Bitcoin Core  0.20.99
P2P Digital Currency
tests_exhaustive_impl.h
Go to the documentation of this file.
1 /**********************************************************************
2  * Copyright (c) 2020 Pieter Wuille *
3  * Distributed under the MIT software license, see the accompanying *
4  * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
5  **********************************************************************/
6 
7 #ifndef _SECP256K1_MODULE_EXTRAKEYS_TESTS_EXHAUSTIVE_
8 #define _SECP256K1_MODULE_EXTRAKEYS_TESTS_EXHAUSTIVE_
9 
12 
13 static void test_exhaustive_extrakeys(const secp256k1_context *ctx, const secp256k1_ge* group) {
17  int parities[EXHAUSTIVE_TEST_ORDER - 1];
18  unsigned char xonly_pubkey_bytes[EXHAUSTIVE_TEST_ORDER - 1][32];
19  int i;
20 
21  for (i = 1; i < EXHAUSTIVE_TEST_ORDER; i++) {
22  secp256k1_fe fe;
23  secp256k1_scalar scalar_i;
24  unsigned char buf[33];
25  int parity;
26 
27  secp256k1_scalar_set_int(&scalar_i, i);
28  secp256k1_scalar_get_b32(buf, &scalar_i);
29 
30  /* Construct pubkey and keypair. */
31  CHECK(secp256k1_keypair_create(ctx, &keypair[i - 1], buf));
32  CHECK(secp256k1_ec_pubkey_create(ctx, &pubkey[i - 1], buf));
33 
34  /* Construct serialized xonly_pubkey from keypair. */
35  CHECK(secp256k1_keypair_xonly_pub(ctx, &xonly_pubkey[i - 1], &parities[i - 1], &keypair[i - 1]));
36  CHECK(secp256k1_xonly_pubkey_serialize(ctx, xonly_pubkey_bytes[i - 1], &xonly_pubkey[i - 1]));
37 
38  /* Parse the xonly_pubkey back and verify it matches the previously serialized value. */
39  CHECK(secp256k1_xonly_pubkey_parse(ctx, &xonly_pubkey[i - 1], xonly_pubkey_bytes[i - 1]));
40  CHECK(secp256k1_xonly_pubkey_serialize(ctx, buf, &xonly_pubkey[i - 1]));
41  CHECK(secp256k1_memcmp_var(xonly_pubkey_bytes[i - 1], buf, 32) == 0);
42 
43  /* Construct the xonly_pubkey from the pubkey, and verify it matches the same. */
44  CHECK(secp256k1_xonly_pubkey_from_pubkey(ctx, &xonly_pubkey[i - 1], &parity, &pubkey[i - 1]));
45  CHECK(parity == parities[i - 1]);
46  CHECK(secp256k1_xonly_pubkey_serialize(ctx, buf, &xonly_pubkey[i - 1]));
47  CHECK(secp256k1_memcmp_var(xonly_pubkey_bytes[i - 1], buf, 32) == 0);
48 
49  /* Compare the xonly_pubkey bytes against the precomputed group. */
50  secp256k1_fe_set_b32(&fe, xonly_pubkey_bytes[i - 1]);
51  CHECK(secp256k1_fe_equal_var(&fe, &group[i].x));
52 
53  /* Check the parity against the precomputed group. */
54  fe = group[i].y;
56  CHECK(secp256k1_fe_is_odd(&fe) == parities[i - 1]);
57 
58  /* Verify that the higher half is identical to the lower half mirrored. */
59  if (i > EXHAUSTIVE_TEST_ORDER / 2) {
60  CHECK(secp256k1_memcmp_var(xonly_pubkey_bytes[i - 1], xonly_pubkey_bytes[EXHAUSTIVE_TEST_ORDER - i - 1], 32) == 0);
61  CHECK(parities[i - 1] == 1 - parities[EXHAUSTIVE_TEST_ORDER - i - 1]);
62  }
63  }
64 
65  /* TODO: keypair/xonly_pubkey tweak tests */
66 }
67 
68 #endif
static void secp256k1_fe_normalize_var(secp256k1_fe *r)
Normalize a field element, without constant-time guarantee.
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_create(const secp256k1_context *ctx, secp256k1_keypair *keypair, const unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compute the keypair for a secret key.
Definition: main_impl.h:171
static int secp256k1_fe_is_odd(const secp256k1_fe *a)
Check the "oddness" of a field element.
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_pubkey_create(const secp256k1_context *ctx, secp256k1_pubkey *pubkey, const unsigned char *seckey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Compute the public key for a secret key.
Definition: secp256k1.c:571
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_from_pubkey(const secp256k1_context *ctx, secp256k1_xonly_pubkey *xonly_pubkey, int *pk_parity, const secp256k1_pubkey *pubkey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4)
Converts a secp256k1_pubkey into a secp256k1_xonly_pubkey.
Definition: main_impl.h:72
Opaque data structure that holds a parsed and valid "x-only" public key.
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_xonly_pubkey_parse(const secp256k1_context *ctx, secp256k1_xonly_pubkey *pubkey, const unsigned char *input32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Parse a 32-byte sequence into a xonly_pubkey object.
Definition: main_impl.h:21
static secp256k1_context * ctx
Definition: tests.c:36
A group element of the secp256k1 curve, in affine coordinates.
Definition: group.h:14
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_keypair_xonly_pub(const secp256k1_context *ctx, secp256k1_xonly_pubkey *pubkey, int *pk_parity, const secp256k1_keypair *keypair) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(4)
Get the x-only public key from a keypair.
Definition: main_impl.h:199
#define CHECK(cond)
Definition: util.h:53
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13
Opaque data structure that holds a keypair consisting of a secret and a public key.
static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar *a)
Convert a scalar to a byte array.
static int secp256k1_fe_set_b32(secp256k1_fe *r, const unsigned char *a)
Set a field element equal to 32-byte big endian value.
static int secp256k1_fe_equal_var(const secp256k1_fe *a, const secp256k1_fe *b)
Same as secp256k1_fe_equal, but may be variable time.
static void test_exhaustive_extrakeys(const secp256k1_context *ctx, const secp256k1_ge *group)
#define EXHAUSTIVE_TEST_ORDER
static void secp256k1_scalar_set_int(secp256k1_scalar *r, unsigned int v)
Set a scalar to an unsigned integer.
static SECP256K1_INLINE int secp256k1_memcmp_var(const void *s1, const void *s2, size_t n)
Semantics like memcmp.
Definition: util.h:224
SECP256K1_API int secp256k1_xonly_pubkey_serialize(const secp256k1_context *ctx, unsigned char *output32, const secp256k1_xonly_pubkey *pubkey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3)
Serialize an xonly_pubkey object into a 32-byte sequence.
Definition: main_impl.h:43
secp256k1_fe y
Definition: group.h:16
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:67