You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 

202 lines
4.6 KiB

  1. #include "p448.h"
  2. #include "test.h"
  3. #include <gmp.h>
  4. #include <string.h>
  5. #include <stdio.h>
  6. mpz_t mp_p448;
  7. static mask_t mpz_to_p448 (
  8. struct p448_t *out,
  9. const mpz_t in
  10. ) {
  11. uint8_t ser[56];
  12. mpz_t modded;
  13. memset(ser,0,sizeof(ser));
  14. mpz_init(modded);
  15. mpz_mod(modded, in, mp_p448);
  16. mpz_export(ser, NULL, -1, 1, -1, 0, modded);
  17. mask_t succ = p448_deserialize(out, ser);
  18. return succ;
  19. }
  20. static mask_t p448_assert_eq_gmp(
  21. const char *descr,
  22. const struct p448_t *x,
  23. const mpz_t y,
  24. float lowBound,
  25. float highBound
  26. ) {
  27. uint8_t xser[56], yser[56];
  28. mpz_t modded;
  29. memset(yser,0,sizeof(yser));
  30. p448_serialize(xser, x);
  31. mpz_init(modded);
  32. mpz_mod(modded, y, mp_p448);
  33. mpz_export(yser, NULL, -1, 1, -1, 0, modded);
  34. unsigned int i;
  35. for (i=0; i<sizeof(*x)/sizeof(x->limb[0]); i++) {
  36. int bits = sizeof(x->limb[0]) * 448 / sizeof(*x);
  37. word_t yardstick = (i==sizeof(*x)/sizeof(x->limb[0])/2) ?
  38. (1ull<<bits) - 2 : (1ull<<bits) - 1;
  39. if (x->limb[i] < yardstick * lowBound || x->limb[i] > yardstick * highBound) {
  40. youfail();
  41. printf(" P448 limb %d -> " PRIxWORDfull " is out of bounds (%0.2f, %0.2f) for test %s (yardstick = " PRIxWORDfull ")\n",
  42. i, x->limb[i], lowBound, highBound, descr, yardstick);
  43. break;
  44. }
  45. }
  46. if (memcmp(xser,yser,56)) {
  47. youfail();
  48. printf(" Failed arithmetic test %s\n", descr);
  49. p448_print(" p448", x);
  50. printf(" gmp = 0x");
  51. int j;
  52. for (j=55; j>=0; j--) {
  53. printf("%02x", yser[j]);
  54. }
  55. printf("\n");
  56. return MASK_FAILURE;
  57. }
  58. mpz_clear(modded);
  59. return MASK_SUCCESS;
  60. }
  61. static mask_t test_add_sub (
  62. const mpz_t x,
  63. const mpz_t y,
  64. word_t word
  65. ) {
  66. struct p448_t xx,yy,tt;
  67. mpz_t t;
  68. mask_t succ = MASK_SUCCESS;
  69. succ = mpz_to_p448(&xx,x);
  70. succ &= mpz_to_p448(&yy,y);
  71. mpz_init(t);
  72. p448_add(&tt,&xx,&yy);
  73. mpz_add(t,x,y);
  74. succ &= p448_assert_eq_gmp("add",&tt,t,0,2.1);
  75. p448_sub(&tt,&xx,&yy);
  76. p448_bias(&tt,2);
  77. mpz_sub(t,x,y);
  78. succ &= p448_assert_eq_gmp("sub",&tt,t,0,3.1);
  79. p448_copy(&tt,&xx);
  80. p448_addw(&tt,word);
  81. mpz_add_ui(t,x,word);
  82. succ &= p448_assert_eq_gmp("addw",&tt,t,0,2.1);
  83. p448_copy(&tt,&xx);
  84. p448_subw(&tt,word);
  85. p448_bias(&tt,1);
  86. mpz_sub_ui(t,x,word);
  87. succ &= p448_assert_eq_gmp("subw",&tt,t,0,2.1);
  88. if (!succ) {
  89. p448_print(" x", &xx);
  90. p448_print(" y", &yy);
  91. }
  92. mpz_clear(t);
  93. return succ;
  94. }
  95. static mask_t test_mul_sqr (
  96. const mpz_t x,
  97. const mpz_t y,
  98. word_t word
  99. ) {
  100. struct p448_t xx,yy,tt;
  101. mpz_t t;
  102. mask_t succ = MASK_SUCCESS;
  103. succ = mpz_to_p448(&xx,x);
  104. succ &= mpz_to_p448(&yy,y);
  105. mpz_init(t);
  106. p448_mul(&tt,&xx,&yy);
  107. mpz_mul(t,x,y);
  108. succ &= p448_assert_eq_gmp("mul",&tt,t,0,1.1);
  109. p448_mulw(&tt,&xx,word);
  110. mpz_mul_ui(t,x,word);
  111. succ &= p448_assert_eq_gmp("mulw",&tt,t,0,1.1);
  112. p448_sqr(&tt,&xx);
  113. mpz_mul(t,x,x);
  114. succ &= p448_assert_eq_gmp("sqrx",&tt,t,0,1.1);
  115. p448_sqr(&tt,&yy);
  116. mpz_mul(t,y,y);
  117. succ &= p448_assert_eq_gmp("sqy",&tt,t,0,1.1);
  118. if (!succ) {
  119. p448_print(" x", &xx);
  120. p448_print(" y", &yy);
  121. }
  122. mpz_clear(t);
  123. return succ;
  124. }
  125. int test_arithmetic () {
  126. int j, ntests = 100000;
  127. gmp_randstate_t state;
  128. gmp_randinit_mt(state);
  129. uint8_t pser[56];
  130. for (j=0; j<56; j++) {
  131. pser[j] = (j==28) ? 0xFE : 0xFF;
  132. }
  133. mpz_init(mp_p448);
  134. mpz_import(mp_p448, 56, -1, 1, -1, 0, pser);
  135. mpz_t x,y;
  136. mpz_init(x);
  137. mpz_init(y);
  138. mask_t succ = MASK_SUCCESS;
  139. int bits = sizeof(word_t) * 448 / sizeof(p448_t);
  140. for (j=0; j<ntests; j++) {
  141. if (j<256) {
  142. mpz_set_ui(x,0);
  143. mpz_set_ui(y,0);
  144. mpz_setbit(x,(j%16)*28);
  145. mpz_setbit(y,(j/16)*28);
  146. } else if (j&1) {
  147. mpz_rrandomb(x, state, 448);
  148. mpz_rrandomb(y, state, 448);
  149. } else {
  150. mpz_urandomb(x, state, 448);
  151. mpz_urandomb(y, state, 448);
  152. }
  153. word_t word = gmp_urandomm_ui (state, 1ull<<bits);
  154. succ &= test_add_sub(x,y,word);
  155. succ &= test_mul_sqr(x,y,word);
  156. // TODO: test neg, cond_neg, set_ui, wrd, srd, inv, ...?
  157. }
  158. mpz_clear(x);
  159. mpz_clear(y);
  160. mpz_clear(mp_p448);
  161. gmp_randclear(state);
  162. return succ ? 0 : 1;
  163. }