) 61 a.x.x.SetString("239487238491", 10) 62 a.x.y.SetString("2356249827341", 10) 63 a.y.x.SetString("082659782", 10) 64 a.y.y.SetString("182703523765", 10) 65 a.z.x.SetString("978236549263", 10) 66 a.z.y.SetString("64893242", 10) 67 68 inv := newGFp6(pool) 69 inv.Invert(a, pool) 70 71 b := newGFp6(pool).Mul(inv, a, pool) 72 if !isZero(b.x.x) || 73 !isZero(b.x.y) || 74 !isZero(b.y.x) || 75 !isZero(b.y.y) || 76 !isZero(b.z.x) || 77 !isOne(b.z.y) { 78 t.Fatalf("bad result for a^-1*a: %s", b) 79 } 80 81 a.Put(pool) 82 b.Put(pool) 83 inv.Put(pool) 84 85 if c := pool.Count(); c > 0 { 86 t.Errorf("Pool count non-zero: %d\n", c) 87 } 88 } 89 90 func TestGFp12Invert(t *testing.T) { 91 pool := new(bnPool) 92 93 a := newGFp12(pool) 94 a.x.x.x.SetString("239846234862342323958623", 10) 95 a.x.x.y.SetString("2359862352529835623", 10) 96 a.x.y.x.SetString("928836523", 10) 97 a.x.y.y.SetString("9856234", 10) 98 a.x.z.x.SetString("235635286", 10) 99 a.x.z.y.SetString("5628392833", 10) 100 a.y.x.x.SetString("252936598265329856238956532167968", 10) 101 a.y.x.y.SetString("23596239865236954178968", 10) 102 a.y.y.x.SetString("95421692834", 10) 103 a.y.y.y.SetString("236548", 10) 104 a.y.z.x.SetString("924523", 10) 105 a.y.z.y.SetString("12954623", 10) 106 107 inv := newGFp12(pool) 108 inv.Invert(a, pool) 109 110 b := newGFp12(pool).Mul(inv, a, pool) 111 if !isZero(b.x.x.x) || 112 !isZero(b.x.x.y) || 113 !isZero(b.x.y.x) || 114 !isZero(b.x.y.y) || 115 !isZero(b.x.z.x) || 116 !isZero(b.x.z.y) || 117 !isZero(b.y.x.x) || 118 !isZero(b.y.x.y) || 119 !isZero(b.y.y.x) || 120 !isZero(b.y.y.y) || 121 !isZero(b.y.z.x) || 122 !isOne(b.y.z.y) { 123 t.Fatalf("bad result for a^-1*a: %s", b) 124 } 125 126 a.Put(pool) 127 b.Put(pool) 128 inv.Put(pool) 129 130 if c := pool.Count(); c > 0 { 131 t.Errorf("Pool count non-zero: %d\n", c) 132 } 133 } 134 135 func TestCurveImpl(t *testing.T) { 136 pool := new(bnPool) 137 138 g := &curvePoint{ 139 pool.Get().SetInt64(1), 140 pool.Get().SetInt64(-2), 141 pool.Get().SetInt64(1), 142 pool.Get().SetInt64(0), 143 } 144 145 x := pool.Get().SetInt64(32498273234) 146 X := newCurvePoint(pool).Mul(g, x, pool) 147 148 y := pool.Get().SetInt64(98732423523) 149 Y := newCurvePoint(pool).Mul(g, y, pool) 150 151 s1 := newCurvePoint(pool).Mul(X, y, pool).MakeAffine(pool) 152 s2 := newCurvePoint(pool).Mul(Y, x, pool).MakeAffine(pool) 153 154 if s1.x.Cmp(s2.x) != 0 || 155 s2.x.Cmp(s1.x) != 0 { 156 t.Errorf("DH points don't match: (%s, %s) (%s, %s)", s1.x, s1.y, s2.x, s2.y) 157 } 158 159 pool.Put(x) 160 X.Put(pool) 161 pool.Put(y) 162 Y.Put(pool) 163 s1.Put(pool) 164 s2.Put(pool) 165 g.Put(pool) 166 167 if c := pool.Count(); c > 0 { 168 t.Errorf("Pool count non-zero: %d\n", c) 169 } 170 } 171 172 func TestOrderG1(t *testing.T) { 173 g := new(G1).ScalarBaseMult(Order) 174 if !g.p.IsInfinity() { 175 t.Error("G1 has incorrect order") 176 } 177 178 one := new(G1).ScalarBaseMult(new(big.Int).SetInt64(1)) 179 g.Add(g, one) 180 g.p.MakeAffine(nil) 181 if g.p.x.Cmp(one.p.x) != 0 || g.p.y.Cmp(one.p.y) != 0 { 182 t.Errorf("1+0 != 1 in G1") 183 } 184 } 185 186 func TestOrderG2(t *testing.T) { 187 g := new(G2).ScalarBaseMult(Order) 188 if !g.p.IsInfinity() { 189 t.Error("G2 has incorrect order") 190 } 191 192 one := new(G2).ScalarBaseMult(new(big.Int).SetInt64(1)) 193 g.Add(g, one) 194 g.p.MakeAffine(nil) 195 if g.p.x.x.Cmp(one.p.x.x) != 0 || 196 g.p.x.y.Cmp(one.p.x.y) != 0 || 197 g.p.y.x.Cmp(one.p.y.x) != 0 || 198 g.p.y.y.Cmp(one.p.y.y) != 0 { 199 t.Errorf("1+0 != 1 in G2") 200 } 201 } 202 203 func TestOrderGT(t *testing.T) { 204 gt := Pair(&G1{curveGen}, &G2{twistGen}) 205 g := new(GT).ScalarMult(gt, Order) 206 if !g.p.IsOne() { 207 t.Error("GT has incorrect order") 208 } 209 } 210 211 func TestBilinearity(t *testing.T) { 212 for i := 0; i < 2; i++ { 213 a, p1, _ := RandomG1(rand.Reader) 214 b, p2, _ := RandomG2(rand.Reader) 215 e1 := Pair(p1, p2) 216 217 e2 := Pair(&G1{curveGen}, &G2{twistGen}) 218 e2.ScalarMult(e2, a) 219 e2.ScalarMult(e2, b) 220 221 minusE2 := new(GT).Neg(e2) 222 e1.Add(e1, minusE2) 223 224 if !e1.p.IsOne() { 225 t.Fatalf("bad pairing result: %s", e1) 226 } 227 } 228 } 229 230 func TestG1Marshal(t *testing.T) { 231 g := new(G1).ScalarBaseMult(new(big.Int).SetInt64(1)) 232 form := g.Marshal() 233 _, err := new(G1).Unmarshal(form) 234 if err != nil { 235 t.Fatalf("failed to unmarshal") 236 } 237 238 g.ScalarBaseMult(Order) 239 form = g.Marshal() 240 241 g2 := new(G1) 242 if _, err = g2.Unmarshal(form); err != nil { 243 t.Fatalf("failed to unmarshal ∞") 244 } 245 if !g2.p.IsInfinity() { 246 t.Fatalf("∞ unmarshaled incorrectly") 247 } 248 } 249 250 func TestG2Marshal(t *testing.T) { 251 g := new(G2).ScalarBaseMult(new(big.Int).SetInt64(1)) 252 form := g.Marshal() 253 _, err := new(G2).Unmarshal(form) 254 if err != nil { 255 t.Fatalf("failed to unmarshal") 256 } 257 258 g.ScalarBaseMult(Order) 259 form = g.Marshal() 260 g2 := new(G2) 261 if _, err = g2.Unmarshal(form); err != nil { 262 t.Fatalf("failed to unmarshal ∞") 263 } 264 if !g2.p.IsInfinity() { 265 t.Fatalf("∞ unmarshaled incorrectly") 266 } 267 } 268 269 func TestG1Identity(t *testing.T) { 270 g := new(G1).ScalarBaseMult(new(big.Int).SetInt64(0)) 271 if !g.p.IsInfinity() { 272 t.Error("failure") 273 } 274 } 275 276 func TestG2Identity(t *testing.T) { 277 g := new(G2).ScalarBaseMult(new(big.Int).SetInt64(0)) 278 if !g.p.IsInfinity() { 279 t.Error("failure") 280 } 281 } 282 283 func TestTripartiteDiffieHellman(t *testing.T) { 284 a, _ := rand.Int(rand.Reader, Order) 285 b, _ := rand.Int(rand.Reader, Order) 286 c, _ := rand.Int(rand.Reader, Order) 287 288 pa := new(G1) 289 pa.Unmarshal(new(G1).ScalarBaseMult(a).Marshal()) 290 qa := new(G2) 291 qa.Unmarshal(new(G2).ScalarBaseMult(a).Marshal()) 292 pb := new(G1) 293 pb.Unmarshal(new(G1).ScalarBaseMult(b).Marshal()) 294 qb := new(G2) 295 qb.Unmarshal(new(G2).ScalarBaseMult(b).Marshal()) 296 pc := new(G1) 297 pc.Unmarshal(new(G1).ScalarBaseMult(c).Marshal()) 298 qc := new(G2) 299 qc.Unmarshal(new(G2).ScalarBaseMult(c).Marshal()) 300 301 k1 := Pair(pb, qc) 302 k1.ScalarMult(k1, a) 303 k1Bytes := k1.Marshal() 304 305 k2 := Pair(pc, qa) 306 k2.ScalarMult(k2, b) 307 k2Bytes := k2.Marshal() 308 309 k3 := Pair(pa, qb) 310 k3.ScalarMult(k3, c) 311 k3Bytes := k3.Marshal() 312 313 if !bytes.Equal(k1Bytes, k2Bytes) || !bytes.Equal(k2Bytes, k3Bytes) { 314 t.Errorf("keys didn't agree") 315 } 316 } 317 318 func BenchmarkPairing(b *testing.B) { 319 for i := 0; i < b.N; i++ { 320 Pair(&G1{curveGen}, &G2{twistGen}) 321 } 322 } 323