1 #include "testutils.h"
2 
3 void
test_main(void)4 test_main (void)
5 {
6   gmp_randstate_t rands;
7   mpz_t r;
8   unsigned i;
9 
10   gmp_randinit_default (rands);
11   mpz_init (r);
12 
13   for (i = 0; ecc_curves[i]; i++)
14     {
15       const struct ecc_curve *ecc = ecc_curves[i];
16       mp_size_t size = ecc_size (ecc);
17       mp_limb_t *g = xalloc_limbs (ecc_size_a (ecc));
18       mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc));
19       mp_limb_t *q = xalloc_limbs (ecc_size_j (ecc));
20       mp_limb_t *n = xalloc_limbs (size);
21       mp_limb_t *scratch = xalloc_limbs (ecc->mul_itch);
22       unsigned j;
23 
24       test_ecc_get_ga (i, g);
25       mpn_zero (n, size);
26 
27       for (n[0] = 1; n[0] <= 4; n[0]++)
28 	{
29 	  ecc->mul (ecc, p, n, g, scratch);
30 	  test_ecc_mul_h (i, n[0], p);
31 	}
32 
33       /* (order - 1) * g = - g */
34       mpn_sub_1 (n, ecc->q.m, size, 1);
35       ecc->mul (ecc, p, n, g, scratch);
36       ecc->h_to_a (ecc, 0, p, p, scratch);
37       if (ecc->p.bit_size == 255 || ecc->p.bit_size == 448)
38 	/* For edwards curves, - (x,y ) == (-x, y). FIXME: Swap x and
39 	   y, to get identical negation? */
40 	mpn_sub_n (p, ecc->p.m, p, size);
41       else
42 	mpn_sub_n (p + size, ecc->p.m, p + size, size);
43 
44       test_ecc_ga (i, p);
45 
46       mpn_zero (n, size);
47 
48       for (j = 0; j < 100; j++)
49 	{
50 	  if (j & 1)
51 	    mpz_rrandomb (r, rands, size * GMP_NUMB_BITS);
52 	  else
53 	    mpz_urandomb (r, rands, size * GMP_NUMB_BITS);
54 
55 	  /* Reduce so that (almost surely) n < q */
56 	  mpz_limbs_copy (n, r, size);
57 	  n[size - 1] %= ecc->q.m[size - 1];
58 
59 	  ecc->mul (ecc, p, n, g, scratch);
60 	  ecc->h_to_a (ecc, 0, p, p, scratch);
61 
62 	  ecc->mul_g (ecc, q, n, scratch);
63 	  ecc->h_to_a (ecc, 0, q, q, scratch);
64 
65 	  if (mpn_cmp (p, q, 2*size))
66 	    {
67 	      fprintf (stderr,
68 		       "Different results from ecc->mul and ecc->mul_g.\n"
69 		       " bits = %u\n",
70 		       ecc->p.bit_size);
71 	      fprintf (stderr, " n = ");
72 	      mpn_out_str (stderr, 16, n, size);
73 
74 	      fprintf (stderr, "\np = ");
75 	      mpn_out_str (stderr, 16, p, size);
76 	      fprintf (stderr, ",\n    ");
77 	      mpn_out_str (stderr, 16, p + size, size);
78 
79 	      fprintf (stderr, "\nq = ");
80 	      mpn_out_str (stderr, 16, q, size);
81 	      fprintf (stderr, ",\n    ");
82 	      mpn_out_str (stderr, 16, q + size, size);
83 	      fprintf (stderr, "\n");
84 	      abort ();
85 	    }
86 	}
87       free (g);
88       free (n);
89       free (p);
90       free (q);
91       free (scratch);
92     }
93   mpz_clear (r);
94   gmp_randclear (rands);
95 }
96