Google Git
Sign in
apache / incubator-milagro-crypto-c / ff75c17ed9f6891167e568ed98c3d2e0c68021fc / . / test / test_pair_ZZZ.c.in
blob: eeacd7af3c2095f172a7b82883298a7cbe015458 [file] [log] [blame]
/*
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
*/
/**
* @file test_pair_ZZZ.c
* @author Alessandro Budroni
* @brief Test function for pairing
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "randapi.h"
#include "config_curve_ZZZ.h"
#if CURVE_SECURITY_ZZZ == 128
#include "pair_ZZZ.h"
#elif CURVE_SECURITY_ZZZ == 192
#include "pair192_ZZZ.h"
#elif CURVE_SECURITY_ZZZ == 256
#include "pair256_ZZZ.h"
#endif
// Number of iterations in pairing test
#if CURVE_SECURITY_ZZZ == 128
#define N_ITER 16
#elif CURVE_SECURITY_ZZZ == 192
#define N_ITER 12
#elif CURVE_SECURITY_ZZZ == 256
#define N_ITER 8
#endif
// Renamings for multiple security level support
#if CURVE_SECURITY_ZZZ == 128
#define ECPG2_ZZZ_generator ECP2_ZZZ_generator
#define ECPG2_ZZZ_copy ECP2_ZZZ_copy
#define ECPG2_ZZZ_mul ECP2_ZZZ_mul
#define ECPG2_ZZZ_add ECP2_ZZZ_add
#define ECPG2_ZZZ_affine ECP2_ZZZ_affine
#define ECPG2_ZZZ_isinf ECP2_ZZZ_isinf
#define GT_YYY_equals FP12_YYY_equals
#define GT_YYY_copy FP12_YYY_copy
#define GT_YYY_mul FP12_YYY_mul
#elif CURVE_SECURITY_ZZZ == 192
#define ECPG2_ZZZ_generator ECP4_ZZZ_generator
#define ECPG2_ZZZ_copy ECP4_ZZZ_copy
#define ECPG2_ZZZ_mul ECP4_ZZZ_mul
#define ECPG2_ZZZ_add ECP4_ZZZ_add
#define ECPG2_ZZZ_affine ECP4_ZZZ_affine
#define ECPG2_ZZZ_isinf ECP4_ZZZ_isinf
#define GT_YYY_equals FP24_YYY_equals
#define GT_YYY_copy FP24_YYY_copy
#define GT_YYY_mul FP24_YYY_mul
#elif CURVE_SECURITY_ZZZ == 256
#define ECPG2_ZZZ_generator ECP8_ZZZ_generator
#define ECPG2_ZZZ_copy ECP8_ZZZ_copy
#define ECPG2_ZZZ_mul ECP8_ZZZ_mul
#define ECPG2_ZZZ_add ECP8_ZZZ_add
#define ECPG2_ZZZ_affine ECP8_ZZZ_affine
#define ECPG2_ZZZ_isinf ECP8_ZZZ_isinf
#define GT_YYY_equals FP48_YYY_equals
#define GT_YYY_copy FP48_YYY_copy
#define GT_YYY_mul FP48_YYY_mul
#endif
int main()
{
int i;
BIG_XXX s,r,x,y;
ECP_ZZZ G,P1,P2,P3;
#if CURVE_SECURITY_ZZZ == 128
ECP2_ZZZ W,Q1,Q2,Q3;
FP12_YYY g11,gs1,gs2;
#elif CURVE_SECURITY_ZZZ == 192
ECP4_ZZZ W,Q1,Q2,Q3;
FP24_YYY g11,gs1,gs2;
#elif CURVE_SECURITY_ZZZ == 256
ECP8_ZZZ W,Q1,Q2,Q3;
FP48_YYY g11,gs1,gs2;
#endif
char seed[100] = {0};
octet SEED = {0,sizeof(seed),seed};
csprng RNG;
/* non random seed value! */
SEED.len=100;
for (i=0; i<100; i++) SEED.val[i]=i+1;
/* initialise random number generator */
CREATE_CSPRNG(&RNG,&SEED);
// Set Generator of G1
ECP_ZZZ_generator(&G);
// Set Generator of G2
ECPG2_ZZZ_generator(&W);
// Check that scalar multiplication by curve order gives the infinte point
BIG_XXX_rcopy(r,CURVE_Order_ZZZ);
ECP_ZZZ_copy(&P1,&G);
PAIR_ZZZ_G1mul(&P1,r);
if (!ECP_ZZZ_isinf(&P1))
{
printf("FAILURE - rP!=O\n");
return 1;
}
BIG_XXX_randomnum(s,r,&RNG);
ECPG2_ZZZ_copy(&Q1,&W);
ECPG2_ZZZ_mul(&Q1,r);
if (!ECPG2_ZZZ_isinf(&Q1))
{
printf("FAILURE - rQ!=O\n");
return 0;
}
for (i = 0; i < N_ITER; ++i)
{
// Pick a random point in G1
BIG_XXX_randomnum(x,r,&RNG);
ECP_ZZZ_copy(&P1,&G);
ECP_ZZZ_mul(&P1,x);
ECP_ZZZ_copy(&P2,&P1);
// Pick a random point in G2
BIG_XXX_randomnum(y,r,&RNG);
ECPG2_ZZZ_copy(&Q1,&W);
ECPG2_ZZZ_mul(&Q1,y);
ECPG2_ZZZ_copy(&Q2,&Q1);
// Precompute e(Q1,P1)
PAIR_ZZZ_ate(&g11,&Q1,&P1);
PAIR_ZZZ_fexp(&g11);
// Test that e(sQ,P) = e(Q,sP) = e(Q,P)^s, s random
BIG_XXX_randomnum(s,r,&RNG);
PAIR_ZZZ_G1mul(&P2,s);
ECPG2_ZZZ_mul(&Q2,s);
PAIR_ZZZ_ate(&gs1,&Q1,&P2);
PAIR_ZZZ_fexp(&gs1);
PAIR_ZZZ_ate(&gs2,&Q2,&P1);
PAIR_ZZZ_fexp(&gs2);
if (!GT_ZZZ_equals(&gs1,&gs2))
{
printf("FAILURE - e(sQ,P)!=e(Q,sP)\n");
return 1;
}
GT_ZZZ_copy(&gs2,&g11);
PAIR_ZZZ_GTpow(&gs2,s);
if (!GT_ZZZ_equals(&gs1,&gs2))
{
printf("FAILURE - e(sQ,P)!=e(Q,P)^s\n");
return 1;
}
// Test that e(Q,P1+P2) = e(Q,P1).e(Q,P2)
PAIR_ZZZ_ate(&gs2,&Q1,&P2);
PAIR_ZZZ_fexp(&gs2);
GT_YYY_copy(&gs1,&g11);
GT_YYY_mul(&gs1,&gs2);
ECP_ZZZ_copy(&P3,&P1);
ECP_ZZZ_add(&P3,&P2);
ECP_ZZZ_affine(&P3);
PAIR_ZZZ_ate(&gs2,&Q1,&P3);
PAIR_ZZZ_fexp(&gs2);
if (!GT_YYY_equals(&gs1,&gs2))
{
printf("FAILURE - e(Q,P1+P2)!=e(Q,P1).e(Q,P2)\n");
return 1;
}
// Test double_ate function on G1
PAIR_ZZZ_double_ate(&gs1,&Q1,&P1,&Q1,&P2);
PAIR_ZZZ_fexp(&gs1);
if (!GT_YYY_equals(&gs1,&gs2))
{
printf("FAILURE - double ate failed\n");
return 1;
}
// Test that e(Q1+Q2,P1) = e(Q1,P1).e(Q2,P1)
PAIR_ZZZ_ate(&gs2,&Q2,&P1);
PAIR_ZZZ_fexp(&gs2);
GT_YYY_copy(&gs1,&g11);
GT_YYY_mul(&gs1,&gs2);
ECPG2_ZZZ_copy(&Q3,&Q1);
ECPG2_ZZZ_add(&Q3,&Q2);
ECPG2_ZZZ_affine(&Q3);
PAIR_ZZZ_ate(&gs2,&Q3,&P1);
PAIR_ZZZ_fexp(&gs2);
if (!GT_YYY_equals(&gs1,&gs2))
{
printf("FAILURE - e(Q1+Q2,P1)!=e(Q1,P1).e(Q2,P1)\n");
return 1;
}
// Test double_ate function on G2
PAIR_ZZZ_double_ate(&gs1,&Q1,&P1,&Q2,&P1);
PAIR_ZZZ_fexp(&gs1);
if (!GT_YYY_equals(&gs1,&gs2))
{
printf("FAILURE - double ate failed\n");
return 1;
}
}
KILL_CSPRNG(&RNG);
printf("SUCCESS\n");
return 0;
}