Cradicle Explorer
bitcoin
/ src / secp256k1 / src / testutil.h
testutil.h
  1  /***********************************************************************
  2   * Distributed under the MIT software license, see the accompanying    *
  3   * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
  4   ***********************************************************************/
  5  
  6  #ifndef SECP256K1_TESTUTIL_H
  7  #define SECP256K1_TESTUTIL_H
  8  
  9  #include "field.h"
 10  #include "group.h"
 11  #include "testrand.h"
 12  #include "util.h"
 13  
 14  /* Helper for when we need to check that the ctx-provided sha256 compression was called */
 15  #define DEFINE_SHA256_TRANSFORM_PROBE(name)                                     \
 16      static int name##_called = 0;                                               \
 17      static void name(uint32_t *s, const unsigned char *msg, size_t rounds) {    \
 18          name##_called = 1;                                                      \
 19          secp256k1_sha256_transform(s, msg, rounds);                             \
 20          s[0] ^= 0xdeadbeef; /* intentional perturbation for testing */          \
 21      }
 22  
 23  /* group order of the secp256k1 curve in 32-byte big endian representation */
 24  static const unsigned char secp256k1_group_order_bytes[32] = {
 25      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
 26      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
 27      0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b,
 28      0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41
 29  };
 30  
 31  static void testutil_random_fe(secp256k1_fe *x) {
 32      unsigned char bin[32];
 33      do {
 34          testrand256(bin);
 35          if (secp256k1_fe_set_b32_limit(x, bin)) {
 36              return;
 37          }
 38      } while(1);
 39  }
 40  
 41  static void testutil_random_fe_non_zero(secp256k1_fe *nz) {
 42      do {
 43          testutil_random_fe(nz);
 44      } while (secp256k1_fe_is_zero(nz));
 45  }
 46  
 47  static void testutil_random_fe_magnitude(secp256k1_fe *fe, int m) {
 48      secp256k1_fe zero;
 49      int n = testrand_int(m + 1);
 50      secp256k1_fe_normalize(fe);
 51      if (n == 0) {
 52          return;
 53      }
 54      secp256k1_fe_set_int(&zero, 0);
 55      secp256k1_fe_negate(&zero, &zero, 0);
 56      secp256k1_fe_mul_int_unchecked(&zero, n - 1);
 57      secp256k1_fe_add(fe, &zero);
 58  #ifdef VERIFY
 59      CHECK(fe->magnitude == n);
 60  #endif
 61  }
 62  
 63  static void testutil_random_fe_test(secp256k1_fe *x) {
 64      unsigned char bin[32];
 65      do {
 66          testrand256_test(bin);
 67          if (secp256k1_fe_set_b32_limit(x, bin)) {
 68              return;
 69          }
 70      } while(1);
 71  }
 72  
 73  static void testutil_random_fe_non_zero_test(secp256k1_fe *fe) {
 74      do {
 75          testutil_random_fe_test(fe);
 76      } while(secp256k1_fe_is_zero(fe));
 77  }
 78  
 79  static void testutil_random_ge_x_magnitude(secp256k1_ge *ge) {
 80      testutil_random_fe_magnitude(&ge->x, SECP256K1_GE_X_MAGNITUDE_MAX);
 81  }
 82  
 83  static void testutil_random_ge_y_magnitude(secp256k1_ge *ge) {
 84      testutil_random_fe_magnitude(&ge->y, SECP256K1_GE_Y_MAGNITUDE_MAX);
 85  }
 86  
 87  static void testutil_random_gej_x_magnitude(secp256k1_gej *gej) {
 88      testutil_random_fe_magnitude(&gej->x, SECP256K1_GEJ_X_MAGNITUDE_MAX);
 89  }
 90  
 91  static void testutil_random_gej_y_magnitude(secp256k1_gej *gej) {
 92      testutil_random_fe_magnitude(&gej->y, SECP256K1_GEJ_Y_MAGNITUDE_MAX);
 93  }
 94  
 95  static void testutil_random_gej_z_magnitude(secp256k1_gej *gej) {
 96      testutil_random_fe_magnitude(&gej->z, SECP256K1_GEJ_Z_MAGNITUDE_MAX);
 97  }
 98  
 99  static void testutil_random_ge_test(secp256k1_ge *ge) {
100      secp256k1_fe fe;
101      do {
102          testutil_random_fe_test(&fe);
103          if (secp256k1_ge_set_xo_var(ge, &fe, testrand_bits(1))) {
104              secp256k1_fe_normalize(&ge->y);
105              break;
106          }
107      } while(1);
108  }
109  
110  static void testutil_random_ge_jacobian_test(secp256k1_gej *gej, const secp256k1_ge *ge) {
111      secp256k1_fe z;
112      testutil_random_fe_non_zero_test(&z);
113      secp256k1_gej_set_ge(gej, ge);
114      secp256k1_gej_rescale(gej, &z);
115  }
116  
117  static void testutil_random_gej_test(secp256k1_gej *gej) {
118      secp256k1_ge ge;
119      testutil_random_ge_test(&ge);
120      testutil_random_ge_jacobian_test(gej, &ge);
121  }
122  
123  static void testutil_random_pubkey_test(secp256k1_pubkey *pk) {
124      secp256k1_ge ge;
125      testutil_random_ge_test(&ge);
126      secp256k1_pubkey_save(pk, &ge);
127  }
128  
129  static void testutil_random_scalar_order_test(secp256k1_scalar *num) {
130      do {
131          unsigned char b32[32];
132          int overflow = 0;
133          testrand256_test(b32);
134          secp256k1_scalar_set_b32(num, b32, &overflow);
135          if (overflow || secp256k1_scalar_is_zero(num)) {
136              continue;
137          }
138          break;
139      } while(1);
140  }
141  
142  static void testutil_random_scalar_order(secp256k1_scalar *num) {
143      do {
144          unsigned char b32[32];
145          int overflow = 0;
146          testrand256(b32);
147          secp256k1_scalar_set_b32(num, b32, &overflow);
148          if (overflow || secp256k1_scalar_is_zero(num)) {
149              continue;
150          }
151          break;
152      } while(1);
153  }
154  
155  static void testutil_random_scalar_order_b32(unsigned char *b32) {
156      secp256k1_scalar num;
157      testutil_random_scalar_order(&num);
158      secp256k1_scalar_get_b32(b32, &num);
159  }
160  
161  #endif /* SECP256K1_TESTUTIL_H */