jmg
/
ed448goldilocks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
91 Commits
2 Branches
1.6 MiB
 
 
 
 
 
Tree: dfdb35510d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dfdb35510d'
${ noResults }
ed448goldilocks/test/test_arithmetic.c

369 lines
8.6 KiB
Raw Blame History 

  1. #include "field.h"

  2. #include "test.h"

  3. #include "decaf.h"

  4. #include <gmp.h>

  5. #include <string.h>

  6. #include <stdio.h>

  7. 

  8. mpz_t mp_field;

  9. mpz_t mp_scalar_field;

  10. 

  11. static void decaf_scalar_print (

  12.     const char *descr,

  13.     const decaf_scalar_t scalar

  14. ) {

  15.     int j;

  16.     printf("%s = 0x", descr);

  17.     for (j=DECAF_SCALAR_LIMBS-1; j>=0; j--) {

  18.         printf(PRIxWORDfull, scalar->limb[j]);

  19.     }

  20.     printf("\n");

  21. }

  22. 

  23. static mask_t mpz_to_field (

  24.     field_a_t out,

  25.     const mpz_t in

  26. ) {

  27.     uint8_t ser[FIELD_BYTES];

  28.     mpz_t modded;

  29.     memset(ser,0,sizeof(ser));

  30.     mpz_init(modded);

  31.     mpz_mod(modded, in, mp_field);

  32.     mpz_export(ser, NULL, -1, 1, -1, 0, modded);

  33.     mask_t succ = field_deserialize(out, ser);

  34.     return succ;

  35. }

  36. 

  37. static mask_t mpz_to_scalar (

  38.     decaf_scalar_t out,

  39.     const mpz_t in

  40. ) {

  41.     uint8_t ser[DECAF_SCALAR_BYTES];

  42.     mpz_t modded;

  43.     memset(ser,0,sizeof(ser));

  44.     mpz_init(modded);

  45.     mpz_mod(modded, in, mp_scalar_field);

  46.     mpz_export(ser, NULL, -1, 1, -1, 0, modded);

  47.     mask_t succ = decaf_scalar_decode(out, ser);

  48.     return succ;

  49. }

  50. 

  51. static mask_t scalar_assert_eq_gmp(

  52.     const char *descr,

  53.     const decaf_scalar_t a,

  54.     const decaf_scalar_t b,

  55.     const decaf_scalar_t x,

  56.     const mpz_t ma,

  57.     const mpz_t mb,

  58.     const mpz_t y

  59. ) {

  60.     uint8_t xser[FIELD_BYTES], yser[FIELD_BYTES];

  61.     mpz_t modded;

  62.     

  63.     memset(yser,0,sizeof(yser));

  64.     

  65.     decaf_scalar_encode(xser, x);

  66.     

  67.     mpz_init(modded);

  68.     mpz_mod(modded, y, mp_scalar_field);

  69.     mpz_export(yser, NULL, -1, 1, -1, 0, modded);

  70.     

  71.     if (memcmp(xser,yser,FIELD_BYTES)) {

  72.         youfail();

  73.         printf("    Failed arithmetic test %s\n", descr);

  74.         decaf_scalar_print("        a", a);

  75.         decaf_scalar_print("        b", b);

  76.         decaf_scalar_print("    decaf", x);

  77.         // printf("     gmpa = 0x");

  78.         

  79.         int j;

  80.         // mpz_export(yser, NULL, -1, 1, -1, 0, ma);

  81.         // for (j=FIELD_BYTES-1; j>=0; j--) {

  82.         //     printf("%02x", yser[j]);

  83.         // }

  84.         // printf("\n");

  85.         // printf("     gmpb = 0x");

  86.         //

  87.         //

  88.         // mpz_export(yser, NULL, -1, 1, -1, 0, mb);

  89.         // for (j=FIELD_BYTES-1; j>=0; j--) {

  90.         //     printf("%02x", yser[j]);

  91.         // }

  92.         // printf("\n");

  93.         (void)ma; (void)mb;

  94.         

  95.         printf("     gmpy = 0x");

  96. 

  97.         mpz_export(yser, NULL, -1, 1, -1, 0, modded);

  98.         for (j=FIELD_BYTES-1; j>=0; j--) {

  99.             printf("%02x", yser[j]);

  100.         }

  101.         printf("\n");

  102.         return MASK_FAILURE;

  103.     }

  104.     

  105.     mpz_clear(modded);

  106.     return MASK_SUCCESS;

  107. }

  108. 

  109. static inline int BRANCH_ON_CONSTANT(int x) {

  110.     __asm__ ("" : "+r"(x));

  111.     return x;

  112. }

  113. 

  114. static mask_t field_assert_eq_gmp(

  115.     const char *descr,

  116.     const field_a_t a,

  117.     const field_a_t b,

  118.     const field_a_t x,

  119.     const mpz_t y,

  120.     float lowBound,

  121.     float highBound

  122. ) {

  123.     uint8_t xser[FIELD_BYTES], yser[FIELD_BYTES];

  124.     mpz_t modded;

  125.     

  126.     memset(yser,0,sizeof(yser));

  127.     

  128.     field_serialize(xser, x);

  129.     

  130.     mpz_init(modded);

  131.     mpz_mod(modded, y, mp_field);

  132.     mpz_export(yser, NULL, -1, 1, -1, 0, modded);

  133.     

  134.     unsigned int i;

  135.     for (i=0; i<sizeof(*x)/sizeof(x->limb[0]); i++) {

  136.         int radix_bits = 1 + (sizeof(x->limb[0]) * FIELD_BITS - 1) / sizeof(*x);

  137.         word_t yardstick;

  138. 

  139.         if (BRANCH_ON_CONSTANT(FIELD_BITS == 521) && BRANCH_ON_CONSTANT(sizeof(*x)==12*8)) {

  140.             radix_bits = 58;

  141.         }

  142.         

  143.         yardstick = (1ull<<radix_bits) - 1;

  144. 

  145.         if (x->limb[i] < yardstick * lowBound || x->limb[i] > yardstick * highBound) {

  146.             youfail();

  147.             printf("    Limb %d -> " PRIxWORDfull " is out of bounds (%0.2f, %0.2f) for test %s (yardstick = " PRIxWORDfull ")\n",

  148.                  i, x->limb[i], lowBound, highBound, descr, yardstick);

  149.             break;

  150.         }

  151.     }

  152.     

  153.     if (memcmp(xser,yser,FIELD_BYTES)) {

  154.         youfail();

  155.         printf("    Failed arithmetic test %s\n", descr);

  156.         field_print("    a", a);

  157.         field_print("    b", b);

  158.         field_print("    goldi", x);

  159.         printf("    gmp   = 0x");

  160.         int j;

  161.         for (j=FIELD_BYTES-1; j>=0; j--) {

  162.             printf("%02x", yser[j]);

  163.         }

  164.         printf("\n");

  165.         return MASK_FAILURE;

  166.     }

  167.     

  168.     mpz_clear(modded);

  169.     return MASK_SUCCESS;

  170. }

  171. 

  172. static mask_t test_add_sub_RAW (

  173.     const mpz_t x,

  174.     const mpz_t y,

  175.     word_t word

  176. ) {

  177.     field_a_t xx,yy,tt;

  178.     mpz_t t;

  179.     mask_t succ = MASK_SUCCESS;

  180.     succ  = mpz_to_field(xx,x);

  181.     succ &= mpz_to_field(yy,y);

  182.     mpz_init(t);

  183.     

  184.     field_add_RAW(tt,xx,yy);

  185.     mpz_add(t,x,y);

  186.     succ &= field_assert_eq_gmp("add",xx,yy,tt,t,0,2.1);

  187.     

  188.     field_sub_RAW(tt,xx,yy);

  189.     field_bias(tt,2);

  190.     mpz_sub(t,x,y);

  191.     succ &= field_assert_eq_gmp("sub",xx,yy,tt,t,0,3.1);

  192.     

  193.     field_copy(tt,xx);

  194.     field_addw(tt,word);

  195.     mpz_add_ui(t,x,word);

  196.     succ &= field_assert_eq_gmp("addw",xx,yy,tt,t,0,2.1);

  197.     

  198.     field_copy(tt,xx);

  199.     field_subw(tt,word);

  200.     field_bias(tt,1);

  201.     mpz_sub_ui(t,x,word);

  202.     succ &= field_assert_eq_gmp("subw",xx,yy,tt,t,0,2.1);

  203. 

  204.     /*

  205.     if (!succ) {

  206.         field_print("    x", &xx);

  207.         field_print("    y", &yy);

  208.     }

  209.     */

  210.     

  211.     mpz_clear(t);

  212.     

  213.     return succ;

  214. }

  215. 

  216. static mask_t test_scalar (

  217.     const mpz_t x,

  218.     const mpz_t y

  219. ) {

  220.     decaf_scalar_t xx,yy,tt;

  221.     mpz_t t;

  222.     mask_t succ = MASK_SUCCESS;

  223.     succ  = mpz_to_scalar(xx,x);

  224.     succ &= mpz_to_scalar(yy,y);

  225.     mpz_init(t);

  226.     

  227.     decaf_scalar_add(tt,xx,yy);

  228.     mpz_add(t,x,y);

  229.     succ &= scalar_assert_eq_gmp("scalar add",xx,yy,tt,x,y,t);

  230.     

  231.     decaf_scalar_sub(tt,xx,yy);

  232.     mpz_sub(t,x,y);

  233.     succ &= scalar_assert_eq_gmp("scalar sub",xx,yy,tt,x,y,t);

  234.     

  235.     decaf_scalar_mul(tt,xx,yy);

  236.     mpz_mul(t,x,y);

  237.     succ &= scalar_assert_eq_gmp("scalar mul",xx,yy,tt,x,y,t);

  238.     

  239.     mpz_clear(t);

  240.     

  241.     return succ;

  242. }

  243. 

  244. static mask_t test_mul_sqr (

  245.     const mpz_t x,

  246.     const mpz_t y,

  247.     word_t word

  248. ) {

  249.     field_a_t xx,yy,tt;

  250.     mpz_t t;

  251.     mask_t succ = MASK_SUCCESS;

  252.     succ  = mpz_to_field(xx,x);

  253.     succ &= mpz_to_field(yy,y);

  254.     mpz_init(t);

  255.     

  256.     field_mul(tt,xx,yy);

  257.     mpz_mul(t,x,y);

  258.     succ &= field_assert_eq_gmp("mul",xx,yy,tt,t,0,1.1);

  259.     

  260.     field_mulw(tt,xx,word);

  261.     mpz_mul_ui(t,x,word);

  262.     succ &= field_assert_eq_gmp("mulw",xx,yy,tt,t,0,1.1);

  263.     

  264.     field_sqr(tt,xx);

  265.     mpz_mul(t,x,x);

  266.     succ &= field_assert_eq_gmp("sqrx",xx,yy,tt,t,0,1.1);

  267.     

  268.     field_sqr(tt,yy);

  269.     mpz_mul(t,y,y);

  270.     succ &= field_assert_eq_gmp("sqy",xx,yy,tt,t,0,1.1);

  271.     

  272.     if (!succ) {

  273.         field_print("    x", xx);

  274.         field_print("    y", yy);

  275.     }

  276.     

  277.     mpz_clear(t);

  278.     

  279.     return succ;

  280. }

  281. 

  282. static mask_t test_isr (

  283.     const mpz_t x

  284. ) {

  285.     field_a_t xx,yy,ss,tt;

  286.     mask_t succ = 0;

  287.     succ  = mpz_to_field(xx,x);

  288.     

  289.     field_isr(ss,xx);

  290.     field_sqr(tt,ss);

  291.     field_mul(yy,xx,tt);

  292.     

  293.     field_addw(tt,1);

  294.     succ |= field_is_zero(tt);

  295.     

  296.     field_subw(tt,2);

  297.     field_bias(tt,1);

  298.     succ |= field_is_zero(tt);

  299.     

  300.     field_addw(tt,1);

  301.     if (~succ) {

  302.         youfail();

  303.         printf("ISR failure.\n");

  304.         field_print("    x", xx);

  305.         field_print("    s", ss);

  306.         field_print("    t", tt);

  307.     }

  308.     

  309.     return succ;

  310. }

  311. 

  312. void dbg_gmp_printf(const mpz_t x);

  313. void dbg_gmp_printf(const mpz_t x) {

  314.     gmp_printf("DEBUG: 0x%Zx\n", x);

  315. }

  316. 

  317. int test_arithmetic (void) {

  318.     int j, ntests = 100000;

  319.     

  320.     gmp_randstate_t state;

  321.     gmp_randinit_mt(state);

  322.     mpz_init(mp_field);

  323.     mpz_import(mp_field, FIELD_BYTES, -1, 1, -1, 0, FIELD_MODULUS);

  324.     

  325.     mpz_import(mp_scalar_field, DECAF_SCALAR_LIMBS, -1, sizeof(decaf_word_t), -1, 0, decaf_scalar_p);

  326.     

  327.     mpz_t x,y;

  328.     mpz_init(x);

  329.     mpz_init(y);

  330.     

  331.     mask_t succ = MASK_SUCCESS;

  332.     

  333.     int radix_bits = sizeof(word_t) * FIELD_BITS / sizeof(field_a_t);

  334.     

  335.     for (j=0; j<ntests; j++) {

  336.         if (j<256) {

  337.             mpz_set_ui(x,0);

  338.             mpz_set_ui(y,0);

  339.             mpz_setbit(x,(j%16)*28);

  340.             mpz_setbit(y,(j/16)*28);

  341.         } else if (j&1) {

  342.             mpz_rrandomb(x, state, FIELD_BITS);

  343.             mpz_rrandomb(y, state, FIELD_BITS);

  344.         } else {

  345.             mpz_urandomb(x, state, FIELD_BITS);

  346.             mpz_urandomb(y, state, FIELD_BITS);

  347.         }

  348.         

  349.         word_t word = gmp_urandomm_ui (state, 1ull<<radix_bits);

  350.         

  351.         succ &= test_add_sub_RAW(x,y,word);

  352.         succ &= test_mul_sqr(x,y,word);

  353.         succ &= test_scalar(x,y);

  354.         

  355.         if (j < 1000)

  356.             succ &= test_isr(x);

  357.         

  358.         // TODO: test neg, cond_neg_RAW, set_ui, wrd, srd, inv, ...?

  359.     }

  360.     

  361.     mpz_clear(x);

  362.     mpz_clear(y);

  363.     mpz_clear(mp_field);

  364.     gmp_randclear(state);

  365.     

  366.     return succ ? 0 : 1;

  367. }