def test_mult() -> None:
for ec in low_card_curves.values():
for q in range(ec.n):
Q = _mult_aff(q, ec.G, ec)
assert ec.is_on_curve(Q), f"{q}, {ec}"
QJ = _mult(q, ec.GJ, ec)
assert ec.is_on_curve(ec._aff_from_jac(QJ)), f"{q}, {ec}"
assert Q == ec._aff_from_jac(QJ), f"{q}, {ec}"
assert INF == _mult_aff(q, INF, ec), f"{q}, {ec}"
assert ec._jac_equality(INFJ, _mult(q, INFJ, ec)), f"{q}, {ec}"
def test_mult_recursive_aff() -> None:
for ec in all_curves.values():
assert _mult_recursive_aff(0, ec.G, ec) == INF
assert _mult_recursive_aff(0, INF, ec) == INF
assert _mult_recursive_aff(1, INF, ec) == INF
assert _mult_aff(1, ec.G, ec) == ec.G
Q = ec._add_aff(ec.G, ec.G)
assert Q == _mult_recursive_aff(2, ec.G, ec)
Q = _mult_recursive_aff(ec.n - 1, ec.G, ec)
assert ec.negate(ec.G) == Q
assert _mult_recursive_aff(ec.n - 1, INF, ec) == INF
assert ec._add_aff(Q, ec.G) == INF
assert _mult_recursive_aff(ec.n, ec.G, ec) == INF
assert _mult_recursive_aff(ec.n, INF, ec) == INF
with pytest.raises(BTClibValueError, match="negative m: "):
_mult_recursive_aff(-1, ec.G, ec)
for ec in low_card_curves.values():
for q in range(ec.n):
Q = _mult_recursive_aff(q, ec.G, ec)
assert ec.is_on_curve(Q), f"{q}, {ec}"
QJ = _mult(q, ec.GJ, ec)
assert ec.is_on_curve(ec._aff_from_jac(QJ)), f"{q}, {ec}"
assert Q == ec._aff_from_jac(QJ), f"{q}, {ec}"
assert INF == _mult_recursive_aff(q, INF, ec), f"{q}, {ec}"
assert ec._jac_equality(INFJ, _mult(q, INFJ, ec)), f"{q}, {ec}"
def test_jac_equality() -> None:
ec = ec23_31
assert ec._jac_equality(ec.GJ, _jac_from_aff(ec.G))
# q in [2, n-1], as the difference with ec.GJ is checked below
q = 2 + secrets.randbelow(ec.n - 2)
Q = _mult_aff(q, ec.G, ec)
QJ = _mult(q, ec.GJ, ec)
assert ec._jac_equality(QJ, _jac_from_aff(Q))
assert not ec._jac_equality(QJ, ec.negate_jac(QJ))
assert not ec._jac_equality(QJ, ec.GJ)
def test_ecf() -> None:
ec = CurveGroup(9739, 497, 1768)
# challenge = 'Point Negation'
P = (8045, 6936)
S = ec.negate(P)
S_exp = (8045, 2803)
assert S == S_exp
# challenge = 'Point Addition'
X = (5274, 2841)
Y = (8669, 740)
assert ec.add(X, Y) == (1024, 4440)
assert ec.add(X, X) == (7284, 2107)
P = (493, 5564)
Q = (1539, 4742)
R = (4403, 5202)
S = ec.add(ec.add(ec.add(P, P), Q), R)
ec.require_on_curve(S)
S_exp = (4215, 2162)
assert S == S_exp
# challenge = 'Scalar Multiplication'
X = (5323, 5438)
assert _mult_aff(1337, X, ec) == (1089, 6931)
P = (2339, 2213)
S = _mult_aff(7863, P, ec)
ec.require_on_curve(S)
S_exp = (9467, 2742)
assert S == S_exp
# challenge = 'Curves and Logs'
all_points = find_all_points(ec)
assert len(all_points) == 9735
G = (1804, 5368)
points = find_subgroup_points(ec, G)
assert len(points) == 9735
start = time.time()
for q in qs:
# starts from affine coordinates, ends with affine coordinates
ec._aff_from_jac(_mult_jac(q, ec.GJ, ec))
benchmark = time.time() - start
print("Benchmark completed")
start = time.time()
for q in qs:
_mult_recursive_aff(q, ec.G, ec)
recursive_aff = time.time() - start
print(f"Recursive aff : {recursive_aff / benchmark:.0%}")
start = time.time()
for q in qs:
ec._aff_from_jac(_mult_recursive_jac(q, ec.GJ, ec))
recursive_jac = time.time() - start
print(f"Recursive jac : {recursive_jac / benchmark:.0%}")
start = time.time()
for q in qs:
_mult_aff(q, ec.G, ec)
double_add_aff = time.time() - start
print(f"Double and add aff : {double_add_aff / benchmark:.0%}")
start = time.time()
for q in qs:
ec._aff_from_jac(_mult_jac(q, ec.GJ, ec))
double_add_jac = time.time() - start
print(f"Double and add jac : {double_add_jac / benchmark:.0%}")
def test_mult_aff() -> None:
for ec in all_curves.values():
assert _mult_aff(0, ec.G, ec) == INF
assert _mult_aff(0, INF, ec) == INF
assert _mult_aff(1, INF, ec) == INF
assert _mult_aff(1, ec.G, ec) == ec.G
P = ec._add_aff(ec.G, ec.G)
assert P == _mult_aff(2, ec.G, ec)
P = _mult_aff(ec.n - 1, ec.G, ec)
assert ec.negate(ec.G) == P
assert _mult_aff(ec.n - 1, INF, ec) == INF
assert ec._add_aff(P, ec.G) == INF
assert _mult_aff(ec.n, ec.G, ec) == INF
assert _mult_aff(ec.n, INF, ec) == INF
with pytest.raises(ValueError, match="negative m: "):
_mult_aff(-1, ec.G, ec)