ellswift_2tests__exhaustive__impl_8h_source.html

 /***********************************************************************

  * Distributed under the MIT software license, see the accompanying    *

  * file COPYING or https://www.opensource.org/licenses/mit-license.php.*

  ***********************************************************************/


 #ifndef SECP256K1_MODULE_ELLSWIFT_TESTS_EXHAUSTIVE_H

 #define SECP256K1_MODULE_ELLSWIFT_TESTS_EXHAUSTIVE_H


 #include "../../../include/secp256k1_ellswift.h"

 #include "main_impl.h"


 static void test_exhaustive_ellswift(const secp256k1_context *ctx, const secp256k1_ge *group) {

     int i;


     /* Note that SwiftEC/ElligatorSwift are inherently curve operations, not

      * group operations, and this test only checks the curve points which are in

      * a tiny subgroup. In that sense it can't be really seen as exhaustive as

      * it doesn't (and for computational reasons obviously cannot) test the

      * entire domain ellswift operates under. */

     for (i = 1; i < EXHAUSTIVE_TEST_ORDER; i++) {

         secp256k1_scalar scalar_i;

         unsigned char sec32[32];

         unsigned char ell64[64];

         secp256k1_pubkey pub_decoded;

         secp256k1_ge ge_decoded;


         /* Construct ellswift pubkey from exhaustive loop scalar i. */

         secp256k1_scalar_set_int(&scalar_i, i);

         secp256k1_scalar_get_b32(sec32, &scalar_i);

         CHECK(secp256k1_ellswift_create(ctx, ell64, sec32, NULL));


         /* Decode ellswift pubkey and check that it matches the precomputed group element. */

         secp256k1_ellswift_decode(ctx, &pub_decoded, ell64);

         secp256k1_pubkey_load(ctx, &ge_decoded, &pub_decoded);

         CHECK(secp256k1_ge_eq_var(&ge_decoded, &group[i]));

     }

 }


 #endif

test_exhaustive_ellswift
static void test_exhaustive_ellswift(const secp256k1_context *ctx, const secp256k1_ge *group)
Definition: tests_exhaustive_impl.h:12

secp256k1_ge_eq_var
static int secp256k1_ge_eq_var(const secp256k1_ge *a, const secp256k1_ge *b)
Check two group elements (affine) for equality in variable time.

CHECK
#define CHECK(cond)
Unconditional failure on condition failure.
Definition: util.h:35

tests_wycheproof_generate.group
group
Definition: tests_wycheproof_generate.py:36

secp256k1_scalar_set_int
static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsigned int v)
Set a scalar to an unsigned integer.

secp256k1_scalar_get_b32
static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar *a)
Convert a scalar to a byte array.

main_impl.h

secp256k1_pubkey_load
static int secp256k1_pubkey_load(const secp256k1_context *ctx, secp256k1_ge *ge, const secp256k1_pubkey *pubkey)
Definition: secp256k1.c:239

secp256k1_ellswift_create
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ellswift_create(const secp256k1_context *ctx, unsigned char *ell64, const unsigned char *seckey32, const unsigned char *auxrnd32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compute an ElligatorSwift public key for a secret key.
Definition: main_impl.h:450

secp256k1_ellswift_decode
SECP256K1_API int secp256k1_ellswift_decode(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *ell64) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Decode a 64-bytes ElligatorSwift encoded public key.
Definition: main_impl.h:489

secp256k1_context_struct
Definition: secp256k1.c:60

secp256k1_ge
A group element in affine coordinates on the secp256k1 curve, or occasionally on an isomorphic curve ...
Definition: group.h:16

secp256k1_pubkey
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:74

secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13

EXHAUSTIVE_TEST_ORDER
#define EXHAUSTIVE_TEST_ORDER
Definition: tests_exhaustive.c:13