Skip to content

Commit

Permalink
Replace ge_equals_ge[,j] calls with group.h equality calls
Browse files Browse the repository at this point in the history
  • Loading branch information
sipa committed Dec 1, 2023
1 parent d1c973a commit a664a95
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 55 deletions.
2 changes: 1 addition & 1 deletion src/modules/ellswift/tests_exhaustive_impl.h
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ static void test_exhaustive_ellswift(const secp256k1_context *ctx, const secp256
/* Decode ellswift pubkey and check that it matches the precomputed group element. */
secp256k1_ellswift_decode(ctx, &pub_decoded, ell64);
secp256k1_pubkey_load(ctx, &ge_decoded, &pub_decoded);
ge_equals_ge(&ge_decoded, &group[i]);
CHECK(secp256k1_ge_eq_var(&ge_decoded, &group[i]));
}
}

Expand Down
4 changes: 2 additions & 2 deletions src/modules/ellswift/tests_impl.h
Original file line number Diff line number Diff line change
Expand Up @@ -237,7 +237,7 @@ void run_ellswift_tests(void) {
secp256k1_ellswift_decode(CTX, &pubkey2, ell64);
secp256k1_pubkey_load(CTX, &g2, &pubkey2);
/* Compare with original. */
ge_equals_ge(&g, &g2);
CHECK(secp256k1_ge_eq_var(&g, &g2));
}
/* Verify the behavior of secp256k1_ellswift_create */
for (i = 0; i < 400 * COUNT; i++) {
Expand All @@ -259,7 +259,7 @@ void run_ellswift_tests(void) {
secp256k1_ellswift_decode(CTX, &pub, ell64);
secp256k1_pubkey_load(CTX, &dec, &pub);
secp256k1_ecmult(&res, NULL, &secp256k1_scalar_zero, &sec);
ge_equals_gej(&dec, &res);
CHECK(secp256k1_gej_eq_ge_var(&res, &dec));
}
/* Verify that secp256k1_ellswift_xdh computes the right shared X coordinate. */
for (i = 0; i < 800 * COUNT; i++) {
Expand Down
60 changes: 30 additions & 30 deletions src/tests.c
Original file line number Diff line number Diff line change
Expand Up @@ -3776,7 +3776,7 @@ static void test_ge(void) {

/* Test gej + ge with Z ratio result (var). */
secp256k1_gej_add_ge_var(&resj, &gej[i1], &ge[i2], secp256k1_gej_is_infinity(&gej[i1]) ? NULL : &zr);
ge_equals_gej(&ref, &resj);
CHECK(secp256k1_gej_eq_ge_var(&resj, &ref));
if (!secp256k1_gej_is_infinity(&gej[i1]) && !secp256k1_gej_is_infinity(&resj)) {
secp256k1_fe zrz; secp256k1_fe_mul(&zrz, &zr, &gej[i1].z);
CHECK(secp256k1_fe_equal(&zrz, &resj.z));
Expand All @@ -3790,31 +3790,31 @@ static void test_ge(void) {
random_ge_x_magnitude(&ge2_zfi);
random_ge_y_magnitude(&ge2_zfi);
secp256k1_gej_add_zinv_var(&resj, &gej[i1], &ge2_zfi, &zf);
ge_equals_gej(&ref, &resj);
CHECK(secp256k1_gej_eq_ge_var(&resj, &ref));
}

/* Test gej + ge (const). */
if (i2 != 0) {
/* secp256k1_gej_add_ge does not support its second argument being infinity. */
secp256k1_gej_add_ge(&resj, &gej[i1], &ge[i2]);
ge_equals_gej(&ref, &resj);
CHECK(secp256k1_gej_eq_ge_var(&resj, &ref));
}

/* Test doubling (var). */
if ((i1 == 0 && i2 == 0) || ((i1 + 3)/4 == (i2 + 3)/4 && ((i1 + 3)%4)/2 == ((i2 + 3)%4)/2)) {
secp256k1_fe zr2;
/* Normal doubling with Z ratio result. */
secp256k1_gej_double_var(&resj, &gej[i1], &zr2);
ge_equals_gej(&ref, &resj);
CHECK(secp256k1_gej_eq_ge_var(&resj, &ref));
/* Check Z ratio. */
secp256k1_fe_mul(&zr2, &zr2, &gej[i1].z);
CHECK(secp256k1_fe_equal(&zr2, &resj.z));
/* Normal doubling. */
secp256k1_gej_double_var(&resj, &gej[i2], NULL);
ge_equals_gej(&ref, &resj);
CHECK(secp256k1_gej_eq_ge_var(&resj, &ref));
/* Constant-time doubling. */
secp256k1_gej_double(&resj, &gej[i2]);
ge_equals_gej(&ref, &resj);
CHECK(secp256k1_gej_eq_ge_var(&resj, &ref));
}

/* Test adding opposites. */
Expand All @@ -3826,12 +3826,12 @@ static void test_ge(void) {
if (i1 == 0) {
CHECK(secp256k1_ge_is_infinity(&ge[i1]));
CHECK(secp256k1_gej_is_infinity(&gej[i1]));
ge_equals_gej(&ref, &gej[i2]);
CHECK(secp256k1_gej_eq_ge_var(&gej[i2], &ref));
}
if (i2 == 0) {
CHECK(secp256k1_ge_is_infinity(&ge[i2]));
CHECK(secp256k1_gej_is_infinity(&gej[i2]));
ge_equals_gej(&ref, &gej[i1]);
CHECK(secp256k1_gej_eq_ge_var(&gej[i1], &ref));
}
}
}
Expand Down Expand Up @@ -3866,7 +3866,7 @@ static void test_ge(void) {
secp256k1_fe s;
random_fe_non_zero(&s);
secp256k1_gej_rescale(&gej[i], &s);
ge_equals_gej(&ge_set_all[i], &gej[i]);
CHECK(secp256k1_gej_eq_ge_var(&gej[i], &ge_set_all[i]));
}
free(ge_set_all);
}
Expand Down Expand Up @@ -3910,7 +3910,7 @@ static void test_ge(void) {
secp256k1_ge_set_all_gej_var(ge, gej, 4 * runs + 1);
/* check result */
for (i = 0; i < 4 * runs + 1; i++) {
ge_equals_gej(&ge[i], &gej[i]);
CHECK(secp256k1_gej_eq_ge_var(&gej[i], &ge[i]));
}

/* Test batch gej -> ge conversion with all infinities. */
Expand Down Expand Up @@ -4009,15 +4009,15 @@ static void test_add_neg_y_diff_x(void) {

secp256k1_gej_add_var(&resj, &aj, &bj, NULL);
secp256k1_ge_set_gej(&res, &resj);
ge_equals_gej(&res, &sumj);
CHECK(secp256k1_gej_eq_ge_var(&sumj, &res));

secp256k1_gej_add_ge(&resj, &aj, &b);
secp256k1_ge_set_gej(&res, &resj);
ge_equals_gej(&res, &sumj);
CHECK(secp256k1_gej_eq_ge_var(&sumj, &res));

secp256k1_gej_add_ge_var(&resj, &aj, &b, NULL);
secp256k1_ge_set_gej(&res, &resj);
ge_equals_gej(&res, &sumj);
CHECK(secp256k1_gej_eq_ge_var(&sumj, &res));
}

static void run_ge(void) {
Expand Down Expand Up @@ -4310,10 +4310,10 @@ static void test_point_times_order(const secp256k1_gej *point) {
CHECK(secp256k1_ge_is_infinity(&res3));
secp256k1_ecmult(&res1, point, &secp256k1_scalar_one, &secp256k1_scalar_zero);
secp256k1_ge_set_gej(&res3, &res1);
ge_equals_gej(&res3, point);
CHECK(secp256k1_gej_eq_ge_var(point, &res3));
secp256k1_ecmult(&res1, point, &secp256k1_scalar_zero, &secp256k1_scalar_one);
secp256k1_ge_set_gej(&res3, &res1);
ge_equals_ge(&res3, &secp256k1_ge_const_g);
CHECK(secp256k1_ge_eq_var(&secp256k1_ge_const_g, &res3));
}

/* These scalars reach large (in absolute value) outputs when fed to secp256k1_scalar_split_lambda.
Expand Down Expand Up @@ -4441,7 +4441,7 @@ static void ecmult_const_random_mult(void) {
secp256k1_ecmult_const(&b, &a, &xn);

CHECK(secp256k1_ge_is_valid_var(&a));
ge_equals_gej(&expected_b, &b);
CHECK(secp256k1_gej_eq_ge_var(&b, &expected_b));
}

static void ecmult_const_commutativity(void) {
Expand All @@ -4462,7 +4462,7 @@ static void ecmult_const_commutativity(void) {
secp256k1_ecmult_const(&res2, &mid2, &a);
secp256k1_ge_set_gej(&mid1, &res1);
secp256k1_ge_set_gej(&mid2, &res2);
ge_equals_ge(&mid1, &mid2);
CHECK(secp256k1_ge_eq_var(&mid1, &mid2));
}

static void ecmult_const_mult_zero_one(void) {
Expand All @@ -4489,13 +4489,13 @@ static void ecmult_const_mult_zero_one(void) {
/* 1*point */
secp256k1_ecmult_const(&res1, &point, &secp256k1_scalar_one);
secp256k1_ge_set_gej(&res2, &res1);
ge_equals_ge(&res2, &point);
CHECK(secp256k1_ge_eq_var(&res2, &point));

/* -1*point */
secp256k1_ecmult_const(&res1, &point, &negone);
secp256k1_gej_neg(&res1, &res1);
secp256k1_ge_set_gej(&res2, &res1);
ge_equals_ge(&res2, &point);
CHECK(secp256k1_ge_eq_var(&res2, &point));
}

static void ecmult_const_check_result(const secp256k1_ge *A, const secp256k1_scalar* q, const secp256k1_gej *res) {
Expand All @@ -4504,7 +4504,7 @@ static void ecmult_const_check_result(const secp256k1_ge *A, const secp256k1_sca
secp256k1_gej_set_ge(&pointj, A);
secp256k1_ecmult(&res2j, &pointj, q, &secp256k1_scalar_zero);
secp256k1_ge_set_gej(&res2, &res2j);
ge_equals_gej(&res2, res);
CHECK(secp256k1_gej_eq_ge_var(res, &res2));
}

static void ecmult_const_edges(void) {
Expand Down Expand Up @@ -4612,7 +4612,7 @@ static void ecmult_const_chain_multiply(void) {
secp256k1_ecmult_const(&point, &tmp, &scalar);
}
secp256k1_ge_set_gej(&res, &point);
ge_equals_gej(&res, &expected_point);
CHECK(secp256k1_gej_eq_ge_var(&expected_point, &res));
}

static void run_ecmult_const_tests(void) {
Expand Down Expand Up @@ -5420,11 +5420,11 @@ static void test_ecmult_accumulate(secp256k1_sha256* acc, const secp256k1_scalar
secp256k1_ecmult_multi_var(NULL, scratch, &rj5, &secp256k1_scalar_zero, test_ecmult_accumulate_cb, (void*)x, 1);
secp256k1_ecmult_const(&rj6, &secp256k1_ge_const_g, x);
secp256k1_ge_set_gej_var(&r, &rj1);
ge_equals_gej(&r, &rj2);
ge_equals_gej(&r, &rj3);
ge_equals_gej(&r, &rj4);
ge_equals_gej(&r, &rj5);
ge_equals_gej(&r, &rj6);
CHECK(secp256k1_gej_eq_ge_var(&rj2, &r));
CHECK(secp256k1_gej_eq_ge_var(&rj3, &r));
CHECK(secp256k1_gej_eq_ge_var(&rj4, &r));
CHECK(secp256k1_gej_eq_ge_var(&rj5, &r));
CHECK(secp256k1_gej_eq_ge_var(&rj6, &r));
if (secp256k1_ge_is_infinity(&r)) {
/* Store infinity as 0x00 */
const unsigned char zerobyte[1] = {0};
Expand Down Expand Up @@ -5578,7 +5578,7 @@ static void test_ecmult_gen_blind(void) {
CHECK(!gej_xyz_equals_gej(&pgej, &pgej2));
CHECK(!gej_xyz_equals_gej(&i, &CTX->ecmult_gen_ctx.initial));
secp256k1_ge_set_gej(&pge, &pgej);
ge_equals_gej(&pge, &pgej2);
CHECK(secp256k1_gej_eq_ge_var(&pgej2, &pge));
}

static void test_ecmult_gen_blind_reset(void) {
Expand Down Expand Up @@ -5969,7 +5969,7 @@ static void run_ec_pubkey_parse_test(void) {
SECP256K1_CHECKMEM_CHECK(&ge.x, sizeof(ge.x));
SECP256K1_CHECKMEM_CHECK(&ge.y, sizeof(ge.y));
SECP256K1_CHECKMEM_CHECK(&ge.infinity, sizeof(ge.infinity));
ge_equals_ge(&secp256k1_ge_const_g, &ge);
CHECK(secp256k1_ge_eq_var(&ge, &secp256k1_ge_const_g));
/* secp256k1_ec_pubkey_serialize illegal args. */
len = 65;
CHECK_ILLEGAL(CTX, secp256k1_ec_pubkey_serialize(CTX, NULL, &len, &pubkey, SECP256K1_EC_UNCOMPRESSED));
Expand Down Expand Up @@ -6538,7 +6538,7 @@ static void test_random_pubkeys(void) {
CHECK(secp256k1_eckey_pubkey_serialize(&elem, in, &size, 0));
CHECK(size == 65);
CHECK(secp256k1_eckey_pubkey_parse(&elem2, in, size));
ge_equals_ge(&elem,&elem2);
CHECK(secp256k1_ge_eq_var(&elem2, &elem));
/* Check that the X9.62 hybrid type is checked. */
in[0] = secp256k1_testrand_bits(1) ? 6 : 7;
res = secp256k1_eckey_pubkey_parse(&elem2, in, size);
Expand All @@ -6550,7 +6550,7 @@ static void test_random_pubkeys(void) {
}
}
if (res) {
ge_equals_ge(&elem,&elem2);
CHECK(secp256k1_ge_eq_var(&elem, &elem2));
CHECK(secp256k1_eckey_pubkey_serialize(&elem, out, &size, 0));
CHECK(secp256k1_memcmp_var(&in[1], &out[1], 64) == 0);
}
Expand Down
25 changes: 12 additions & 13 deletions src/tests_exhaustive.c
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ static void test_exhaustive_endomorphism(const secp256k1_ge *group) {
for (i = 0; i < EXHAUSTIVE_TEST_ORDER; i++) {
secp256k1_ge res;
secp256k1_ge_mul_lambda(&res, &group[i]);
ge_equals_ge(&group[i * EXHAUSTIVE_TEST_LAMBDA % EXHAUSTIVE_TEST_ORDER], &res);
CHECK(secp256k1_ge_eq_var(&group[i * EXHAUSTIVE_TEST_LAMBDA % EXHAUSTIVE_TEST_ORDER], &res));
}
}

Expand All @@ -93,41 +93,41 @@ static void test_exhaustive_addition(const secp256k1_ge *group, const secp256k1_
secp256k1_gej tmp;
/* add_var */
secp256k1_gej_add_var(&tmp, &groupj[i], &groupj[j], NULL);
ge_equals_gej(&group[(i + j) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i + j) % EXHAUSTIVE_TEST_ORDER]));
/* add_ge */
if (j > 0) {
secp256k1_gej_add_ge(&tmp, &groupj[i], &group[j]);
ge_equals_gej(&group[(i + j) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i + j) % EXHAUSTIVE_TEST_ORDER]));
}
/* add_ge_var */
secp256k1_gej_add_ge_var(&tmp, &groupj[i], &group[j], NULL);
ge_equals_gej(&group[(i + j) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i + j) % EXHAUSTIVE_TEST_ORDER]));
/* add_zinv_var */
zless_gej.infinity = groupj[j].infinity;
zless_gej.x = groupj[j].x;
zless_gej.y = groupj[j].y;
secp256k1_gej_add_zinv_var(&tmp, &groupj[i], &zless_gej, &fe_inv);
ge_equals_gej(&group[(i + j) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i + j) % EXHAUSTIVE_TEST_ORDER]));
}
}

/* Check doubling */
for (i = 0; i < EXHAUSTIVE_TEST_ORDER; i++) {
secp256k1_gej tmp;
secp256k1_gej_double(&tmp, &groupj[i]);
ge_equals_gej(&group[(2 * i) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(2 * i) % EXHAUSTIVE_TEST_ORDER]));
secp256k1_gej_double_var(&tmp, &groupj[i], NULL);
ge_equals_gej(&group[(2 * i) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(2 * i) % EXHAUSTIVE_TEST_ORDER]));
}

/* Check negation */
for (i = 1; i < EXHAUSTIVE_TEST_ORDER; i++) {
secp256k1_ge tmp;
secp256k1_gej tmpj;
secp256k1_ge_neg(&tmp, &group[i]);
ge_equals_ge(&group[EXHAUSTIVE_TEST_ORDER - i], &tmp);
CHECK(secp256k1_ge_eq_var(&tmp, &group[EXHAUSTIVE_TEST_ORDER - i]));
secp256k1_gej_neg(&tmpj, &groupj[i]);
ge_equals_gej(&group[EXHAUSTIVE_TEST_ORDER - i], &tmpj);
CHECK(secp256k1_gej_eq_ge_var(&tmpj, &group[EXHAUSTIVE_TEST_ORDER - i]));
}
}

Expand All @@ -144,8 +144,7 @@ static void test_exhaustive_ecmult(const secp256k1_ge *group, const secp256k1_ge
secp256k1_scalar_set_int(&ng, j);

secp256k1_ecmult(&tmp, &groupj[r_log], &na, &ng);
ge_equals_gej(&group[(i * r_log + j) % EXHAUSTIVE_TEST_ORDER], &tmp);

CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i * r_log + j) % EXHAUSTIVE_TEST_ORDER]));
}
}
}
Expand All @@ -163,7 +162,7 @@ static void test_exhaustive_ecmult(const secp256k1_ge *group, const secp256k1_ge

/* Test secp256k1_ecmult_const. */
secp256k1_ecmult_const(&tmp, &group[i], &ng);
ge_equals_gej(&group[(i * j) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i * j) % EXHAUSTIVE_TEST_ORDER]));

if (i != 0 && j != 0) {
/* Test secp256k1_ecmult_const_xonly with all curve X coordinates, and xd=NULL. */
Expand Down Expand Up @@ -215,7 +214,7 @@ static void test_exhaustive_ecmult_multi(const secp256k1_context *ctx, const sec
data.pt[1] = group[y];

secp256k1_ecmult_multi_var(&ctx->error_callback, scratch, &tmp, &g_sc, ecmult_multi_callback, &data, 2);
ge_equals_gej(&group[(i * x + j * y + k) % EXHAUSTIVE_TEST_ORDER], &tmp);
CHECK(secp256k1_gej_eq_ge_var(&tmp, &group[(i * x + j * y + k) % EXHAUSTIVE_TEST_ORDER]));
}
}
}
Expand Down
9 changes: 0 additions & 9 deletions src/testutil.h
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
#define SECP256K1_TESTUTIL_H

#include "field.h"
#include "group.h"
#include "testrand.h"
#include "util.h"

Expand All @@ -27,12 +26,4 @@ static void random_fe_non_zero(secp256k1_fe *nz) {
} while (secp256k1_fe_is_zero(nz));
}

static void ge_equals_ge(const secp256k1_ge *a, const secp256k1_ge *b) {
CHECK(secp256k1_ge_eq_var(a, b));
}

static void ge_equals_gej(const secp256k1_ge *a, const secp256k1_gej *b) {
CHECK(secp256k1_gej_eq_ge_var(b, a));
}

#endif /* SECP256K1_TESTUTIL_H */

0 comments on commit a664a95

Please sign in to comment.