github.com/palcoin-project/palcd@v1.0.0/btcec/field_test.go (about) 1 // Copyright (c) 2013-2016 The btcsuite developers 2 // Copyright (c) 2013-2016 Dave Collins 3 // Use of this source code is governed by an ISC 4 // license that can be found in the LICENSE file. 5 6 package btcec 7 8 import ( 9 "crypto/rand" 10 "encoding/hex" 11 "fmt" 12 "reflect" 13 "testing" 14 ) 15 16 // TestSetInt ensures that setting a field value to various native integers 17 // works as expected. 18 func TestSetInt(t *testing.T) { 19 tests := []struct { 20 in uint 21 raw [10]uint32 22 }{ 23 {5, [10]uint32{5, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, 24 // 2^26 25 {67108864, [10]uint32{67108864, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, 26 // 2^26 + 1 27 {67108865, [10]uint32{67108865, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, 28 // 2^32 - 1 29 {4294967295, [10]uint32{4294967295, 0, 0, 0, 0, 0, 0, 0, 0, 0}}, 30 } 31 32 t.Logf("Running %d tests", len(tests)) 33 for i, test := range tests { 34 f := new(fieldVal).SetInt(test.in) 35 if !reflect.DeepEqual(f.n, test.raw) { 36 t.Errorf("fieldVal.Set #%d wrong result\ngot: %v\n"+ 37 "want: %v", i, f.n, test.raw) 38 continue 39 } 40 } 41 } 42 43 // TestZero ensures that zeroing a field value zero works as expected. 44 func TestZero(t *testing.T) { 45 f := new(fieldVal).SetInt(2) 46 f.Zero() 47 for idx, rawInt := range f.n { 48 if rawInt != 0 { 49 t.Errorf("internal field integer at index #%d is not "+ 50 "zero - got %d", idx, rawInt) 51 } 52 } 53 } 54 55 // TestIsZero ensures that checking if a field IsZero works as expected. 56 func TestIsZero(t *testing.T) { 57 f := new(fieldVal) 58 if !f.IsZero() { 59 t.Errorf("new field value is not zero - got %v (rawints %x)", f, 60 f.n) 61 } 62 63 f.SetInt(1) 64 if f.IsZero() { 65 t.Errorf("field claims it's zero when it's not - got %v "+ 66 "(raw rawints %x)", f, f.n) 67 } 68 69 f.Zero() 70 if !f.IsZero() { 71 t.Errorf("field claims it's not zero when it is - got %v "+ 72 "(raw rawints %x)", f, f.n) 73 } 74 } 75 76 // TestStringer ensures the stringer returns the appropriate hex string. 77 func TestStringer(t *testing.T) { 78 tests := []struct { 79 in string 80 expected string 81 }{ 82 {"0", "0000000000000000000000000000000000000000000000000000000000000000"}, 83 {"1", "0000000000000000000000000000000000000000000000000000000000000001"}, 84 {"a", "000000000000000000000000000000000000000000000000000000000000000a"}, 85 {"b", "000000000000000000000000000000000000000000000000000000000000000b"}, 86 {"c", "000000000000000000000000000000000000000000000000000000000000000c"}, 87 {"d", "000000000000000000000000000000000000000000000000000000000000000d"}, 88 {"e", "000000000000000000000000000000000000000000000000000000000000000e"}, 89 {"f", "000000000000000000000000000000000000000000000000000000000000000f"}, 90 {"f0", "00000000000000000000000000000000000000000000000000000000000000f0"}, 91 // 2^26-1 92 { 93 "3ffffff", 94 "0000000000000000000000000000000000000000000000000000000003ffffff", 95 }, 96 // 2^32-1 97 { 98 "ffffffff", 99 "00000000000000000000000000000000000000000000000000000000ffffffff", 100 }, 101 // 2^64-1 102 { 103 "ffffffffffffffff", 104 "000000000000000000000000000000000000000000000000ffffffffffffffff", 105 }, 106 // 2^96-1 107 { 108 "ffffffffffffffffffffffff", 109 "0000000000000000000000000000000000000000ffffffffffffffffffffffff", 110 }, 111 // 2^128-1 112 { 113 "ffffffffffffffffffffffffffffffff", 114 "00000000000000000000000000000000ffffffffffffffffffffffffffffffff", 115 }, 116 // 2^160-1 117 { 118 "ffffffffffffffffffffffffffffffffffffffff", 119 "000000000000000000000000ffffffffffffffffffffffffffffffffffffffff", 120 }, 121 // 2^192-1 122 { 123 "ffffffffffffffffffffffffffffffffffffffffffffffff", 124 "0000000000000000ffffffffffffffffffffffffffffffffffffffffffffffff", 125 }, 126 // 2^224-1 127 { 128 "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 129 "00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 130 }, 131 // 2^256-4294968273 (the btcec prime, so should result in 0) 132 { 133 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", 134 "0000000000000000000000000000000000000000000000000000000000000000", 135 }, 136 // 2^256-4294968274 (the secp256k1 prime+1, so should result in 1) 137 { 138 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30", 139 "0000000000000000000000000000000000000000000000000000000000000001", 140 }, 141 142 // Invalid hex 143 {"g", "0000000000000000000000000000000000000000000000000000000000000000"}, 144 {"1h", "0000000000000000000000000000000000000000000000000000000000000000"}, 145 {"i1", "0000000000000000000000000000000000000000000000000000000000000000"}, 146 } 147 148 t.Logf("Running %d tests", len(tests)) 149 for i, test := range tests { 150 f := new(fieldVal).SetHex(test.in) 151 result := f.String() 152 if result != test.expected { 153 t.Errorf("fieldVal.String #%d wrong result\ngot: %v\n"+ 154 "want: %v", i, result, test.expected) 155 continue 156 } 157 } 158 } 159 160 // TestNormalize ensures that normalizing the internal field words works as 161 // expected. 162 func TestNormalize(t *testing.T) { 163 tests := []struct { 164 raw [10]uint32 // Intentionally denormalized value 165 normalized [10]uint32 // Normalized form of the raw value 166 }{ 167 { 168 [10]uint32{0x00000005, 0, 0, 0, 0, 0, 0, 0, 0, 0}, 169 [10]uint32{0x00000005, 0, 0, 0, 0, 0, 0, 0, 0, 0}, 170 }, 171 // 2^26 172 { 173 [10]uint32{0x04000000, 0x0, 0, 0, 0, 0, 0, 0, 0, 0}, 174 [10]uint32{0x00000000, 0x1, 0, 0, 0, 0, 0, 0, 0, 0}, 175 }, 176 // 2^26 + 1 177 { 178 [10]uint32{0x04000001, 0x0, 0, 0, 0, 0, 0, 0, 0, 0}, 179 [10]uint32{0x00000001, 0x1, 0, 0, 0, 0, 0, 0, 0, 0}, 180 }, 181 // 2^32 - 1 182 { 183 [10]uint32{0xffffffff, 0x00, 0, 0, 0, 0, 0, 0, 0, 0}, 184 [10]uint32{0x03ffffff, 0x3f, 0, 0, 0, 0, 0, 0, 0, 0}, 185 }, 186 // 2^32 187 { 188 [10]uint32{0x04000000, 0x3f, 0, 0, 0, 0, 0, 0, 0, 0}, 189 [10]uint32{0x00000000, 0x40, 0, 0, 0, 0, 0, 0, 0, 0}, 190 }, 191 // 2^32 + 1 192 { 193 [10]uint32{0x04000001, 0x3f, 0, 0, 0, 0, 0, 0, 0, 0}, 194 [10]uint32{0x00000001, 0x40, 0, 0, 0, 0, 0, 0, 0, 0}, 195 }, 196 // 2^64 - 1 197 { 198 [10]uint32{0xffffffff, 0xffffffc0, 0xfc0, 0, 0, 0, 0, 0, 0, 0}, 199 [10]uint32{0x03ffffff, 0x03ffffff, 0xfff, 0, 0, 0, 0, 0, 0, 0}, 200 }, 201 // 2^64 202 { 203 [10]uint32{0x04000000, 0x03ffffff, 0x0fff, 0, 0, 0, 0, 0, 0, 0}, 204 [10]uint32{0x00000000, 0x00000000, 0x1000, 0, 0, 0, 0, 0, 0, 0}, 205 }, 206 // 2^64 + 1 207 { 208 [10]uint32{0x04000001, 0x03ffffff, 0x0fff, 0, 0, 0, 0, 0, 0, 0}, 209 [10]uint32{0x00000001, 0x00000000, 0x1000, 0, 0, 0, 0, 0, 0, 0}, 210 }, 211 // 2^96 - 1 212 { 213 [10]uint32{0xffffffff, 0xffffffc0, 0xffffffc0, 0x3ffc0, 0, 0, 0, 0, 0, 0}, 214 [10]uint32{0x03ffffff, 0x03ffffff, 0x03ffffff, 0x3ffff, 0, 0, 0, 0, 0, 0}, 215 }, 216 // 2^96 217 { 218 [10]uint32{0x04000000, 0x03ffffff, 0x03ffffff, 0x3ffff, 0, 0, 0, 0, 0, 0}, 219 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x40000, 0, 0, 0, 0, 0, 0}, 220 }, 221 // 2^128 - 1 222 { 223 [10]uint32{0xffffffff, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffc0, 0, 0, 0, 0, 0}, 224 [10]uint32{0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0xffffff, 0, 0, 0, 0, 0}, 225 }, 226 // 2^128 227 { 228 [10]uint32{0x04000000, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x0ffffff, 0, 0, 0, 0, 0}, 229 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x1000000, 0, 0, 0, 0, 0}, 230 }, 231 // 2^256 - 4294968273 (secp256k1 prime) 232 { 233 [10]uint32{0xfffffc2f, 0xffffff80, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0}, 234 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000}, 235 }, 236 // Prime larger than P where both first and second words are larger 237 // than P's first and second words 238 { 239 [10]uint32{0xfffffc30, 0xffffff86, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0}, 240 [10]uint32{0x00000001, 0x00000006, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000}, 241 }, 242 // Prime larger than P where only the second word is larger 243 // than P's second words. 244 { 245 [10]uint32{0xfffffc2a, 0xffffff87, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0}, 246 [10]uint32{0x03fffffb, 0x00000006, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000}, 247 }, 248 // 2^256 - 1 249 { 250 [10]uint32{0xffffffff, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0}, 251 [10]uint32{0x000003d0, 0x00000040, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000}, 252 }, 253 // Prime with field representation such that the initial 254 // reduction does not result in a carry to bit 256. 255 // 256 // 2^256 - 4294968273 (secp256k1 prime) 257 { 258 [10]uint32{0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff}, 259 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, 260 }, 261 // Prime larger than P that reduces to a value which is still 262 // larger than P when it has a magnitude of 1 due to its first 263 // word and does not result in a carry to bit 256. 264 // 265 // 2^256 - 4294968272 (secp256k1 prime + 1) 266 { 267 [10]uint32{0x03fffc30, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff}, 268 [10]uint32{0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, 269 }, 270 // Prime larger than P that reduces to a value which is still 271 // larger than P when it has a magnitude of 1 due to its second 272 // word and does not result in a carry to bit 256. 273 // 274 // 2^256 - 4227859409 (secp256k1 prime + 0x4000000) 275 { 276 [10]uint32{0x03fffc2f, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff}, 277 [10]uint32{0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}, 278 }, 279 // Prime larger than P that reduces to a value which is still 280 // larger than P when it has a magnitude of 1 due to a carry to 281 // bit 256, but would not be without the carry. These values 282 // come from the fact that P is 2^256 - 4294968273 and 977 is 283 // the low order word in the internal field representation. 284 // 285 // 2^256 * 5 - ((4294968273 - (977+1)) * 4) 286 { 287 [10]uint32{0x03ffffff, 0x03fffeff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x0013fffff}, 288 [10]uint32{0x00001314, 0x00000040, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000000}, 289 }, 290 // Prime larger than P that reduces to a value which is still 291 // larger than P when it has a magnitude of 1 due to both a 292 // carry to bit 256 and the first word. 293 { 294 [10]uint32{0x03fffc30, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x07ffffff, 0x003fffff}, 295 [10]uint32{0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001}, 296 }, 297 // Prime larger than P that reduces to a value which is still 298 // larger than P when it has a magnitude of 1 due to both a 299 // carry to bit 256 and the second word. 300 // 301 { 302 [10]uint32{0x03fffc2f, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x3ffffff, 0x07ffffff, 0x003fffff}, 303 [10]uint32{0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x0000000, 0x00000000, 0x00000001}, 304 }, 305 // Prime larger than P that reduces to a value which is still 306 // larger than P when it has a magnitude of 1 due to a carry to 307 // bit 256 and the first and second words. 308 // 309 { 310 [10]uint32{0x03fffc30, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x07ffffff, 0x003fffff}, 311 [10]uint32{0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001}, 312 }, 313 } 314 315 t.Logf("Running %d tests", len(tests)) 316 for i, test := range tests { 317 f := new(fieldVal) 318 f.n = test.raw 319 f.Normalize() 320 if !reflect.DeepEqual(f.n, test.normalized) { 321 t.Errorf("fieldVal.Normalize #%d wrong result\n"+ 322 "got: %x\nwant: %x", i, f.n, test.normalized) 323 continue 324 } 325 } 326 } 327 328 // TestIsOdd ensures that checking if a field value IsOdd works as expected. 329 func TestIsOdd(t *testing.T) { 330 tests := []struct { 331 in string // hex encoded value 332 expected bool // expected oddness 333 }{ 334 {"0", false}, 335 {"1", true}, 336 {"2", false}, 337 // 2^32 - 1 338 {"ffffffff", true}, 339 // 2^64 - 2 340 {"fffffffffffffffe", false}, 341 // secp256k1 prime 342 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", true}, 343 } 344 345 t.Logf("Running %d tests", len(tests)) 346 for i, test := range tests { 347 f := new(fieldVal).SetHex(test.in) 348 result := f.IsOdd() 349 if result != test.expected { 350 t.Errorf("fieldVal.IsOdd #%d wrong result\n"+ 351 "got: %v\nwant: %v", i, result, test.expected) 352 continue 353 } 354 } 355 } 356 357 // TestEquals ensures that checking two field values for equality via Equals 358 // works as expected. 359 func TestEquals(t *testing.T) { 360 tests := []struct { 361 in1 string // hex encoded value 362 in2 string // hex encoded value 363 expected bool // expected equality 364 }{ 365 {"0", "0", true}, 366 {"0", "1", false}, 367 {"1", "0", false}, 368 // 2^32 - 1 == 2^32 - 1? 369 {"ffffffff", "ffffffff", true}, 370 // 2^64 - 1 == 2^64 - 2? 371 {"ffffffffffffffff", "fffffffffffffffe", false}, 372 // 0 == prime (mod prime)? 373 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", true}, 374 // 1 == prime+1 (mod prime)? 375 {"1", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30", true}, 376 } 377 378 t.Logf("Running %d tests", len(tests)) 379 for i, test := range tests { 380 f := new(fieldVal).SetHex(test.in1).Normalize() 381 f2 := new(fieldVal).SetHex(test.in2).Normalize() 382 result := f.Equals(f2) 383 if result != test.expected { 384 t.Errorf("fieldVal.Equals #%d wrong result\n"+ 385 "got: %v\nwant: %v", i, result, test.expected) 386 continue 387 } 388 } 389 } 390 391 // TestNegate ensures that negating field values via Negate works as expected. 392 func TestNegate(t *testing.T) { 393 tests := []struct { 394 in string // hex encoded value 395 expected string // expected hex encoded value 396 }{ 397 // secp256k1 prime (aka 0) 398 {"0", "0"}, 399 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "0"}, 400 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"}, 401 // secp256k1 prime-1 402 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1"}, 403 {"1", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e"}, 404 // secp256k1 prime-2 405 {"2", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d"}, 406 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", "2"}, 407 // Random sampling 408 { 409 "b3d9aac9c5e43910b4385b53c7e78c21d4cd5f8e683c633aed04c233efc2e120", 410 "4c2655363a1bc6ef4bc7a4ac381873de2b32a07197c39cc512fb3dcb103d1b0f", 411 }, 412 { 413 "f8a85984fee5a12a7c8dd08830d83423c937d77c379e4a958e447a25f407733f", 414 "757a67b011a5ed583722f77cf27cbdc36c82883c861b56a71bb85d90bf888f0", 415 }, 416 { 417 "45ee6142a7fda884211e93352ed6cb2807800e419533be723a9548823ece8312", 418 "ba119ebd5802577bdee16ccad12934d7f87ff1be6acc418dc56ab77cc131791d", 419 }, 420 { 421 "53c2a668f07e411a2e473e1c3b6dcb495dec1227af27673761d44afe5b43d22b", 422 "ac3d59970f81bee5d1b8c1e3c49234b6a213edd850d898c89e2bb500a4bc2a04", 423 }, 424 } 425 426 t.Logf("Running %d tests", len(tests)) 427 for i, test := range tests { 428 f := new(fieldVal).SetHex(test.in).Normalize() 429 expected := new(fieldVal).SetHex(test.expected).Normalize() 430 result := f.Negate(1).Normalize() 431 if !result.Equals(expected) { 432 t.Errorf("fieldVal.Negate #%d wrong result\n"+ 433 "got: %v\nwant: %v", i, result, expected) 434 continue 435 } 436 } 437 } 438 439 // TestAddInt ensures that adding an integer to field values via AddInt works as 440 // expected. 441 func TestAddInt(t *testing.T) { 442 tests := []struct { 443 in1 string // hex encoded value 444 in2 uint // unsigned integer to add to the value above 445 expected string // expected hex encoded value 446 }{ 447 {"0", 1, "1"}, 448 {"1", 0, "1"}, 449 {"1", 1, "2"}, 450 // secp256k1 prime-1 + 1 451 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 1, "0"}, 452 // secp256k1 prime + 1 453 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", 1, "1"}, 454 // Random samples. 455 { 456 "ff95ad9315aff04ab4af0ce673620c7145dc85d03bab5ba4b09ca2c4dec2d6c1", 457 0x10f, 458 "ff95ad9315aff04ab4af0ce673620c7145dc85d03bab5ba4b09ca2c4dec2d7d0", 459 }, 460 { 461 "44bdae6b772e7987941f1ba314e6a5b7804a4c12c00961b57d20f41deea9cecf", 462 0x2cf11d41, 463 "44bdae6b772e7987941f1ba314e6a5b7804a4c12c00961b57d20f41e1b9aec10", 464 }, 465 { 466 "88c3ecae67b591935fb1f6a9499c35315ffad766adca665c50b55f7105122c9c", 467 0x4829aa2d, 468 "88c3ecae67b591935fb1f6a9499c35315ffad766adca665c50b55f714d3bd6c9", 469 }, 470 { 471 "8523e9edf360ca32a95aae4e57fcde5a542b471d08a974d94ea0ee09a015e2a6", 472 0xa21265a5, 473 "8523e9edf360ca32a95aae4e57fcde5a542b471d08a974d94ea0ee0a4228484b", 474 }, 475 } 476 477 t.Logf("Running %d tests", len(tests)) 478 for i, test := range tests { 479 f := new(fieldVal).SetHex(test.in1).Normalize() 480 expected := new(fieldVal).SetHex(test.expected).Normalize() 481 result := f.AddInt(test.in2).Normalize() 482 if !result.Equals(expected) { 483 t.Errorf("fieldVal.AddInt #%d wrong result\n"+ 484 "got: %v\nwant: %v", i, result, expected) 485 continue 486 } 487 } 488 } 489 490 // TestAdd ensures that adding two field values together via Add works as 491 // expected. 492 func TestAdd(t *testing.T) { 493 tests := []struct { 494 in1 string // first hex encoded value 495 in2 string // second hex encoded value to add 496 expected string // expected hex encoded value 497 }{ 498 {"0", "1", "1"}, 499 {"1", "0", "1"}, 500 {"1", "1", "2"}, 501 // secp256k1 prime-1 + 1 502 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1", "0"}, 503 // secp256k1 prime + 1 504 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "1", "1"}, 505 // Random samples. 506 { 507 "2b2012f975404e5065b4292fb8bed0a5d315eacf24c74d8b27e73bcc5430edcc", 508 "2c3cefa4e4753e8aeec6ac4c12d99da4d78accefda3b7885d4c6bab46c86db92", 509 "575d029e59b58cdb547ad57bcb986e4aaaa0b7beff02c610fcadf680c0b7c95e", 510 }, 511 { 512 "8131e8722fe59bb189692b96c9f38de92885730f1dd39ab025daffb94c97f79c", 513 "ff5454b765f0aab5f0977dcc629becc84cabeb9def48e79c6aadb2622c490fa9", 514 "80863d2995d646677a00a9632c8f7ab175315ead0d1c824c9088b21c78e10b16", 515 }, 516 { 517 "c7c95e93d0892b2b2cdd77e80eb646ea61be7a30ac7e097e9f843af73fad5c22", 518 "3afe6f91a74dfc1c7f15c34907ee981656c37236d946767dd53ccad9190e437c", 519 "02c7ce2577d72747abf33b3116a4df00b881ec6785c47ffc74c105d158bba36f", 520 }, 521 { 522 "fd1c26f6a23381e5d785ba889494ec059369b888ad8431cd67d8c934b580dbe1", 523 "a475aa5a31dcca90ef5b53c097d9133d6b7117474b41e7877bb199590fc0489c", 524 "a191d150d4104c76c6e10e492c6dff42fedacfcff8c61954e38a628ec541284e", 525 }, 526 } 527 528 t.Logf("Running %d tests", len(tests)) 529 for i, test := range tests { 530 f := new(fieldVal).SetHex(test.in1).Normalize() 531 f2 := new(fieldVal).SetHex(test.in2).Normalize() 532 expected := new(fieldVal).SetHex(test.expected).Normalize() 533 result := f.Add(f2).Normalize() 534 if !result.Equals(expected) { 535 t.Errorf("fieldVal.Add #%d wrong result\n"+ 536 "got: %v\nwant: %v", i, result, expected) 537 continue 538 } 539 } 540 } 541 542 // TestAdd2 ensures that adding two field values together via Add2 works as 543 // expected. 544 func TestAdd2(t *testing.T) { 545 tests := []struct { 546 in1 string // first hex encoded value 547 in2 string // second hex encoded value to add 548 expected string // expected hex encoded value 549 }{ 550 {"0", "1", "1"}, 551 {"1", "0", "1"}, 552 {"1", "1", "2"}, 553 // secp256k1 prime-1 + 1 554 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1", "0"}, 555 // secp256k1 prime + 1 556 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "1", "1"}, 557 // close but over the secp256k1 prime 558 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffff000000000", "f1ffff000", "1ffff3d1"}, 559 // Random samples. 560 { 561 "ad82b8d1cc136e23e9fd77fe2c7db1fe5a2ecbfcbde59ab3529758334f862d28", 562 "4d6a4e95d6d61f4f46b528bebe152d408fd741157a28f415639347a84f6f574b", 563 "faed0767a2e98d7330b2a0bcea92df3eea060d12380e8ec8b62a9fdb9ef58473", 564 }, 565 { 566 "f3f43a2540054a86e1df98547ec1c0e157b193e5350fb4a3c3ea214b228ac5e7", 567 "25706572592690ea3ddc951a1b48b504a4c83dc253756e1b96d56fdfb3199522", 568 "19649f97992bdb711fbc2d6e9a0a75e5fc79d1a7888522bf5abf912bd5a45eda", 569 }, 570 { 571 "6915bb94eef13ff1bb9b2633d997e13b9b1157c713363cc0e891416d6734f5b8", 572 "11f90d6ac6fe1c4e8900b1c85fb575c251ec31b9bc34b35ada0aea1c21eded22", 573 "7b0ec8ffb5ef5c40449bd7fc394d56fdecfd8980cf6af01bc29c2b898922e2da", 574 }, 575 { 576 "48b0c9eae622eed9335b747968544eb3e75cb2dc8128388f948aa30f88cabde4", 577 "0989882b52f85f9d524a3a3061a0e01f46d597839d2ba637320f4b9510c8d2d5", 578 "523a5216391b4e7685a5aea9c9f52ed32e324a601e53dec6c699eea4999390b9", 579 }, 580 } 581 582 t.Logf("Running %d tests", len(tests)) 583 for i, test := range tests { 584 f := new(fieldVal).SetHex(test.in1).Normalize() 585 f2 := new(fieldVal).SetHex(test.in2).Normalize() 586 expected := new(fieldVal).SetHex(test.expected).Normalize() 587 result := f.Add2(f, f2).Normalize() 588 if !result.Equals(expected) { 589 t.Errorf("fieldVal.Add2 #%d wrong result\n"+ 590 "got: %v\nwant: %v", i, result, expected) 591 continue 592 } 593 } 594 } 595 596 // TestMulInt ensures that adding an integer to field values via MulInt works as 597 // expected. 598 func TestMulInt(t *testing.T) { 599 tests := []struct { 600 in1 string // hex encoded value 601 in2 uint // unsigned integer to multiply with value above 602 expected string // expected hex encoded value 603 }{ 604 {"0", 0, "0"}, 605 {"1", 0, "0"}, 606 {"0", 1, "0"}, 607 {"1", 1, "1"}, 608 // secp256k1 prime-1 * 2 609 { 610 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 611 2, 612 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", 613 }, 614 // secp256k1 prime * 3 615 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", 3, "0"}, 616 // secp256k1 prime-1 * 8 617 { 618 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 619 8, 620 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc27", 621 }, 622 // Random samples for first value. The second value is limited 623 // to 8 since that is the maximum int used in the elliptic curve 624 // calculations. 625 { 626 "b75674dc9180d306c692163ac5e089f7cef166af99645c0c23568ab6d967288a", 627 6, 628 "4c06bd2b6904f228a76c8560a3433bced9a8681d985a2848d407404d186b0280", 629 }, 630 { 631 "54873298ac2b5ba8591c125ae54931f5ea72040aee07b208d6135476fb5b9c0e", 632 3, 633 "fd9597ca048212f90b543710afdb95e1bf560c20ca17161a8239fd64f212d42a", 634 }, 635 { 636 "7c30fbd363a74c17e1198f56b090b59bbb6c8755a74927a6cba7a54843506401", 637 5, 638 "6cf4eb20f2447c77657fccb172d38c0aa91ea4ac446dc641fa463a6b5091fba7", 639 }, 640 { 641 "fb4529be3e027a3d1587d8a500b72f2d312e3577340ef5175f96d113be4c2ceb", 642 8, 643 "da294df1f013d1e8ac3ec52805b979698971abb9a077a8bafcb688a4f261820f", 644 }, 645 } 646 647 t.Logf("Running %d tests", len(tests)) 648 for i, test := range tests { 649 f := new(fieldVal).SetHex(test.in1).Normalize() 650 expected := new(fieldVal).SetHex(test.expected).Normalize() 651 result := f.MulInt(test.in2).Normalize() 652 if !result.Equals(expected) { 653 t.Errorf("fieldVal.MulInt #%d wrong result\n"+ 654 "got: %v\nwant: %v", i, result, expected) 655 continue 656 } 657 } 658 } 659 660 // TestMul ensures that multiplying two field valuess via Mul works as expected. 661 func TestMul(t *testing.T) { 662 tests := []struct { 663 in1 string // first hex encoded value 664 in2 string // second hex encoded value to multiply with 665 expected string // expected hex encoded value 666 }{ 667 {"0", "0", "0"}, 668 {"1", "0", "0"}, 669 {"0", "1", "0"}, 670 {"1", "1", "1"}, 671 // slightly over prime 672 { 673 "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff1ffff", 674 "1000", 675 "1ffff3d1", 676 }, 677 // secp256k1 prime-1 * 2 678 { 679 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 680 "2", 681 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", 682 }, 683 // secp256k1 prime * 3 684 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "3", "0"}, 685 // secp256k1 prime-1 * 8 686 { 687 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 688 "8", 689 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc27", 690 }, 691 // Random samples. 692 { 693 "cfb81753d5ef499a98ecc04c62cb7768c2e4f1740032946db1c12e405248137e", 694 "58f355ad27b4d75fb7db0442452e732c436c1f7c5a7c4e214fa9cc031426a7d3", 695 "1018cd2d7c2535235b71e18db9cd98027386328d2fa6a14b36ec663c4c87282b", 696 }, 697 { 698 "26e9d61d1cdf3920e9928e85fa3df3e7556ef9ab1d14ec56d8b4fc8ed37235bf", 699 "2dfc4bbe537afee979c644f8c97b31e58be5296d6dbc460091eae630c98511cf", 700 "da85f48da2dc371e223a1ae63bd30b7e7ee45ae9b189ac43ff357e9ef8cf107a", 701 }, 702 { 703 "5db64ed5afb71646c8b231585d5b2bf7e628590154e0854c4c29920b999ff351", 704 "279cfae5eea5d09ade8e6a7409182f9de40981bc31c84c3d3dfe1d933f152e9a", 705 "2c78fbae91792dd0b157abe3054920049b1879a7cc9d98cfda927d83be411b37", 706 }, 707 { 708 "b66dfc1f96820b07d2bdbd559c19319a3a73c97ceb7b3d662f4fe75ecb6819e6", 709 "bf774aba43e3e49eb63a6e18037d1118152568f1a3ac4ec8b89aeb6ff8008ae1", 710 "c4f016558ca8e950c21c3f7fc15f640293a979c7b01754ee7f8b3340d4902ebb", 711 }, 712 } 713 714 t.Logf("Running %d tests", len(tests)) 715 for i, test := range tests { 716 f := new(fieldVal).SetHex(test.in1).Normalize() 717 f2 := new(fieldVal).SetHex(test.in2).Normalize() 718 expected := new(fieldVal).SetHex(test.expected).Normalize() 719 result := f.Mul(f2).Normalize() 720 if !result.Equals(expected) { 721 t.Errorf("fieldVal.Mul #%d wrong result\n"+ 722 "got: %v\nwant: %v", i, result, expected) 723 continue 724 } 725 } 726 } 727 728 // TestSquare ensures that squaring field values via Square works as expected. 729 func TestSquare(t *testing.T) { 730 tests := []struct { 731 in string // hex encoded value 732 expected string // expected hex encoded value 733 }{ 734 // secp256k1 prime (aka 0) 735 {"0", "0"}, 736 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "0"}, 737 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"}, 738 // secp256k1 prime-1 739 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1"}, 740 // secp256k1 prime-2 741 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", "4"}, 742 // Random sampling 743 { 744 "b0ba920360ea8436a216128047aab9766d8faf468895eb5090fc8241ec758896", 745 "133896b0b69fda8ce9f648b9a3af38f345290c9eea3cbd35bafcadf7c34653d3", 746 }, 747 { 748 "c55d0d730b1d0285a1599995938b042a756e6e8857d390165ffab480af61cbd5", 749 "cd81758b3f5877cbe7e5b0a10cebfa73bcbf0957ca6453e63ee8954ab7780bee", 750 }, 751 { 752 "e89c1f9a70d93651a1ba4bca5b78658f00de65a66014a25544d3365b0ab82324", 753 "39ffc7a43e5dbef78fd5d0354fb82c6d34f5a08735e34df29da14665b43aa1f", 754 }, 755 { 756 "7dc26186079d22bcbe1614aa20ae627e62d72f9be7ad1e99cac0feb438956f05", 757 "bf86bcfc4edb3d81f916853adfda80c07c57745b008b60f560b1912f95bce8ae", 758 }, 759 } 760 761 t.Logf("Running %d tests", len(tests)) 762 for i, test := range tests { 763 f := new(fieldVal).SetHex(test.in).Normalize() 764 expected := new(fieldVal).SetHex(test.expected).Normalize() 765 result := f.Square().Normalize() 766 if !result.Equals(expected) { 767 t.Errorf("fieldVal.Square #%d wrong result\n"+ 768 "got: %v\nwant: %v", i, result, expected) 769 continue 770 } 771 } 772 } 773 774 // TestInverse ensures that finding the multiplicative inverse via Inverse works 775 // as expected. 776 func TestInverse(t *testing.T) { 777 tests := []struct { 778 in string // hex encoded value 779 expected string // expected hex encoded value 780 }{ 781 // secp256k1 prime (aka 0) 782 {"0", "0"}, 783 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "0"}, 784 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"}, 785 // secp256k1 prime-1 786 { 787 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 788 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 789 }, 790 // secp256k1 prime-2 791 { 792 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", 793 "7fffffffffffffffffffffffffffffffffffffffffffffffffffffff7ffffe17", 794 }, 795 // Random sampling 796 { 797 "16fb970147a9acc73654d4be233cc48b875ce20a2122d24f073d29bd28805aca", 798 "987aeb257b063df0c6d1334051c47092b6d8766c4bf10c463786d93f5bc54354", 799 }, 800 { 801 "69d1323ce9f1f7b3bd3c7320b0d6311408e30281e273e39a0d8c7ee1c8257919", 802 "49340981fa9b8d3dad72de470b34f547ed9179c3953797d0943af67806f4bb6", 803 }, 804 { 805 "e0debf988ae098ecda07d0b57713e97c6d213db19753e8c95aa12a2fc1cc5272", 806 "64f58077b68af5b656b413ea366863f7b2819f8d27375d9c4d9804135ca220c2", 807 }, 808 { 809 "dcd394f91f74c2ba16aad74a22bb0ed47fe857774b8f2d6c09e28bfb14642878", 810 "fb848ec64d0be572a63c38fe83df5e7f3d032f60bf8c969ef67d36bf4ada22a9", 811 }, 812 } 813 814 t.Logf("Running %d tests", len(tests)) 815 for i, test := range tests { 816 f := new(fieldVal).SetHex(test.in).Normalize() 817 expected := new(fieldVal).SetHex(test.expected).Normalize() 818 result := f.Inverse().Normalize() 819 if !result.Equals(expected) { 820 t.Errorf("fieldVal.Inverse #%d wrong result\n"+ 821 "got: %v\nwant: %v", i, result, expected) 822 continue 823 } 824 } 825 } 826 827 // randFieldVal returns a random, normalized element in the field. 828 func randFieldVal(t *testing.T) fieldVal { 829 var b [32]byte 830 if _, err := rand.Read(b[:]); err != nil { 831 t.Fatalf("unable to create random element: %v", err) 832 } 833 834 var x fieldVal 835 return *x.SetBytes(&b).Normalize() 836 } 837 838 type sqrtTest struct { 839 name string 840 in string 841 expected string 842 } 843 844 // TestSqrt asserts that a fieldVal properly computes the square root modulo the 845 // sep256k1 prime. 846 func TestSqrt(t *testing.T) { 847 var tests []sqrtTest 848 849 // No valid root exists for the negative of a square. 850 for i := uint(9); i > 0; i-- { 851 var ( 852 x fieldVal 853 s fieldVal // x^2 mod p 854 n fieldVal // -x^2 mod p 855 ) 856 857 x.SetInt(i) 858 s.SquareVal(&x).Normalize() 859 n.NegateVal(&s, 1).Normalize() 860 861 tests = append(tests, sqrtTest{ 862 name: fmt.Sprintf("-%d", i), 863 in: fmt.Sprintf("%x", *n.Bytes()), 864 }) 865 } 866 867 // A root should exist for true squares. 868 for i := uint(0); i < 10; i++ { 869 var ( 870 x fieldVal 871 s fieldVal // x^2 mod p 872 ) 873 874 x.SetInt(i) 875 s.SquareVal(&x).Normalize() 876 877 tests = append(tests, sqrtTest{ 878 name: fmt.Sprintf("%d", i), 879 in: fmt.Sprintf("%x", *s.Bytes()), 880 expected: fmt.Sprintf("%x", *x.Bytes()), 881 }) 882 } 883 884 // Compute a non-square element, by negating if it has a root. 885 ns := randFieldVal(t) 886 if new(fieldVal).SqrtVal(&ns).Square().Equals(&ns) { 887 ns.Negate(1).Normalize() 888 } 889 890 // For large random field values, test that: 891 // 1) its square has a valid root. 892 // 2) the negative of its square has no root. 893 // 3) the product of its square with a non-square has no root. 894 for i := 0; i < 10; i++ { 895 var ( 896 x fieldVal 897 s fieldVal // x^2 mod p 898 n fieldVal // -x^2 mod p 899 m fieldVal // ns*x^2 mod p 900 ) 901 902 x = randFieldVal(t) 903 s.SquareVal(&x).Normalize() 904 n.NegateVal(&s, 1).Normalize() 905 m.Mul2(&s, &ns).Normalize() 906 907 // A root should exist for true squares. 908 tests = append(tests, sqrtTest{ 909 name: fmt.Sprintf("%x", *s.Bytes()), 910 in: fmt.Sprintf("%x", *s.Bytes()), 911 expected: fmt.Sprintf("%x", *x.Bytes()), 912 }) 913 914 // No valid root exists for the negative of a square. 915 tests = append(tests, sqrtTest{ 916 name: fmt.Sprintf("-%x", *s.Bytes()), 917 in: fmt.Sprintf("%x", *n.Bytes()), 918 }) 919 920 // No root should be computed for product of a square and 921 // non-square. 922 tests = append(tests, sqrtTest{ 923 name: fmt.Sprintf("ns*%x", *s.Bytes()), 924 in: fmt.Sprintf("%x", *m.Bytes()), 925 }) 926 } 927 928 for _, test := range tests { 929 t.Run(test.name, func(t *testing.T) { 930 testSqrt(t, test) 931 }) 932 } 933 } 934 935 func testSqrt(t *testing.T, test sqrtTest) { 936 var ( 937 f fieldVal 938 root fieldVal 939 rootNeg fieldVal 940 ) 941 942 f.SetHex(test.in).Normalize() 943 944 // Compute sqrt(f) and its negative. 945 root.SqrtVal(&f).Normalize() 946 rootNeg.NegateVal(&root, 1).Normalize() 947 948 switch { 949 950 // If we expect a square root, verify that either the computed square 951 // root is +/- the expected value. 952 case len(test.expected) > 0: 953 var expected fieldVal 954 expected.SetHex(test.expected).Normalize() 955 if !root.Equals(&expected) && !rootNeg.Equals(&expected) { 956 t.Fatalf("fieldVal.Sqrt incorrect root\n"+ 957 "got: %v\ngot_neg: %v\nwant: %v", 958 root, rootNeg, expected) 959 } 960 961 // Otherwise, we expect this input not to have a square root. 962 default: 963 if root.Square().Equals(&f) || rootNeg.Square().Equals(&f) { 964 t.Fatalf("fieldVal.Sqrt root should not exist\n"+ 965 "got: %v\ngot_neg: %v", root, rootNeg) 966 } 967 } 968 } 969 970 // TestFieldSetBytes ensures that setting a field value to a 256-bit big-endian 971 // unsigned integer via both the slice and array methods works as expected for 972 // edge cases. Random cases are tested via the various other tests. 973 func TestFieldSetBytes(t *testing.T) { 974 tests := []struct { 975 name string // test description 976 in string // hex encoded test value 977 expected [10]uint32 // expected raw ints 978 }{{ 979 name: "zero", 980 in: "00", 981 expected: [10]uint32{0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, 982 }, { 983 name: "field prime", 984 in: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", 985 expected: [10]uint32{ 986 0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 987 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff, 988 }, 989 }, { 990 name: "field prime - 1", 991 in: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 992 expected: [10]uint32{ 993 0x03fffc2e, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 994 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff, 995 }, 996 }, { 997 name: "field prime + 1 (overflow in word zero)", 998 in: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30", 999 expected: [10]uint32{ 1000 0x03fffc30, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 1001 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff, 1002 }, 1003 }, { 1004 name: "field prime first 32 bits", 1005 in: "fffffc2f", 1006 expected: [10]uint32{ 1007 0x03fffc2f, 0x00000003f, 0x00000000, 0x00000000, 0x00000000, 1008 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1009 }, 1010 }, { 1011 name: "field prime word zero", 1012 in: "03fffc2f", 1013 expected: [10]uint32{ 1014 0x03fffc2f, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1015 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1016 }, 1017 }, { 1018 name: "field prime first 64 bits", 1019 in: "fffffffefffffc2f", 1020 expected: [10]uint32{ 1021 0x03fffc2f, 0x03ffffbf, 0x00000fff, 0x00000000, 0x00000000, 1022 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1023 }, 1024 }, { 1025 name: "field prime word zero and one", 1026 in: "0ffffefffffc2f", 1027 expected: [10]uint32{ 1028 0x03fffc2f, 0x03ffffbf, 0x00000000, 0x00000000, 0x00000000, 1029 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1030 }, 1031 }, { 1032 name: "field prime first 96 bits", 1033 in: "fffffffffffffffefffffc2f", 1034 expected: [10]uint32{ 1035 0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x0003ffff, 0x00000000, 1036 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1037 }, 1038 }, { 1039 name: "field prime word zero, one, and two", 1040 in: "3ffffffffffefffffc2f", 1041 expected: [10]uint32{ 1042 0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x00000000, 0x00000000, 1043 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 1044 }, 1045 }, { 1046 name: "overflow in word one (prime + 1<<26)", 1047 in: "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff03fffc2f", 1048 expected: [10]uint32{ 1049 0x03fffc2f, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 1050 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff, 1051 }, 1052 }, { 1053 name: "(field prime - 1) * 2 NOT mod P, truncated >32 bytes", 1054 in: "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffdfffff85c", 1055 expected: [10]uint32{ 1056 0x01fffff8, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 1057 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x00007fff, 1058 }, 1059 }, { 1060 name: "2^256 - 1", 1061 in: "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 1062 expected: [10]uint32{ 1063 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 1064 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff, 1065 }, 1066 }, { 1067 name: "alternating bits", 1068 in: "a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5", 1069 expected: [10]uint32{ 1070 0x01a5a5a5, 0x01696969, 0x025a5a5a, 0x02969696, 0x01a5a5a5, 1071 0x01696969, 0x025a5a5a, 0x02969696, 0x01a5a5a5, 0x00296969, 1072 }, 1073 }, { 1074 name: "alternating bits 2", 1075 in: "5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a", 1076 expected: [10]uint32{ 1077 0x025a5a5a, 0x02969696, 0x01a5a5a5, 0x01696969, 0x025a5a5a, 1078 0x02969696, 0x01a5a5a5, 0x01696969, 0x025a5a5a, 0x00169696, 1079 }, 1080 }} 1081 1082 for _, test := range tests { 1083 inBytes := hexToBytes(test.in) 1084 1085 // Ensure setting the bytes via the slice method works as expected. 1086 var f fieldVal 1087 f.SetByteSlice(inBytes) 1088 if !reflect.DeepEqual(f.n, test.expected) { 1089 t.Errorf("%s: unexpected result\ngot: %x\nwant: %x", test.name, f.n, 1090 test.expected) 1091 continue 1092 } 1093 1094 // Ensure setting the bytes via the array method works as expected. 1095 var f2 fieldVal 1096 var b32 [32]byte 1097 truncatedInBytes := inBytes 1098 if len(truncatedInBytes) > 32 { 1099 truncatedInBytes = truncatedInBytes[:32] 1100 } 1101 copy(b32[32-len(truncatedInBytes):], truncatedInBytes) 1102 f2.SetBytes(&b32) 1103 if !reflect.DeepEqual(f2.n, test.expected) { 1104 t.Errorf("%s: unexpected result\ngot: %x\nwant: %x", test.name, 1105 f2.n, test.expected) 1106 continue 1107 } 1108 } 1109 } 1110 1111 // hexToBytes converts the passed hex string into bytes and will panic if there 1112 // is an error. This is only provided for the hard-coded constants so errors in 1113 // the source code can be detected. It will only (and must only) be called with 1114 // hard-coded values. 1115 func hexToBytes(s string) []byte { 1116 b, err := hex.DecodeString(s) 1117 if err != nil { 1118 panic("invalid hex in source file: " + s) 1119 } 1120 return b 1121 }