Parcourir la source
Refresh p256-x86_64_tests.txt.
The old points weren't even on the curve. I probably had no clue what I was doing at the time when I generated them. Refresh them with a checked-in generate script. Change-Id: Ib4613fe922edcf45fc4ea49fc4c2cc23a9a2a9bd Reviewed-on: https://boringssl-review.googlesource.com/c/33944 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com>kris/onging/CECPQ3_patch15
David Benjamin
il y a 5 ans
committed by
CQ bot account: commit-bot@chromium.org
CQ bot account: commit-bot@chromium.org
2 fichiers modifiés avec 367 ajouts et 130 suppressions
-
+232 -0crypto/fipsmodule/ec/make_p256-x86_64-tests.go
-
+135 -130crypto/fipsmodule/ec/p256-x86_64_tests.txt
+ 232
- 0
crypto/fipsmodule/ec/make_p256-x86_64-tests.go
Voir le fichier
| @@ -0,0 +1,232 @@ | |||
| /* Copyright (c) 2018, Google Inc. | |||
| * | |||
| * Permission to use, copy, modify, and/or distribute this software for any | |||
| * purpose with or without fee is hereby granted, provided that the above | |||
| * copyright notice and this permission notice appear in all copies. | |||
| * | |||
| * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
| * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
| * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY | |||
| * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
| * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION | |||
| * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN | |||
| * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ | |||
| package main | |||
| import ( | |||
| "crypto/aes" | |||
| "crypto/cipher" | |||
| "crypto/elliptic" | |||
| "crypto/rand" | |||
| "fmt" | |||
| "io" | |||
| "math/big" | |||
| ) | |||
| var ( | |||
| p256 elliptic.Curve | |||
| zero, one, p, R, Rinv *big.Int | |||
| deterministicRand io.Reader | |||
| ) | |||
| type coordinates int | |||
| const ( | |||
| affine coordinates = iota | |||
| jacobian | |||
| ) | |||
| func init() { | |||
| p256 = elliptic.P256() | |||
| zero = new(big.Int) | |||
| one = new(big.Int).SetInt64(1) | |||
| p = p256.Params().P | |||
| R = new(big.Int) | |||
| R.SetBit(R, 256, 1) | |||
| R.Mod(R, p) | |||
| Rinv = new(big.Int).ModInverse(R, p) | |||
| deterministicRand = newDeterministicRand() | |||
| } | |||
| func modMul(z, x, y *big.Int) *big.Int { | |||
| z.Mul(x, y) | |||
| return z.Mod(z, p) | |||
| } | |||
| func toMontgomery(z, x *big.Int) *big.Int { | |||
| return modMul(z, x, R) | |||
| } | |||
| func fromMontgomery(z, x *big.Int) *big.Int { | |||
| return modMul(z, x, Rinv) | |||
| } | |||
| func isAffineInfinity(x, y *big.Int) bool { | |||
| // Infinity, in affine coordinates, is represented as (0, 0) by | |||
| // both Go and p256-x86_64-asm.pl. | |||
| return x.Sign() == 0 && y.Sign() == 0 | |||
| } | |||
| func randNonZeroInt(max *big.Int) *big.Int { | |||
| for { | |||
| r, err := rand.Int(deterministicRand, max) | |||
| if err != nil { | |||
| panic(err) | |||
| } | |||
| if r.Sign() != 0 { | |||
| return r | |||
| } | |||
| } | |||
| } | |||
| func randPoint() (x, y *big.Int) { | |||
| k := randNonZeroInt(p256.Params().N) | |||
| return p256.ScalarBaseMult(k.Bytes()) | |||
| } | |||
| func toJacobian(xIn, yIn *big.Int) (x, y, z *big.Int) { | |||
| if isAffineInfinity(xIn, yIn) { | |||
| // The Jacobian representation of infinity has Z = 0. Depending | |||
| // on the implementation, X and Y may be further constrained. | |||
| // Generalizing the curve equation to Jacobian coordinates for | |||
| // non-zero Z gives: | |||
| // | |||
| // y² = x³ - 3x + b, where x = X/Z² and y = Y/Z³ | |||
| // Y² = X³ + aXZ⁴ + bZ⁶ | |||
| // | |||
| // Taking that formula at Z = 0 gives Y² = X³. This constraint | |||
| // allows removing a special case in the point-on-curve check. | |||
| // | |||
| // BoringSSL, however, historically generated infinities with | |||
| // arbitrary X and Y and include the special case. We also have | |||
| // not verified that add and double preserve this | |||
| // property. Thus, generate test vectors with unrelated X and Y, | |||
| // to test that p256-x86_64-asm.pl correctly handles | |||
| // unconstrained representations of infinity. | |||
| x = randNonZeroInt(p) | |||
| y = randNonZeroInt(p) | |||
| z = zero | |||
| return | |||
| } | |||
| z = randNonZeroInt(p) | |||
| // X = xZ² | |||
| y = modMul(new(big.Int), z, z) | |||
| x = modMul(new(big.Int), xIn, y) | |||
| // Y = yZ³ | |||
| modMul(y, y, z) | |||
| modMul(y, y, yIn) | |||
| return | |||
| } | |||
| func printMontgomery(name string, a *big.Int) { | |||
| a = toMontgomery(new(big.Int), a) | |||
| fmt.Printf("%s = %064x\n", name, a) | |||
| } | |||
| func printTestCase(ax, ay *big.Int, aCoord coordinates, bx, by *big.Int, bCoord coordinates) { | |||
| rx, ry := p256.Add(ax, ay, bx, by) | |||
| var az *big.Int | |||
| if aCoord == jacobian { | |||
| ax, ay, az = toJacobian(ax, ay) | |||
| } else if isAffineInfinity(ax, ay) { | |||
| az = zero | |||
| } else { | |||
| az = one | |||
| } | |||
| var bz *big.Int | |||
| if bCoord == jacobian { | |||
| bx, by, bz = toJacobian(bx, by) | |||
| } else if isAffineInfinity(bx, by) { | |||
| bz = zero | |||
| } else { | |||
| bz = one | |||
| } | |||
| fmt.Printf("Test = PointAdd\n") | |||
| printMontgomery("A.X", ax) | |||
| printMontgomery("A.Y", ay) | |||
| printMontgomery("A.Z", az) | |||
| printMontgomery("B.X", bx) | |||
| printMontgomery("B.Y", by) | |||
| printMontgomery("B.Z", bz) | |||
| printMontgomery("Result.X", rx) | |||
| printMontgomery("Result.Y", ry) | |||
| fmt.Printf("\n") | |||
| } | |||
| func main() { | |||
| fmt.Printf("# ∞ + ∞ = ∞.\n") | |||
| printTestCase(zero, zero, affine, zero, zero, affine) | |||
| fmt.Printf("# ∞ + ∞ = ∞, with an alternate representation of ∞.\n") | |||
| printTestCase(zero, zero, jacobian, zero, zero, jacobian) | |||
| gx, gy := p256.Params().Gx, p256.Params().Gy | |||
| fmt.Printf("# g + ∞ = g.\n") | |||
| printTestCase(gx, gy, affine, zero, zero, affine) | |||
| fmt.Printf("# g + ∞ = g, with an alternate representation of ∞.\n") | |||
| printTestCase(gx, gy, affine, zero, zero, jacobian) | |||
| fmt.Printf("# g + -g = ∞.\n") | |||
| minusGy := new(big.Int).Sub(p, gy) | |||
| printTestCase(gx, gy, affine, gx, minusGy, affine) | |||
| fmt.Printf("# Test some random Jacobian sums.\n") | |||
| for i := 0; i < 4; i++ { | |||
| ax, ay := randPoint() | |||
| bx, by := randPoint() | |||
| printTestCase(ax, ay, jacobian, bx, by, jacobian) | |||
| } | |||
| fmt.Printf("# Test some random Jacobian doublings.\n") | |||
| for i := 0; i < 4; i++ { | |||
| ax, ay := randPoint() | |||
| printTestCase(ax, ay, jacobian, ax, ay, jacobian) | |||
| } | |||
| fmt.Printf("# Test some random affine sums.\n") | |||
| for i := 0; i < 4; i++ { | |||
| ax, ay := randPoint() | |||
| bx, by := randPoint() | |||
| printTestCase(ax, ay, affine, bx, by, affine) | |||
| } | |||
| fmt.Printf("# Test some random affine doublings.\n") | |||
| for i := 0; i < 4; i++ { | |||
| ax, ay := randPoint() | |||
| printTestCase(ax, ay, affine, ax, ay, affine) | |||
| } | |||
| } | |||
| type deterministicRandom struct { | |||
| stream cipher.Stream | |||
| } | |||
| func newDeterministicRand() io.Reader { | |||
| block, err := aes.NewCipher(make([]byte, 128/8)) | |||
| if err != nil { | |||
| panic(err) | |||
| } | |||
| stream := cipher.NewCTR(block, make([]byte, block.BlockSize())) | |||
| return &deterministicRandom{stream} | |||
| } | |||
| func (r *deterministicRandom) Read(b []byte) (n int, err error) { | |||
| for i := range b { | |||
| b[i] = 0 | |||
| } | |||
| r.stream.XORKeyStream(b, b) | |||
| return len(b), nil | |||
| } | |||
+ 135
- 130
crypto/fipsmodule/ec/p256-x86_64_tests.txt
Voir le fichier
| @@ -1186,8 +1186,9 @@ Result = 8fa95d57aae2fff79045654501478f7a394b27b8b54113a25ac74662606f767c | |||
| # Point adding tests. | |||
| # | |||
| # The following tests satisfy Result = A + B, where Result is in affine | |||
| # coordinates and A and B are in Jacobian coordinates in the Montgomery domain. | |||
| # The following tests satisfy Result = A + B. Result is in affine coordinates, | |||
| # with infinity represented as (0, 0). A and B are in Jacobian coordinates. All | |||
| # field elements are fully reduced and in the Montgomery domain. | |||
| # ∞ + ∞ = ∞. | |||
| Test = PointAdd | |||
| @@ -1202,11 +1203,11 @@ Result.Y = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| # ∞ + ∞ = ∞, with an alternate representation of ∞. | |||
| Test = PointAdd | |||
| A.X = 2b11cb945c8cf152ffa4c9c2b1c965b019b35d0b7626919ef0ae6cb9d232f8af | |||
| A.Y = 6d333da42e30f7011245b6281015ded14e0f100968e758a1b6c3c083afc14ea0 | |||
| A.X = 33c0d6224957b40403366bcf638f29928c2b9bcc74a0bac58808b02040781420 | |||
| A.Y = f9698d488fd517306a66a397e92542d435a7ee54e978c2b4782da38fcf613c6e | |||
| A.Z = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| B.X = 2b11cb945c8cf152ffa4c9c2b1c965b019b35d0b7626919ef0ae6cb9d232f8af | |||
| B.Y = 6d333da42e30f7011245b6281015ded14e0f100968e758a1b6c3c083afc14ea0 | |||
| B.X = 5dd08e3206a651cf2320dc98a3a173baef07fbd04bdc6eee2d79ddb13c63ac2e | |||
| B.Y = 2270fd1d5dde52ec8f1e53816c2a0fcc9836d990894106894d8f99e89edbc335 | |||
| B.Z = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| Result.X = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| Result.Y = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| @@ -1227,8 +1228,8 @@ Test = PointAdd | |||
| A.X = 18905f76a53755c679fb732b7762251075ba95fc5fedb60179e730d418a9143c | |||
| A.Y = 8571ff1825885d85d2e88688dd21f3258b4ab8e4ba19e45cddf25357ce95560a | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 2b11cb945c8cf152ffa4c9c2b1c965b019b35d0b7626919ef0ae6cb9d232f8af | |||
| B.Y = 6d333da42e30f7011245b6281015ded14e0f100968e758a1b6c3c083afc14ea0 | |||
| B.X = edc21713cc3b51b9632b37925b5369a13aa3eab989f2d9a720154c1786eca076 | |||
| B.Y = 8da43525eb9de2a56c5a3fd7447258d96ccb60337e474b830d1fa37c0da1da8f | |||
| B.Z = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| Result.X = 18905f76a53755c679fb732b7762251075ba95fc5fedb60179e730d418a9143c | |||
| Result.Y = 8571ff1825885d85d2e88688dd21f3258b4ab8e4ba19e45cddf25357ce95560a | |||
| @@ -1244,165 +1245,169 @@ B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| Result.Y = 0000000000000000000000000000000000000000000000000000000000000000 | |||
| # Test some random Jacobian sums. | |||
| Test = PointAdd | |||
| A.X = bcba3eebf2b0af1174a4b874b155b4dc74bd5fb57c70214561aaabb105635580 | |||
| A.Y = 1dc33ce74f651305dd89263c1d314edd2773ef6dd043742a6f47f29542b9eb07 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = f9e0b98b1a87b6c49c4cc5fc47efd157e5f12cf5543d71cfa38187a3793d6791 | |||
| B.Y = 3b2de94df438554381037c9f9d2c21991c6975d83c0acd42ef1a8419a040436f | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 6bd7b4e06d7862f749901a398417e941618c11c48dffcce719e4026220b77477 | |||
| Result.Y = 1e2ffd71e8c206acc19032d26a53ea275fefea51a2c90e4dd3c8b7c6acc51ab6 | |||
| A.X = cb8dea3327057fe69b5159e0323e60486cda3400545f7e2c60559ac7c8d0d89d | |||
| A.Y = 553de89b31719830c3c3300aa8ad50ea81f40762a4f33ccf81a2d3bcc93a2d53 | |||
| A.Z = 4589e40df2efc546b2572c1f45eda26fc191b8d56376f2063fd9470fb277d181 | |||
| B.X = 32ad56497c6c6e8399de6814efd21b3eb949bb80dab578073cf0b0aa92054341 | |||
| B.Y = 57b33b7acfeee75ef6a31eb7ca0244b375f2d0962a3ce65c06afaa02688399e0 | |||
| B.Z = 337d5e1ec2fc711b12fd6c7a51a2f474a922cb107f592b657617d2e0b4f1d35f | |||
| Result.X = 120c6ddd6f8ebc798c5740005bad5a2586575202df9cc3dd07401fe84d8cfdd4 | |||
| Result.Y = 966bc89126349ce41738be691f32c1a068e54a654ab2cb0eac39ef15ee17f0df | |||
| Test = PointAdd | |||
| A.X = d71c6da129f6e867bf525563e1d8bdbd2f90a9bac7de867a6ea2317a5d6cb507 | |||
| A.Y = 125e0cc1ba0c93caa19edb419a764f88d955289c4c6e77d02d90e4e31d47c9a2 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 334c2200ec08896808ab12a76820ff674fcdccff6d85afa2e586b31fc944de33 | |||
| B.Y = b5ee8cfa25896d4075588c60926a2582a099c7a5acbcfec78fba457c4886301c | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 93e9d4e6f7736f80da1b00d221024ccfd17f2927d6b505a5bcefe0801fe6f0a9 | |||
| Result.Y = 4824eeb2d5da27d57e1d50c2dae000acdcddcbaf534d8b7e7d97854ed3dc939e | |||
| A.X = a858b5249026ccc4d25fbd85db17826afa3c5963c26815cbf8511d84dce62a25 | |||
| A.Y = bd753e125579388da968036d50067fe0e8eccb531c4d6f1a69c61bc8259c6d76 | |||
| A.Z = 82f9cdd9abf991ac27f0caa494b7b7b2851cc6591c6362ef02d1bd2c33fd116c | |||
| B.X = 3e5790fd7ff28a376586c8ef5625b906f2d5d7e6656191f5a530154eecd4c988 | |||
| B.Y = 6e6c91011cc5996a7db4e5539eee635ce84780a85a17778da06353048fdf6bd3 | |||
| B.Z = a9ef3402e9f15e7a91aef4a53431b2b2068914e4a09ebdafc8aa654351f32331 | |||
| Result.X = de9d6bb4dfdee64193d3eaebb9208a86e764b80e1459fd10a2e01c202e33c5e2 | |||
| Result.Y = 370e67dbb7cfa6b79adaeec48b1535f0c329856401102d546c695d0dfe1d0db5 | |||
| Test = PointAdd | |||
| A.X = 0daba41be2b418e7d160a363e6cbdcbff5d433f96b0d5be3812c0a7adfab8ed4 | |||
| A.Y = 3ae4dd97c4d2987a63df16c5fb8c494164e14b93eeebd5585d74bd26e2201499 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 87135fb06383ec8b282fdc028eb38fd447ac1ecc76922e37f0cc454febb11aee | |||
| B.Y = 98ab966087531eb3eea1e5e36189271a02f7ee8e381f9c78d6f346a301f96f81 | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 2e096c2fabf06a5b838c7e07fda436d068dd1c4e3ff4f5704f89ab9df6b4be5b | |||
| Result.Y = 59ca6304321ae1e41bfa30f52e7ef27fceeade8507f20837654383d70e8a41df | |||
| A.X = a2d85e21bf520691b397ac9e0c1360218cef96a8a6f4c2b24d21791360ce4d9e | |||
| A.Y = 0cc1c5493edf586cd24f7a9f40185c1ceefa727369ed159a9fc09b700ba64f78 | |||
| A.Z = ad3083a5bd23ee1fdbd3a25abdee815052209bb1a8b22d3f7d8600442b760a61 | |||
| B.X = 7d8850dafe2c48d86b6c3f3f44453670aa7169712238d024dbd08cb4e95b9cc1 | |||
| B.Y = 6a2698c143609306fe2c402acdf26e3b42874f5ae3ea2e95898c305e791984b8 | |||
| B.Z = c81bc8988c6edabf4a03fcc456ce0c445e225c33b76a79552af0b818350ad6b0 | |||
| Result.X = 67c5f8af069b5a5636647eee50da847dff8f5f6ef71780a5d1330453db5c8a04 | |||
| Result.Y = cec9200fa541b602d94c694f1289d1d073e64f47054baa40a9921c20ca090643 | |||
| Test = PointAdd | |||
| A.X = 356db98c21c2169899b9b296edcacb7d531524f2572913b75edb7b73196f5682 | |||
| A.Y = 47a26c52b1b2f229109e8aca7f5b4af768baf053a15ff8f58051c7e4e1b7f818 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 56956f6d3bbbd4aece299f29bb4c537355f312f391c207c6ec6efe646362b288 | |||
| B.Y = a69fc73c0636c9928764cc9d6e1482577b6ca06f277c098f571108356a858cab | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = ca0ddd995a77173a1438473bf82734cb3a09fafe7050bda9bd592a1cf078fa38 | |||
| Result.Y = 379da87952d36c5396b934a2ce8b003ee8fc4155b3b488f2f550734e2a82ce7d | |||
| A.X = 4f9a035ffeddcc36846906cacc812ffae7f3110fe46bf7da12d0b19ec54c3873 | |||
| A.Y = 73539ed620938543f94c358dba87319dca40ae4d13d0a888527f007d26d73d74 | |||
| A.Z = 922e97056fbf12d89984346368087375560990c3fb2f337d9f46429f2022d634 | |||
| B.X = de6fa333804b1da9f046896634e498d5f456288f8f03cc41fc7ba4b1e978429a | |||
| B.Y = fd45f1d5e905c448b947fd65bc2897928d6014425c8c502a1b2838ba882f5813 | |||
| B.Z = 50bb4c98bce36b8aad5662b8db35428bb5c1f298e17347caa5d4f542f278a1d9 | |||
| Result.X = 5c3cb05b52ec59f3cbb666b0059163afae885676cf81d64cadc943a1c0bb3a86 | |||
| Result.Y = 2871d088271faa9258e60ff28115f72294b938ef3d7b927e59177f9b41d5747e | |||
| # Test some random Jacobian doublings. | |||
| Test = PointAdd | |||
| A.X = 13764cccab4addf5cf4ef5fb4af60a93e08fa3a0a72653abf013e3427abbf82c | |||
| A.Y = c3dc524745368a0dc4948f897402f4b5a280acbf74f5ea9180d038a483d4090a | |||
| A.Z = 2903a04d6615ec23cd63ba46287be2e7a8eeee030bed49e7a94769386a46f209 | |||
| B.X = a5c5921f9a8c569f661693bfae1b167937987c2fe951956ef0e34c426965c648 | |||
| B.Y = f8a299605e690a78e583371e59cf2b848d475afc35bb1448981c53ad8c0a6581 | |||
| B.Z = 9c3fde73f1899a76eb40f055fce02ab9c1b1ce7d43b54c54f93ffe56830e3f83 | |||
| Result.X = 4073318e85bc2d7637fd0129fa8eb86b6ca20334542795f3bb1de54b90a16b69 | |||
| Result.Y = 9a1b1e7435d98287b244d2337f8bf0e9c87b40677bf1ea2a9dedbd07c5241ee0 | |||
| A.X = 75da62f76d1887e18a06483bb6b53c3ec42879ed73b7851ed4748e307653714c | |||
| A.Y = a6f0d0d3bb492bf488d99d549aff3f0c3a48f0c35a5931578fe697b8c5f486f7 | |||
| A.Z = 6d6a50229164869f24865148a19a24d57d94ebd09dc06b5e4fc3946a95f9124f | |||
| B.X = 3b225af8c7b6155d66061c75a03d23d94e01a2167fa7f44c5bd1e9d9c48c7421 | |||
| B.Y = af58b0e38531d1e08187c61a36b33693ef534ecae23dca4542667d93f1844d75 | |||
| B.Z = 86ed2be859c4af1d5cf99041840f3bcb7c9b8e8986811393c96e8bf57fcad872 | |||
| Result.X = ab0f931fb86a621102e67336eadcf01afe3127aeaf5b4f89e8f34628c8e1afd9 | |||
| Result.Y = 52c50e2783d69dde29d6bc75fa359ffe72e7115c2fc89a9699a499cac25e3383 | |||
| Test = PointAdd | |||
| A.X = f72706b81fca2b1530238bdc2c0c454b5116ee54fdf156bc62bffea73f0645af | |||
| A.Y = c6e66d9ae8fc5e164e6a985f866aae41f3c4e4281a0eea9173e4e77cb29e4bc7 | |||
| A.Z = 6a84f9c37634b8aefdae477e9efec66f20d2f6159575f40c7b21a1e0732e8c49 | |||
| B.X = bcf21b020cb8fb4b2ef7f639240d221dd96fc08d7fa575c2e7037fc84d8f03b2 | |||
| B.Y = abc500f82f06f0d69a920c8d80eef9dd2310cd09e0d89d80fc7397aa4e361dd1 | |||
| B.Z = 5031c46be15f9d4fa9a347be998c07f9cc7f754999fe0f9c3c8b38e0d85dda9f | |||
| Result.X = 401b010df4dd21ed96f7c8babb401db74b3b6ee7f55c498803203855b5911de9 | |||
| Result.Y = 05e585cca569bc22855f7df32b20a4a45315a1ca5d98d2b94792eb748ec8744b | |||
| A.X = f0d499f2e3775de88ed997feeb4589506f061f93766abb0c1251d25630c4c24d | |||
| A.Y = e8de27c3369ba718adbab5597fbaad9581f5b59ae3b758e7d664bae81d895be4 | |||
| A.Z = c62dc820a597f75518734f12b2d3c076e5b872303e37b3663636912ade79c058 | |||
| B.X = c2845b3faaa995eb88e13a44b08d8a6fdb37103f7bbcc585302c9d090be3fc5b | |||
| B.Y = 733e5ef1b0314754b70b5b98da63cbb7475918ddb85a715e21aade0c2f2e5611 | |||
| B.Z = b8505e4a057d108b49f5d0b20884674be18bba48bbc37f765c2c32c5cc4aba5d | |||
| Result.X = 266f2961b9352b44e61902a235b33f766f82f8199c176920dae25ad2cbad5cc9 | |||
| Result.Y = 8560e62047908b13c4247b7e4d2657f2bdecab41e73c846ba18523e5f2918a9b | |||
| Test = PointAdd | |||
| A.X = 7b44b52e9fb1bc58c81a2adc9bfedcc42bba3cb34ec666e51cba8050d48fdb37 | |||
| A.Y = 2b7e629fef7b4e175f5eb30c421e60f26fefdf5f9fed743cad4a8e638c18696a | |||
| A.Z = 68f31acd92bed56a4556e954b0c51f9f8f3b797bc853d1b2b01b228657bd317f | |||
| B.X = 3d293c36fd065d1f054eb218932d60feb00d1bd4bee0236cb9788d9723df9571 | |||
| B.Y = c8b893b8e9ff935f2e060227334e32ba144f4046b1bd4961f4479ad3fef1c7d2 | |||
| B.Z = 9c072deacfe5c025c763efebb4feab79e954c47d3e86ef4abfbd1901f50d8495 | |||
| Result.X = 245582d32415c77a2e3abbf844cf1a40c31466c1418cd279747e5394744509be | |||
| Result.Y = 5c2f80f947d2df7fb1f829d05c6175f6fce7cd2d7f79fd7aa865f930e910e9fd | |||
| A.X = f0ca07297738d8687bffcd3f1433966241f437fa1c3381cf2d13f0fc714bc83a | |||
| A.Y = 1181b9d61c6982e743f1c32de5d14da745290ecaf27297c36ff3ef20a7526a55 | |||
| A.Z = 93159618ca5a9f9240df7016ddc983e046126d1290e14478dfcc6a4bae9090bd | |||
| B.X = 3a2d75803ccad665f6b785c828eaa96821cb0e81979641b9e59b5fd488fcc755 | |||
| B.Y = 99e7f820abdbcdda23d90a88788e30d67303dac86987816dbbed447431e33f3f | |||
| B.Z = a870186c8137cdbd247d16f3aa18782de1e4c5848f49da3437223eb13d7a9ae2 | |||
| Result.X = 36a104368d39214d5a3a1a348a1de1389d1aa23009aee37464b5b3256ed4b28c | |||
| Result.Y = da5b14dbd75f6c333929bdff88e53af7253c27e166e15ead6d778631036b7d38 | |||
| Test = PointAdd | |||
| A.X = 75ab91b8a46a5a1abf827cb209373b28cbb8f83a06adf6a9b10ac76e22493ecc | |||
| A.Y = abd989a78d1bcee7e63920d7e637f9763901da408a9d8c731e4e65a6fc52e1a1 | |||
| A.Z = 188a24145243ca066c35870e5a8835532ad512fbdcf5f5ae4033b262fa9aa6b8 | |||
| B.X = 5d6e885ec19069b2aa51a2723c98da1f03e8dbc344fe1de0bdb42910ba8bfe96 | |||
| B.Y = a1f86e66eacc38db7e47154a324a16031705b4803addf074037d3320b50dbef8 | |||
| B.Z = 5cff900a783687049a7d497b1f8cd837c479a61f3fef4b7ced180ea82770bc75 | |||
| Result.X = a4029333b9b9db434eea002bd6d4e0d9f3e5317c685511a30ecae351fc60d164 | |||
| Result.Y = 8e9302c77bc6f560c9bec473ef1ffb76b357c0d4794192696bda8e99651798ee | |||
| A.X = a6256508926caca56a31414aba2d5f5b04dcabdb065352a572e215b043df6e01 | |||
| A.Y = e6567d330ffb11a86ec29b406b8e3d5cce8ca46f55f38515d842dd856d6852dd | |||
| A.Z = ec172618c8cdbfc0f4fd6dffb77858bb292f229e6d10b5c70d0d9ba75fa3ab44 | |||
| B.X = 0251f6715dbba02e6072c12ab1f89a562d35ed0ff68e021b3b5276b9faf57c52 | |||
| B.Y = d2d74ff4740ad968fa7e816bc2178458efee797669bef2e634e2857de1658e62 | |||
| B.Z = abbecea633d31f569297a4a9ec28f708c7a097cb2423ebaca66ac0e42b1c8ee4 | |||
| Result.X = d2a071d4dd72ad7e63834b58b23c4a034ed7950f5c80fad51bf96959b535d55b | |||
| Result.Y = 3cb8dcbe25f49099b9d8dd1a9cb6073368bf6556130f2aa02637dfcff430e869 | |||
| # Test some random affine sums. | |||
| Test = PointAdd | |||
| A.X = 8d1867f890abaa26b634d5d5cdeb0f4abc7ebd16d807479f837fcece592dc0eb | |||
| A.Y = fc68c801999c12070eddeb3169219c491f9e8fe29cdc4e3cb698ee8471934076 | |||
| A.X = fabada657e477f088883b2987042e595559d669de3a047b27e3ad339fb3fa5f0 | |||
| A.Y = 0551992531a68d55a8409d8466034f02808637610ce6d6bcd9cfceb8da1c3e85 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 8d1867f890abaa26b634d5d5cdeb0f4abc7ebd16d807479f837fcece592dc0eb | |||
| B.Y = fc68c801999c12070eddeb3169219c491f9e8fe29cdc4e3cb698ee8471934076 | |||
| B.X = 3a831cf2b316ce371994a5622e31749407fdf59660dc88322d14c37ebb2d68d2 | |||
| B.Y = 849c511908abdfa2bcadc43f9beae88052fdb00573c783fbb1b34b99687b9a6b | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 8da53dc540c1450c73082ad3b799d0d18a69a747fcd81f847e9e60484dcf579a | |||
| Result.Y = c20c398e99e0513a452b5e9b6331863d1ac3eee6fcf73021f505a0b62daf6f80 | |||
| Result.X = d5dc9241b457d33b9bda849fb7aba8baaff8b6eea92974a8adf4b95fbfa849f0 | |||
| Result.Y = 089a66780811a8ce455c139c4bea6c5c16234c095a41b9e31c617689bdc6bd0f | |||
| Test = PointAdd | |||
| A.X = 328b983f6490312e37e8eeb2121cd622cf85dbcf78af93df74fbca961ce3bfa2 | |||
| A.Y = 1c8a0aea2f2e540770644f48c41810bf7f9e1a782b2f6397712b17c88109fbce | |||
| A.X = 9dfe6299e62453bb943356b6f7d90c8b6c646728ba3550bb7c1548f2ba5920cb | |||
| A.Y = 60a4e342a89837c0e7d61c0e3e88a943633028f5260eff6af5ae8a6063f7a5da | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 328b983f6490312e37e8eeb2121cd622cf85dbcf78af93df74fbca961ce3bfa2 | |||
| B.Y = 1c8a0aea2f2e540770644f48c41810bf7f9e1a782b2f6397712b17c88109fbce | |||
| B.X = 924d7305f867afecd3cc550f4c05c83a2b4c981ba0e7ff20fd2035fabe2ccc92 | |||
| B.Y = 73934620746c23be03a40edb0662c09ef1776506bd50d6397c2654d340629bf5 | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = b6f3c548944862dfdea2314ca6d6a88780b08da41becf58384af80544aca4966 | |||
| Result.Y = 95afecb4ad3195485a2aad3cd14008c9a7c1e0c02656c3c2b7cd5f2e7f3a4474 | |||
| Result.X = 7384f658ccbe08afcf6b423bfdd092a8a95b03d81254a519b31517b9b9670155 | |||
| Result.Y = e922a56146b94776f805a0fbdee9084dd87be1df54f76145bf83e07cd31a083a | |||
| Test = PointAdd | |||
| A.X = 3ae6b24cadd6a14612d24a1c094a35c6be56db8f53a6d526e0ede03923918443 | |||
| A.Y = de8a23105c5f5c88b77dbde74e30a56f8865d78a5ce9060cff9f2927dbd196b6 | |||
| A.X = 9b6642b661f06c5b3ef2a0950b3c03d35f42d3d0dcbe105a895f40132c40bd9e | |||
| A.Y = 90cbe0ed40e47923257f064886f1e309a310cb82fc21282f8e8fa4f6c975aed6 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 3ae6b24cadd6a14612d24a1c094a35c6be56db8f53a6d526e0ede03923918443 | |||
| B.Y = de8a23105c5f5c88b77dbde74e30a56f8865d78a5ce9060cff9f2927dbd196b6 | |||
| B.X = 587f6b4c4bb3ab3d59ba8d31457615b3df9f9f9466df3563f4419db731f494ea | |||
| B.Y = 38135b314572346439c8d4535b892a26e5da650ae1dc9ac2d5aeb85ade24174f | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 6f125b512c3c736f39781fcd89adb653e515b4ce1e1204505f08d0a8480052ef | |||
| Result.Y = e1acfccf1b9950067adf0f06e0d9703a8b1ac1bbdbb35b08df28cd56c24ae5a0 | |||
| Result.X = 97e94b6d485f8de6779e4ad19cc7bede6d70ff4853a56eb6d5fd4e5caac60858 | |||
| Result.Y = 303bf4d62cf569370ae5393fac46b64efe98ee8222b9982bc3dc61b8e32411c5 | |||
| Test = PointAdd | |||
| A.X = f317c6c02d9a6ff0799b3b4a22f83c95324831baad336ecd0c631ea04a5e11c8 | |||
| A.Y = b624e8057d411031f41b30cd02f56c24e89262e885007b7a1ed1861feb7ffcda | |||
| A.X = da49658b6c64fc7a7441b177987abbbdbfcfc3c2c569ed97696d706f7af91ca0 | |||
| A.Y = 9a66906a6e313603e9d78f99fbbda837e521e75bbbad9455ffd43f51f5e30ee5 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = f317c6c02d9a6ff0799b3b4a22f83c95324831baad336ecd0c631ea04a5e11c8 | |||
| B.Y = b624e8057d411031f41b30cd02f56c24e89262e885007b7a1ed1861feb7ffcda | |||
| B.X = fe32e5885d0005fa1962166142d2aea201af9c4ca41cdddc5446dc2472f71f42 | |||
| B.Y = a2f9b4d35ea19303a101034e96870a7caed371a980965bf86291b03b5c85af60 | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = e805208c74602e54482d113f16fcf6e4600436f8af49705cdd05ecfb0e6d45fd | |||
| Result.Y = baded898bfead1b4eb3ab3bbd0129837efc85823dabe82718a975bd603f96d9e | |||
| Result.X = 5375c5ea3e33c1862ca5f09322ce2012c2b4fbee9a299b66e4882e016908cc2a | |||
| Result.Y = 936e4f12ed144cf6fcd0ab085a4929e5e3e7c28641692b1fc2ad9a3b3d447b31 | |||
| # Test some random affine doublings. | |||
| Test = PointAdd | |||
| A.X = 3a6802aeaebc67046a1e75152822fa8bab04c11ae2b816f42c073daee3f13274 | |||
| A.Y = d6522c882d18e32bc5ea1fa59efbce8ce2369f2154dcc00e6fb17500f50f8ebf | |||
| A.Z = bea747d5bb1c6ee865249d7a22378f3c760916e163497f4b6ef4da8adcb5dfab | |||
| B.X = 3a6802aeaebc67046a1e75152822fa8bab04c11ae2b816f42c073daee3f13274 | |||
| B.Y = d6522c882d18e32bc5ea1fa59efbce8ce2369f2154dcc00e6fb17500f50f8ebf | |||
| B.Z = bea747d5bb1c6ee865249d7a22378f3c760916e163497f4b6ef4da8adcb5dfab | |||
| Result.X = 5a2891dca746889d413d8dc1a69b715954baf692689fc32d9aa10b7431a5c149 | |||
| Result.Y = 91db7288536b4f6d78e5a787ecbb5094f6834515038cb070a7fa4870af8045f0 | |||
| A.X = b148cad109d4b24342eb3a03ccaa10dfd6101edf9548b1d1442b61982a4e332c | |||
| A.Y = 7daac293162a8ee2592529630f5bd1eae96659d27c045898d33833999cd076ba | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = b148cad109d4b24342eb3a03ccaa10dfd6101edf9548b1d1442b61982a4e332c | |||
| B.Y = 7daac293162a8ee2592529630f5bd1eae96659d27c045898d33833999cd076ba | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = ad00fae6ab0898f7d5eeeffe8c94b302060fba2b191a2d342a8a302998ebe566 | |||
| Result.Y = 9ee46ba864901cad75169cdea023d7e64da39315e2fec1703fad6b613eb24006 | |||
| Test = PointAdd | |||
| A.X = c76ddbcb15bc63f82807804536a0d25fd7a639c71adf953ad6cc8f68d915f485 | |||
| A.Y = e3a4f830809f5e91b68699c05fa9faa7c3d1f9d1b1c982c282508fa18d695537 | |||
| A.Z = eb372f19c7b9466a116363ad9114a89ad287523da318d915f59ed5e558bd824e | |||
| B.X = c76ddbcb15bc63f82807804536a0d25fd7a639c71adf953ad6cc8f68d915f485 | |||
| B.Y = e3a4f830809f5e91b68699c05fa9faa7c3d1f9d1b1c982c282508fa18d695537 | |||
| B.Z = eb372f19c7b9466a116363ad9114a89ad287523da318d915f59ed5e558bd824e | |||
| Result.X = c5485a3509f55c7cc33d098fb0bfe1b198a9f26ce0ebc29bec5baa29ef6f74a2 | |||
| Result.Y = 60e949a551aa94afc9a3efe411a3c63ecb851ef1738ed24c88f86cf85ec01020 | |||
| A.X = f21318618205f4967c4f47c9bc3cea41e144dc01830d087414da8dcb16d37cb3 | |||
| A.Y = 76cebf81ecc696024fe949191dc49b245ef8cc0d55ada88abf481ddad9eb6129 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = f21318618205f4967c4f47c9bc3cea41e144dc01830d087414da8dcb16d37cb3 | |||
| B.Y = 76cebf81ecc696024fe949191dc49b245ef8cc0d55ada88abf481ddad9eb6129 | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = ad8e13b721bcbfc0fe629465cda5fee3494785d51dbe65f1e13429f52c83f03e | |||
| Result.Y = 85722e168d89543dce293428e75d52765d0935bde2ef5c45a088222db0dbbeb5 | |||
| Test = PointAdd | |||
| A.X = ca72936509631f09d2a3ac14fb786daabb15520ef01de4298c7fd71653e89194 | |||
| A.Y = 02aeb6b6f04cd8125887baa18e6e79ba2b0acfa9a2443e9eea36ca7715eb8eb3 | |||
| A.Z = 8b4ef1a52fa42c711445e0463003f2ed38ace6583bf08198e9a0b938b4589479 | |||
| B.X = ca72936509631f09d2a3ac14fb786daabb15520ef01de4298c7fd71653e89194 | |||
| B.Y = 02aeb6b6f04cd8125887baa18e6e79ba2b0acfa9a2443e9eea36ca7715eb8eb3 | |||
| B.Z = 8b4ef1a52fa42c711445e0463003f2ed38ace6583bf08198e9a0b938b4589479 | |||
| Result.X = 8d3b35c5661faafa83510ab9b3f1642bb121e7686ed4ae61323ddee2c7247f93 | |||
| Result.Y = 1a22ef5df156ca80235fe3cd1ca3152e21a3e17b2a34dd93b2003e3274a8a2fb | |||
| A.X = 8797ff95334b238dadf0cb3d4dc9350678f4c7fc520089ecb70ab419510f2331 | |||
| A.Y = 326c7583d54dde377fa9193c8588912c4db2219e1bb383ab13902187e5ef76ce | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 8797ff95334b238dadf0cb3d4dc9350678f4c7fc520089ecb70ab419510f2331 | |||
| B.Y = 326c7583d54dde377fa9193c8588912c4db2219e1bb383ab13902187e5ef76ce | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = e91c8ec9611de8e44e0d882df59f4fae8d15e3867858fb155256a4a2f154bbc4 | |||
| Result.Y = c12be21033c6dcea7e7d7262c47876d099aead75d8b025e45ce7986193fc6f8a | |||
| Test = PointAdd | |||
| A.X = db7b023fbe056819027fa09c5a2a0d777a53fb78c00bf4f31f46b63a7494bbfe | |||
| A.Y = 59affcbf4628d572ee56b95087d30e765bb518b123e879b25df9960dab706a32 | |||
| A.Z = 1f7c7226d78e51478c683bbb6afe01abc2225dbfc773d0806d30ff5f827b76c8 | |||
| B.X = db7b023fbe056819027fa09c5a2a0d777a53fb78c00bf4f31f46b63a7494bbfe | |||
| B.Y = 59affcbf4628d572ee56b95087d30e765bb518b123e879b25df9960dab706a32 | |||
| B.Z = 1f7c7226d78e51478c683bbb6afe01abc2225dbfc773d0806d30ff5f827b76c8 | |||
| Result.X = fba400ae656ec3103c5c5f531d2a0f7368031e01a48a91f1a4f3138d294b13be | |||
| Result.Y = 160e358ad1f059eb62722df01a7440048a1db21ecaea8698efa9677db6e9ff97 | |||
| A.X = 2f4cba9543c9537e393f126e31bedb521dc0a74a940e731800e5e39cdece355d | |||
| A.Y = 1a0957898b746b7dbc9245acd0c6df9e6adca4d8537454c9f318a8ce7c3875c4 | |||
| A.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| B.X = 2f4cba9543c9537e393f126e31bedb521dc0a74a940e731800e5e39cdece355d | |||
| B.Y = 1a0957898b746b7dbc9245acd0c6df9e6adca4d8537454c9f318a8ce7c3875c4 | |||
| B.Z = 00000000fffffffeffffffffffffffffffffffff000000000000000000000001 | |||
| Result.X = 5cdc40808120b68e3131bd6ed70a5ce6618f960e4d540baa582afc71be97c65d | |||
| Result.Y = 1926a2c9f5b2d3d1dff784623fe6efe2ac629395101d38db0eff5e540bfeacb0 | |||
| # Scalar montgomery multiplication tests. | |||