field_test.go raw
1 // Copyright (c) 2013-2016 The btcsuite developers
2 // Copyright (c) 2013-2016 Dave Collins
3 // Use of this source code is governed by an ISC
4 // license that can be found in the LICENSE file.
5
6 package ecc
7
8 import (
9 "crypto/rand"
10 "encoding/hex"
11 "fmt"
12 "reflect"
13 "testing"
14 )
15
16 // TestSetInt ensures that setting a field value to various native integers
17 // works as expected.
18 func TestSetInt(t *testing.T) {
19 tests := []struct {
20 in uint
21 raw [10]uint32
22 }{
23 {5, [10]uint32{5, 0, 0, 0, 0, 0, 0, 0, 0, 0}},
24 // 2^26
25 {67108864, [10]uint32{67108864, 0, 0, 0, 0, 0, 0, 0, 0, 0}},
26 // 2^26 + 1
27 {67108865, [10]uint32{67108865, 0, 0, 0, 0, 0, 0, 0, 0, 0}},
28 // 2^32 - 1
29 {4294967295, [10]uint32{4294967295, 0, 0, 0, 0, 0, 0, 0, 0, 0}},
30 }
31
32 t.Logf("Running %d tests", len(tests))
33 for i, test := range tests {
34 f := new(fieldVal).SetInt(test.in)
35 if !reflect.DeepEqual(f.n, test.raw) {
36 t.Errorf("fieldVal.Set #%d wrong result\ngot: %v\n"+
37 "want: %v", i, f.n, test.raw)
38 continue
39 }
40 }
41 }
42
43 // TestZero ensures that zeroing a field value zero works as expected.
44 func TestZero(t *testing.T) {
45 f := new(fieldVal).SetInt(2)
46 f.Zero()
47 for idx, rawInt := range f.n {
48 if rawInt != 0 {
49 t.Errorf("internal field integer at index #%d is not "+
50 "zero - got %d", idx, rawInt)
51 }
52 }
53 }
54
55 // TestIsZero ensures that checking if a field IsZero works as expected.
56 func TestIsZero(t *testing.T) {
57 f := new(fieldVal)
58 if !f.IsZero() {
59 t.Errorf("new field value is not zero - got %v (rawints %x)", f,
60 f.n)
61 }
62
63 f.SetInt(1)
64 if f.IsZero() {
65 t.Errorf("field claims it's zero when it's not - got %v "+
66 "(raw rawints %x)", f, f.n)
67 }
68
69 f.Zero()
70 if !f.IsZero() {
71 t.Errorf("field claims it's not zero when it is - got %v "+
72 "(raw rawints %x)", f, f.n)
73 }
74 }
75
76 // TestStringer ensures the stringer returns the appropriate hex string.
77 func TestStringer(t *testing.T) {
78 tests := []struct {
79 in string
80 expected string
81 }{
82 {"0", "0000000000000000000000000000000000000000000000000000000000000000"},
83 {"1", "0000000000000000000000000000000000000000000000000000000000000001"},
84 {"a", "000000000000000000000000000000000000000000000000000000000000000a"},
85 {"b", "000000000000000000000000000000000000000000000000000000000000000b"},
86 {"c", "000000000000000000000000000000000000000000000000000000000000000c"},
87 {"d", "000000000000000000000000000000000000000000000000000000000000000d"},
88 {"e", "000000000000000000000000000000000000000000000000000000000000000e"},
89 {"f", "000000000000000000000000000000000000000000000000000000000000000f"},
90 {"f0", "00000000000000000000000000000000000000000000000000000000000000f0"},
91 // 2^26-1
92 {
93 "3ffffff",
94 "0000000000000000000000000000000000000000000000000000000003ffffff",
95 },
96 // 2^32-1
97 {
98 "ffffffff",
99 "00000000000000000000000000000000000000000000000000000000ffffffff",
100 },
101 // 2^64-1
102 {
103 "ffffffffffffffff",
104 "000000000000000000000000000000000000000000000000ffffffffffffffff",
105 },
106 // 2^96-1
107 {
108 "ffffffffffffffffffffffff",
109 "0000000000000000000000000000000000000000ffffffffffffffffffffffff",
110 },
111 // 2^128-1
112 {
113 "ffffffffffffffffffffffffffffffff",
114 "00000000000000000000000000000000ffffffffffffffffffffffffffffffff",
115 },
116 // 2^160-1
117 {
118 "ffffffffffffffffffffffffffffffffffffffff",
119 "000000000000000000000000ffffffffffffffffffffffffffffffffffffffff",
120 },
121 // 2^192-1
122 {
123 "ffffffffffffffffffffffffffffffffffffffffffffffff",
124 "0000000000000000ffffffffffffffffffffffffffffffffffffffffffffffff",
125 },
126 // 2^224-1
127 {
128 "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
129 "00000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
130 },
131 // 2^256-4294968273 (the btcec prime, so should result in 0)
132 {
133 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f",
134 "0000000000000000000000000000000000000000000000000000000000000000",
135 },
136 // 2^256-4294968274 (the secp256k1 prime+1, so should result in 1)
137 {
138 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30",
139 "0000000000000000000000000000000000000000000000000000000000000001",
140 },
141
142 // Invalid hex
143 {"g", "0000000000000000000000000000000000000000000000000000000000000000"},
144 {"1h", "0000000000000000000000000000000000000000000000000000000000000000"},
145 {"i1", "0000000000000000000000000000000000000000000000000000000000000000"},
146 }
147
148 t.Logf("Running %d tests", len(tests))
149 for i, test := range tests {
150 f := new(fieldVal).SetHex(test.in)
151 result := f.String()
152 if result != test.expected {
153 t.Errorf("fieldVal.String #%d wrong result\ngot: %v\n"+
154 "want: %v", i, result, test.expected)
155 continue
156 }
157 }
158 }
159
160 // TestNormalize ensures that normalizing the internal field words works as
161 // expected.
162 func TestNormalize(t *testing.T) {
163 tests := []struct {
164 raw [10]uint32 // Intentionally denormalized value
165 normalized [10]uint32 // Normalized form of the raw value
166 }{
167 {
168 [10]uint32{0x00000005, 0, 0, 0, 0, 0, 0, 0, 0, 0},
169 [10]uint32{0x00000005, 0, 0, 0, 0, 0, 0, 0, 0, 0},
170 },
171 // 2^26
172 {
173 [10]uint32{0x04000000, 0x0, 0, 0, 0, 0, 0, 0, 0, 0},
174 [10]uint32{0x00000000, 0x1, 0, 0, 0, 0, 0, 0, 0, 0},
175 },
176 // 2^26 + 1
177 {
178 [10]uint32{0x04000001, 0x0, 0, 0, 0, 0, 0, 0, 0, 0},
179 [10]uint32{0x00000001, 0x1, 0, 0, 0, 0, 0, 0, 0, 0},
180 },
181 // 2^32 - 1
182 {
183 [10]uint32{0xffffffff, 0x00, 0, 0, 0, 0, 0, 0, 0, 0},
184 [10]uint32{0x03ffffff, 0x3f, 0, 0, 0, 0, 0, 0, 0, 0},
185 },
186 // 2^32
187 {
188 [10]uint32{0x04000000, 0x3f, 0, 0, 0, 0, 0, 0, 0, 0},
189 [10]uint32{0x00000000, 0x40, 0, 0, 0, 0, 0, 0, 0, 0},
190 },
191 // 2^32 + 1
192 {
193 [10]uint32{0x04000001, 0x3f, 0, 0, 0, 0, 0, 0, 0, 0},
194 [10]uint32{0x00000001, 0x40, 0, 0, 0, 0, 0, 0, 0, 0},
195 },
196 // 2^64 - 1
197 {
198 [10]uint32{0xffffffff, 0xffffffc0, 0xfc0, 0, 0, 0, 0, 0, 0, 0},
199 [10]uint32{0x03ffffff, 0x03ffffff, 0xfff, 0, 0, 0, 0, 0, 0, 0},
200 },
201 // 2^64
202 {
203 [10]uint32{0x04000000, 0x03ffffff, 0x0fff, 0, 0, 0, 0, 0, 0, 0},
204 [10]uint32{0x00000000, 0x00000000, 0x1000, 0, 0, 0, 0, 0, 0, 0},
205 },
206 // 2^64 + 1
207 {
208 [10]uint32{0x04000001, 0x03ffffff, 0x0fff, 0, 0, 0, 0, 0, 0, 0},
209 [10]uint32{0x00000001, 0x00000000, 0x1000, 0, 0, 0, 0, 0, 0, 0},
210 },
211 // 2^96 - 1
212 {
213 [10]uint32{0xffffffff, 0xffffffc0, 0xffffffc0, 0x3ffc0, 0, 0, 0, 0, 0, 0},
214 [10]uint32{0x03ffffff, 0x03ffffff, 0x03ffffff, 0x3ffff, 0, 0, 0, 0, 0, 0},
215 },
216 // 2^96
217 {
218 [10]uint32{0x04000000, 0x03ffffff, 0x03ffffff, 0x3ffff, 0, 0, 0, 0, 0, 0},
219 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x40000, 0, 0, 0, 0, 0, 0},
220 },
221 // 2^128 - 1
222 {
223 [10]uint32{0xffffffff, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffc0, 0, 0, 0, 0, 0},
224 [10]uint32{0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0xffffff, 0, 0, 0, 0, 0},
225 },
226 // 2^128
227 {
228 [10]uint32{0x04000000, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x0ffffff, 0, 0, 0, 0, 0},
229 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x1000000, 0, 0, 0, 0, 0},
230 },
231 // 2^256 - 4294968273 (secp256k1 prime)
232 {
233 [10]uint32{0xfffffc2f, 0xffffff80, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0},
234 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000},
235 },
236 // Prime larger than P where both first and second words are larger
237 // than P's first and second words
238 {
239 [10]uint32{0xfffffc30, 0xffffff86, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0},
240 [10]uint32{0x00000001, 0x00000006, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000},
241 },
242 // Prime larger than P where only the second word is larger
243 // than P's second words.
244 {
245 [10]uint32{0xfffffc2a, 0xffffff87, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0},
246 [10]uint32{0x03fffffb, 0x00000006, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000},
247 },
248 // 2^256 - 1
249 {
250 [10]uint32{0xffffffff, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0xffffffc0, 0x3fffc0},
251 [10]uint32{0x000003d0, 0x00000040, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000},
252 },
253 // Prime with field representation such that the initial
254 // reduction does not result in a carry to bit 256.
255 //
256 // 2^256 - 4294968273 (secp256k1 prime)
257 {
258 [10]uint32{0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff},
259 [10]uint32{0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
260 },
261 // Prime larger than P that reduces to a value which is still
262 // larger than P when it has a magnitude of 1 due to its first
263 // word and does not result in a carry to bit 256.
264 //
265 // 2^256 - 4294968272 (secp256k1 prime + 1)
266 {
267 [10]uint32{0x03fffc30, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff},
268 [10]uint32{0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
269 },
270 // Prime larger than P that reduces to a value which is still
271 // larger than P when it has a magnitude of 1 due to its second
272 // word and does not result in a carry to bit 256.
273 //
274 // 2^256 - 4227859409 (secp256k1 prime + 0x4000000)
275 {
276 [10]uint32{0x03fffc2f, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff},
277 [10]uint32{0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000},
278 },
279 // Prime larger than P that reduces to a value which is still
280 // larger than P when it has a magnitude of 1 due to a carry to
281 // bit 256, but would not be without the carry. These values
282 // come from the fact that P is 2^256 - 4294968273 and 977 is
283 // the low order word in the internal field representation.
284 //
285 // 2^256 * 5 - ((4294968273 - (977+1)) * 4)
286 {
287 [10]uint32{0x03ffffff, 0x03fffeff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x0013fffff},
288 [10]uint32{0x00001314, 0x00000040, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x000000000},
289 },
290 // Prime larger than P that reduces to a value which is still
291 // larger than P when it has a magnitude of 1 due to both a
292 // carry to bit 256 and the first word.
293 {
294 [10]uint32{0x03fffc30, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x07ffffff, 0x003fffff},
295 [10]uint32{0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001},
296 },
297 // Prime larger than P that reduces to a value which is still
298 // larger than P when it has a magnitude of 1 due to both a
299 // carry to bit 256 and the second word.
300 //
301 {
302 [10]uint32{0x03fffc2f, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x3ffffff, 0x07ffffff, 0x003fffff},
303 [10]uint32{0x00000000, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x0000000, 0x00000000, 0x00000001},
304 },
305 // Prime larger than P that reduces to a value which is still
306 // larger than P when it has a magnitude of 1 due to a carry to
307 // bit 256 and the first and second words.
308 //
309 {
310 [10]uint32{0x03fffc30, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x07ffffff, 0x003fffff},
311 [10]uint32{0x00000001, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000001},
312 },
313 }
314
315 t.Logf("Running %d tests", len(tests))
316 for i, test := range tests {
317 f := new(fieldVal)
318 f.n = test.raw
319 f.Normalize()
320 if !reflect.DeepEqual(f.n, test.normalized) {
321 t.Errorf("fieldVal.Normalize #%d wrong result\n"+
322 "got: %x\nwant: %x", i, f.n, test.normalized)
323 continue
324 }
325 }
326 }
327
328 // TestIsOdd ensures that checking if a field value IsOdd works as expected.
329 func TestIsOdd(t *testing.T) {
330 tests := []struct {
331 in string // hex encoded value
332 expected bool // expected oddness
333 }{
334 {"0", false},
335 {"1", true},
336 {"2", false},
337 // 2^32 - 1
338 {"ffffffff", true},
339 // 2^64 - 2
340 {"fffffffffffffffe", false},
341 // secp256k1 prime
342 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", true},
343 }
344
345 t.Logf("Running %d tests", len(tests))
346 for i, test := range tests {
347 f := new(fieldVal).SetHex(test.in)
348 result := f.IsOdd()
349 if result != test.expected {
350 t.Errorf("fieldVal.IsOdd #%d wrong result\n"+
351 "got: %v\nwant: %v", i, result, test.expected)
352 continue
353 }
354 }
355 }
356
357 // TestEquals ensures that checking two field values for equality via Equals
358 // works as expected.
359 func TestEquals(t *testing.T) {
360 tests := []struct {
361 in1 string // hex encoded value
362 in2 string // hex encoded value
363 expected bool // expected equality
364 }{
365 {"0", "0", true},
366 {"0", "1", false},
367 {"1", "0", false},
368 // 2^32 - 1 == 2^32 - 1?
369 {"ffffffff", "ffffffff", true},
370 // 2^64 - 1 == 2^64 - 2?
371 {"ffffffffffffffff", "fffffffffffffffe", false},
372 // 0 == prime (mod prime)?
373 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", true},
374 // 1 == prime+1 (mod prime)?
375 {"1", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30", true},
376 }
377
378 t.Logf("Running %d tests", len(tests))
379 for i, test := range tests {
380 f := new(fieldVal).SetHex(test.in1).Normalize()
381 f2 := new(fieldVal).SetHex(test.in2).Normalize()
382 result := f.Equals(f2)
383 if result != test.expected {
384 t.Errorf("fieldVal.Equals #%d wrong result\n"+
385 "got: %v\nwant: %v", i, result, test.expected)
386 continue
387 }
388 }
389 }
390
391 // TestNegate ensures that negating field values via Negate works as expected.
392 func TestNegate(t *testing.T) {
393 tests := []struct {
394 in string // hex encoded value
395 expected string // expected hex encoded value
396 }{
397 // secp256k1 prime (aka 0)
398 {"0", "0"},
399 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "0"},
400 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"},
401 // secp256k1 prime-1
402 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1"},
403 {"1", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e"},
404 // secp256k1 prime-2
405 {"2", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d"},
406 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", "2"},
407 // Random sampling
408 {
409 "b3d9aac9c5e43910b4385b53c7e78c21d4cd5f8e683c633aed04c233efc2e120",
410 "4c2655363a1bc6ef4bc7a4ac381873de2b32a07197c39cc512fb3dcb103d1b0f",
411 },
412 {
413 "f8a85984fee5a12a7c8dd08830d83423c937d77c379e4a958e447a25f407733f",
414 "757a67b011a5ed583722f77cf27cbdc36c82883c861b56a71bb85d90bf888f0",
415 },
416 {
417 "45ee6142a7fda884211e93352ed6cb2807800e419533be723a9548823ece8312",
418 "ba119ebd5802577bdee16ccad12934d7f87ff1be6acc418dc56ab77cc131791d",
419 },
420 {
421 "53c2a668f07e411a2e473e1c3b6dcb495dec1227af27673761d44afe5b43d22b",
422 "ac3d59970f81bee5d1b8c1e3c49234b6a213edd850d898c89e2bb500a4bc2a04",
423 },
424 }
425
426 t.Logf("Running %d tests", len(tests))
427 for i, test := range tests {
428 f := new(fieldVal).SetHex(test.in).Normalize()
429 expected := new(fieldVal).SetHex(test.expected).Normalize()
430 result := f.Negate(1).Normalize()
431 if !result.Equals(expected) {
432 t.Errorf("fieldVal.Negate #%d wrong result\n"+
433 "got: %v\nwant: %v", i, result, expected)
434 continue
435 }
436 }
437 }
438
439 // TestAddInt ensures that adding an integer to field values via AddInt works as
440 // expected.
441 func TestAddInt(t *testing.T) {
442 tests := []struct {
443 in1 string // hex encoded value
444 in2 uint // unsigned integer to add to the value above
445 expected string // expected hex encoded value
446 }{
447 {"0", 1, "1"},
448 {"1", 0, "1"},
449 {"1", 1, "2"},
450 // secp256k1 prime-1 + 1
451 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", 1, "0"},
452 // secp256k1 prime + 1
453 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", 1, "1"},
454 // Random samples.
455 {
456 "ff95ad9315aff04ab4af0ce673620c7145dc85d03bab5ba4b09ca2c4dec2d6c1",
457 0x10f,
458 "ff95ad9315aff04ab4af0ce673620c7145dc85d03bab5ba4b09ca2c4dec2d7d0",
459 },
460 {
461 "44bdae6b772e7987941f1ba314e6a5b7804a4c12c00961b57d20f41deea9cecf",
462 0x2cf11d41,
463 "44bdae6b772e7987941f1ba314e6a5b7804a4c12c00961b57d20f41e1b9aec10",
464 },
465 {
466 "88c3ecae67b591935fb1f6a9499c35315ffad766adca665c50b55f7105122c9c",
467 0x4829aa2d,
468 "88c3ecae67b591935fb1f6a9499c35315ffad766adca665c50b55f714d3bd6c9",
469 },
470 {
471 "8523e9edf360ca32a95aae4e57fcde5a542b471d08a974d94ea0ee09a015e2a6",
472 0xa21265a5,
473 "8523e9edf360ca32a95aae4e57fcde5a542b471d08a974d94ea0ee0a4228484b",
474 },
475 }
476
477 t.Logf("Running %d tests", len(tests))
478 for i, test := range tests {
479 f := new(fieldVal).SetHex(test.in1).Normalize()
480 expected := new(fieldVal).SetHex(test.expected).Normalize()
481 result := f.AddInt(test.in2).Normalize()
482 if !result.Equals(expected) {
483 t.Errorf("fieldVal.AddInt #%d wrong result\n"+
484 "got: %v\nwant: %v", i, result, expected)
485 continue
486 }
487 }
488 }
489
490 // TestAdd ensures that adding two field values together via Add works as
491 // expected.
492 func TestAdd(t *testing.T) {
493 tests := []struct {
494 in1 string // first hex encoded value
495 in2 string // second hex encoded value to add
496 expected string // expected hex encoded value
497 }{
498 {"0", "1", "1"},
499 {"1", "0", "1"},
500 {"1", "1", "2"},
501 // secp256k1 prime-1 + 1
502 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1", "0"},
503 // secp256k1 prime + 1
504 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "1", "1"},
505 // Random samples.
506 {
507 "2b2012f975404e5065b4292fb8bed0a5d315eacf24c74d8b27e73bcc5430edcc",
508 "2c3cefa4e4753e8aeec6ac4c12d99da4d78accefda3b7885d4c6bab46c86db92",
509 "575d029e59b58cdb547ad57bcb986e4aaaa0b7beff02c610fcadf680c0b7c95e",
510 },
511 {
512 "8131e8722fe59bb189692b96c9f38de92885730f1dd39ab025daffb94c97f79c",
513 "ff5454b765f0aab5f0977dcc629becc84cabeb9def48e79c6aadb2622c490fa9",
514 "80863d2995d646677a00a9632c8f7ab175315ead0d1c824c9088b21c78e10b16",
515 },
516 {
517 "c7c95e93d0892b2b2cdd77e80eb646ea61be7a30ac7e097e9f843af73fad5c22",
518 "3afe6f91a74dfc1c7f15c34907ee981656c37236d946767dd53ccad9190e437c",
519 "02c7ce2577d72747abf33b3116a4df00b881ec6785c47ffc74c105d158bba36f",
520 },
521 {
522 "fd1c26f6a23381e5d785ba889494ec059369b888ad8431cd67d8c934b580dbe1",
523 "a475aa5a31dcca90ef5b53c097d9133d6b7117474b41e7877bb199590fc0489c",
524 "a191d150d4104c76c6e10e492c6dff42fedacfcff8c61954e38a628ec541284e",
525 },
526 }
527
528 t.Logf("Running %d tests", len(tests))
529 for i, test := range tests {
530 f := new(fieldVal).SetHex(test.in1).Normalize()
531 f2 := new(fieldVal).SetHex(test.in2).Normalize()
532 expected := new(fieldVal).SetHex(test.expected).Normalize()
533 result := f.Add(f2).Normalize()
534 if !result.Equals(expected) {
535 t.Errorf("fieldVal.Add #%d wrong result\n"+
536 "got: %v\nwant: %v", i, result, expected)
537 continue
538 }
539 }
540 }
541
542 // TestAdd2 ensures that adding two field values together via Add2 works as
543 // expected.
544 func TestAdd2(t *testing.T) {
545 tests := []struct {
546 in1 string // first hex encoded value
547 in2 string // second hex encoded value to add
548 expected string // expected hex encoded value
549 }{
550 {"0", "1", "1"},
551 {"1", "0", "1"},
552 {"1", "1", "2"},
553 // secp256k1 prime-1 + 1
554 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1", "0"},
555 // secp256k1 prime + 1
556 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "1", "1"},
557 // close but over the secp256k1 prime
558 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffff000000000", "f1ffff000", "1ffff3d1"},
559 // Random samples.
560 {
561 "ad82b8d1cc136e23e9fd77fe2c7db1fe5a2ecbfcbde59ab3529758334f862d28",
562 "4d6a4e95d6d61f4f46b528bebe152d408fd741157a28f415639347a84f6f574b",
563 "faed0767a2e98d7330b2a0bcea92df3eea060d12380e8ec8b62a9fdb9ef58473",
564 },
565 {
566 "f3f43a2540054a86e1df98547ec1c0e157b193e5350fb4a3c3ea214b228ac5e7",
567 "25706572592690ea3ddc951a1b48b504a4c83dc253756e1b96d56fdfb3199522",
568 "19649f97992bdb711fbc2d6e9a0a75e5fc79d1a7888522bf5abf912bd5a45eda",
569 },
570 {
571 "6915bb94eef13ff1bb9b2633d997e13b9b1157c713363cc0e891416d6734f5b8",
572 "11f90d6ac6fe1c4e8900b1c85fb575c251ec31b9bc34b35ada0aea1c21eded22",
573 "7b0ec8ffb5ef5c40449bd7fc394d56fdecfd8980cf6af01bc29c2b898922e2da",
574 },
575 {
576 "48b0c9eae622eed9335b747968544eb3e75cb2dc8128388f948aa30f88cabde4",
577 "0989882b52f85f9d524a3a3061a0e01f46d597839d2ba637320f4b9510c8d2d5",
578 "523a5216391b4e7685a5aea9c9f52ed32e324a601e53dec6c699eea4999390b9",
579 },
580 }
581
582 t.Logf("Running %d tests", len(tests))
583 for i, test := range tests {
584 f := new(fieldVal).SetHex(test.in1).Normalize()
585 f2 := new(fieldVal).SetHex(test.in2).Normalize()
586 expected := new(fieldVal).SetHex(test.expected).Normalize()
587 result := f.Add2(f, f2).Normalize()
588 if !result.Equals(expected) {
589 t.Errorf("fieldVal.Add2 #%d wrong result\n"+
590 "got: %v\nwant: %v", i, result, expected)
591 continue
592 }
593 }
594 }
595
596 // TestMulInt ensures that adding an integer to field values via MulInt works as
597 // expected.
598 func TestMulInt(t *testing.T) {
599 tests := []struct {
600 in1 string // hex encoded value
601 in2 uint // unsigned integer to multiply with value above
602 expected string // expected hex encoded value
603 }{
604 {"0", 0, "0"},
605 {"1", 0, "0"},
606 {"0", 1, "0"},
607 {"1", 1, "1"},
608 // secp256k1 prime-1 * 2
609 {
610 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
611 2,
612 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d",
613 },
614 // secp256k1 prime * 3
615 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", 3, "0"},
616 // secp256k1 prime-1 * 8
617 {
618 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
619 8,
620 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc27",
621 },
622 // Random samples for first value. The second value is limited
623 // to 8 since that is the maximum int used in the elliptic curve
624 // calculations.
625 {
626 "b75674dc9180d306c692163ac5e089f7cef166af99645c0c23568ab6d967288a",
627 6,
628 "4c06bd2b6904f228a76c8560a3433bced9a8681d985a2848d407404d186b0280",
629 },
630 {
631 "54873298ac2b5ba8591c125ae54931f5ea72040aee07b208d6135476fb5b9c0e",
632 3,
633 "fd9597ca048212f90b543710afdb95e1bf560c20ca17161a8239fd64f212d42a",
634 },
635 {
636 "7c30fbd363a74c17e1198f56b090b59bbb6c8755a74927a6cba7a54843506401",
637 5,
638 "6cf4eb20f2447c77657fccb172d38c0aa91ea4ac446dc641fa463a6b5091fba7",
639 },
640 {
641 "fb4529be3e027a3d1587d8a500b72f2d312e3577340ef5175f96d113be4c2ceb",
642 8,
643 "da294df1f013d1e8ac3ec52805b979698971abb9a077a8bafcb688a4f261820f",
644 },
645 }
646
647 t.Logf("Running %d tests", len(tests))
648 for i, test := range tests {
649 f := new(fieldVal).SetHex(test.in1).Normalize()
650 expected := new(fieldVal).SetHex(test.expected).Normalize()
651 result := f.MulInt(test.in2).Normalize()
652 if !result.Equals(expected) {
653 t.Errorf("fieldVal.MulInt #%d wrong result\n"+
654 "got: %v\nwant: %v", i, result, expected)
655 continue
656 }
657 }
658 }
659
660 // TestMul ensures that multiplying two field valuess via Mul works as expected.
661 func TestMul(t *testing.T) {
662 tests := []struct {
663 in1 string // first hex encoded value
664 in2 string // second hex encoded value to multiply with
665 expected string // expected hex encoded value
666 }{
667 {"0", "0", "0"},
668 {"1", "0", "0"},
669 {"0", "1", "0"},
670 {"1", "1", "1"},
671 // slightly over prime
672 {
673 "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff1ffff",
674 "1000",
675 "1ffff3d1",
676 },
677 // secp256k1 prime-1 * 2
678 {
679 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
680 "2",
681 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d",
682 },
683 // secp256k1 prime * 3
684 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "3", "0"},
685 // secp256k1 prime-1 * 8
686 {
687 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
688 "8",
689 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc27",
690 },
691 // Random samples.
692 {
693 "cfb81753d5ef499a98ecc04c62cb7768c2e4f1740032946db1c12e405248137e",
694 "58f355ad27b4d75fb7db0442452e732c436c1f7c5a7c4e214fa9cc031426a7d3",
695 "1018cd2d7c2535235b71e18db9cd98027386328d2fa6a14b36ec663c4c87282b",
696 },
697 {
698 "26e9d61d1cdf3920e9928e85fa3df3e7556ef9ab1d14ec56d8b4fc8ed37235bf",
699 "2dfc4bbe537afee979c644f8c97b31e58be5296d6dbc460091eae630c98511cf",
700 "da85f48da2dc371e223a1ae63bd30b7e7ee45ae9b189ac43ff357e9ef8cf107a",
701 },
702 {
703 "5db64ed5afb71646c8b231585d5b2bf7e628590154e0854c4c29920b999ff351",
704 "279cfae5eea5d09ade8e6a7409182f9de40981bc31c84c3d3dfe1d933f152e9a",
705 "2c78fbae91792dd0b157abe3054920049b1879a7cc9d98cfda927d83be411b37",
706 },
707 {
708 "b66dfc1f96820b07d2bdbd559c19319a3a73c97ceb7b3d662f4fe75ecb6819e6",
709 "bf774aba43e3e49eb63a6e18037d1118152568f1a3ac4ec8b89aeb6ff8008ae1",
710 "c4f016558ca8e950c21c3f7fc15f640293a979c7b01754ee7f8b3340d4902ebb",
711 },
712 }
713
714 t.Logf("Running %d tests", len(tests))
715 for i, test := range tests {
716 f := new(fieldVal).SetHex(test.in1).Normalize()
717 f2 := new(fieldVal).SetHex(test.in2).Normalize()
718 expected := new(fieldVal).SetHex(test.expected).Normalize()
719 result := f.Mul(f2).Normalize()
720 if !result.Equals(expected) {
721 t.Errorf("fieldVal.Mul #%d wrong result\n"+
722 "got: %v\nwant: %v", i, result, expected)
723 continue
724 }
725 }
726 }
727
728 // TestSquare ensures that squaring field values via Square works as expected.
729 func TestSquare(t *testing.T) {
730 tests := []struct {
731 in string // hex encoded value
732 expected string // expected hex encoded value
733 }{
734 // secp256k1 prime (aka 0)
735 {"0", "0"},
736 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "0"},
737 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"},
738 // secp256k1 prime-1
739 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e", "1"},
740 // secp256k1 prime-2
741 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d", "4"},
742 // Random sampling
743 {
744 "b0ba920360ea8436a216128047aab9766d8faf468895eb5090fc8241ec758896",
745 "133896b0b69fda8ce9f648b9a3af38f345290c9eea3cbd35bafcadf7c34653d3",
746 },
747 {
748 "c55d0d730b1d0285a1599995938b042a756e6e8857d390165ffab480af61cbd5",
749 "cd81758b3f5877cbe7e5b0a10cebfa73bcbf0957ca6453e63ee8954ab7780bee",
750 },
751 {
752 "e89c1f9a70d93651a1ba4bca5b78658f00de65a66014a25544d3365b0ab82324",
753 "39ffc7a43e5dbef78fd5d0354fb82c6d34f5a08735e34df29da14665b43aa1f",
754 },
755 {
756 "7dc26186079d22bcbe1614aa20ae627e62d72f9be7ad1e99cac0feb438956f05",
757 "bf86bcfc4edb3d81f916853adfda80c07c57745b008b60f560b1912f95bce8ae",
758 },
759 }
760
761 t.Logf("Running %d tests", len(tests))
762 for i, test := range tests {
763 f := new(fieldVal).SetHex(test.in).Normalize()
764 expected := new(fieldVal).SetHex(test.expected).Normalize()
765 result := f.Square().Normalize()
766 if !result.Equals(expected) {
767 t.Errorf("fieldVal.Square #%d wrong result\n"+
768 "got: %v\nwant: %v", i, result, expected)
769 continue
770 }
771 }
772 }
773
774 // TestInverse ensures that finding the multiplicative inverse via Inverse works
775 // as expected.
776 func TestInverse(t *testing.T) {
777 tests := []struct {
778 in string // hex encoded value
779 expected string // expected hex encoded value
780 }{
781 // secp256k1 prime (aka 0)
782 {"0", "0"},
783 {"fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f", "0"},
784 {"0", "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f"},
785 // secp256k1 prime-1
786 {
787 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
788 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
789 },
790 // secp256k1 prime-2
791 {
792 "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2d",
793 "7fffffffffffffffffffffffffffffffffffffffffffffffffffffff7ffffe17",
794 },
795 // Random sampling
796 {
797 "16fb970147a9acc73654d4be233cc48b875ce20a2122d24f073d29bd28805aca",
798 "987aeb257b063df0c6d1334051c47092b6d8766c4bf10c463786d93f5bc54354",
799 },
800 {
801 "69d1323ce9f1f7b3bd3c7320b0d6311408e30281e273e39a0d8c7ee1c8257919",
802 "49340981fa9b8d3dad72de470b34f547ed9179c3953797d0943af67806f4bb6",
803 },
804 {
805 "e0debf988ae098ecda07d0b57713e97c6d213db19753e8c95aa12a2fc1cc5272",
806 "64f58077b68af5b656b413ea366863f7b2819f8d27375d9c4d9804135ca220c2",
807 },
808 {
809 "dcd394f91f74c2ba16aad74a22bb0ed47fe857774b8f2d6c09e28bfb14642878",
810 "fb848ec64d0be572a63c38fe83df5e7f3d032f60bf8c969ef67d36bf4ada22a9",
811 },
812 }
813
814 t.Logf("Running %d tests", len(tests))
815 for i, test := range tests {
816 f := new(fieldVal).SetHex(test.in).Normalize()
817 expected := new(fieldVal).SetHex(test.expected).Normalize()
818 result := f.Inverse().Normalize()
819 if !result.Equals(expected) {
820 t.Errorf("fieldVal.Inverse #%d wrong result\n"+
821 "got: %v\nwant: %v", i, result, expected)
822 continue
823 }
824 }
825 }
826
827 // randFieldVal returns a random, normalized element in the field.
828 func randFieldVal(t *testing.T) fieldVal {
829 var b [32]byte
830 if _, err := rand.Read(b[:]); err != nil {
831 t.Fatalf("unable to create random element: %v", err)
832 }
833
834 var x fieldVal
835 return *x.SetBytes(&b).Normalize()
836 }
837
838 type sqrtTest struct {
839 name string
840 in string
841 expected string
842 }
843
844 // TestSqrt asserts that a fieldVal properly computes the square root modulo the
845 // sep256k1 prime.
846 func TestSqrt(t *testing.T) {
847 var tests []sqrtTest
848
849 // No valid root exists for the negative of a square.
850 for i := uint(9); i > 0; i-- {
851 var (
852 x fieldVal
853 s fieldVal // x^2 mod p
854 n fieldVal // -x^2 mod p
855 )
856
857 x.SetInt(i)
858 s.SquareVal(&x).Normalize()
859 n.NegateVal(&s, 1).Normalize()
860
861 tests = append(tests, sqrtTest{
862 name: fmt.Sprintf("-%d", i),
863 in: fmt.Sprintf("%x", *n.Bytes()),
864 })
865 }
866
867 // A root should exist for true squares.
868 for i := uint(0); i < 10; i++ {
869 var (
870 x fieldVal
871 s fieldVal // x^2 mod p
872 )
873
874 x.SetInt(i)
875 s.SquareVal(&x).Normalize()
876
877 tests = append(tests, sqrtTest{
878 name: fmt.Sprintf("%d", i),
879 in: fmt.Sprintf("%x", *s.Bytes()),
880 expected: fmt.Sprintf("%x", *x.Bytes()),
881 })
882 }
883
884 // Compute a non-square element, by negating if it has a root.
885 ns := randFieldVal(t)
886 if new(fieldVal).SqrtVal(&ns).Square().Equals(&ns) {
887 ns.Negate(1).Normalize()
888 }
889
890 // For large random field values, test that:
891 // 1) its square has a valid root.
892 // 2) the negative of its square has no root.
893 // 3) the product of its square with a non-square has no root.
894 for i := 0; i < 10; i++ {
895 var (
896 x fieldVal
897 s fieldVal // x^2 mod p
898 n fieldVal // -x^2 mod p
899 m fieldVal // ns*x^2 mod p
900 )
901
902 x = randFieldVal(t)
903 s.SquareVal(&x).Normalize()
904 n.NegateVal(&s, 1).Normalize()
905 m.Mul2(&s, &ns).Normalize()
906
907 // A root should exist for true squares.
908 tests = append(tests, sqrtTest{
909 name: fmt.Sprintf("%x", *s.Bytes()),
910 in: fmt.Sprintf("%x", *s.Bytes()),
911 expected: fmt.Sprintf("%x", *x.Bytes()),
912 })
913
914 // No valid root exists for the negative of a square.
915 tests = append(tests, sqrtTest{
916 name: fmt.Sprintf("-%x", *s.Bytes()),
917 in: fmt.Sprintf("%x", *n.Bytes()),
918 })
919
920 // No root should be computed for product of a square and
921 // non-square.
922 tests = append(tests, sqrtTest{
923 name: fmt.Sprintf("ns*%x", *s.Bytes()),
924 in: fmt.Sprintf("%x", *m.Bytes()),
925 })
926 }
927
928 for _, test := range tests {
929 t.Run(test.name, func(t *testing.T) {
930 testSqrt(t, test)
931 })
932 }
933 }
934
935 func testSqrt(t *testing.T, test sqrtTest) {
936 var (
937 f fieldVal
938 root fieldVal
939 rootNeg fieldVal
940 )
941
942 f.SetHex(test.in).Normalize()
943
944 // Compute sqrt(f) and its negative.
945 root.SqrtVal(&f).Normalize()
946 rootNeg.NegateVal(&root, 1).Normalize()
947
948 switch {
949
950 // If we expect a square root, verify that either the computed square
951 // root is +/- the expected value.
952 case len(test.expected) > 0:
953 var expected fieldVal
954 expected.SetHex(test.expected).Normalize()
955 if !root.Equals(&expected) && !rootNeg.Equals(&expected) {
956 t.Fatalf("fieldVal.Sqrt incorrect root\n"+
957 "got: %v\ngot_neg: %v\nwant: %v",
958 root, rootNeg, expected)
959 }
960
961 // Otherwise, we expect this input not to have a square root.
962 default:
963 if root.Square().Equals(&f) || rootNeg.Square().Equals(&f) {
964 t.Fatalf("fieldVal.Sqrt root should not exist\n"+
965 "got: %v\ngot_neg: %v", root, rootNeg)
966 }
967 }
968 }
969
970 // TestFieldSetBytes ensures that setting a field value to a 256-bit big-endian
971 // unsigned integer via both the slice and array methods works as expected for
972 // edge cases. Random cases are tested via the various other tests.
973 func TestFieldSetBytes(t *testing.T) {
974 tests := []struct {
975 name string // test description
976 in string // hex encoded test value
977 expected [10]uint32 // expected raw ints
978 }{{
979 name: "zero",
980 in: "00",
981 expected: [10]uint32{0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
982 }, {
983 name: "field prime",
984 in: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f",
985 expected: [10]uint32{
986 0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff,
987 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff,
988 },
989 }, {
990 name: "field prime - 1",
991 in: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2e",
992 expected: [10]uint32{
993 0x03fffc2e, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff,
994 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff,
995 },
996 }, {
997 name: "field prime + 1 (overflow in word zero)",
998 in: "fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc30",
999 expected: [10]uint32{
1000 0x03fffc30, 0x03ffffbf, 0x03ffffff, 0x03ffffff, 0x03ffffff,
1001 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff,
1002 },
1003 }, {
1004 name: "field prime first 32 bits",
1005 in: "fffffc2f",
1006 expected: [10]uint32{
1007 0x03fffc2f, 0x00000003f, 0x00000000, 0x00000000, 0x00000000,
1008 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1009 },
1010 }, {
1011 name: "field prime word zero",
1012 in: "03fffc2f",
1013 expected: [10]uint32{
1014 0x03fffc2f, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1015 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1016 },
1017 }, {
1018 name: "field prime first 64 bits",
1019 in: "fffffffefffffc2f",
1020 expected: [10]uint32{
1021 0x03fffc2f, 0x03ffffbf, 0x00000fff, 0x00000000, 0x00000000,
1022 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1023 },
1024 }, {
1025 name: "field prime word zero and one",
1026 in: "0ffffefffffc2f",
1027 expected: [10]uint32{
1028 0x03fffc2f, 0x03ffffbf, 0x00000000, 0x00000000, 0x00000000,
1029 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1030 },
1031 }, {
1032 name: "field prime first 96 bits",
1033 in: "fffffffffffffffefffffc2f",
1034 expected: [10]uint32{
1035 0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x0003ffff, 0x00000000,
1036 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1037 },
1038 }, {
1039 name: "field prime word zero, one, and two",
1040 in: "3ffffffffffefffffc2f",
1041 expected: [10]uint32{
1042 0x03fffc2f, 0x03ffffbf, 0x03ffffff, 0x00000000, 0x00000000,
1043 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
1044 },
1045 }, {
1046 name: "overflow in word one (prime + 1<<26)",
1047 in: "ffffffffffffffffffffffffffffffffffffffffffffffffffffffff03fffc2f",
1048 expected: [10]uint32{
1049 0x03fffc2f, 0x03ffffc0, 0x03ffffff, 0x03ffffff, 0x03ffffff,
1050 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff,
1051 },
1052 }, {
1053 name: "(field prime - 1) * 2 NOT mod P, truncated >32 bytes",
1054 in: "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffdfffff85c",
1055 expected: [10]uint32{
1056 0x01fffff8, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff,
1057 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x00007fff,
1058 },
1059 }, {
1060 name: "2^256 - 1",
1061 in: "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
1062 expected: [10]uint32{
1063 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff,
1064 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x003fffff,
1065 },
1066 }, {
1067 name: "alternating bits",
1068 in: "a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5",
1069 expected: [10]uint32{
1070 0x01a5a5a5, 0x01696969, 0x025a5a5a, 0x02969696, 0x01a5a5a5,
1071 0x01696969, 0x025a5a5a, 0x02969696, 0x01a5a5a5, 0x00296969,
1072 },
1073 }, {
1074 name: "alternating bits 2",
1075 in: "5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a5a",
1076 expected: [10]uint32{
1077 0x025a5a5a, 0x02969696, 0x01a5a5a5, 0x01696969, 0x025a5a5a,
1078 0x02969696, 0x01a5a5a5, 0x01696969, 0x025a5a5a, 0x00169696,
1079 },
1080 }}
1081
1082 for _, test := range tests {
1083 inBytes := hexToBytes(test.in)
1084
1085 // Ensure setting the bytes via the slice method works as expected.
1086 var f fieldVal
1087 f.SetByteSlice(inBytes)
1088 if !reflect.DeepEqual(f.n, test.expected) {
1089 t.Errorf("%s: unexpected result\ngot: %x\nwant: %x", test.name, f.n,
1090 test.expected)
1091 continue
1092 }
1093
1094 // Ensure setting the bytes via the array method works as expected.
1095 var f2 fieldVal
1096 var b32 [32]byte
1097 truncatedInBytes := inBytes
1098 if len(truncatedInBytes) > 32 {
1099 truncatedInBytes = truncatedInBytes[:32]
1100 }
1101 copy(b32[32-len(truncatedInBytes):], truncatedInBytes)
1102 f2.SetBytes(&b32)
1103 if !reflect.DeepEqual(f2.n, test.expected) {
1104 t.Errorf("%s: unexpected result\ngot: %x\nwant: %x", test.name,
1105 f2.n, test.expected)
1106 continue
1107 }
1108 }
1109 }
1110
1111 // hexToBytes converts the passed hex string into bytes and will panic if there
1112 // is an error. This is only provided for the hard-coded constants so errors in
1113 // the source code can be detected. It will only (and must only) be called with
1114 // hard-coded values.
1115 func hexToBytes(s string) []byte {
1116 b, err := hex.DecodeString(s)
1117 if err != nil {
1118 panic("invalid hex in source file: " + s)
1119 }
1120 return b
1121 }
1122