testutil_8h_source.html

/***********************************************************************

 * Distributed under the MIT software license, see the accompanying    *

 * file COPYING or https://www.opensource.org/licenses/mit-license.php.*

 ***********************************************************************/


#ifndef SECP256K1_TESTUTIL_H

#define SECP256K1_TESTUTIL_H


#include "field.h"

#include "group.h"

#include "testrand.h"

#include "util.h"


/* Helper for when we need to check that the ctx-provided sha256 compression was called */

#define DEFINE_SHA256_TRANSFORM_PROBE(name)                                     \

    static int name##_called = 0;                                               \

    static void name(uint32_t *s, const unsigned char *msg, size_t rounds) {    \

        name##_called = 1;                                                      \

        secp256k1_sha256_transform(s, msg, rounds);                             \

        s[0] ^= 0xdeadbeef; /* intentional perturbation for testing */          \

    }


/* group order of the secp256k1 curve in 32-byte big endian representation */

static const unsigned char secp256k1_group_order_bytes[32] = {

    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,

    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,

    0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b,

    0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41

};


static void testutil_random_fe(secp256k1_fe *x) {

    unsigned char bin[32];

    do {

        testrand256(bin);

        if (secp256k1_fe_set_b32_limit(x, bin)) {

            return;

        }

    } while(1);

}


static void testutil_random_fe_non_zero(secp256k1_fe *nz) {

    do {

        testutil_random_fe(nz);

    } while (secp256k1_fe_is_zero(nz));

}


static void testutil_random_fe_magnitude(secp256k1_fe *fe, int m) {

    secp256k1_fe zero;

    int n = testrand_int(m + 1);

    secp256k1_fe_normalize(fe);

    if (n == 0) {

        return;

    }

    secp256k1_fe_set_int(&zero, 0);

    secp256k1_fe_negate(&zero, &zero, 0);

    secp256k1_fe_mul_int_unchecked(&zero, n - 1);

    secp256k1_fe_add(fe, &zero);

#ifdef VERIFY

    CHECK(fe->magnitude == n);

#endif

}


static void testutil_random_fe_test(secp256k1_fe *x) {

    unsigned char bin[32];

    do {

        testrand256_test(bin);

        if (secp256k1_fe_set_b32_limit(x, bin)) {

            return;

        }

    } while(1);

}


static void testutil_random_fe_non_zero_test(secp256k1_fe *fe) {

    do {

        testutil_random_fe_test(fe);

    } while(secp256k1_fe_is_zero(fe));

}


static void testutil_random_ge_x_magnitude(secp256k1_ge *ge) {

    testutil_random_fe_magnitude(&ge->x, SECP256K1_GE_X_MAGNITUDE_MAX);

}


static void testutil_random_ge_y_magnitude(secp256k1_ge *ge) {

    testutil_random_fe_magnitude(&ge->y, SECP256K1_GE_Y_MAGNITUDE_MAX);

}


static void testutil_random_gej_x_magnitude(secp256k1_gej *gej) {

    testutil_random_fe_magnitude(&gej->x, SECP256K1_GEJ_X_MAGNITUDE_MAX);

}


static void testutil_random_gej_y_magnitude(secp256k1_gej *gej) {

    testutil_random_fe_magnitude(&gej->y, SECP256K1_GEJ_Y_MAGNITUDE_MAX);

}


static void testutil_random_gej_z_magnitude(secp256k1_gej *gej) {

    testutil_random_fe_magnitude(&gej->z, SECP256K1_GEJ_Z_MAGNITUDE_MAX);

}


static void testutil_random_ge_test(secp256k1_ge *ge) {

    secp256k1_fe fe;

    do {

        testutil_random_fe_test(&fe);

        if (secp256k1_ge_set_xo_var(ge, &fe, testrand_bits(1))) {

            secp256k1_fe_normalize(&ge->y);

            break;

        }

    } while(1);

}


static void testutil_random_ge_jacobian_test(secp256k1_gej *gej, const secp256k1_ge *ge) {

    secp256k1_fe z;

    testutil_random_fe_non_zero_test(&z);

    secp256k1_gej_set_ge(gej, ge);

    secp256k1_gej_rescale(gej, &z);

}


static void testutil_random_gej_test(secp256k1_gej *gej) {

    secp256k1_ge ge;

    testutil_random_ge_test(&ge);

    testutil_random_ge_jacobian_test(gej, &ge);

}


static void testutil_random_pubkey_test(secp256k1_pubkey *pk) {

    secp256k1_ge ge;

    testutil_random_ge_test(&ge);

    secp256k1_pubkey_save(pk, &ge);

}


static void testutil_random_scalar_order_test(secp256k1_scalar *num) {

    do {

        unsigned char b32[32];

        int overflow = 0;

        testrand256_test(b32);

        secp256k1_scalar_set_b32(num, b32, &overflow);

        if (overflow || secp256k1_scalar_is_zero(num)) {

            continue;

        }

        break;

    } while(1);

}


static void testutil_random_scalar_order(secp256k1_scalar *num) {

    do {

        unsigned char b32[32];

        int overflow = 0;

        testrand256(b32);

        secp256k1_scalar_set_b32(num, b32, &overflow);

        if (overflow || secp256k1_scalar_is_zero(num)) {

            continue;

        }

        break;

    } while(1);

}


static void testutil_random_scalar_order_b32(unsigned char *b32) {

    secp256k1_scalar num;

    testutil_random_scalar_order(&num);

    secp256k1_scalar_get_b32(b32, &num);

}


#endif /* SECP256K1_TESTUTIL_H */

field.h

secp256k1_fe_negate
#define secp256k1_fe_negate(r, a, m)
Negate a field element.
Definition: field.h:211

secp256k1_fe_add
#define secp256k1_fe_add
Definition: field.h:92

secp256k1_fe_is_zero
#define secp256k1_fe_is_zero
Definition: field.h:84

secp256k1_fe_mul_int_unchecked
#define secp256k1_fe_mul_int_unchecked
Definition: field.h:91

secp256k1_fe_set_b32_limit
#define secp256k1_fe_set_b32_limit
Definition: field.h:88

secp256k1_fe_normalize
#define secp256k1_fe_normalize
Definition: field.h:78

secp256k1_fe_set_int
#define secp256k1_fe_set_int
Definition: field.h:83

group.h

SECP256K1_GE_X_MAGNITUDE_MAX
#define SECP256K1_GE_X_MAGNITUDE_MAX
Maximum allowed magnitudes for group element coordinates in affine (x, y) and jacobian (x,...
Definition: group.h:49

secp256k1_ge_set_xo_var
static int secp256k1_ge_set_xo_var(secp256k1_ge *r, const secp256k1_fe *x, int odd)
Set a group element (affine) equal to the point with the given X coordinate, and given oddness for Y.

SECP256K1_GEJ_Y_MAGNITUDE_MAX
#define SECP256K1_GEJ_Y_MAGNITUDE_MAX
Definition: group.h:52

secp256k1_gej_rescale
static void secp256k1_gej_rescale(secp256k1_gej *r, const secp256k1_fe *b)
Rescale a jacobian point by b which must be non-zero.

SECP256K1_GE_Y_MAGNITUDE_MAX
#define SECP256K1_GE_Y_MAGNITUDE_MAX
Definition: group.h:50

secp256k1_gej_set_ge
static void secp256k1_gej_set_ge(secp256k1_gej *r, const secp256k1_ge *a)
Set a group element (jacobian) equal to another which is given in affine coordinates.

SECP256K1_GEJ_Z_MAGNITUDE_MAX
#define SECP256K1_GEJ_Z_MAGNITUDE_MAX
Definition: group.h:53

SECP256K1_GEJ_X_MAGNITUDE_MAX
#define SECP256K1_GEJ_X_MAGNITUDE_MAX
Definition: group.h:51

CHECK
#define CHECK(cond)
Unconditional failure on condition failure.
Definition: util.h:35

tests_wycheproof_generate_ecdh.pk
def pk
Definition: tests_wycheproof_generate_ecdh.py:115

secp256k1_scalar_set_b32
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.

secp256k1_scalar_is_zero
static int secp256k1_scalar_is_zero(const secp256k1_scalar *a)
Check whether a scalar equals zero.

secp256k1_scalar_get_b32
static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar *a)
Convert a scalar to a byte array.

secp256k1_pubkey_save
static void secp256k1_pubkey_save(secp256k1_pubkey *pubkey, secp256k1_ge *ge)
Definition: secp256k1.c:265

ByteUnit::m
@ m

secp256k1_fe
This field implementation represents the value as 10 uint32_t limbs in base 2^26.
Definition: field_10x26.h:14

secp256k1_ge
A group element in affine coordinates on the secp256k1 curve, or occasionally on an isomorphic curve ...
Definition: group.h:16

secp256k1_ge::x
secp256k1_fe x
Definition: group.h:17

secp256k1_ge::y
secp256k1_fe y
Definition: group.h:18

secp256k1_gej
A group element of the secp256k1 curve, in jacobian coordinates.
Definition: group.h:28

secp256k1_gej::y
secp256k1_fe y
Definition: group.h:30

secp256k1_gej::x
secp256k1_fe x
Definition: group.h:29

secp256k1_gej::z
secp256k1_fe z
Definition: group.h:31

secp256k1_pubkey
Opaque data structure that holds a parsed and valid public key.
Definition: secp256k1.h:62

secp256k1_scalar
A scalar modulo the group order of the secp256k1 curve.
Definition: scalar_4x64.h:13

testrand.h

testrand256_test
static void testrand256_test(unsigned char *b32)
Generate a pseudorandom 32-byte array with long sequences of zero and one bits.

testrand256
static void testrand256(unsigned char *b32)
Generate a pseudorandom 32-byte array.

testrand_bits
static SECP256K1_INLINE uint64_t testrand_bits(int bits)
Generate a pseudorandom number in the range [0..2**bits-1].

testrand_int
static uint32_t testrand_int(uint32_t range)
Generate a pseudorandom number in the range [0..range-1].

testutil_random_fe_test
static void testutil_random_fe_test(secp256k1_fe *x)
Definition: testutil.h:63

testutil_random_pubkey_test
static void testutil_random_pubkey_test(secp256k1_pubkey *pk)
Definition: testutil.h:123

testutil_random_gej_y_magnitude
static void testutil_random_gej_y_magnitude(secp256k1_gej *gej)
Definition: testutil.h:91

secp256k1_group_order_bytes
static const unsigned char secp256k1_group_order_bytes[32]
Definition: testutil.h:24

testutil_random_fe_non_zero
static void testutil_random_fe_non_zero(secp256k1_fe *nz)
Definition: testutil.h:41

testutil_random_scalar_order
static void testutil_random_scalar_order(secp256k1_scalar *num)
Definition: testutil.h:142

testutil_random_gej_test
static void testutil_random_gej_test(secp256k1_gej *gej)
Definition: testutil.h:117

testutil_random_scalar_order_test
static void testutil_random_scalar_order_test(secp256k1_scalar *num)
Definition: testutil.h:129

testutil_random_scalar_order_b32
static void testutil_random_scalar_order_b32(unsigned char *b32)
Definition: testutil.h:155

testutil_random_fe
static void testutil_random_fe(secp256k1_fe *x)
Definition: testutil.h:31

testutil_random_fe_non_zero_test
static void testutil_random_fe_non_zero_test(secp256k1_fe *fe)
Definition: testutil.h:73

testutil_random_gej_x_magnitude
static void testutil_random_gej_x_magnitude(secp256k1_gej *gej)
Definition: testutil.h:87

testutil_random_fe_magnitude
static void testutil_random_fe_magnitude(secp256k1_fe *fe, int m)
Definition: testutil.h:47

testutil_random_ge_x_magnitude
static void testutil_random_ge_x_magnitude(secp256k1_ge *ge)
Definition: testutil.h:79

testutil_random_gej_z_magnitude
static void testutil_random_gej_z_magnitude(secp256k1_gej *gej)
Definition: testutil.h:95

testutil_random_ge_test
static void testutil_random_ge_test(secp256k1_ge *ge)
Definition: testutil.h:99

testutil_random_ge_y_magnitude
static void testutil_random_ge_y_magnitude(secp256k1_ge *ge)
Definition: testutil.h:83

testutil_random_ge_jacobian_test
static void testutil_random_ge_jacobian_test(secp256k1_gej *gej, const secp256k1_ge *ge)
Definition: testutil.h:110

util.h