/* Test and benchmark elliptic curve and RSA functions
	First build amcl.a from build_ec batch file
	gcc -O3 benchtest_ec.c amcl.a -o benchtest_ec.exe
*/

#include <stdio.h>
#include <stdlib.h>
#include <time.h>

#include "rsa_RSA2048.h"
#include "ecp_ED25519.h"
#include "pair_BN254.h"

#if CHUNK==32 || CHUNK==64
#include "ecp_NIST256.h"
#include "ecp_GOLDILOCKS.h"
#include "pair_BLS383.h"
#include "pair192_BLS24.h"
#include "pair256_BLS48.h"
#endif

#define MIN_TIME 10.0
#define MIN_ITERS 10 

using namespace amcl;

int ED_25519(csprng *RNG)
{
	using namespace ED25519;
	using namespace ED25519_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;
	ECP EP,EG;
	BIG s,r,x,y;
	printf("\nTesting/Timing ED25519 ECC\n");

#if CURVETYPE_ED25519==WEIERSTRASS
	printf("Weierstrass parameterization\n");
#endif
#if CURVETYPE_ED25519==EDWARDS
	printf("Edwards parameterization\n");
#endif
#if CURVETYPE_ED25519==MONTGOMERY
	printf("Montgomery parameterization\n");
#endif


#if MODTYPE_F25519 == PSEUDO_MERSENNE
	printf("Pseudo-Mersenne Modulus\n");
#endif

#if MODTYPE_F25519 == GENERALISED_MERSENNE
	printf("Generalised-Mersenne Modulus\n");
#endif

#if MODTYPE_F25519 == MONTGOMERY_FRIENDLY
	printf("Montgomery Friendly Modulus\n");
#endif

#if MODTYPE_F25519 == NOT_SPECIAL
	printf("Not special Modulus\n");
#endif


#if CHUNK==16
	printf("16-bit Build\n");
#endif
#if CHUNK==32
	printf("32-bit Build\n");
#endif
#if CHUNK==64
	printf("64-bit Build\n");
#endif

	ECP_generator(&EG);

	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&EP,&EG);
    ECP_mul(&EP,r);

	if (!ECP_isinf(&EP))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP_copy(&EP,&EG);
		ECP_mul(&EP,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("EC  mul - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	return 0;
}

#if CHUNK==32 || CHUNK==64
int NIST_256(csprng *RNG)
{
	using namespace NIST256;
	using namespace NIST256_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;
	ECP EP,EG;
	BIG s,r,x,y;
	printf("\nTesting/Timing NIST256 ECC\n");

#if CURVETYPE_NIST256==WEIERSTRASS
	printf("Weierstrass parameterization\n");
#endif
#if CURVETYPE_NIST256==EDWARDS
	printf("Edwards parameterization\n");
#endif
#if CURVETYPE_NIST256==MONTGOMERY
	printf("Montgomery parameterization\n");
#endif


#if MODTYPE_NIST256 == PSEUDO_MERSENNE
	printf("Pseudo-Mersenne Modulus\n");
#endif

#if MODTYPE_NIST256 == GENERALISED_MERSENNE
	printf("Generalised-Mersenne Modulus\n");
#endif

#if MODTYPE_NIST256 == MONTGOMERY_FRIENDLY
	printf("Montgomery Friendly Modulus\n");
#endif

#if MODTYPE_NIST256 == NOT_SPECIAL
	printf("Not special Modulus\n");
#endif

#if CHUNK==16
	printf("16-bit Build\n");
#endif
#if CHUNK==32
	printf("32-bit Build\n");
#endif
#if CHUNK==64
	printf("64-bit Build\n");
#endif

	ECP_generator(&EG);

	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&EP,&EG);
    ECP_mul(&EP,r);

	if (!ECP_isinf(&EP))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP_copy(&EP,&EG);
		ECP_mul(&EP,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("EC  mul - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	return 0;
}

int GOLDI_LOCKS(csprng *RNG)
{
	using namespace GOLDILOCKS;
	using namespace GOLDILOCKS_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;
	ECP EP,EG;
	BIG s,r,x,y;
	printf("\nTesting/Timing GOLDILOCKS ECC\n");

#if CURVETYPE_GOLDILOCKS==WEIERSTRASS
	printf("Weierstrass parameterization\n");
#endif
#if CURVETYPE_GOLDILOCKS==EDWARDS
	printf("Edwards parameterization\n");
#endif
#if CURVETYPE_GOLDILOCKS==MONTGOMERY
	printf("Montgomery parameterization\n");
#endif

#if MODTYPE_GOLDILOCKS == PSEUDO_MERSENNE
	printf("Pseudo-Mersenne Modulus\n");
#endif

#if MODTYPE_GOLDILOCKS == GENERALISED_MERSENNE
	printf("Generalised-Mersenne Modulus\n");
#endif

#if MODTYPE_GOLDILOCKS == MONTGOMERY_FRIENDLY
	printf("Montgomery Friendly Modulus\n");
#endif

#if MODTYPE_GOLDILOCKS == NOT_SPECIAL
	printf("Not special Modulus\n");
#endif

#if CHUNK==16
	printf("16-bit Build\n");
#endif
#if CHUNK==32
	printf("32-bit Build\n");
#endif
#if CHUNK==64
	printf("64-bit Build\n");
#endif

	ECP_generator(&EG);

	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&EP,&EG);
    ECP_mul(&EP,r);

	if (!ECP_isinf(&EP))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP_copy(&EP,&EG);
		ECP_mul(&EP,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("EC  mul - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	return 0;
}
#endif

int BN_254(csprng *RNG)
{
	using namespace BN254;
	using namespace BN254_FP;
	using namespace BN254_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;

	ECP P,G;
	ECP2 Q,W;
	FP12 g,w;
	FP4 cm;
	FP2 wx,wy;

	BIG s,r,x,y;
	printf("\nTesting/Timing BN254 Pairings\n");

	ECP_generator(&G);
	
	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&P,&G);
    PAIR_G1mul(&P,r);

	if (!ECP_isinf(&P))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}
	
	iterations=0;
    start=clock();
    do {
		ECP_copy(&P,&G);
		PAIR_G1mul(&P,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G1 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

    ECP2_generator(&W);

	ECP2_copy(&Q,&W);
    ECP2_mul(&Q,r);

	if (!ECP2_isinf(&Q))
	{
		printf("FAILURE - rQ!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP2_copy(&Q,&W);
		PAIR_G2mul(&Q,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G2 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	FP12_copy(&g,&w);

	PAIR_GTpow(&g,r);

	if (!FP12_isunity(&g))
	{
		printf("FAILURE - g^r!=1\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		FP12_copy(&g,&w);
		PAIR_GTpow(&g,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	FP12_copy(&g,&w);

	iterations=0;
    start=clock();
    do {
		FP12_compow(&cm,&g,s,r);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow (compressed) - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		PAIR_ate(&w,&Q,&P);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing ATE         - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		FP12_copy(&g,&w);
		PAIR_fexp(&g);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing FEXP        - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	ECP_copy(&P,&G);	
	ECP2_copy(&Q,&W);

	PAIR_G1mul(&P,s);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	ECP_copy(&P,&G);

	PAIR_G2mul(&Q,s);
	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	if (!FP12_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,sP) \n");
		return 0;
	}

	ECP2_copy(&Q,&W);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	PAIR_GTpow(&g,s);

	if (!FP12_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,P)^s \n");
		return 0;
	}
	return 0;
}

#if CHUNK==32 || CHUNK==64
int BLS_383(csprng *RNG)
{
	using namespace BLS383;
	using namespace BLS383_FP;
	using namespace BLS383_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;

	ECP P,G;
	ECP2 Q,W;
	FP12 g,w;
	FP4 cm;
	FP2 wx,wy;

	BIG s,r,x,y;
	printf("\nTesting/Timing BLS383 Pairings\n");

	ECP_generator(&G);
	
	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&P,&G);
    PAIR_G1mul(&P,r);

	if (!ECP_isinf(&P))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}
	
	iterations=0;
    start=clock();
    do {
		ECP_copy(&P,&G);
		PAIR_G1mul(&P,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G1 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

    ECP2_generator(&W);

	ECP2_copy(&Q,&W);
    ECP2_mul(&Q,r);

	if (!ECP2_isinf(&Q))
	{
		printf("FAILURE - rQ!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP2_copy(&Q,&W);
		PAIR_G2mul(&Q,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G2 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	FP12_copy(&g,&w);

	PAIR_GTpow(&g,r);

	if (!FP12_isunity(&g))
	{
		printf("FAILURE - g^r!=1\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		FP12_copy(&g,&w);
		PAIR_GTpow(&g,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	FP12_copy(&g,&w);

	iterations=0;
    start=clock();
    do {
		FP12_compow(&cm,&g,s,r);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow (compressed) - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		PAIR_ate(&w,&Q,&P);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing ATE         - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		FP12_copy(&g,&w);
		PAIR_fexp(&g);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing FEXP        - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	ECP_copy(&P,&G);	
	ECP2_copy(&Q,&W);

	PAIR_G1mul(&P,s);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	ECP_copy(&P,&G);

	PAIR_G2mul(&Q,s);
	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	if (!FP12_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,sP) \n");
		return 0;
	}

	ECP2_copy(&Q,&W);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	PAIR_GTpow(&g,s);

	if (!FP12_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,P)^s \n");
		return 0;
	}
	return 0;
}

int BLS_24(csprng *RNG)
{
	using namespace BLS24;
	using namespace BLS24_FP;
	using namespace BLS24_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;

	ECP P,G;
	ECP4 Q,W;
	FP24 g,w;

	FP8 cm;
	BIG a,b,s,r;

	printf("\nTesting/Timing BLS24 Pairings\n");

	ECP_generator(&G);
	
	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&P,&G);
    PAIR_G1mul(&P,r);

	if (!ECP_isinf(&P))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}
	
	iterations=0;
    start=clock();
    do {
		ECP_copy(&P,&G);
		PAIR_G1mul(&P,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G1 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	ECP4_generator(&W);

	ECP4_copy(&Q,&W);
    ECP4_mul(&Q,r);

	if (!ECP4_isinf(&Q))
	{
		printf("FAILURE - rQ!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP4_copy(&Q,&W);
		PAIR_G2mul(&Q,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G2 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	FP24_copy(&g,&w);

	PAIR_GTpow(&g,r);

	if (!FP24_isunity(&g))
	{
		printf("FAILURE - g^r!=1\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		FP24_copy(&g,&w);
		PAIR_GTpow(&g,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	FP24_copy(&g,&w);

	iterations=0;
    start=clock();
    do {
		FP24_compow(&cm,&g,s,r);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow (compressed) - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		PAIR_ate(&w,&Q,&P);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing ATE         - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		FP24_copy(&g,&w);
		PAIR_fexp(&g);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing FEXP        - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	ECP_copy(&P,&G);	
	ECP4_copy(&Q,&W);

	PAIR_G1mul(&P,s);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	ECP_copy(&P,&G);

	PAIR_G2mul(&Q,s);
	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	if (!FP24_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,sP) \n");
		return 0;
	}

	ECP4_copy(&Q,&W);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	PAIR_GTpow(&g,s);

	if (!FP24_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,P)^s \n");
		return 0;
	}
	return 0;
}


int BLS_48(csprng *RNG)
{
	using namespace BLS48;
	using namespace BLS48_FP;
	using namespace BLS48_BIG;

    int i,iterations;
    clock_t start;
    double elapsed;

	ECP P,G;
	ECP8 Q,W;
	FP48 g,w;

	FP16 cm;
	BIG a,b,s,r;

	printf("\nTesting/Timing BLS48 Pairings\n");

	ECP_generator(&G);
	
	BIG_rcopy(r,CURVE_Order);
	BIG_randomnum(s,r,RNG);
	ECP_copy(&P,&G);
    PAIR_G1mul(&P,r);

	if (!ECP_isinf(&P))
	{
		printf("FAILURE - rG!=O\n");
		return 0;
	}
	
	iterations=0;
    start=clock();
    do {
		ECP_copy(&P,&G);
		PAIR_G1mul(&P,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G1 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);


	ECP8_generator(&W);

	ECP8_copy(&Q,&W);
    ECP8_mul(&Q,r);

	if (!ECP8_isinf(&Q))
	{
		printf("FAILURE - rQ!=O\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		ECP8_copy(&Q,&W);
		PAIR_G2mul(&Q,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("G2 mul              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);


	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	FP48_copy(&g,&w);

	PAIR_GTpow(&g,r);

	if (!FP48_isunity(&g))
	{
		printf("FAILURE - g^r!=1\n");
		return 0;
	}

	iterations=0;
    start=clock();
    do {
		FP48_copy(&g,&w);
		PAIR_GTpow(&g,s);

		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow              - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	FP48_copy(&g,&w);

	iterations=0;
    start=clock();
    do {
		FP48_compow(&cm,&g,s,r);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("GT pow (compressed) - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		PAIR_ate(&w,&Q,&P);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing ATE         - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		FP48_copy(&g,&w);
		PAIR_fexp(&g);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("PAIRing FEXP        - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	ECP_copy(&P,&G);	
	ECP8_copy(&Q,&W);

	PAIR_G1mul(&P,s);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	ECP_copy(&P,&G);

	PAIR_G2mul(&Q,s);
	PAIR_ate(&w,&Q,&P);
	PAIR_fexp(&w);

	if (!FP48_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,sP) \n");
		return 0;
	}

	ECP8_copy(&Q,&W);
	PAIR_ate(&g,&Q,&P);
	PAIR_fexp(&g);

	PAIR_GTpow(&g,s);

	if (!FP48_equals(&g,&w))
	{
		printf("FAILURE - e(sQ,p)!=e(Q,P)^s \n");
		return 0;
	}
	return 0;
}
#endif


int RSA_2048(csprng *RNG)
{
	using namespace RSA2048;

    rsa_public_key pub;
    rsa_private_key priv;

    int i,iterations;
    clock_t start;
    double elapsed;

    char m[RFS_RSA2048],d[RFS_RSA2048],c[RFS_RSA2048];
    octet M= {0,sizeof(m),m};
    octet D= {0,sizeof(d),d};
    octet C= {0,sizeof(c),c};

	printf("\nTesting/Timing 2048-bit RSA\n");

	printf("Generating 2048-bit RSA public/private key pair\n");

	iterations=0;
    start=clock();
    do {
		RSA_KEY_PAIR(RNG,65537,&priv,&pub,NULL,NULL);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<1);
    elapsed=1000.0*elapsed/iterations;
    printf("RSA gen - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	M.len=RFS_RSA2048;
	for (i=0;i<RFS_RSA2048;i++) M.val[i]=i%128;

	iterations=0;
    start=clock();
    do {
		RSA_ENCRYPT(&pub,&M,&C);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("RSA enc - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	iterations=0;
    start=clock();
    do {
		RSA_DECRYPT(&priv,&C,&D);
		iterations++;
		elapsed=(clock()-start)/(double)CLOCKS_PER_SEC;
    } while (elapsed<MIN_TIME || iterations<MIN_ITERS);
    elapsed=1000.0*elapsed/iterations;
    printf("RSA dec - %8d iterations  ",iterations);
    printf(" %8.2lf ms per iteration\n",elapsed);

	for (i=0;i<RFS_RSA2048;i++)
	{
		if (M.val[i]!=D.val[i])
		{
			printf("FAILURE - RSA decryption\n");
			return 0;
		}
	}

	printf("All tests pass\n");

	return 0;
}

int main()
{
    csprng RNG;
	int i;
	char pr[10];
	unsigned long ran;

	time((time_t *)&ran);
	pr[0]=ran;
	pr[1]=ran>>8;
	pr[2]=ran>>16;
	pr[3]=ran>>24;
	for (i=0;i<10;i++) pr[i]=i;    /*****4****/
    RAND_seed(&RNG,10,pr);

	ED_25519(&RNG);
#if CHUNK==32 || CHUNK==64	
	NIST_256(&RNG);
	GOLDI_LOCKS(&RNG);
#endif	
	BN_254(&RNG);
#if CHUNK==32 || CHUNK==64	
	BLS_383(&RNG);
	BLS_24(&RNG);
	BLS_48(&RNG);
#endif
	RSA_2048(&RNG);
	
}