-/*----- Test rig ----------------------------------------------------------*/
-
-#ifdef TEST_RIG
-
-#include <mLib/report.h>
-#include <mLib/str.h>
-#include <mLib/testrig.h>
-
-static void fixdstr(dstr *d)
-{
- if (d->len > 32)
- die(1, "invalid length for f25519");
- else if (d->len < 32) {
- dstr_ensure(d, 32);
- memset(d->buf + d->len, 0, 32 - d->len);
- d->len = 32;
- }
-}
-
-static void cvt_f25519(const char *buf, dstr *d)
-{
- dstr dd = DSTR_INIT;
-
- type_hex.cvt(buf, &dd); fixdstr(&dd);
- dstr_ensure(d, sizeof(f25519)); d->len = sizeof(f25519);
- f25519_load((f25519 *)d->buf, (const octet *)dd.buf);
- dstr_destroy(&dd);
-}
-
-static void dump_f25519(dstr *d, FILE *fp)
- { fdump(stderr, "???", (const piece *)d->buf); }
-
-static void cvt_f25519_ref(const char *buf, dstr *d)
- { type_hex.cvt(buf, d); fixdstr(d); }
-
-static void dump_f25519_ref(dstr *d, FILE *fp)
-{
- f25519 x;
-
- f25519_load(&x, (const octet *)d->buf);
- fdump(stderr, "???", x.P);
-}
-
-static int eq(const f25519 *x, dstr *d)
- { octet b[32]; f25519_store(b, x); return (memcmp(b, d->buf, 32) == 0); }
-
-static const test_type
- type_f25519 = { cvt_f25519, dump_f25519 },
- type_f25519_ref = { cvt_f25519_ref, dump_f25519_ref };
-
-#define TEST_UNOP(op) \
- static int vrf_##op(dstr dv[]) \
- { \
- f25519 *x = (f25519 *)dv[0].buf; \
- f25519 z, zz; \
- int ok = 1; \
- \
- f25519_##op(&z, x); \
- if (!eq(&z, &dv[1])) { \
- ok = 0; \
- fprintf(stderr, "failed!\n"); \
- fdump(stderr, "x", x->P); \
- fdump(stderr, "calc", z.P); \
- f25519_load(&zz, (const octet *)dv[1].buf); \
- fdump(stderr, "z", zz.P); \
- } \
- \
- return (ok); \
- }
-
-TEST_UNOP(neg)
-TEST_UNOP(sqr)
-TEST_UNOP(inv)
-
-#define TEST_BINOP(op) \
- static int vrf_##op(dstr dv[]) \
- { \
- f25519 *x = (f25519 *)dv[0].buf, *y = (f25519 *)dv[1].buf; \
- f25519 z, zz; \
- int ok = 1; \
- \
- f25519_##op(&z, x, y); \
- if (!eq(&z, &dv[2])) { \
- ok = 0; \
- fprintf(stderr, "failed!\n"); \
- fdump(stderr, "x", x->P); \
- fdump(stderr, "y", y->P); \
- fdump(stderr, "calc", z.P); \
- f25519_load(&zz, (const octet *)dv[2].buf); \
- fdump(stderr, "z", zz.P); \
- } \
- \
- return (ok); \
- }
-
-TEST_BINOP(add)
-TEST_BINOP(sub)
-TEST_BINOP(mul)
-
-static int vrf_mulc(dstr dv[])
-{
- f25519 *x = (f25519 *)dv[0].buf;
- long a = *(const long *)dv[1].buf;
- f25519 z, zz;
- int ok = 1;
-
- f25519_mulconst(&z, x, a);
- if (!eq(&z, &dv[2])) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- fdump(stderr, "x", x->P);
- fprintf(stderr, "a = %ld\n", a);
- fdump(stderr, "calc", z.P);
- f25519_load(&zz, (const octet *)dv[2].buf);
- fdump(stderr, "z", zz.P);
- }
-
- return (ok);
-}
-
-static int vrf_condneg(dstr dv[])
-{
- f25519 *x = (f25519 *)dv[0].buf;
- uint32 m = *(uint32 *)dv[1].buf;
- f25519 z;
- int ok = 1;
-
- f25519_condneg(&z, x, m);
- if (!eq(&z, &dv[2])) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- fdump(stderr, "x", x->P);
- fprintf(stderr, "m = 0x%08lx\n", (unsigned long)m);
- fdump(stderr, "calc z", z.P);
- f25519_load(&z, (const octet *)dv[1].buf);
- fdump(stderr, "want z", z.P);
- }
-
- return (ok);
-}
-
-static int vrf_pick2(dstr dv[])
-{
- f25519 *x = (f25519 *)dv[0].buf, *y = (f25519 *)dv[1].buf;
- uint32 m = *(uint32 *)dv[2].buf;
- f25519 z;
- int ok = 1;
-
- f25519_pick2(&z, x, y, m);
- if (!eq(&z, &dv[3])) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- fdump(stderr, "x", x->P);
- fdump(stderr, "y", y->P);
- fprintf(stderr, "m = 0x%08lx\n", (unsigned long)m);
- fdump(stderr, "calc z", z.P);
- f25519_load(&z, (const octet *)dv[3].buf);
- fdump(stderr, "want z", z.P);
- }
-
- return (ok);
-}
-
-static int vrf_pickn(dstr dv[])
-{
- dstr d = DSTR_INIT;
- f25519 v[32], z;
- size_t i = *(uint32 *)dv[1].buf, j, n;
- const char *p;
- char *q;
- int ok = 1;
-
- for (q = dv[0].buf, n = 0; (p = str_qword(&q, 0)) != 0; n++)
- { cvt_f25519(p, &d); v[n] = *(f25519 *)d.buf; }
-
- f25519_pickn(&z, v, n, i);
- if (!eq(&z, &dv[2])) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- for (j = 0; j < n; j++) {
- fprintf(stderr, "v[%2u]", (unsigned)j);
- fdump(stderr, "", v[j].P);
- }
- fprintf(stderr, "i = %u\n", (unsigned)i);
- fdump(stderr, "calc z", z.P);
- f25519_load(&z, (const octet *)dv[2].buf);
- fdump(stderr, "want z", z.P);
- }
-
- dstr_destroy(&d);
- return (ok);
-}
-
-static int vrf_condswap(dstr dv[])
-{
- f25519 *x = (f25519 *)dv[0].buf, *y = (f25519 *)dv[1].buf;
- f25519 xx = *x, yy = *y;
- uint32 m = *(uint32 *)dv[2].buf;
- int ok = 1;
-
- f25519_condswap(&xx, &yy, m);
- if (!eq(&xx, &dv[3]) || !eq(&yy, &dv[4])) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- fdump(stderr, "x", x->P);
- fdump(stderr, "y", y->P);
- fprintf(stderr, "m = 0x%08lx\n", (unsigned long)m);
- fdump(stderr, "calc xx", xx.P);
- fdump(stderr, "calc yy", yy.P);
- f25519_load(&xx, (const octet *)dv[3].buf);
- f25519_load(&yy, (const octet *)dv[4].buf);
- fdump(stderr, "want xx", xx.P);
- fdump(stderr, "want yy", yy.P);
- }
-
- return (ok);
-}
-
-static int vrf_quosqrt(dstr dv[])
-{
- f25519 *x = (f25519 *)dv[0].buf, *y = (f25519 *)dv[1].buf;
- f25519 z, zz;
- int rc;
- int ok = 1;
-
- if (dv[2].len) { fixdstr(&dv[2]); fixdstr(&dv[3]); }
- rc = f25519_quosqrt(&z, x, y);
- if (!dv[2].len ? !rc : (rc || (!eq(&z, &dv[2]) && !eq(&z, &dv[3])))) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- fdump(stderr, "x", x->P);
- fdump(stderr, "y", y->P);
- if (rc) fprintf(stderr, "calc: FAIL\n");
- else fdump(stderr, "calc", z.P);
- if (!dv[2].len)
- fprintf(stderr, "exp: FAIL\n");
- else {
- f25519_load(&zz, (const octet *)dv[2].buf);
- fdump(stderr, "z", zz.P);
- f25519_load(&zz, (const octet *)dv[3].buf);
- fdump(stderr, "z'", zz.P);
- }
- }
-
- return (ok);
-}
-
-static int vrf_sub_mulc_add_sub_mul(dstr dv[])
-{
- f25519 *u = (f25519 *)dv[0].buf, *v = (f25519 *)dv[1].buf,
- *w = (f25519 *)dv[3].buf, *x = (f25519 *)dv[4].buf,
- *y = (f25519 *)dv[5].buf;
- long a = *(const long *)dv[2].buf;
- f25519 umv, aumv, wpaumv, xmy, z, zz;
- int ok = 1;
-
- f25519_sub(&umv, u, v);
- f25519_mulconst(&aumv, &umv, a);
- f25519_add(&wpaumv, w, &aumv);
- f25519_sub(&xmy, x, y);
- f25519_mul(&z, &wpaumv, &xmy);
-
- if (!eq(&z, &dv[6])) {
- ok = 0;
- fprintf(stderr, "failed!\n");
- fdump(stderr, "u", u->P);
- fdump(stderr, "v", v->P);
- fdump(stderr, "u - v", umv.P);
- fprintf(stderr, "a = %ld\n", a);
- fdump(stderr, "a (u - v)", aumv.P);
- fdump(stderr, "w + a (u - v)", wpaumv.P);
- fdump(stderr, "x", x->P);
- fdump(stderr, "y", y->P);
- fdump(stderr, "x - y", xmy.P);
- fdump(stderr, "(x - y) (w + a (u - v))", z.P);
- f25519_load(&zz, (const octet *)dv[6].buf); fdump(stderr, "z", zz.P);
- }
-
- return (ok);
-}
-
-static test_chunk tests[] = {
- { "add", vrf_add, { &type_f25519, &type_f25519, &type_f25519_ref } },
- { "sub", vrf_sub, { &type_f25519, &type_f25519, &type_f25519_ref } },
- { "neg", vrf_neg, { &type_f25519, &type_f25519_ref } },
- { "condneg", vrf_condneg,
- { &type_f25519, &type_uint32, &type_f25519_ref } },
- { "mul", vrf_mul, { &type_f25519, &type_f25519, &type_f25519_ref } },
- { "mulconst", vrf_mulc, { &type_f25519, &type_long, &type_f25519_ref } },
- { "pick2", vrf_pick2,
- { &type_f25519, &type_f25519, &type_uint32, &type_f25519_ref } },
- { "pickn", vrf_pickn,
- { &type_string, &type_uint32, &type_f25519_ref } },
- { "condswap", vrf_condswap,
- { &type_f25519, &type_f25519, &type_uint32,
- &type_f25519_ref, &type_f25519_ref } },
- { "sqr", vrf_sqr, { &type_f25519, &type_f25519_ref } },
- { "inv", vrf_inv, { &type_f25519, &type_f25519_ref } },
- { "quosqrt", vrf_quosqrt,
- { &type_f25519, &type_f25519, &type_hex, &type_hex } },
- { "sub-mulc-add-sub-mul", vrf_sub_mulc_add_sub_mul,
- { &type_f25519, &type_f25519, &type_long, &type_f25519,
- &type_f25519, &type_f25519, &type_f25519_ref } },
- { 0, 0, { 0 } }
-};
-
-int main(int argc, char *argv[])
-{
- test_run(argc, argv, tests, SRCDIR "/t/f25519");
- return (0);
-}
-