1
2
3
4
5 package edwards25519
6
7 import (
8 "testing"
9 "testing/quick"
10 )
11
12 var (
13
14
15 quickCheckConfig32 = &quick.Config{MaxCountScale: 1 << 5}
16
17
18 dalekScalar = Scalar{[32]byte{219, 106, 114, 9, 174, 249, 155, 89, 69, 203, 201, 93, 92, 116, 234, 187, 78, 115, 103, 172, 182, 98, 62, 103, 187, 136, 13, 100, 248, 110, 12, 4}}
19
20 dalekScalarBasepoint, _ = new(Point).SetBytes([]byte{0xf4, 0xef, 0x7c, 0xa, 0x34, 0x55, 0x7b, 0x9f, 0x72, 0x3b, 0xb6, 0x1e, 0xf9, 0x46, 0x9, 0x91, 0x1c, 0xb9, 0xc0, 0x6c, 0x17, 0x28, 0x2d, 0x8b, 0x43, 0x2b, 0x5, 0x18, 0x6a, 0x54, 0x3e, 0x48})
21 )
22
23 func TestScalarMultSmallScalars(t *testing.T) {
24 var z Scalar
25 var p Point
26 p.ScalarMult(&z, B)
27 if I.Equal(&p) != 1 {
28 t.Error("0*B != 0")
29 }
30 checkOnCurve(t, &p)
31
32 z = Scalar{[32]byte{1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}}
33 p.ScalarMult(&z, B)
34 if B.Equal(&p) != 1 {
35 t.Error("1*B != 1")
36 }
37 checkOnCurve(t, &p)
38 }
39
40 func TestScalarMultVsDalek(t *testing.T) {
41 var p Point
42 p.ScalarMult(&dalekScalar, B)
43 if dalekScalarBasepoint.Equal(&p) != 1 {
44 t.Error("Scalar mul does not match dalek")
45 }
46 checkOnCurve(t, &p)
47 }
48
49 func TestBaseMultVsDalek(t *testing.T) {
50 var p Point
51 p.ScalarBaseMult(&dalekScalar)
52 if dalekScalarBasepoint.Equal(&p) != 1 {
53 t.Error("Scalar mul does not match dalek")
54 }
55 checkOnCurve(t, &p)
56 }
57
58 func TestVarTimeDoubleBaseMultVsDalek(t *testing.T) {
59 var p Point
60 var z Scalar
61 p.VarTimeDoubleScalarBaseMult(&dalekScalar, B, &z)
62 if dalekScalarBasepoint.Equal(&p) != 1 {
63 t.Error("VarTimeDoubleScalarBaseMult fails with b=0")
64 }
65 checkOnCurve(t, &p)
66 p.VarTimeDoubleScalarBaseMult(&z, B, &dalekScalar)
67 if dalekScalarBasepoint.Equal(&p) != 1 {
68 t.Error("VarTimeDoubleScalarBaseMult fails with a=0")
69 }
70 checkOnCurve(t, &p)
71 }
72
73 func TestScalarMultDistributesOverAdd(t *testing.T) {
74 scalarMultDistributesOverAdd := func(x, y Scalar) bool {
75 var z Scalar
76 z.Add(&x, &y)
77 var p, q, r, check Point
78 p.ScalarMult(&x, B)
79 q.ScalarMult(&y, B)
80 r.ScalarMult(&z, B)
81 check.Add(&p, &q)
82 checkOnCurve(t, &p, &q, &r, &check)
83 return check.Equal(&r) == 1
84 }
85
86 if err := quick.Check(scalarMultDistributesOverAdd, quickCheckConfig32); err != nil {
87 t.Error(err)
88 }
89 }
90
91 func TestScalarMultNonIdentityPoint(t *testing.T) {
92
93
94
95 scalarMultNonIdentityPoint := func(x Scalar) bool {
96 var p, q Point
97 p.Set(B)
98 q.Set(B)
99
100 p.ScalarMult(&x, B)
101 q.ScalarBaseMult(&x)
102
103 checkOnCurve(t, &p, &q)
104
105 return p.Equal(&q) == 1
106 }
107
108 if err := quick.Check(scalarMultNonIdentityPoint, quickCheckConfig32); err != nil {
109 t.Error(err)
110 }
111 }
112
113 func TestBasepointTableGeneration(t *testing.T) {
114
115
116 basepointTable := basepointTable()
117
118 tmp1 := &projP1xP1{}
119 tmp2 := &projP2{}
120 tmp3 := &Point{}
121 tmp3.Set(B)
122 table := make([]affineLookupTable, 32)
123 for i := 0; i < 32; i++ {
124
125 table[i].FromP3(tmp3)
126
127 if table[i] != basepointTable[i] {
128 t.Errorf("Basepoint table %d does not match", i)
129 }
130
131
132 tmp2.FromP3(tmp3)
133 for j := 0; j < 7; j++ {
134 tmp1.Double(tmp2)
135 tmp2.FromP1xP1(tmp1)
136 }
137 tmp1.Double(tmp2)
138 tmp3.fromP1xP1(tmp1)
139 checkOnCurve(t, tmp3)
140 }
141 }
142
143 func TestScalarMultMatchesBaseMult(t *testing.T) {
144 scalarMultMatchesBaseMult := func(x Scalar) bool {
145 var p, q Point
146 p.ScalarMult(&x, B)
147 q.ScalarBaseMult(&x)
148 checkOnCurve(t, &p, &q)
149 return p.Equal(&q) == 1
150 }
151
152 if err := quick.Check(scalarMultMatchesBaseMult, quickCheckConfig32); err != nil {
153 t.Error(err)
154 }
155 }
156
157 func TestBasepointNafTableGeneration(t *testing.T) {
158 var table nafLookupTable8
159 table.FromP3(B)
160
161 if table != *basepointNafTable() {
162 t.Error("BasepointNafTable does not match")
163 }
164 }
165
166 func TestVarTimeDoubleBaseMultMatchesBaseMult(t *testing.T) {
167 varTimeDoubleBaseMultMatchesBaseMult := func(x, y Scalar) bool {
168 var p, q1, q2, check Point
169
170 p.VarTimeDoubleScalarBaseMult(&x, B, &y)
171
172 q1.ScalarBaseMult(&x)
173 q2.ScalarBaseMult(&y)
174 check.Add(&q1, &q2)
175
176 checkOnCurve(t, &p, &check, &q1, &q2)
177 return p.Equal(&check) == 1
178 }
179
180 if err := quick.Check(varTimeDoubleBaseMultMatchesBaseMult, quickCheckConfig32); err != nil {
181 t.Error(err)
182 }
183 }
184
185
186
187 func BenchmarkScalarBaseMult(t *testing.B) {
188 var p Point
189
190 for i := 0; i < t.N; i++ {
191 p.ScalarBaseMult(&dalekScalar)
192 }
193 }
194
195 func BenchmarkScalarMult(t *testing.B) {
196 var p Point
197
198 for i := 0; i < t.N; i++ {
199 p.ScalarMult(&dalekScalar, B)
200 }
201 }
202
203 func BenchmarkVarTimeDoubleScalarBaseMult(t *testing.B) {
204 var p Point
205
206 for i := 0; i < t.N; i++ {
207 p.VarTimeDoubleScalarBaseMult(&dalekScalar, B, &dalekScalar)
208 }
209 }
210
View as plain text