mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-01-12 12:52:35 -03:00
some comments and more loops in test
This commit is contained in:
Pieter Wuille
parent
14b195ee65
commit
cbd3617ea1
2 changed files with 18 additions and 7 deletions
15
ecdsa.h
15
ecdsa.h
|
|
@ -28,7 +28,7 @@ private:
|
||||||
public:
|
public:
|
||||||
Signature(Context &ctx) : r(ctx), s(ctx) {}
|
Signature(Context &ctx) : r(ctx), s(ctx) {}
|
||||||
|
|
||||||
bool Verify(Context &ctx, const GroupElemJac &pubkey, const Number &message) {
|
bool RecomputeR(Context &ctx, Number &r2, const GroupElemJac &pubkey, const Number &message) {
|
||||||
const GroupConstants &c = GetGroupConst();
|
const GroupConstants &c = GetGroupConst();
|
||||||
|
|
||||||
if (r.IsNeg() || s.IsNeg())
|
if (r.IsNeg() || s.IsNeg())
|
||||||
|
|
@ -39,7 +39,7 @@ public:
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
Context ct(ctx);
|
Context ct(ctx);
|
||||||
Number sn(ct), u1(ct), u2(ct), xrn(ct);
|
Number sn(ct), u1(ct), u2(ct);
|
||||||
sn.SetModInverse(ct, s, c.order);
|
sn.SetModInverse(ct, s, c.order);
|
||||||
// printf("s=%s 1/s=%s\n", s.ToString().c_str(), sn.ToString().c_str());
|
// printf("s=%s 1/s=%s\n", s.ToString().c_str(), sn.ToString().c_str());
|
||||||
u1.SetModMul(ct, sn, message, c.order);
|
u1.SetModMul(ct, sn, message, c.order);
|
||||||
|
|
@ -50,8 +50,15 @@ public:
|
||||||
return false;
|
return false;
|
||||||
FieldElem xr; pr.GetX(xr);
|
FieldElem xr; pr.GetX(xr);
|
||||||
unsigned char xrb[32]; xr.GetBytes(xrb);
|
unsigned char xrb[32]; xr.GetBytes(xrb);
|
||||||
xrn.SetBytes(xrb,32); xrn.SetMod(ct,xrn,c.order);
|
r2.SetBytes(xrb,32); r2.SetMod(ct,r2,c.order);
|
||||||
return xrn.Compare(r) == 0;
|
}
|
||||||
|
|
||||||
|
bool Verify(Context &ctx, const GroupElemJac &pubkey, const Number &message) {
|
||||||
|
Context ct(ctx);
|
||||||
|
Number r2(ct);
|
||||||
|
if (!RecomputeR(ct, r2, pubkey, message))
|
||||||
|
return false;
|
||||||
|
return r2.Compare(r) == 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
void SetRS(const Number &rin, const Number &sin) {
|
void SetRS(const Number &rin, const Number &sin) {
|
||||||
|
|
|
||||||
10
tests.cpp
10
tests.cpp
|
|
@ -10,18 +10,23 @@ using namespace secp256k1;
|
||||||
|
|
||||||
void test_ecmult() {
|
void test_ecmult() {
|
||||||
Context ctx;
|
Context ctx;
|
||||||
|
// random starting point A (on the curve)
|
||||||
FieldElem ax; ax.SetHex("8b30bbe9ae2a990696b22f670709dff3727fd8bc04d3362c6c7bf458e2846004");
|
FieldElem ax; ax.SetHex("8b30bbe9ae2a990696b22f670709dff3727fd8bc04d3362c6c7bf458e2846004");
|
||||||
FieldElem ay; ay.SetHex("a357ae915c4a65281309edf20504740f0eb3343990216b4f81063cb65f2f7e0f");
|
FieldElem ay; ay.SetHex("a357ae915c4a65281309edf20504740f0eb3343990216b4f81063cb65f2f7e0f");
|
||||||
GroupElemJac a(ax,ay);
|
GroupElemJac a(ax,ay);
|
||||||
|
// two random initial factors xn and gn
|
||||||
Number xn(ctx); xn.SetHex("84cc5452f7fde1edb4d38a8ce9b1b84ccef31f146e569be9705d357a42985407");
|
Number xn(ctx); xn.SetHex("84cc5452f7fde1edb4d38a8ce9b1b84ccef31f146e569be9705d357a42985407");
|
||||||
Number gn(ctx); gn.SetHex("a1e58d22553dcd42b23980625d4c57a96e9323d42b3152e5ca2c3990edc7c9de");
|
Number gn(ctx); gn.SetHex("a1e58d22553dcd42b23980625d4c57a96e9323d42b3152e5ca2c3990edc7c9de");
|
||||||
|
// two small multipliers to be applied to xn and gn in every iteration:
|
||||||
Number xf(ctx); xf.SetHex("1337");
|
Number xf(ctx); xf.SetHex("1337");
|
||||||
Number gf(ctx); gf.SetHex("7113");
|
Number gf(ctx); gf.SetHex("7113");
|
||||||
|
// accumulators with the resulting coefficients to A and G
|
||||||
Number ae(ctx); ae.SetHex("01");
|
Number ae(ctx); ae.SetHex("01");
|
||||||
Number ge(ctx); ge.SetHex("00");
|
Number ge(ctx); ge.SetHex("00");
|
||||||
|
// the point being computed
|
||||||
GroupElemJac x = a;
|
GroupElemJac x = a;
|
||||||
const Number &order = GetGroupConst().order;
|
const Number &order = GetGroupConst().order;
|
||||||
for (int i=0; i<1000; i++) {
|
for (int i=0; i<20000; i++) {
|
||||||
// in each iteration, compute X = xn*X + gn*G;
|
// in each iteration, compute X = xn*X + gn*G;
|
||||||
ECMult(ctx, x, x, xn, gn);
|
ECMult(ctx, x, x, xn, gn);
|
||||||
// also compute ae and ge: the actual accumulated factors for A and G
|
// also compute ae and ge: the actual accumulated factors for A and G
|
||||||
|
|
@ -35,11 +40,10 @@ void test_ecmult() {
|
||||||
gn.SetModMul(ctx, gn, gf, order);
|
gn.SetModMul(ctx, gn, gf, order);
|
||||||
}
|
}
|
||||||
std::string res = x.ToString();
|
std::string res = x.ToString();
|
||||||
assert(res == "(D37F97BBF58B4ECA238329D272C9AF0194F062B851EDF9B40F2294FA00BBFCA2,B127748E9A9F347257051588D44A1B822CA731833B2653AA3646C59A8ADAF295)");
|
assert(res == "(D6E96687F9B10D092A6F35439D86CEBEA4535D0D409F53586440BD74B933E830,B95CBCA2C77DA786539BE8FD53354D2D3B4F566AE658045407ED6015EE1B2A88)");
|
||||||
// redo the computation, but directly with the resulting ae and ge coefficients:
|
// redo the computation, but directly with the resulting ae and ge coefficients:
|
||||||
GroupElemJac x2; ECMult(ctx, x2, a, ae, ge);
|
GroupElemJac x2; ECMult(ctx, x2, a, ae, ge);
|
||||||
std::string res2 = x2.ToString();
|
std::string res2 = x2.ToString();
|
||||||
printf("res=%s res2=%s\n", res.c_str(), res2.c_str());
|
|
||||||
assert(res == res2);
|
assert(res == res2);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue