p256_asm_table_test.go

     1  // Copyright 2021 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build amd64 || arm64
     6  
     7  package elliptic
     8  
     9  import (
    10  	"encoding/binary"
    11  	"reflect"
    12  	"testing"
    13  )
    14  
    15  func TestP256PrecomputedTable(t *testing.T) {
    16  
    17  	basePoint := []uint64{
    18  		0x79e730d418a9143c, 0x75ba95fc5fedb601, 0x79fb732b77622510, 0x18905f76a53755c6,
    19  		0xddf25357ce95560a, 0x8b4ab8e4ba19e45c, 0xd2e88688dd21f325, 0x8571ff1825885d85,
    20  		0x0000000000000001, 0xffffffff00000000, 0xffffffffffffffff, 0x00000000fffffffe,
    21  	}
    22  	t1 := make([]uint64, 12)
    23  	t2 := make([]uint64, 12)
    24  	copy(t2, basePoint)
    25  
    26  	zInv := make([]uint64, 4)
    27  	zInvSq := make([]uint64, 4)
    28  	for j := 0; j < 32; j++ {
    29  		copy(t1, t2)
    30  		for i := 0; i < 43; i++ {
    31  			// The window size is 6 so we need to double 6 times.
    32  			if i != 0 {
    33  				for k := 0; k < 6; k++ {
    34  					p256PointDoubleAsm(t1, t1)
    35  				}
    36  			}
    37  			// Convert the point to affine form. (Its values are
    38  			// still in Montgomery form however.)
    39  			p256Inverse(zInv, t1[8:12])
    40  			p256Sqr(zInvSq, zInv, 1)
    41  			p256Mul(zInv, zInv, zInvSq)
    42  
    43  			p256Mul(t1[:4], t1[:4], zInvSq)
    44  			p256Mul(t1[4:8], t1[4:8], zInv)
    45  
    46  			copy(t1[8:12], basePoint[8:12])
    47  
    48  			buf := make([]byte, 8*8)
    49  			for i, u := range t1[:8] {
    50  				binary.LittleEndian.PutUint64(buf[i*8:i*8+8], u)
    51  			}
    52  			start := i*32*8*8 + j*8*8
    53  			if got, want := p256Precomputed[start:start+64], string(buf); !reflect.DeepEqual(got, want) {
    54  				t.Fatalf("Unexpected table entry at [%d][%d:%d]: got %v, want %v", i, j*8, (j*8)+8, got, want)
    55  			}
    56  		}
    57  		if j == 0 {
    58  			p256PointDoubleAsm(t2, basePoint)
    59  		} else {
    60  			p256PointAddAsm(t2, t2, basePoint)
    61  		}
    62  	}
    63  
    64  }
    65
View as plain text