Skip to content

Commit 427e86b

Browse files
jonasnickjonasnick
committed
Merge #1490: tests: improve fe_sqr test (issue #1472)
2028069 doc: clarify input requirements for secp256k1_fe_mul (Sebastian Falbesoner) 11420a7 tests: improve fe_sqr test (Sebastian Falbesoner) Pull request description: ACKs for top commit: real-or-random: utACK 2028069 jonasnick: ACK 2028069 Tree-SHA512: bb01bf6ceb34f0475a60b8dcb0cec000859a0c20f1009426bd8cab609f1941f44f84802f1565a719f7d2a55466076fb1591a353b1b75e6c0ceac44806d908176
2 parents cdc9a62 + 2028069 commit 427e86b

File tree

2 files changed

+25
-12
lines changed

2 files changed

+25
-12
lines changed

src/field.h

+2-2
Original file line numberDiff line numberDiff line change
@@ -255,8 +255,8 @@ static void secp256k1_fe_add(secp256k1_fe *r, const secp256k1_fe *a);
255255
/** Multiply two field elements.
256256
*
257257
* On input, a and b must be valid field elements; r does not need to be initialized.
258-
* r and a may point to the same object, but neither can be equal to b. The magnitudes
259-
* of a and b must not exceed 8.
258+
* r and a may point to the same object, but neither may point to the object pointed
259+
* to by b. The magnitudes of a and b must not exceed 8.
260260
* Performs {r = a * b}
261261
* On output, r will have magnitude 1, but won't be normalized.
262262
*/

src/tests.c

+23-10
Original file line numberDiff line numberDiff line change
@@ -3285,18 +3285,31 @@ static void run_fe_mul(void) {
32853285
}
32863286

32873287
static void run_sqr(void) {
3288-
secp256k1_fe x, s;
3288+
int i;
3289+
secp256k1_fe x, y, lhs, rhs, tmp;
32893290

3290-
{
3291-
int i;
3292-
secp256k1_fe_set_int(&x, 1);
3293-
secp256k1_fe_negate(&x, &x, 1);
3291+
secp256k1_fe_set_int(&x, 1);
3292+
secp256k1_fe_negate(&x, &x, 1);
32943293

3295-
for (i = 1; i <= 512; ++i) {
3296-
secp256k1_fe_mul_int(&x, 2);
3297-
secp256k1_fe_normalize(&x);
3298-
secp256k1_fe_sqr(&s, &x);
3299-
}
3294+
for (i = 1; i <= 512; ++i) {
3295+
secp256k1_fe_mul_int(&x, 2);
3296+
secp256k1_fe_normalize(&x);
3297+
3298+
/* Check that (x+y)*(x-y) = x^2 - y*2 for some random values y */
3299+
random_fe_test(&y);
3300+
3301+
lhs = x;
3302+
secp256k1_fe_add(&lhs, &y); /* lhs = x+y */
3303+
secp256k1_fe_negate(&tmp, &y, 1); /* tmp = -y */
3304+
secp256k1_fe_add(&tmp, &x); /* tmp = x-y */
3305+
secp256k1_fe_mul(&lhs, &lhs, &tmp); /* lhs = (x+y)*(x-y) */
3306+
3307+
secp256k1_fe_sqr(&rhs, &x); /* rhs = x^2 */
3308+
secp256k1_fe_sqr(&tmp, &y); /* tmp = y^2 */
3309+
secp256k1_fe_negate(&tmp, &tmp, 1); /* tmp = -y^2 */
3310+
secp256k1_fe_add(&rhs, &tmp); /* rhs = x^2 - y^2 */
3311+
3312+
CHECK(fe_equal(&lhs, &rhs));
33003313
}
33013314
}
33023315

0 commit comments

Comments
 (0)