10 gmp_randinit_default (state);
13 for (i = 0; ecc_curves[i]; i++)
15 const struct ecc_curve *ecc = ecc_curves[i];
16 mp_size_t size = ecc_size (ecc);
17 mp_limb_t *p = xalloc_limbs (ecc_size_j (ecc));
18 mp_limb_t *q = xalloc_limbs (ecc_size_j (ecc));
19 mp_limb_t *n = xalloc_limbs (size);
20 mp_limb_t *scratch = xalloc_limbs (ecc_mul_a_itch (ecc));
26 ecc_mul_a (ecc, 1, p, n, ecc->g, scratch);
27 ecc_j_to_a (ecc, 1, p, p, scratch);
29 if (mpn_cmp (p, ecc->g, 2*size != 0))
30 die ("curve %d: ecc_mul_a with n = 1 failed.\n", ecc->bit_size);
34 ecc_mul_a (ecc, 0, p, n, ecc->redc_g, scratch);
35 ecc_j_to_a (ecc, 1, p, p, scratch);
37 if (mpn_cmp (p, ecc->g, 2*size != 0))
38 die ("curve %d: ecc_mul_a with n = 1 and redc failed.\n", ecc->bit_size);
40 for (n[0] = 2; n[0] <= 4; n[0]++)
42 ecc_mul_a (ecc, 1, p, n, ecc->g, scratch);
43 test_ecc_mul_j (i, n[0], p);
46 ecc_mul_a (ecc, 0, p, n, ecc->redc_g, scratch);
47 test_ecc_mul_j (i, n[0], p);
51 /* (order - 1) * g = - g */
52 mpn_sub_1 (n, ecc->q, size, 1);
53 ecc_mul_a (ecc, 1, p, n, ecc->g, scratch);
54 ecc_j_to_a (ecc, 1, p, p, scratch);
55 mpn_sub_n (p + size, ecc->p, p + size, size);
56 if (mpn_cmp (p, ecc->g, 2*size) != 0)
58 fprintf (stderr, "ecc_mul_a with n = order - 1 failed.\n");
64 for (j = 0; j < 100; j++)
67 mpz_rrandomb (r, state, size * GMP_NUMB_BITS);
69 mpz_urandomb (r, state, size * GMP_NUMB_BITS);
71 /* Reduce so that (almost surely) n < q */
72 mpz_limbs_copy (n, r, size);
73 n[size - 1] %= ecc->q[size - 1];
75 ecc_mul_a (ecc, 1, p, n, ecc->g, scratch);
76 ecc_j_to_a (ecc, 1, p, p, scratch);
78 ecc_mul_g (ecc, q, n, scratch);
79 ecc_j_to_a (ecc, 1, q, q, scratch);
81 if (mpn_cmp (p, q, 2*size))
84 "Different results from ecc_mul_a and ecc_mul_g.\n"
87 ecc->bit_size, n, size);
88 gmp_fprintf (stderr, "p = %Nx,\n %Nx\n",
89 p, size, p + size, size);
90 gmp_fprintf (stderr, "q = %Nx,\n %Nx\n",
91 q, size, q + size, size);
101 gmp_randclear (state);