Browse Source
Upgrade to test-templates from algebra (#40)
* Upgrade to test-templates from algebra * Fix Cargo.toml * Fix search and replace * Update * Fix cargo tomlsfq2_neg_nonresidue
Pratyush Mishra
3 years ago
committed by
GitHub
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
62 changed files with 68 additions and 1208 deletions
Unified View
Diff Options
-
+2 -2.github/workflows/ci.yml
-
+0 -1Cargo.toml
-
+1 -1bls12_377/Cargo.toml
-
+1 -1bls12_377/src/curves/tests.rs
-
+1 -1bls12_377/src/fields/tests.rs
-
+1 -1bls12_381/Cargo.toml
-
+1 -1bls12_381/src/curves/tests.rs
-
+1 -1bls12_381/src/fields/tests.rs
-
+1 -1bn254/Cargo.toml
-
+1 -1bn254/src/curves/tests.rs
-
+1 -1bn254/src/fields/tests.rs
-
+1 -1bw6_761/Cargo.toml
-
+1 -1bw6_761/src/curves/tests.rs
-
+1 -1bw6_761/src/fields/tests.rs
-
+1 -1cp6_782/Cargo.toml
-
+1 -1cp6_782/src/curves/tests.rs
-
+1 -1cp6_782/src/fields/tests.rs
-
+15 -14curve-benches/src/macros/ec.rs
-
+0 -33curve-tests/Cargo.toml
-
+0 -1curve-tests/LICENSE-APACHE
-
+0 -1curve-tests/LICENSE-MIT
-
+0 -531curve-tests/src/curves.rs
-
+0 -460curve-tests/src/fields.rs
-
+0 -75curve-tests/src/groups.rs
-
+0 -4curve-tests/src/lib.rs
-
+0 -35curve-tests/src/msm.rs
-
+1 -1ed_on_bls12_377/Cargo.toml
-
+1 -1ed_on_bls12_377/src/curves/tests.rs
-
+1 -1ed_on_bls12_377/src/fields/tests.rs
-
+1 -1ed_on_bls12_381/Cargo.toml
-
+1 -1ed_on_bls12_381/src/curves/tests.rs
-
+1 -1ed_on_bls12_381/src/fields/tests.rs
-
+1 -1ed_on_bn254/Cargo.toml
-
+1 -1ed_on_bn254/src/curves/tests.rs
-
+1 -1ed_on_bn254/src/fields/tests.rs
-
+1 -1ed_on_cp6_782/Cargo.toml
-
+1 -1ed_on_cp6_782/src/curves/tests.rs
-
+1 -1ed_on_cp6_782/src/fields/tests.rs
-
+1 -1ed_on_mnt4_298/Cargo.toml
-
+1 -1ed_on_mnt4_298/src/curves/tests.rs
-
+1 -1ed_on_mnt4_298/src/fields/tests.rs
-
+1 -1ed_on_mnt4_753/Cargo.toml
-
+1 -1ed_on_mnt4_753/src/curves/tests.rs
-
+1 -1ed_on_mnt4_753/src/fields/tests.rs
-
+1 -1mnt4_298/Cargo.toml
-
+1 -1mnt4_298/src/curves/tests.rs
-
+1 -1mnt4_298/src/fields/tests.rs
-
+1 -1mnt4_753/Cargo.toml
-
+1 -1mnt4_753/src/curves/tests.rs
-
+1 -1mnt4_753/src/fields/tests.rs
-
+1 -1mnt6_298/Cargo.toml
-
+1 -1mnt6_298/src/curves/tests.rs
-
+1 -1mnt6_298/src/fields/tests.rs
-
+1 -1mnt6_753/Cargo.toml
-
+1 -1mnt6_753/src/curves/tests.rs
-
+1 -1mnt6_753/src/fields/tests.rs
-
+1 -1pallas/Cargo.toml
-
+1 -1pallas/src/curves/tests.rs
-
+1 -1pallas/src/fields/tests.rs
-
+1 -1vesta/Cargo.toml
-
+1 -1vesta/src/curves/tests.rs
-
+1 -1vesta/src/fields/tests.rs
@ -1,33 +0,0 @@ |
|||||
[package] |
|
||||
name = "ark-curve-tests" |
|
||||
version = "0.1.0" |
|
||||
authors = [ |
|
||||
"Sean Bowe", |
|
||||
"Alessandro Chiesa", |
|
||||
"Matthew Green", |
|
||||
"Ian Miers", |
|
||||
"Pratyush Mishra", |
|
||||
"Howard Wu", |
|
||||
"arkworks contributors" |
|
||||
] |
|
||||
description = "A library for tests for finite fields, elliptic curves, and pairings" |
|
||||
homepage = "https://arkworks.rs" |
|
||||
repository = "https://github.com/arkworks-rs/algebra" |
|
||||
documentation = "https://docs.rs/ark-curve-tests/" |
|
||||
keywords = ["cryptography", "finite fields", "elliptic curves" ] |
|
||||
categories = ["cryptography"] |
|
||||
include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"] |
|
||||
license = "MIT/Apache-2.0" |
|
||||
edition = "2018" |
|
||||
|
|
||||
[dependencies] |
|
||||
ark-std = { git = "https://github.com/arkworks-rs/utils", default-features = false } |
|
||||
ark-serialize = { git = "https://github.com/arkworks-rs/algebra", default-features = false } |
|
||||
ark-ff = { git = "https://github.com/arkworks-rs/algebra", default-features = false } |
|
||||
ark-ec = { git = "https://github.com/arkworks-rs/algebra", default-features = false } |
|
||||
rand = { version = "0.7", default-features = false} |
|
||||
rand_xorshift = { version = "0.2", default-features = false} |
|
||||
|
|
||||
[features] |
|
||||
default = [] |
|
||||
std = [ "ark-std/std", "ark-ff/std", "ark-serialize/std", "ark-ec/std" ] |
|
||||
@ -1 +0,0 @@ |
|||||
../LICENSE-APACHE |
|
||||
@ -1 +0,0 @@ |
|||||
../LICENSE-MIT |
|
||||
@ -1,531 +0,0 @@ |
|||||
#![allow(unused)]
|
|
||||
use ark_ec::{
|
|
||||
AffineCurve, MontgomeryModelParameters, ProjectiveCurve, SWModelParameters, TEModelParameters,
|
|
||||
};
|
|
||||
use ark_ff::{Field, One, PrimeField, UniformRand, Zero};
|
|
||||
use ark_serialize::{CanonicalDeserialize, CanonicalSerialize, SWFlags, SerializationError};
|
|
||||
use ark_std::{io::Cursor, vec::Vec};
|
|
||||
use rand::SeedableRng;
|
|
||||
use rand_xorshift::XorShiftRng;
|
|
||||
|
|
||||
pub const ITERATIONS: usize = 10;
|
|
||||
|
|
||||
fn random_addition_test<G: ProjectiveCurve>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = G::rand(&mut rng);
|
|
||||
let b = G::rand(&mut rng);
|
|
||||
let c = G::rand(&mut rng);
|
|
||||
let a_affine = a.into_affine();
|
|
||||
let b_affine = b.into_affine();
|
|
||||
let c_affine = c.into_affine();
|
|
||||
|
|
||||
// a + a should equal the doubling
|
|
||||
{
|
|
||||
let mut aplusa = a;
|
|
||||
aplusa.add_assign(&a);
|
|
||||
|
|
||||
let mut aplusamixed = a;
|
|
||||
aplusamixed.add_assign_mixed(&a.into_affine());
|
|
||||
|
|
||||
let mut adouble = a;
|
|
||||
adouble.double_in_place();
|
|
||||
|
|
||||
assert_eq!(aplusa, adouble);
|
|
||||
assert_eq!(aplusa, aplusamixed);
|
|
||||
}
|
|
||||
|
|
||||
let mut tmp = vec![G::zero(); 6];
|
|
||||
|
|
||||
// (a + b) + c
|
|
||||
tmp[0] = (a + &b) + &c;
|
|
||||
|
|
||||
// a + (b + c)
|
|
||||
tmp[1] = a + &(b + &c);
|
|
||||
|
|
||||
// (a + c) + b
|
|
||||
tmp[2] = (a + &c) + &b;
|
|
||||
|
|
||||
// Mixed addition
|
|
||||
|
|
||||
// (a + b) + c
|
|
||||
tmp[3] = a_affine.into_projective();
|
|
||||
tmp[3].add_assign_mixed(&b_affine);
|
|
||||
tmp[3].add_assign_mixed(&c_affine);
|
|
||||
|
|
||||
// a + (b + c)
|
|
||||
tmp[4] = b_affine.into_projective();
|
|
||||
tmp[4].add_assign_mixed(&c_affine);
|
|
||||
tmp[4].add_assign_mixed(&a_affine);
|
|
||||
|
|
||||
// (a + c) + b
|
|
||||
tmp[5] = a_affine.into_projective();
|
|
||||
tmp[5].add_assign_mixed(&c_affine);
|
|
||||
tmp[5].add_assign_mixed(&b_affine);
|
|
||||
|
|
||||
// Comparisons
|
|
||||
for i in 0..6 {
|
|
||||
for j in 0..6 {
|
|
||||
if tmp[i] != tmp[j] {
|
|
||||
println!("{} \n{}", tmp[i], tmp[j]);
|
|
||||
}
|
|
||||
assert_eq!(tmp[i], tmp[j], "Associativity failed {} {}", i, j);
|
|
||||
assert_eq!(
|
|
||||
tmp[i].into_affine(),
|
|
||||
tmp[j].into_affine(),
|
|
||||
"Associativity failed"
|
|
||||
);
|
|
||||
}
|
|
||||
|
|
||||
assert!(tmp[i] != a);
|
|
||||
assert!(tmp[i] != b);
|
|
||||
assert!(tmp[i] != c);
|
|
||||
|
|
||||
assert!(a != tmp[i]);
|
|
||||
assert!(b != tmp[i]);
|
|
||||
assert!(c != tmp[i]);
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_multiplication_test<G: ProjectiveCurve>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut a = G::rand(&mut rng);
|
|
||||
let mut b = G::rand(&mut rng);
|
|
||||
let a_affine = a.into_affine();
|
|
||||
let b_affine = b.into_affine();
|
|
||||
|
|
||||
let s = G::ScalarField::rand(&mut rng);
|
|
||||
|
|
||||
// s ( a + b )
|
|
||||
let mut tmp1 = a;
|
|
||||
tmp1.add_assign(&b);
|
|
||||
tmp1.mul_assign(s);
|
|
||||
|
|
||||
// sa + sb
|
|
||||
a.mul_assign(s);
|
|
||||
b.mul_assign(s);
|
|
||||
|
|
||||
let mut tmp2 = a;
|
|
||||
tmp2.add_assign(&b);
|
|
||||
|
|
||||
// Affine multiplication
|
|
||||
let mut tmp3 = a_affine.mul(s.into_repr());
|
|
||||
tmp3.add_assign(&b_affine.mul(s.into_repr()));
|
|
||||
|
|
||||
assert_eq!(tmp1, tmp2);
|
|
||||
assert_eq!(tmp1, tmp3);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_doubling_test<G: ProjectiveCurve>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut a = G::rand(&mut rng);
|
|
||||
let mut b = G::rand(&mut rng);
|
|
||||
|
|
||||
// 2(a + b)
|
|
||||
let mut tmp1 = a;
|
|
||||
tmp1.add_assign(&b);
|
|
||||
tmp1.double_in_place();
|
|
||||
|
|
||||
// 2a + 2b
|
|
||||
a.double_in_place();
|
|
||||
b.double_in_place();
|
|
||||
|
|
||||
let mut tmp2 = a;
|
|
||||
tmp2.add_assign(&b);
|
|
||||
|
|
||||
let mut tmp3 = a;
|
|
||||
tmp3.add_assign_mixed(&b.into_affine());
|
|
||||
|
|
||||
assert_eq!(tmp1, tmp2);
|
|
||||
assert_eq!(tmp1, tmp3);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_negation_test<G: ProjectiveCurve>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let r = G::rand(&mut rng);
|
|
||||
|
|
||||
let s = G::ScalarField::rand(&mut rng);
|
|
||||
let sneg = -s;
|
|
||||
assert!((s + &sneg).is_zero());
|
|
||||
|
|
||||
let mut t1 = r;
|
|
||||
t1.mul_assign(s);
|
|
||||
|
|
||||
let mut t2 = r;
|
|
||||
t2.mul_assign(sneg);
|
|
||||
|
|
||||
let mut t3 = t1;
|
|
||||
t3.add_assign(&t2);
|
|
||||
assert!(t3.is_zero());
|
|
||||
|
|
||||
let mut t4 = t1;
|
|
||||
t4.add_assign_mixed(&t2.into_affine());
|
|
||||
assert!(t4.is_zero());
|
|
||||
|
|
||||
t1 = -t1;
|
|
||||
assert_eq!(t1, t2);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_transformation_test<G: ProjectiveCurve>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let g = G::rand(&mut rng);
|
|
||||
let g_affine = g.into_affine();
|
|
||||
let g_projective = g_affine.into_projective();
|
|
||||
assert_eq!(g, g_projective);
|
|
||||
}
|
|
||||
|
|
||||
// Batch normalization
|
|
||||
for _ in 0..10 {
|
|
||||
let mut v = (0..ITERATIONS)
|
|
||||
.map(|_| G::rand(&mut rng))
|
|
||||
.collect::<Vec<_>>();
|
|
||||
|
|
||||
for i in &v {
|
|
||||
assert!(!i.is_normalized());
|
|
||||
}
|
|
||||
|
|
||||
use rand::distributions::{Distribution, Uniform};
|
|
||||
let between = Uniform::from(0..ITERATIONS);
|
|
||||
// Sprinkle in some normalized points
|
|
||||
for _ in 0..5 {
|
|
||||
v[between.sample(&mut rng)] = G::zero();
|
|
||||
}
|
|
||||
for _ in 0..5 {
|
|
||||
let s = between.sample(&mut rng);
|
|
||||
v[s] = v[s].into_affine().into_projective();
|
|
||||
}
|
|
||||
|
|
||||
let expected_v = v
|
|
||||
.iter()
|
|
||||
.map(|v| v.into_affine().into_projective())
|
|
||||
.collect::<Vec<_>>();
|
|
||||
G::batch_normalization(&mut v);
|
|
||||
|
|
||||
for i in &v {
|
|
||||
assert!(i.is_normalized());
|
|
||||
}
|
|
||||
|
|
||||
assert_eq!(v, expected_v);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn curve_tests<G: ProjectiveCurve>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
// Negation edge case with zero.
|
|
||||
{
|
|
||||
let z = -G::zero();
|
|
||||
assert!(z.is_zero());
|
|
||||
}
|
|
||||
|
|
||||
// Doubling edge case with zero.
|
|
||||
{
|
|
||||
let mut z = -G::zero();
|
|
||||
z.double_in_place();
|
|
||||
assert!(z.is_zero());
|
|
||||
}
|
|
||||
|
|
||||
// Addition edge cases with zero
|
|
||||
{
|
|
||||
let mut r = G::rand(&mut rng);
|
|
||||
let rcopy = r;
|
|
||||
r.add_assign(&G::zero());
|
|
||||
assert_eq!(r, rcopy);
|
|
||||
r.add_assign_mixed(&G::Affine::zero());
|
|
||||
assert_eq!(r, rcopy);
|
|
||||
|
|
||||
let mut z = G::zero();
|
|
||||
z.add_assign(&G::zero());
|
|
||||
assert!(z.is_zero());
|
|
||||
z.add_assign_mixed(&G::Affine::zero());
|
|
||||
assert!(z.is_zero());
|
|
||||
|
|
||||
let mut z2 = z;
|
|
||||
z2.add_assign(&r);
|
|
||||
|
|
||||
z.add_assign_mixed(&r.into_affine());
|
|
||||
|
|
||||
assert_eq!(z, z2);
|
|
||||
assert_eq!(z, r);
|
|
||||
}
|
|
||||
|
|
||||
// Transformations
|
|
||||
{
|
|
||||
let a = G::rand(&mut rng);
|
|
||||
let b = a.into_affine().into_projective();
|
|
||||
let c = a
|
|
||||
.into_affine()
|
|
||||
.into_projective()
|
|
||||
.into_affine()
|
|
||||
.into_projective();
|
|
||||
assert_eq!(a, b);
|
|
||||
assert_eq!(b, c);
|
|
||||
}
|
|
||||
|
|
||||
// Test COFACTOR and COFACTOR_INV
|
|
||||
{
|
|
||||
let a = G::rand(&mut rng);
|
|
||||
let b = a.into_affine();
|
|
||||
let c = b.mul_by_cofactor_inv().mul_by_cofactor();
|
|
||||
assert_eq!(b, c);
|
|
||||
}
|
|
||||
|
|
||||
random_addition_test::<G>();
|
|
||||
random_multiplication_test::<G>();
|
|
||||
random_doubling_test::<G>();
|
|
||||
random_negation_test::<G>();
|
|
||||
random_transformation_test::<G>();
|
|
||||
}
|
|
||||
|
|
||||
pub fn sw_tests<P: SWModelParameters>() {
|
|
||||
sw_curve_serialization_test::<P>();
|
|
||||
sw_from_random_bytes::<P>();
|
|
||||
}
|
|
||||
|
|
||||
pub fn sw_from_random_bytes<P: SWModelParameters>() {
|
|
||||
use ark_ec::models::short_weierstrass_jacobian::{GroupAffine, GroupProjective};
|
|
||||
|
|
||||
let buf_size = GroupAffine::<P>::zero().serialized_size();
|
|
||||
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = GroupProjective::<P>::rand(&mut rng);
|
|
||||
let mut a = a.into_affine();
|
|
||||
{
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let p1 = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
let p2 = GroupAffine::<P>::from_random_bytes(&serialized).unwrap();
|
|
||||
assert_eq!(p1, p2);
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn sw_curve_serialization_test<P: SWModelParameters>() {
|
|
||||
use ark_ec::models::short_weierstrass_jacobian::{GroupAffine, GroupProjective};
|
|
||||
|
|
||||
let buf_size = GroupAffine::<P>::zero().serialized_size();
|
|
||||
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = GroupProjective::<P>::rand(&mut rng);
|
|
||||
let mut a = a.into_affine();
|
|
||||
{
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
a.y = -a.y;
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let a = GroupAffine::<P>::zero();
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let a = GroupAffine::<P>::zero();
|
|
||||
let mut serialized = vec![0; buf_size - 1];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap_err();
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let serialized = vec![0; buf_size - 1];
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
GroupAffine::<P>::deserialize(&mut cursor).unwrap_err();
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let mut serialized = vec![0; a.uncompressed_size()];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_uncompressed(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize_uncompressed(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
a.y = -a.y;
|
|
||||
let mut serialized = vec![0; a.uncompressed_size()];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_uncompressed(&mut cursor).unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize_uncompressed(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let a = GroupAffine::<P>::zero();
|
|
||||
let mut serialized = vec![0; a.uncompressed_size()];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_uncompressed(&mut cursor).unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize_uncompressed(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn montgomery_conversion_test<P>()
|
|
||||
where
|
|
||||
P: TEModelParameters,
|
|
||||
{
|
|
||||
// A = 2 * (a + d) / (a - d)
|
|
||||
let a = P::BaseField::one().double()
|
|
||||
* &(P::COEFF_A + &P::COEFF_D)
|
|
||||
* &(P::COEFF_A - &P::COEFF_D).inverse().unwrap();
|
|
||||
// B = 4 / (a - d)
|
|
||||
let b = P::BaseField::one().double().double() * &(P::COEFF_A - &P::COEFF_D).inverse().unwrap();
|
|
||||
|
|
||||
assert_eq!(a, P::MontgomeryModelParameters::COEFF_A);
|
|
||||
assert_eq!(b, P::MontgomeryModelParameters::COEFF_B);
|
|
||||
}
|
|
||||
|
|
||||
pub fn edwards_tests<P: TEModelParameters>()
|
|
||||
where
|
|
||||
P::BaseField: PrimeField,
|
|
||||
{
|
|
||||
edwards_curve_serialization_test::<P>();
|
|
||||
edwards_from_random_bytes::<P>();
|
|
||||
}
|
|
||||
|
|
||||
pub fn edwards_from_random_bytes<P: TEModelParameters>()
|
|
||||
where
|
|
||||
P::BaseField: PrimeField,
|
|
||||
{
|
|
||||
use ark_ec::models::twisted_edwards_extended::{GroupAffine, GroupProjective};
|
|
||||
use ark_ff::{to_bytes, ToBytes};
|
|
||||
|
|
||||
let buf_size = GroupAffine::<P>::zero().serialized_size();
|
|
||||
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = GroupProjective::<P>::rand(&mut rng);
|
|
||||
let mut a = a.into_affine();
|
|
||||
{
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let p1 = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
let p2 = GroupAffine::<P>::from_random_bytes(&serialized).unwrap();
|
|
||||
assert_eq!(p1, p2);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut biginteger =
|
|
||||
<<GroupAffine<P> as AffineCurve>::BaseField as PrimeField>::BigInt::rand(&mut rng);
|
|
||||
let mut bytes = to_bytes![biginteger].unwrap();
|
|
||||
let mut g = GroupAffine::<P>::from_random_bytes(&bytes);
|
|
||||
while g.is_none() {
|
|
||||
bytes.iter_mut().for_each(|i| *i = i.wrapping_sub(1));
|
|
||||
g = GroupAffine::<P>::from_random_bytes(&bytes);
|
|
||||
}
|
|
||||
let _g = g.unwrap();
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn edwards_curve_serialization_test<P: TEModelParameters>() {
|
|
||||
use ark_ec::models::twisted_edwards_extended::{GroupAffine, GroupProjective};
|
|
||||
|
|
||||
let buf_size = GroupAffine::<P>::zero().serialized_size();
|
|
||||
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = GroupProjective::<P>::rand(&mut rng);
|
|
||||
let a = a.into_affine();
|
|
||||
{
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let a = GroupAffine::<P>::zero();
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let a = GroupAffine::<P>::zero();
|
|
||||
let mut serialized = vec![0; buf_size - 1];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap_err();
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let serialized = vec![0; buf_size - 1];
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
GroupAffine::<P>::deserialize(&mut cursor).unwrap_err();
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let mut serialized = vec![0; a.uncompressed_size()];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_uncompressed(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize_uncompressed(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let a = GroupAffine::<P>::zero();
|
|
||||
let mut serialized = vec![0; a.uncompressed_size()];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_uncompressed(&mut cursor).unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = GroupAffine::<P>::deserialize_uncompressed(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
@ -1,460 +0,0 @@ |
|||||
#![allow(unused)]
|
|
||||
use ark_ff::fields::{FftField, FftParameters, Field, LegendreSymbol, PrimeField, SquareRootField};
|
|
||||
use ark_serialize::{buffer_bit_byte_size, Flags, SWFlags};
|
|
||||
use ark_std::io::Cursor;
|
|
||||
use rand::{Rng, SeedableRng};
|
|
||||
use rand_xorshift::XorShiftRng;
|
|
||||
|
|
||||
pub const ITERATIONS: u32 = 40;
|
|
||||
|
|
||||
fn random_negation_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(rng);
|
|
||||
let mut b = -a;
|
|
||||
b += &a;
|
|
||||
|
|
||||
assert!(b.is_zero());
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_addition_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(rng);
|
|
||||
let b = F::rand(rng);
|
|
||||
let c = F::rand(rng);
|
|
||||
|
|
||||
let t0 = (a + &b) + &c; // (a + b) + c
|
|
||||
|
|
||||
let t1 = (a + &c) + &b; // (a + c) + b
|
|
||||
|
|
||||
let t2 = (b + &c) + &a; // (b + c) + a
|
|
||||
|
|
||||
assert_eq!(t0, t1);
|
|
||||
assert_eq!(t1, t2);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_subtraction_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(rng);
|
|
||||
let b = F::rand(rng);
|
|
||||
|
|
||||
let t0 = a - &b; // (a - b)
|
|
||||
|
|
||||
let mut t1 = b; // (b - a)
|
|
||||
t1 -= &a;
|
|
||||
|
|
||||
let mut t2 = t0; // (a - b) + (b - a) = 0
|
|
||||
t2 += &t1;
|
|
||||
|
|
||||
assert!(t2.is_zero());
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_multiplication_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(rng);
|
|
||||
let b = F::rand(rng);
|
|
||||
let c = F::rand(rng);
|
|
||||
|
|
||||
let mut t0 = a; // (a * b) * c
|
|
||||
t0 *= &b;
|
|
||||
t0 *= &c;
|
|
||||
|
|
||||
let mut t1 = a; // (a * c) * b
|
|
||||
t1 *= &c;
|
|
||||
t1 *= &b;
|
|
||||
|
|
||||
let mut t2 = b; // (b * c) * a
|
|
||||
t2 *= &c;
|
|
||||
t2 *= &a;
|
|
||||
|
|
||||
assert_eq!(t0, t1);
|
|
||||
assert_eq!(t1, t2);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_inversion_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
assert!(F::zero().inverse().is_none());
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut a = F::rand(rng);
|
|
||||
let b = a.inverse().map(|b| {
|
|
||||
a *= &b;
|
|
||||
assert_eq!(a, F::one());
|
|
||||
});
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_doubling_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut a = F::rand(rng);
|
|
||||
let mut b = a;
|
|
||||
a += &b;
|
|
||||
b.double_in_place();
|
|
||||
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_squaring_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut a = F::rand(rng);
|
|
||||
let mut b = a;
|
|
||||
a *= &b;
|
|
||||
b.square_in_place();
|
|
||||
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_expansion_tests<F: Field, R: Rng>(rng: &mut R) {
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
// Compare (a + b)(c + d) and (a*c + b*c + a*d + b*d)
|
|
||||
|
|
||||
let a = F::rand(rng);
|
|
||||
let b = F::rand(rng);
|
|
||||
let c = F::rand(rng);
|
|
||||
let d = F::rand(rng);
|
|
||||
|
|
||||
let mut t0 = a;
|
|
||||
t0 += &b;
|
|
||||
let mut t1 = c;
|
|
||||
t1 += &d;
|
|
||||
t0 *= &t1;
|
|
||||
|
|
||||
let mut t2 = a;
|
|
||||
t2 *= &c;
|
|
||||
let mut t3 = b;
|
|
||||
t3 *= &c;
|
|
||||
let mut t4 = a;
|
|
||||
t4 *= &d;
|
|
||||
let mut t5 = b;
|
|
||||
t5 *= &d;
|
|
||||
|
|
||||
t2 += &t3;
|
|
||||
t2 += &t4;
|
|
||||
t2 += &t5;
|
|
||||
|
|
||||
assert_eq!(t0, t2);
|
|
||||
}
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
// Compare (a + b)c and (a*c + b*c)
|
|
||||
|
|
||||
let a = F::rand(rng);
|
|
||||
let b = F::rand(rng);
|
|
||||
let c = F::rand(rng);
|
|
||||
|
|
||||
let t0 = (a + &b) * &c;
|
|
||||
let t2 = a * &c + &(b * &c);
|
|
||||
|
|
||||
assert_eq!(t0, t2);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_field_tests<F: Field>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
random_negation_tests::<F, _>(&mut rng);
|
|
||||
random_addition_tests::<F, _>(&mut rng);
|
|
||||
random_subtraction_tests::<F, _>(&mut rng);
|
|
||||
random_multiplication_tests::<F, _>(&mut rng);
|
|
||||
random_inversion_tests::<F, _>(&mut rng);
|
|
||||
random_doubling_tests::<F, _>(&mut rng);
|
|
||||
random_squaring_tests::<F, _>(&mut rng);
|
|
||||
random_expansion_tests::<F, _>(&mut rng);
|
|
||||
|
|
||||
assert!(F::zero().is_zero());
|
|
||||
{
|
|
||||
let z = -F::zero();
|
|
||||
assert!(z.is_zero());
|
|
||||
}
|
|
||||
|
|
||||
assert!(F::zero().inverse().is_none());
|
|
||||
|
|
||||
// Multiplication by zero
|
|
||||
{
|
|
||||
let a = F::rand(&mut rng) * &F::zero();
|
|
||||
assert!(a.is_zero());
|
|
||||
}
|
|
||||
|
|
||||
// Addition by zero
|
|
||||
{
|
|
||||
let mut a = F::rand(&mut rng);
|
|
||||
let copy = a;
|
|
||||
a += &F::zero();
|
|
||||
assert_eq!(a, copy);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
fn random_sqrt_tests<F: SquareRootField>() {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(&mut rng);
|
|
||||
let b = a.square();
|
|
||||
assert_eq!(b.legendre(), LegendreSymbol::QuadraticResidue);
|
|
||||
|
|
||||
let b = b.sqrt().unwrap();
|
|
||||
assert!(a == b || a == -b);
|
|
||||
}
|
|
||||
|
|
||||
let mut c = F::one();
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let mut b = c.square();
|
|
||||
assert_eq!(b.legendre(), LegendreSymbol::QuadraticResidue);
|
|
||||
|
|
||||
b = b.sqrt().unwrap();
|
|
||||
|
|
||||
if b != c {
|
|
||||
b = -b;
|
|
||||
}
|
|
||||
|
|
||||
assert_eq!(b, c);
|
|
||||
|
|
||||
c += &F::one();
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn from_str_test<F: PrimeField>() {
|
|
||||
{
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let n: u64 = rng.gen();
|
|
||||
|
|
||||
let a = F::from_str(&ark_std::format!("{}", n))
|
|
||||
.map_err(|_| ())
|
|
||||
.unwrap();
|
|
||||
let b = F::from(n);
|
|
||||
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
assert!(F::from_str("").is_err());
|
|
||||
assert!(F::from_str("0").map_err(|_| ()).unwrap().is_zero());
|
|
||||
assert!(F::from_str("00").is_err());
|
|
||||
assert!(F::from_str("00000000000").is_err());
|
|
||||
}
|
|
||||
|
|
||||
pub fn field_test<F: Field>(a: F, b: F) {
|
|
||||
let zero = F::zero();
|
|
||||
assert_eq!(zero, zero);
|
|
||||
assert_eq!(zero.is_zero(), true);
|
|
||||
assert_eq!(zero.is_one(), false);
|
|
||||
|
|
||||
let one = F::one();
|
|
||||
assert_eq!(one, one);
|
|
||||
assert_eq!(one.is_zero(), false);
|
|
||||
assert_eq!(one.is_one(), true);
|
|
||||
assert_eq!(zero + &one, one);
|
|
||||
|
|
||||
let two = one + &one;
|
|
||||
assert_eq!(two, two);
|
|
||||
assert_ne!(zero, two);
|
|
||||
assert_ne!(one, two);
|
|
||||
|
|
||||
// a == a
|
|
||||
assert_eq!(a, a);
|
|
||||
// a + 0 = a
|
|
||||
assert_eq!(a + &zero, a);
|
|
||||
// a - 0 = a
|
|
||||
assert_eq!(a - &zero, a);
|
|
||||
// a - a = 0
|
|
||||
assert_eq!(a - &a, zero);
|
|
||||
// 0 - a = -a
|
|
||||
assert_eq!(zero - &a, -a);
|
|
||||
// a.double() = a + a
|
|
||||
assert_eq!(a.double(), a + &a);
|
|
||||
// b.double() = b + b
|
|
||||
assert_eq!(b.double(), b + &b);
|
|
||||
// a + b = b + a
|
|
||||
assert_eq!(a + &b, b + &a);
|
|
||||
// a - b = -(b - a)
|
|
||||
assert_eq!(a - &b, -(b - &a));
|
|
||||
// (a + b) + a = a + (b + a)
|
|
||||
assert_eq!((a + &b) + &a, a + &(b + &a));
|
|
||||
// (a + b).double() = (a + b) + (b + a)
|
|
||||
assert_eq!((a + &b).double(), (a + &b) + &(b + &a));
|
|
||||
|
|
||||
// a * 0 = 0
|
|
||||
assert_eq!(a * &zero, zero);
|
|
||||
// a * 1 = a
|
|
||||
assert_eq!(a * &one, a);
|
|
||||
// a * 2 = a.double()
|
|
||||
assert_eq!(a * &two, a.double());
|
|
||||
// a * a^-1 = 1
|
|
||||
assert_eq!(a * &a.inverse().unwrap(), one);
|
|
||||
// a * a = a^2
|
|
||||
assert_eq!(a * &a, a.square());
|
|
||||
// a * a * a = a^3
|
|
||||
assert_eq!(a * &(a * &a), a.pow([0x3, 0x0, 0x0, 0x0]));
|
|
||||
// a * b = b * a
|
|
||||
assert_eq!(a * &b, b * &a);
|
|
||||
// (a * b) * a = a * (b * a)
|
|
||||
assert_eq!((a * &b) * &a, a * &(b * &a));
|
|
||||
// (a + b)^2 = a^2 + 2ab + b^2
|
|
||||
assert_eq!(
|
|
||||
(a + &b).square(),
|
|
||||
a.square() + &((a * &b) + &(a * &b)) + &b.square()
|
|
||||
);
|
|
||||
// (a - b)^2 = (-(b - a))^2
|
|
||||
assert_eq!((a - &b).square(), (-(b - &a)).square());
|
|
||||
random_field_tests::<F>();
|
|
||||
}
|
|
||||
|
|
||||
pub fn fft_field_test<F: FftField>() {
|
|
||||
assert_eq!(
|
|
||||
F::two_adic_root_of_unity().pow([1 << F::FftParams::TWO_ADICITY]),
|
|
||||
F::one()
|
|
||||
);
|
|
||||
|
|
||||
if let Some(small_subgroup_base) = F::FftParams::SMALL_SUBGROUP_BASE {
|
|
||||
let small_subgroup_base_adicity = F::FftParams::SMALL_SUBGROUP_BASE_ADICITY.unwrap();
|
|
||||
let large_subgroup_root_of_unity = F::large_subgroup_root_of_unity().unwrap();
|
|
||||
assert_eq!(
|
|
||||
large_subgroup_root_of_unity.pow([(1 << F::FftParams::TWO_ADICITY)
|
|
||||
* (small_subgroup_base as u64).pow(small_subgroup_base_adicity)]),
|
|
||||
F::one()
|
|
||||
);
|
|
||||
|
|
||||
for i in 0..F::FftParams::TWO_ADICITY {
|
|
||||
for j in 0..small_subgroup_base_adicity {
|
|
||||
use core::convert::TryFrom;
|
|
||||
let size = usize::try_from(1 << i as usize).unwrap()
|
|
||||
* usize::try_from((small_subgroup_base as u64).pow(j)).unwrap();
|
|
||||
let root = F::get_root_of_unity(size).unwrap();
|
|
||||
assert_eq!(root.pow([size as u64]), F::one());
|
|
||||
}
|
|
||||
}
|
|
||||
} else {
|
|
||||
for i in 0..F::FftParams::TWO_ADICITY {
|
|
||||
let size = 1 << i;
|
|
||||
let root = F::get_root_of_unity(size).unwrap();
|
|
||||
assert_eq!(root.pow([size as u64]), F::one());
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn primefield_test<F: PrimeField>() {
|
|
||||
from_str_test::<F>();
|
|
||||
let one = F::one();
|
|
||||
assert_eq!(F::from(one.into_repr()), one);
|
|
||||
|
|
||||
fft_field_test::<F>();
|
|
||||
}
|
|
||||
|
|
||||
pub fn sqrt_field_test<F: SquareRootField>(elem: F) {
|
|
||||
let square = elem.square();
|
|
||||
let sqrt = square.sqrt().unwrap();
|
|
||||
assert!(sqrt == elem || sqrt == -elem);
|
|
||||
if let Some(sqrt) = elem.sqrt() {
|
|
||||
assert!(sqrt.square() == elem || sqrt.square() == -elem);
|
|
||||
}
|
|
||||
random_sqrt_tests::<F>();
|
|
||||
}
|
|
||||
|
|
||||
pub fn frobenius_test<F: Field, C: AsRef<[u64]>>(characteristic: C, maxpower: usize) {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(&mut rng);
|
|
||||
|
|
||||
let mut a_0 = a;
|
|
||||
a_0.frobenius_map(0);
|
|
||||
assert_eq!(a, a_0);
|
|
||||
|
|
||||
let mut a_q = a.pow(&characteristic);
|
|
||||
for power in 1..maxpower {
|
|
||||
let mut a_qi = a;
|
|
||||
a_qi.frobenius_map(power);
|
|
||||
assert_eq!(a_qi, a_q, "failed on power {}", power);
|
|
||||
|
|
||||
a_q = a_q.pow(&characteristic);
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
pub fn field_serialization_test<F: Field>(buf_size: usize) {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
|
|
||||
for _ in 0..ITERATIONS {
|
|
||||
let a = F::rand(&mut rng);
|
|
||||
{
|
|
||||
let mut serialized = vec![0u8; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = F::deserialize(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let mut serialized = vec![0u8; a.uncompressed_size()];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_uncompressed(&mut cursor).unwrap();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let b = F::deserialize_uncompressed(&mut cursor).unwrap();
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let mut serialized = vec![0u8; buf_size];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize_with_flags(&mut cursor, SWFlags::from_y_sign(true))
|
|
||||
.unwrap();
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
let (b, flags) = F::deserialize_with_flags::<_, SWFlags>(&mut cursor).unwrap();
|
|
||||
assert_eq!(flags.is_positive(), Some(true));
|
|
||||
assert!(!flags.is_infinity());
|
|
||||
assert_eq!(a, b);
|
|
||||
}
|
|
||||
|
|
||||
#[derive(Default, Clone, Copy, Debug)]
|
|
||||
struct DummyFlags;
|
|
||||
impl Flags for DummyFlags {
|
|
||||
const BIT_SIZE: usize = 200;
|
|
||||
|
|
||||
fn u8_bitmask(&self) -> u8 {
|
|
||||
0
|
|
||||
}
|
|
||||
|
|
||||
fn from_u8(_value: u8) -> Option<Self> {
|
|
||||
Some(DummyFlags)
|
|
||||
}
|
|
||||
}
|
|
||||
|
|
||||
use ark_serialize::SerializationError;
|
|
||||
{
|
|
||||
let mut serialized = vec![0; buf_size];
|
|
||||
assert!(if let SerializationError::NotEnoughSpace = a
|
|
||||
.serialize_with_flags(&mut &mut serialized[..], DummyFlags)
|
|
||||
.unwrap_err()
|
|
||||
{
|
|
||||
true
|
|
||||
} else {
|
|
||||
false
|
|
||||
});
|
|
||||
assert!(if let SerializationError::NotEnoughSpace =
|
|
||||
F::deserialize_with_flags::<_, DummyFlags>(&mut &serialized[..]).unwrap_err()
|
|
||||
{
|
|
||||
true
|
|
||||
} else {
|
|
||||
false
|
|
||||
});
|
|
||||
}
|
|
||||
|
|
||||
{
|
|
||||
let mut serialized = vec![0; buf_size - 1];
|
|
||||
let mut cursor = Cursor::new(&mut serialized[..]);
|
|
||||
a.serialize(&mut cursor).unwrap_err();
|
|
||||
|
|
||||
let mut cursor = Cursor::new(&serialized[..]);
|
|
||||
F::deserialize(&mut cursor).unwrap_err();
|
|
||||
}
|
|
||||
}
|
|
||||
}
|
|
||||
@ -1,75 +0,0 @@ |
|||||
#![allow(unused)]
|
|
||||
use ark_ec::group::Group;
|
|
||||
use ark_ff::{One, UniformRand, Zero};
|
|
||||
use rand::SeedableRng;
|
|
||||
use rand_xorshift::XorShiftRng;
|
|
||||
|
|
||||
pub fn group_test<G: Group>(a: G, mut b: G) {
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
|
|
||||
let zero = G::zero();
|
|
||||
let fr_zero = G::ScalarField::zero();
|
|
||||
let fr_one = G::ScalarField::one();
|
|
||||
let fr_two = fr_one + &fr_one;
|
|
||||
assert_eq!(zero, zero);
|
|
||||
assert_eq!(zero.is_zero(), true);
|
|
||||
assert_eq!(a.mul(&fr_one), a);
|
|
||||
assert_eq!(a.mul(&fr_two), a + &a);
|
|
||||
assert_eq!(a.mul(&fr_zero), zero);
|
|
||||
assert_eq!(a.mul(&fr_zero) - &a, -a);
|
|
||||
assert_eq!(a.mul(&fr_one) - &a, zero);
|
|
||||
assert_eq!(a.mul(&fr_two) - &a, a);
|
|
||||
|
|
||||
// a == a
|
|
||||
assert_eq!(a, a);
|
|
||||
// a + 0 = a
|
|
||||
assert_eq!(a + &zero, a);
|
|
||||
// a - 0 = a
|
|
||||
assert_eq!(a - &zero, a);
|
|
||||
// a - a = 0
|
|
||||
assert_eq!(a - &a, zero);
|
|
||||
// 0 - a = -a
|
|
||||
assert_eq!(zero - &a, -a);
|
|
||||
// a.double() = a + a
|
|
||||
assert_eq!(a.double(), a + &a);
|
|
||||
// b.double() = b + b
|
|
||||
assert_eq!(b.double(), b + &b);
|
|
||||
// a + b = b + a
|
|
||||
assert_eq!(a + &b, b + &a);
|
|
||||
// a - b = -(b - a)
|
|
||||
assert_eq!(a - &b, -(b - &a));
|
|
||||
// (a + b) + a = a + (b + a)
|
|
||||
assert_eq!((a + &b) + &a, a + &(b + &a));
|
|
||||
// (a + b).double() = (a + b) + (b + a)
|
|
||||
assert_eq!((a + &b).double(), (a + &b) + &(b + &a));
|
|
||||
|
|
||||
// Check that double_in_place and double give the same result
|
|
||||
let original_b = b;
|
|
||||
b.double_in_place();
|
|
||||
assert_eq!(original_b.double(), b);
|
|
||||
|
|
||||
let fr_rand1 = G::ScalarField::rand(&mut rng);
|
|
||||
let fr_rand2 = G::ScalarField::rand(&mut rng);
|
|
||||
let a_rand1 = a.mul(&fr_rand1);
|
|
||||
let a_rand2 = a.mul(&fr_rand2);
|
|
||||
let fr_three = fr_two + &fr_rand1;
|
|
||||
let a_two = a.mul(&fr_two);
|
|
||||
assert_eq!(a_two, a.double(), "(a * 2) != a.double()");
|
|
||||
let a_six = a.mul(&(fr_three * &fr_two));
|
|
||||
assert_eq!(a_two.mul(&fr_three), a_six, "(a * 2) * 3 != a * (2 * 3)");
|
|
||||
|
|
||||
assert_eq!(
|
|
||||
a_rand1.mul(&fr_rand2),
|
|
||||
a_rand2.mul(&fr_rand1),
|
|
||||
"(a * r1) * r2 != (a * r2) * r1"
|
|
||||
);
|
|
||||
assert_eq!(
|
|
||||
a_rand2.mul(&fr_rand1),
|
|
||||
a.mul(&(fr_rand1 * &fr_rand2)),
|
|
||||
"(a * r2) * r1 != a * (r1 * r2)"
|
|
||||
);
|
|
||||
assert_eq!(
|
|
||||
a_rand1.mul(&fr_rand2),
|
|
||||
a.mul(&(fr_rand1 * &fr_rand2)),
|
|
||||
"(a * r1) * r2 != a * (r1 * r2)"
|
|
||||
);
|
|
||||
}
|
|
||||
@ -1,4 +0,0 @@ |
|||||
pub mod curves;
|
|
||||
pub mod fields;
|
|
||||
pub mod groups;
|
|
||||
pub mod msm;
|
|
||||
@ -1,35 +0,0 @@ |
|||||
use ark_ec::{msm::VariableBaseMSM, AffineCurve, ProjectiveCurve};
|
|
||||
use ark_ff::{PrimeField, UniformRand, Zero};
|
|
||||
use rand::SeedableRng;
|
|
||||
use rand_xorshift::XorShiftRng;
|
|
||||
|
|
||||
fn naive_var_base_msm<G: AffineCurve>(
|
|
||||
bases: &[G],
|
|
||||
scalars: &[<G::ScalarField as PrimeField>::BigInt],
|
|
||||
) -> G::Projective {
|
|
||||
let mut acc = G::Projective::zero();
|
|
||||
|
|
||||
for (base, scalar) in bases.iter().zip(scalars.iter()) {
|
|
||||
acc += &base.mul(*scalar);
|
|
||||
}
|
|
||||
acc
|
|
||||
}
|
|
||||
|
|
||||
pub fn test_var_base_msm<G: AffineCurve>() {
|
|
||||
const SAMPLES: usize = 1 << 10;
|
|
||||
|
|
||||
let mut rng = XorShiftRng::seed_from_u64(234872845u64);
|
|
||||
|
|
||||
let v = (0..SAMPLES - 1)
|
|
||||
.map(|_| G::ScalarField::rand(&mut rng).into_repr())
|
|
||||
.collect::<Vec<_>>();
|
|
||||
let g = (0..SAMPLES)
|
|
||||
.map(|_| G::Projective::rand(&mut rng))
|
|
||||
.collect::<Vec<_>>();
|
|
||||
let g = <G::Projective as ProjectiveCurve>::batch_normalization_into_affine(&g);
|
|
||||
|
|
||||
let naive = naive_var_base_msm(g.as_slice(), v.as_slice());
|
|
||||
let fast = VariableBaseMSM::multi_scalar_mul(g.as_slice(), v.as_slice());
|
|
||||
|
|
||||
assert_eq!(naive.into_affine(), fast.into_affine());
|
|
||||
}
|
|
||||