github.com/yinchengtsinghua/golang-Eos-dpos-Ethereum@v0.0.0-20190121132951-92cc4225ed8e/crypto/bn256/google/bn256_test.go (about) 1 2 //此源码被清华学神尹成大魔王专业翻译分析并修改 3 //尹成QQ77025077 4 //尹成微信18510341407 5 //尹成所在QQ群721929980 6 //尹成邮箱 yinc13@mails.tsinghua.edu.cn 7 //尹成毕业于清华大学,微软区块链领域全球最有价值专家 8 //https://mvp.microsoft.com/zh-cn/PublicProfile/4033620 9 //版权所有2012 Go作者。版权所有。 10 //此源代码的使用受BSD样式的控制 11 //可以在许可文件中找到的许可证。 12 13 package bn256 14 15 import ( 16 "bytes" 17 "crypto/rand" 18 "math/big" 19 "testing" 20 ) 21 22 func TestGFp2Invert(t *testing.T) { 23 pool := new(bnPool) 24 25 a := newGFp2(pool) 26 a.x.SetString("23423492374", 10) 27 a.y.SetString("12934872398472394827398470", 10) 28 29 inv := newGFp2(pool) 30 inv.Invert(a, pool) 31 32 b := newGFp2(pool).Mul(inv, a, pool) 33 if b.x.Int64() != 0 || b.y.Int64() != 1 { 34 t.Fatalf("bad result for a^-1*a: %s %s", b.x, b.y) 35 } 36 37 a.Put(pool) 38 b.Put(pool) 39 inv.Put(pool) 40 41 if c := pool.Count(); c > 0 { 42 t.Errorf("Pool count non-zero: %d\n", c) 43 } 44 } 45 46 func isZero(n *big.Int) bool { 47 return new(big.Int).Mod(n, P).Int64() == 0 48 } 49 50 func isOne(n *big.Int) bool { 51 return new(big.Int).Mod(n, P).Int64() == 1 52 } 53 54 func TestGFp6Invert(t *testing.T) { 55 pool := new(bnPool) 56 57 a := newGFp6(pool) 58 a.x.x.SetString("239487238491", 10) 59 a.x.y.SetString("2356249827341", 10) 60 a.y.x.SetString("082659782", 10) 61 a.y.y.SetString("182703523765", 10) 62 a.z.x.SetString("978236549263", 10) 63 a.z.y.SetString("64893242", 10) 64 65 inv := newGFp6(pool) 66 inv.Invert(a, pool) 67 68 b := newGFp6(pool).Mul(inv, a, pool) 69 if !isZero(b.x.x) || 70 !isZero(b.x.y) || 71 !isZero(b.y.x) || 72 !isZero(b.y.y) || 73 !isZero(b.z.x) || 74 !isOne(b.z.y) { 75 t.Fatalf("bad result for a^-1*a: %s", b) 76 } 77 78 a.Put(pool) 79 b.Put(pool) 80 inv.Put(pool) 81 82 if c := pool.Count(); c > 0 { 83 t.Errorf("Pool count non-zero: %d\n", c) 84 } 85 } 86 87 func TestGFp12Invert(t *testing.T) { 88 pool := new(bnPool) 89 90 a := newGFp12(pool) 91 a.x.x.x.SetString("239846234862342323958623", 10) 92 a.x.x.y.SetString("2359862352529835623", 10) 93 a.x.y.x.SetString("928836523", 10) 94 a.x.y.y.SetString("9856234", 10) 95 a.x.z.x.SetString("235635286", 10) 96 a.x.z.y.SetString("5628392833", 10) 97 a.y.x.x.SetString("252936598265329856238956532167968", 10) 98 a.y.x.y.SetString("23596239865236954178968", 10) 99 a.y.y.x.SetString("95421692834", 10) 100 a.y.y.y.SetString("236548", 10) 101 a.y.z.x.SetString("924523", 10) 102 a.y.z.y.SetString("12954623", 10) 103 104 inv := newGFp12(pool) 105 inv.Invert(a, pool) 106 107 b := newGFp12(pool).Mul(inv, a, pool) 108 if !isZero(b.x.x.x) || 109 !isZero(b.x.x.y) || 110 !isZero(b.x.y.x) || 111 !isZero(b.x.y.y) || 112 !isZero(b.x.z.x) || 113 !isZero(b.x.z.y) || 114 !isZero(b.y.x.x) || 115 !isZero(b.y.x.y) || 116 !isZero(b.y.y.x) || 117 !isZero(b.y.y.y) || 118 !isZero(b.y.z.x) || 119 !isOne(b.y.z.y) { 120 t.Fatalf("bad result for a^-1*a: %s", b) 121 } 122 123 a.Put(pool) 124 b.Put(pool) 125 inv.Put(pool) 126 127 if c := pool.Count(); c > 0 { 128 t.Errorf("Pool count non-zero: %d\n", c) 129 } 130 } 131 132 func TestCurveImpl(t *testing.T) { 133 pool := new(bnPool) 134 135 g := &curvePoint{ 136 pool.Get().SetInt64(1), 137 pool.Get().SetInt64(-2), 138 pool.Get().SetInt64(1), 139 pool.Get().SetInt64(0), 140 } 141 142 x := pool.Get().SetInt64(32498273234) 143 X := newCurvePoint(pool).Mul(g, x, pool) 144 145 y := pool.Get().SetInt64(98732423523) 146 Y := newCurvePoint(pool).Mul(g, y, pool) 147 148 s1 := newCurvePoint(pool).Mul(X, y, pool).MakeAffine(pool) 149 s2 := newCurvePoint(pool).Mul(Y, x, pool).MakeAffine(pool) 150 151 if s1.x.Cmp(s2.x) != 0 || 152 s2.x.Cmp(s1.x) != 0 { 153 t.Errorf("DH points don't match: (%s, %s) (%s, %s)", s1.x, s1.y, s2.x, s2.y) 154 } 155 156 pool.Put(x) 157 X.Put(pool) 158 pool.Put(y) 159 Y.Put(pool) 160 s1.Put(pool) 161 s2.Put(pool) 162 g.Put(pool) 163 164 if c := pool.Count(); c > 0 { 165 t.Errorf("Pool count non-zero: %d\n", c) 166 } 167 } 168 169 func TestOrderG1(t *testing.T) { 170 g := new(G1).ScalarBaseMult(Order) 171 if !g.p.IsInfinity() { 172 t.Error("G1 has incorrect order") 173 } 174 175 one := new(G1).ScalarBaseMult(new(big.Int).SetInt64(1)) 176 g.Add(g, one) 177 g.p.MakeAffine(nil) 178 if g.p.x.Cmp(one.p.x) != 0 || g.p.y.Cmp(one.p.y) != 0 { 179 t.Errorf("1+0 != 1 in G1") 180 } 181 } 182 183 func TestOrderG2(t *testing.T) { 184 g := new(G2).ScalarBaseMult(Order) 185 if !g.p.IsInfinity() { 186 t.Error("G2 has incorrect order") 187 } 188 189 one := new(G2).ScalarBaseMult(new(big.Int).SetInt64(1)) 190 g.Add(g, one) 191 g.p.MakeAffine(nil) 192 if g.p.x.x.Cmp(one.p.x.x) != 0 || 193 g.p.x.y.Cmp(one.p.x.y) != 0 || 194 g.p.y.x.Cmp(one.p.y.x) != 0 || 195 g.p.y.y.Cmp(one.p.y.y) != 0 { 196 t.Errorf("1+0 != 1 in G2") 197 } 198 } 199 200 func TestOrderGT(t *testing.T) { 201 gt := Pair(&G1{curveGen}, &G2{twistGen}) 202 g := new(GT).ScalarMult(gt, Order) 203 if !g.p.IsOne() { 204 t.Error("GT has incorrect order") 205 } 206 } 207 208 func TestBilinearity(t *testing.T) { 209 for i := 0; i < 2; i++ { 210 a, p1, _ := RandomG1(rand.Reader) 211 b, p2, _ := RandomG2(rand.Reader) 212 e1 := Pair(p1, p2) 213 214 e2 := Pair(&G1{curveGen}, &G2{twistGen}) 215 e2.ScalarMult(e2, a) 216 e2.ScalarMult(e2, b) 217 218 minusE2 := new(GT).Neg(e2) 219 e1.Add(e1, minusE2) 220 221 if !e1.p.IsOne() { 222 t.Fatalf("bad pairing result: %s", e1) 223 } 224 } 225 } 226 227 func TestG1Marshal(t *testing.T) { 228 g := new(G1).ScalarBaseMult(new(big.Int).SetInt64(1)) 229 form := g.Marshal() 230 _, err := new(G1).Unmarshal(form) 231 if err != nil { 232 t.Fatalf("failed to unmarshal") 233 } 234 235 g.ScalarBaseMult(Order) 236 form = g.Marshal() 237 238 g2 := new(G1) 239 if _, err = g2.Unmarshal(form); err != nil { 240 t.Fatalf("failed to unmarshal ∞") 241 } 242 if !g2.p.IsInfinity() { 243 t.Fatalf("∞ unmarshaled incorrectly") 244 } 245 } 246 247 func TestG2Marshal(t *testing.T) { 248 g := new(G2).ScalarBaseMult(new(big.Int).SetInt64(1)) 249 form := g.Marshal() 250 _, err := new(G2).Unmarshal(form) 251 if err != nil { 252 t.Fatalf("failed to unmarshal") 253 } 254 255 g.ScalarBaseMult(Order) 256 form = g.Marshal() 257 g2 := new(G2) 258 if _, err = g2.Unmarshal(form); err != nil { 259 t.Fatalf("failed to unmarshal ∞") 260 } 261 if !g2.p.IsInfinity() { 262 t.Fatalf("∞ unmarshaled incorrectly") 263 } 264 } 265 266 func TestG1Identity(t *testing.T) { 267 g := new(G1).ScalarBaseMult(new(big.Int).SetInt64(0)) 268 if !g.p.IsInfinity() { 269 t.Error("failure") 270 } 271 } 272 273 func TestG2Identity(t *testing.T) { 274 g := new(G2).ScalarBaseMult(new(big.Int).SetInt64(0)) 275 if !g.p.IsInfinity() { 276 t.Error("failure") 277 } 278 } 279 280 func TestTripartiteDiffieHellman(t *testing.T) { 281 a, _ := rand.Int(rand.Reader, Order) 282 b, _ := rand.Int(rand.Reader, Order) 283 c, _ := rand.Int(rand.Reader, Order) 284 285 pa := new(G1) 286 pa.Unmarshal(new(G1).ScalarBaseMult(a).Marshal()) 287 qa := new(G2) 288 qa.Unmarshal(new(G2).ScalarBaseMult(a).Marshal()) 289 pb := new(G1) 290 pb.Unmarshal(new(G1).ScalarBaseMult(b).Marshal()) 291 qb := new(G2) 292 qb.Unmarshal(new(G2).ScalarBaseMult(b).Marshal()) 293 pc := new(G1) 294 pc.Unmarshal(new(G1).ScalarBaseMult(c).Marshal()) 295 qc := new(G2) 296 qc.Unmarshal(new(G2).ScalarBaseMult(c).Marshal()) 297 298 k1 := Pair(pb, qc) 299 k1.ScalarMult(k1, a) 300 k1Bytes := k1.Marshal() 301 302 k2 := Pair(pc, qa) 303 k2.ScalarMult(k2, b) 304 k2Bytes := k2.Marshal() 305 306 k3 := Pair(pa, qb) 307 k3.ScalarMult(k3, c) 308 k3Bytes := k3.Marshal() 309 310 if !bytes.Equal(k1Bytes, k2Bytes) || !bytes.Equal(k2Bytes, k3Bytes) { 311 t.Errorf("keys didn't agree") 312 } 313 } 314 315 func BenchmarkPairing(b *testing.B) { 316 for i := 0; i < b.N; i++ { 317 Pair(&G1{curveGen}, &G2{twistGen}) 318 } 319 }