@@ -641,9 +641,8 @@ int check_fe_equal(const secp256k1_fe_t *a, const secp256k1_fe_t *b) {
641641
642642int check_fe_inverse (const secp256k1_fe_t * a , const secp256k1_fe_t * ai ) {
643643 secp256k1_fe_t x ;
644- secp256k1_fe_t one ;
644+ secp256k1_fe_t one = SECP256K1_FE_CONST ( 0 , 0 , 0 , 0 , 0 , 0 , 0 , 1 ) ;
645645 secp256k1_fe_mul (& x , a , ai );
646- secp256k1_fe_set_int (& one , 1 );
647646 return check_fe_equal (& x , & one );
648647}
649648
@@ -654,7 +653,6 @@ void run_field_convert(void) {
654653 0x22 , 0x23 , 0x24 , 0x25 , 0x26 , 0x27 , 0x28 , 0x29 ,
655654 0x33 , 0x34 , 0x35 , 0x36 , 0x37 , 0x38 , 0x39 , 0x40
656655 };
657- static const char * c64 = "0001020304050607111213141516171822232425262728293334353637383940" ;
658656 static const secp256k1_fe_storage_t fes = SECP256K1_FE_STORAGE_CONST (
659657 0x00010203UL , 0x04050607UL , 0x11121314UL , 0x15161718UL ,
660658 0x22232425UL , 0x26272829UL , 0x33343536UL , 0x37383940UL
@@ -665,38 +663,26 @@ void run_field_convert(void) {
665663 );
666664 secp256k1_fe_t fe2 ;
667665 unsigned char b322 [32 ];
668- char c642 [64 ];
669666 secp256k1_fe_storage_t fes2 ;
670667 /* Check conversions to fe. */
671668 CHECK (secp256k1_fe_set_b32 (& fe2 , b32 ));
672669 CHECK (secp256k1_fe_equal_var (& fe , & fe2 ));
673- CHECK (secp256k1_fe_set_hex (& fe2 , c64 ));
674- CHECK (secp256k1_fe_equal_var (& fe , & fe2 ));
675670 secp256k1_fe_from_storage (& fe2 , & fes );
676671 CHECK (secp256k1_fe_equal_var (& fe , & fe2 ));
677672 /* Check conversion from fe. */
678673 secp256k1_fe_get_b32 (b322 , & fe );
679674 CHECK (memcmp (b322 , b32 , 32 ) == 0 );
680- secp256k1_fe_get_hex (c642 , & fe );
681- CHECK (memcmp (c642 , c64 , 64 ) == 0 );
682675 secp256k1_fe_to_storage (& fes2 , & fe );
683676 CHECK (memcmp (& fes2 , & fes , sizeof (fes )) == 0 );
684677}
685678
686679void run_field_misc (void ) {
687- const unsigned char f32_5 [32 ] = {
688- 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 ,
689- 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 ,
690- 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 ,
691- 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x00 , 0x05 ,
692- };
693680 secp256k1_fe_t x ;
694681 secp256k1_fe_t y ;
695682 secp256k1_fe_t z ;
696683 secp256k1_fe_t q ;
697- secp256k1_fe_t fe5 ;
684+ secp256k1_fe_t fe5 = SECP256K1_FE_CONST ( 0 , 0 , 0 , 0 , 0 , 0 , 0 , 5 ) ;
698685 int i ;
699- CHECK (secp256k1_fe_set_b32 (& fe5 , f32_5 ));
700686 for (i = 0 ; i < 5 * count ; i ++ ) {
701687 secp256k1_fe_storage_t xs , ys , zs ;
702688 random_fe (& x );
@@ -956,7 +942,7 @@ void test_ge(void) {
956942
957943 /* Test adding all points together in random order equals infinity. */
958944 {
959- secp256k1_gej_t sum ;
945+ secp256k1_gej_t sum = SECP256K1_GEJ_CONST_INFINITY ;
960946 secp256k1_gej_t * gej_shuffled = malloc ((4 * runs + 1 ) * sizeof (secp256k1_gej_t ));
961947 for (i = 0 ; i < 4 * runs + 1 ; i ++ ) {
962948 gej_shuffled [i ] = gej [i ];
@@ -969,7 +955,6 @@ void test_ge(void) {
969955 gej_shuffled [swap ] = t ;
970956 }
971957 }
972- secp256k1_gej_set_infinity (& sum );
973958 for (i = 0 ; i < 4 * runs + 1 ; i ++ ) {
974959 secp256k1_gej_add_var (& sum , & sum , & gej_shuffled [i ]);
975960 }
@@ -1001,47 +986,33 @@ void run_ge(void) {
1001986/***** ECMULT TESTS *****/
1002987
1003988void run_ecmult_chain (void ) {
1004- secp256k1_gej_t a ;
1005- secp256k1_gej_t x ;
1006- secp256k1_gej_t x2 ;
1007- secp256k1_fe_t ax ;
1008- secp256k1_fe_t ay ;
1009- secp256k1_scalar_t xn ;
1010- secp256k1_scalar_t gn ;
1011- secp256k1_scalar_t xf ;
1012- secp256k1_scalar_t gf ;
1013- secp256k1_scalar_t ae ;
1014- secp256k1_scalar_t ge ;
1015- int i ;
989+ /* random starting point A (on the curve) */
990+ secp256k1_gej_t a = SECP256K1_GEJ_CONST (
991+ 0x8b30bbe9 , 0xae2a9906 , 0x96b22f67 , 0x0709dff3 ,
992+ 0x727fd8bc , 0x04d3362c , 0x6c7bf458 , 0xe2846004 ,
993+ 0xa357ae91 , 0x5c4a6528 , 0x1309edf2 , 0x0504740f ,
994+ 0x0eb33439 , 0x90216b4f , 0x81063cb6 , 0x5f2f7e0f
995+ );
1016996 /* two random initial factors xn and gn */
1017- static const unsigned char xni [32 ] = {
1018- 0x84 , 0xcc , 0x54 , 0x52 , 0xf7 , 0xfd , 0xe1 , 0xed ,
1019- 0xb4 , 0xd3 , 0x8a , 0x8c , 0xe9 , 0xb1 , 0xb8 , 0x4c ,
1020- 0xce , 0xf3 , 0x1f , 0x14 , 0x6e , 0x56 , 0x9b , 0xe9 ,
1021- 0x70 , 0x5d , 0x35 , 0x7a , 0x42 , 0x98 , 0x54 , 0x07
1022- };
1023- static const unsigned char gni [32 ] = {
1024- 0xa1 , 0xe5 , 0x8d , 0x22 , 0x55 , 0x3d , 0xcd , 0x42 ,
1025- 0xb2 , 0x39 , 0x80 , 0x62 , 0x5d , 0x4c , 0x57 , 0xa9 ,
1026- 0x6e , 0x93 , 0x23 , 0xd4 , 0x2b , 0x31 , 0x52 , 0xe5 ,
1027- 0xca , 0x2c , 0x39 , 0x90 , 0xed , 0xc7 , 0xc9 , 0xde
1028- };
997+ secp256k1_scalar_t xn = SECP256K1_SCALAR_CONST (
998+ 0x84cc5452 , 0xf7fde1ed , 0xb4d38a8c , 0xe9b1b84c ,
999+ 0xcef31f14 , 0x6e569be9 , 0x705d357a , 0x42985407
1000+ );
1001+ secp256k1_scalar_t gn = SECP256K1_SCALAR_CONST (
1002+ 0xa1e58d22 , 0x553dcd42 , 0xb2398062 , 0x5d4c57a9 ,
1003+ 0x6e9323d4 , 0x2b3152e5 , 0xca2c3990 , 0xedc7c9de
1004+ );
10291005 /* two small multipliers to be applied to xn and gn in every iteration: */
1030- static const unsigned char xfi [32 ] = {0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0x13 ,0x37 };
1031- static const unsigned char gfi [32 ] = {0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0x71 ,0x13 };
1032- char res [131 ];
1033- char res2 [131 ];
1034- /* random starting point A (on the curve) */
1035- VERIFY_CHECK (secp256k1_fe_set_hex (& ax , "8b30bbe9ae2a990696b22f670709dff3727fd8bc04d3362c6c7bf458e2846004" ));
1036- VERIFY_CHECK (secp256k1_fe_set_hex (& ay , "a357ae915c4a65281309edf20504740f0eb3343990216b4f81063cb65f2f7e0f" ));
1037- secp256k1_gej_set_xy (& a , & ax , & ay );
1038- secp256k1_scalar_set_b32 (& xn , xni , NULL );
1039- secp256k1_scalar_set_b32 (& gn , gni , NULL );
1040- secp256k1_scalar_set_b32 (& xf , xfi , NULL );
1041- secp256k1_scalar_set_b32 (& gf , gfi , NULL );
1006+ static const secp256k1_scalar_t xf = SECP256K1_SCALAR_CONST (0 , 0 , 0 , 0 , 0 , 0 , 0 , 0x1337 );
1007+ static const secp256k1_scalar_t gf = SECP256K1_SCALAR_CONST (0 , 0 , 0 , 0 , 0 , 0 , 0 , 0x7113 );
10421008 /* accumulators with the resulting coefficients to A and G */
1043- secp256k1_scalar_set_int (& ae , 1 );
1044- secp256k1_scalar_set_int (& ge , 0 );
1009+ secp256k1_scalar_t ae = SECP256K1_SCALAR_CONST (0 , 0 , 0 , 0 , 0 , 0 , 0 , 1 );
1010+ secp256k1_scalar_t ge = SECP256K1_SCALAR_CONST (0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 );
1011+ /* actual points */
1012+ secp256k1_gej_t x = a ;
1013+ secp256k1_gej_t x2 ;
1014+ int i ;
1015+
10451016 /* the point being computed */
10461017 x = a ;
10471018 for (i = 0 ; i < 200 * count ; i ++ ) {
@@ -1058,15 +1029,24 @@ void run_ecmult_chain(void) {
10581029
10591030 /* verify */
10601031 if (i == 19999 ) {
1061- secp256k1_gej_get_hex (res , & x );
1062- CHECK (memcmp (res , "(D6E96687F9B10D092A6F35439D86CEBEA4535D0D409F53586440BD74B933E830,B95CBCA2C77DA786539BE8FD53354D2D3B4F566AE658045407ED6015EE1B2A88)" , 131 ) == 0 );
1032+ /* expected result after 19999 iterations */
1033+ secp256k1_gej_t rp = SECP256K1_GEJ_CONST (
1034+ 0xD6E96687 , 0xF9B10D09 , 0x2A6F3543 , 0x9D86CEBE ,
1035+ 0xA4535D0D , 0x409F5358 , 0x6440BD74 , 0xB933E830 ,
1036+ 0xB95CBCA2 , 0xC77DA786 , 0x539BE8FD , 0x53354D2D ,
1037+ 0x3B4F566A , 0xE6580454 , 0x07ED6015 , 0xEE1B2A88
1038+ );
1039+
1040+ secp256k1_gej_neg (& rp , & rp );
1041+ secp256k1_gej_add_var (& rp , & rp , & x );
1042+ CHECK (secp256k1_gej_is_infinity (& rp ));
10631043 }
10641044 }
10651045 /* redo the computation, but directly with the resulting ae and ge coefficients: */
10661046 secp256k1_ecmult (& x2 , & a , & ae , & ge );
1067- secp256k1_gej_get_hex ( res , & x );
1068- secp256k1_gej_get_hex ( res2 , & x2 );
1069- CHECK (memcmp ( res , res2 , 131 ) == 0 );
1047+ secp256k1_gej_neg ( & x2 , & x2 );
1048+ secp256k1_gej_add_var ( & x2 , & x2 , & x );
1049+ CHECK (secp256k1_gej_is_infinity ( & x2 ) );
10701050}
10711051
10721052void test_point_times_order (const secp256k1_gej_t * point ) {
@@ -1094,8 +1074,11 @@ void test_point_times_order(const secp256k1_gej_t *point) {
10941074
10951075void run_point_times_order (void ) {
10961076 int i ;
1097- char c [64 ];
1098- secp256k1_fe_t x ; VERIFY_CHECK (secp256k1_fe_set_hex (& x , "0000000000000000000000000000000000000000000000000000000000000002" ));
1077+ secp256k1_fe_t x = SECP256K1_FE_CONST (0 , 0 , 0 , 0 , 0 , 0 , 0 , 2 );
1078+ static const secp256k1_fe_t xr = SECP256K1_FE_CONST (
1079+ 0x7603CB59 , 0xB0EF6C63 , 0xFE608479 , 0x2A0C378C ,
1080+ 0xDB3233A8 , 0x0F8A9A09 , 0xA877DEAD , 0x31B38C45
1081+ );
10991082 for (i = 0 ; i < 500 ; i ++ ) {
11001083 secp256k1_ge_t p ;
11011084 if (secp256k1_ge_set_xo_var (& p , & x , 1 )) {
@@ -1107,8 +1090,8 @@ void run_point_times_order(void) {
11071090 }
11081091 secp256k1_fe_sqr (& x , & x );
11091092 }
1110- secp256k1_fe_get_hex ( c , & x );
1111- CHECK (memcmp ( c , "7603CB59B0EF6C63FE6084792A0C378CDB3233A80F8A9A09A877DEAD31B38C45" , 64 ) == 0 );
1093+ secp256k1_fe_normalize_var ( & x );
1094+ CHECK (secp256k1_fe_equal_var ( & x , & xr ) );
11121095}
11131096
11141097void test_wnaf (const secp256k1_scalar_t * number , int w ) {
0 commit comments