def testWeilPairing(self): # this example was refered to Washington. e = elliptic.EC([0, 2], 7) P = [5, 1] Q = [0, 3] R = e.WeilPairing(3, P, Q) self.assertEqual(finitefield.FinitePrimeFieldElement(2, 7), R) # test case of extension field, characteristic 7 p = 7 r = 11 F = finitefield.FinitePrimeField(p) PX = uniutil.polynomial({0:3,1:3,2:2,3:1,4:4,5:1,6:1,10:1},F) Fx = finitefield.FiniteExtendedField(p,PX) E = elliptic.EC([F.one,-F.one],F) Ex = elliptic.EC([Fx.one,-Fx.one],Fx) P = [3,6] assert E.whetherOn(P) assert Ex.whetherOn(P) assert E.mul(11,P) == E.infpoint Qxcoord = Fx.createElement(6*7**9+7**8+7**6+6*7**3+6*7**2+7+6) Qycoord = Fx.createElement(3*7**9+6*7**8+4*7**7+2*7**6+5*7**4+5*7**3+7**2+7+3) Q = [Qxcoord,Qycoord] assert Ex.whetherOn(Q) assert Ex.mul(11,Q) == Ex.infpoint w = Ex.WeilPairing(11, P, Q) Wp = Fx.createElement(7**9 + 5*7**8 + 4*7**7 + 2*7**5 + 7**4 + 6*7**2) assert w == Wp
def testStructure(self): # this example was rechecked by MAGMA. e = elliptic.EC([0, 4], 997) f = elliptic.EC([-1, 0], 65537) g = elliptic.EC([0, 1], 65537) self.assertEqual((12, 84), e.structure()) self.assertEqual((256, 256), f.structure()) self.assertEqual((1, 65538), g.structure())
def testOrder(self): d = elliptic.EC([2, 6], 7) e = elliptic.EC([1, 3], 7) f = elliptic.EC([11, 3], 13) self.assertEqual(11, d.order()) self.assertEqual(6, e.order()) self.assertEqual(13, f.order())
def testPoint(self): d = elliptic.EC([2, 6], 7) e = elliptic.EC([1, 3], 7) f = elliptic.EC([11, 3], 13) self.assertTrue(d.whetherOn(d.point())) self.assertTrue(e.whetherOn(e.point())) self.assertTrue(f.whetherOn(f.point()))
def testEqualCh19(self): e = elliptic.EC([2, 1], 19) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof) e = elliptic.EC([2, 5], 19) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof)
def testEqualCh5(self): e = elliptic.EC([1, 4], 5) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof) e = elliptic.EC([2, 0], 5) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof) e = elliptic.EC([1, 3, 4, 0, 1], 5) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof)
def setUp(self): self.a = elliptic.EC([0, -1, 1, 0, 0], 0) self.b = elliptic.EC([1, 0], 0) self.c = elliptic.EC([0, 17], 0) self.P1 = list(map(rational.Rational, [-2, 3])) self.P2 = list(map(rational.Rational, [-1, 4])) self.P3 = list(map(rational.Rational, [2, 5])) self.P4 = list(map(rational.Rational, [4, 9])) self.P5 = list(map(rational.Rational, [8, 23])) self.P6 = list(map(rational.Rational, [43, 282])) self.P7 = list(map(rational.Rational, [52, 375])) self.P8 = list(map(rational.Rational, [5234, 378661]))
def testEqualCh7(self): e = elliptic.EC([1, 4], 7) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof, str(e)) e = elliptic.EC([2, 0], 7) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof, str(e)) e = elliptic.EC([1, 3, 4, 0, 1], 7) byNaive = e.naive() bySchoof = e.Schoof() self.assertEqual(byNaive, bySchoof, repr(e)) # see EllipticTest.testStr
def testEqualCh233(self): e = elliptic.EC([2, 1], 233) byNaive = e.naive() byShanksMestre = e.Shanks_Mestre() bySchoof = e.Schoof() self.assertEqual(byNaive, byShanksMestre) self.assertEqual(byNaive, bySchoof) # bug #2281173 e = elliptic.EC([2, 5], 233) byNaive = e.naive() byShanksMestre = e.Shanks_Mestre() bySchoof = e.Schoof() self.assertEqual(byNaive, byShanksMestre) self.assertEqual(byNaive, bySchoof)
def testLine(self): # FIXME: need more appropriate tests e = elliptic.EC([0, 0, 1, -1, 0], 17) P = [0, 0] self.assertEqual(e.basefield.zero, e.line(P, P, P)) P2 = e.mul(2, P) self.assertEqual(e.basefield.zero, e.line(P, P2, e.mul(-1, e.add(P, P2))))
def testEqualCh65537(self): # 65537 is too large for naive method. e = elliptic.EC([0, 1], 65537) # supersingular curve byShanksMestre = e.Shanks_Mestre() bySchoof = e.Schoof() self.assertEqual(0, byShanksMestre) self.assertEqual(0, bySchoof)
def testEqualCh311(self): e = elliptic.EC([12, 179], 311) byNaive = e.naive() byShanksMestre = e.Shanks_Mestre() bySchoof = e.Schoof() self.assertEqual(byNaive, byShanksMestre) self.assertEqual(byNaive, bySchoof)
def testDivPoly(self): E = elliptic.EC([3, 4], 101) F101 = finitefield.FinitePrimeField.getInstance(E.ch) D = ({-1:uniutil.polynomial({0:-1}, F101), 0:uniutil.polynomial({}, F101), 1:uniutil.polynomial({0:1}, F101), 2:uniutil.polynomial({0:2}, F101), 3:uniutil.polynomial({0:92, 1:48, 2:18, 4:3}, F101), 4:uniutil.polynomial({0:188, 1:10, 2:22, 3:118, 4:60, 6:4}, F101), 5:uniutil.polynomial({0:48, 1:58, 2:53, 3:60, 4:28, 5:93, 6:79, 7:52, 8:65, 9:5, 10:85, 12:5}, F101), 6:uniutil.polynomial({0:18, 1:24, 2:88, 3:32, 4:128, 5:44, 6:152, 7:56, 8:84, 9:192, 10:174, 12:114, 13:124, 14:28, 16:6}, F101), 7:uniutil.polynomial({0:94, 1:77, 2:87, 3:65, 4:97, 5:45, 6:80, 7:22, 8:44, 9:76, 10:5, 11:49, 12:49, 13:74, 14:76, 15:53, 16:69, 17:47, 18:63, 19:70, 20:78, 21:20, 22:15, 24:7}, F101), 8:uniutil.polynomial({0:32, 1:100, 2:58, 3:20, 4:124, 5:160, 6:82, 7:132, 8:158, 9:96, 10:154, 11:106, 12:134, 13:140, 14:10, 15:36, 16:72, 17:56, 18:116, 19:190, 20:134, 21:182, 22:74, 23:186, 24:50, 25:186, 26:122, 27:68, 28:136, 30:8}, F101)}, [2, 3, 5, 7]) self.assertEqual(D, E.divPoly([]))
def testBSGS(self): F_65537 = finitefield.FinitePrimeField(65537) e2 = elliptic.EC([-1, 0], F_65537) P1 = list(map(F_65537.createElement, [30840, 53250])) self.assertFalse(256 % e2.BSGS(P1)) P2 = list(map(F_65537.createElement, [10657, 46245])) self.assertFalse(256 % e2.BSGS(P2))
def testTatePairing(self): # this example was refered to Washington. # note that Tate pairing is only defined # up to a multiple by an lth power. e = elliptic.EC([-1, 1], 11) self.assertEqual(10, e.order()) P = list(map(e.basefield.createElement, [3, 6])) R = e.TatePairing(5, P, P) l = list(map(finitefield.FinitePrimeFieldElement, [5, 6], [11] * 2)) self.assertTrue(R in l, R)
def testTatePairing_Extend(self): # this example was refered to Kim Nguyen. e = elliptic.EC([0, 4], 997) P = [0, 2] Q = [747, 776] R = e.TatePairing_Extend(3, P, P) W1 = e.TatePairing_Extend(3, P, Q) W2 = e.TatePairing_Extend(3, Q, P) self.assertEqual(e.basefield.one, R) self.assertEqual(finitefield.FinitePrimeFieldElement(304, 997), W1) self.assertEqual(W1, W2.inverse())
def testWeilPairingIsFunction(self): # e2 is isomorphic to Z/256 x Z/256 F_65537 = finitefield.FinitePrimeField(65537) e2 = elliptic.EC([-1, 0], F_65537) P1 = list(map(F_65537.createElement, [30840, 53250])) self.assertFalse(256 % e2.pointorder(P1)) P2 = list(map(F_65537.createElement, [10657, 46245])) self.assertFalse(256 % e2.pointorder(P2)) weil10 = set(e2.WeilPairing(256, P1, P2) for i in range(10)) # since Weil pairing is a function, the result is always same self.assertEqual(1, len(weil10)) # Weil pairing is a function E[m]xE[m] -> mu_m self.assertEqual(e2.basefield.one, weil10.pop()**256)
def testChangePoint(self): self.assertEqual([-1, 1], elliptic.EC([1, 2], 0).changePoint([1, 2], [1, 2, 3, 4]))
def testChangeCurve(self): self.assertEqual( 'y ** 2 + 6/1 * x * y + 8/1 * y = x ** 3 - 3/1 * x ** 2 - 10/1 * x', str(elliptic.EC([2, 4], 0).changeCurve([1, 2, 3, 4])))
def testStr(self): e = elliptic.EC([1, 3, 4, 0, 1], 7) self.assertTrue(str(e))
def testCh5(self): e = elliptic.EC([1, 4], 5) self.assertEqual(5 + 1 - e.trace(), e.order())
def testSimple(self): self.assertEqual('y ** 2 = x ** 3 - 432/1 * x + 8208/1', str(self.a.simple())) # ch > 0 e = elliptic.EC([1, 1, 1, 3, 4], 7) self.assertTrue(e.simple())