ffelement-test.cc 136 KB


  1. /*############################################################################
  2. # Copyright 2016 Intel Corporation
  3. #
  4. # Licensed under the Apache License, Version 2.0 (the "License");
  5. # you may not use this file except in compliance with the License.
  6. # You may obtain a copy of the License at
  7. #
  8. # http://www.apache.org/licenses/LICENSE-2.0
  9. #
  10. # Unless required by applicable law or agreed to in writing, software
  11. # distributed under the License is distributed on an "AS IS" BASIS,
  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. # See the License for the specific language governing permissions and
  14. # limitations under the License.
  15. ############################################################################*/
  16. /*!
  17. * \file
  18. * \brief FfElement unit tests.
  19. */
  20. #include <cstring>
  21. #include <limits>
  22. #include <algorithm>
  23. #include "gtest/gtest.h"
  24. #include "epid/common-testhelper/errors-testhelper.h"
  25. #include "epid/common-testhelper/prng-testhelper.h"
  26. #include "epid/common-testhelper/octstr-testhelper.h"
  27. #include "epid/common-testhelper/finite_field_wrapper-testhelper.h"
  28. #include "epid/common-testhelper/ffelement_wrapper-testhelper.h"
  29. #include "epid/common-testhelper/bignum_wrapper-testhelper.h"
  30. extern "C" {
  31. #include "epid/common/math/finitefield.h"
  32. }
  33. #include "epid/common/types.h"
  34. #ifndef COUNT_OF
  35. #define COUNT_OF(a) (sizeof(a) / sizeof((a)[0]))
  36. #endif // COUNT_OF
  37. /// compares BigNumStr values
  38. bool operator==(BigNumStr const& lhs, BigNumStr const& rhs) {
  39. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  40. }
  41. /// compares BigNumStr to FqElemStr values
  42. bool operator==(BigNumStr const& lhs, FqElemStr const& rhs) {
  43. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  44. }
  45. /// compares FqElemStr to BigNumStr values
  46. bool operator==(FqElemStr const& lhs, BigNumStr const& rhs) {
  47. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  48. }
  49. /// compares FqElemStr values
  50. bool operator==(FqElemStr const& lhs, FqElemStr const& rhs) {
  51. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  52. }
  53. /// compares Fq2ElemStr values
  54. bool operator==(Fq2ElemStr const& lhs, Fq2ElemStr const& rhs) {
  55. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  56. }
  57. /// compares Fq6ElemStr values
  58. bool operator==(Fq6ElemStr const& lhs, Fq6ElemStr const& rhs) {
  59. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  60. }
  61. /// compares Fq12ElemStr values
  62. bool operator==(Fq12ElemStr const& lhs, Fq12ElemStr const& rhs) {
  63. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  64. }
  65. /// compares FpElemStr values
  66. bool operator==(FpElemStr const& lhs, FpElemStr const& rhs) {
  67. return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
  68. }
  69. /// compares FfElementObj values
  70. bool operator==(FfElementObj const& lhs, FfElementObj const& rhs) {
  71. auto lhs_data = lhs.data();
  72. auto rhs_data = rhs.data();
  73. return lhs_data.size() == rhs_data.size() &&
  74. std::equal(lhs_data.begin(), lhs_data.end(), rhs_data.begin());
  75. }
  76. namespace {
  77. class FfElementTest : public ::testing::Test {
  78. public:
  79. virtual void SetUp() {
  80. fq = FiniteFieldObj(bn_q_str);
  81. // construct Fq^2 finite field
  82. FfElementObj neg_beta(&fq);
  83. THROW_ON_EPIDERR(FfNeg(fq, FfElementObj(&fq, fq_qm1_str), neg_beta));
  84. fq2 = FiniteFieldObj(fq, neg_beta, 2);
  85. // construct Fq^6 finite field
  86. FfElementObj neg_xi(&fq2);
  87. THROW_ON_EPIDERR(FfNeg(fq2, FfElementObj(&fq2, this->fq2_2_1_str), neg_xi));
  88. fq6 = FiniteFieldObj(fq2, neg_xi, 3);
  89. // construct Fq^12 finite field
  90. FfElementObj neg_v(&fq6);
  91. THROW_ON_EPIDERR(
  92. FfNeg(fq6, FfElementObj(&fq6, this->fq6_0_0_1_0_0_0_str), neg_v));
  93. fq12 = FiniteFieldObj(fq6, neg_v, 2);
  94. fq_0 = FfElementObj(&fq, &bn_0_str, sizeof(bn_0_str));
  95. fq_2 = FfElementObj(&fq, &fq_2_str, sizeof(fq_2_str));
  96. fq_qm2 = FfElementObj(&fq, &fq_qm2_str, sizeof(fq_qm2_str));
  97. fq_3 = FfElementObj(&fq, &fq_3_str, sizeof(fq_3_str));
  98. fq_4 = FfElementObj(&fq, &fq_4_str, sizeof(fq_4_str));
  99. fq_5 = FfElementObj(&fq, &fq_5_str, sizeof(fq_5_str));
  100. fq_a = FfElementObj(&fq, &bn_a_str, sizeof(bn_a_str));
  101. // construct EPID 1.1 Fq finite field
  102. epid11_fq = FiniteFieldObj(bn_epid11_bn_q_str);
  103. // construct EPID 1.1 Fqd finite field
  104. epid11_fqd = FiniteFieldObj(epid11_fq, bn_epid11_fq_coeffs,
  105. COUNT_OF(bn_epid11_fq_coeffs));
  106. // Fqk ground element is {-qnr, 0, 0}
  107. FfElementObj epid11_neg_qnr(&epid11_fq);
  108. THROW_ON_EPIDERR(FfNeg(
  109. epid11_fq, FfElementObj(&epid11_fq, fq_epid11_fq_qnr), epid11_neg_qnr));
  110. Fq3ElemStr epid11_ground_element_str = {0};
  111. THROW_ON_EPIDERR(WriteFfElement(epid11_fq, epid11_neg_qnr,
  112. &epid11_ground_element_str.a[0],
  113. sizeof(epid11_ground_element_str.a[0])));
  114. // construct EPID 1.1 Fqk finite field
  115. epid11_GT = FiniteFieldObj(
  116. epid11_fqd, FfElementObj(&epid11_fqd, epid11_ground_element_str), 2);
  117. fq_0 = FfElementObj(&fq, &bn_0_str, sizeof((bn_0_str)));
  118. fq_1 = FfElementObj(&fq, &bn_1_str, sizeof(bn_1_str));
  119. fq_a = FfElementObj(&fq, &bn_a_str, sizeof(bn_a_str));
  120. fq_b = FfElementObj(&fq, &bn_b_str, sizeof(bn_b_str));
  121. fq_result = FfElementObj(&fq);
  122. fq_sum_ab = FfElementObj(&fq, &fq_sum_ab_str, sizeof(fq_sum_ab_str));
  123. fp = FiniteFieldObj(bn_p_str);
  124. bn_0 = BigNumObj(bn_0_str);
  125. bn_1 = BigNumObj(bn_1_str);
  126. bn_a = BigNumObj(bn_a_str);
  127. fq2_a = FfElementObj(&fq2, &fq2_a_str, sizeof(fq2_a_str));
  128. fq2_result = FfElementObj(&fq2);
  129. fq12_g = FfElementObj(&fq12, &fq12_g_str, sizeof(fq12_g_str));
  130. fq12_h = FfElementObj(&fq12, &fq12_h_str, sizeof(fq12_h_str));
  131. fq12_i = FfElementObj(&fq12, &fq12_i_str, sizeof(fq12_i_str));
  132. fq12_j = FfElementObj(&fq12, &fq12_j_str, sizeof(fq12_j_str));
  133. fq12_k = FfElementObj(&fq12, &fq12_k_str, sizeof(fq12_k_str));
  134. fq12_result = FfElementObj(&fq12);
  135. }
  136. FiniteFieldObj fq;
  137. FiniteFieldObj fq2;
  138. FiniteFieldObj fq6;
  139. FiniteFieldObj fq12;
  140. FiniteFieldObj epid11_fq;
  141. FiniteFieldObj epid11_fqd;
  142. FiniteFieldObj epid11_GT;
  143. FfElementObj fq_0;
  144. FfElementObj fq_1;
  145. FfElementObj fq_2;
  146. FfElementObj fq_qm2; // Intel(R) EPID 2.0 parameter q - 2
  147. FfElementObj fq_3;
  148. FfElementObj fq_4;
  149. FfElementObj fq_5;
  150. FfElementObj fq_a;
  151. FfElementObj fq_b;
  152. FfElementObj fq_result;
  153. FfElementObj fq_sum_ab;
  154. FfElementObj fq2_a;
  155. FfElementObj fq2_result;
  156. FfElementObj fq12_g;
  157. FfElementObj fq12_h;
  158. FfElementObj fq12_i;
  159. FfElementObj fq12_j;
  160. FfElementObj fq12_k;
  161. FfElementObj fq12_result;
  162. FiniteFieldObj fp;
  163. BigNumObj bn_0;
  164. BigNumObj bn_1;
  165. BigNumObj bn_a;
  166. // Intel(R) EPID 2.0 parameter p
  167. static const BigNumStr bn_p_str;
  168. static const FpElemStr fp_p_str;
  169. // Intel(R) EPID 2.0 parameter p - 1
  170. static const BigNumStr fp_pm1_str;
  171. // Intel(R) EPID 2.0 parameter q
  172. static const BigNumStr bn_q_str;
  173. // Intel(R) EPID 2.0 parameter q - 1
  174. static const FqElemStr fq_qm1_str;
  175. static const BigNumStr bn_qm1_str;
  176. // Intel(R) EPID 2.0 parameter q - 2
  177. static const FqElemStr fq_qm2_str;
  178. // Intel(R) EPID 2.0 parameter q + 1
  179. static const BigNumStr bn_qp1_str;
  180. // Intel(R) EPID 2.0 parameter q - 0x3013
  181. static const BigNumStr fq_qm0x3013_str;
  182. // Intel(R) EPID 1.1 parameter q
  183. static const BigNumStr bn_epid11_bn_q_str;
  184. // Intel(R) EPID 1.1 parameter qnr
  185. static const FqElemStr fq_epid11_fq_qnr;
  186. // Intel(R) EPID 1.1 parameter coeff
  187. static const BigNumStr bn_epid11_fq_coeffs[3];
  188. // zero
  189. static const BigNumStr bn_0_str;
  190. static const FqElemStr fq_0_str;
  191. // one
  192. static const BigNumStr bn_1_str;
  193. static const FqElemStr fq_1_str;
  194. // two
  195. static const BigNumStr bn_2_str;
  196. static const FqElemStr fq_2_str;
  197. // three
  198. static const FqElemStr fq_3_str;
  199. // four
  200. static const FqElemStr fq_4_str;
  201. // five
  202. static const FqElemStr fq_5_str;
  203. // 0x0000FFFF
  204. static const BigNumStr bn_0xffff_str;
  205. // Fq2 element containing {2, 1}
  206. static const Fq2ElemStr fq2_2_1_str;
  207. // Fq6 element containing {0, 0, 1, 0, 0, 0}
  208. static const Fq6ElemStr fq6_0_0_1_0_0_0_str;
  209. // arbitrary constant a (256 bit value)
  210. static const BigNumStr bn_a_str;
  211. static const FqElemStr fq_a_str;
  212. static const Fq2ElemStr fq2_a_str;
  213. // arbitrary constant b (256 bit value)
  214. static const BigNumStr bn_b_str;
  215. static const FqElemStr fq_b_str;
  216. // a + b
  217. static const FqElemStr fq_sum_ab_str;
  218. static const Fq2ElemStr fq2_sum_ab_str;
  219. static const Fq6ElemStr fq6_sum_ab_str;
  220. static const Fq12ElemStr fq12_sum_ab_str;
  221. // a * b
  222. static const FqElemStr fq_mul_ab_str;
  223. static const Fq2ElemStr fq2_mul_ab_str;
  224. // 1/a
  225. static const FqElemStr fq_inv_a_str;
  226. // -a
  227. static const FqElemStr fq_neg_a_str;
  228. // pow(a, b), that is a raised to the power b
  229. static const FqElemStr fq_exp_ab_str;
  230. static const uint8_t sha_msg[3]; // predefined message for tests "abc"
  231. static const FqElemStr fq_abc_sha256_str;
  232. static const FqElemStr fq_abc_sha384_str;
  233. static const FqElemStr fq_abc_sha512_str;
  234. // arbitrary Fq12 constant a (unrelated to a above)
  235. static const Fq12ElemStr fq12_g_str;
  236. // arbitrary Fq12 constant b (unrelated to a above)
  237. static const Fq12ElemStr fq12_h_str;
  238. // arbitrary Fq12 constant c
  239. static const Fq12ElemStr fq12_i_str;
  240. // arbitrary Fq12 constant d
  241. static const Fq12ElemStr fq12_j_str;
  242. // arbitrary Fq12 constant e
  243. static const Fq12ElemStr fq12_k_str;
  244. // c * d
  245. static const Fq12ElemStr fq12_mul_ij_str;
  246. // e * b
  247. static const Fq12ElemStr fq12_mul_gb_str;
  248. // Fq Multi Exp Data
  249. static const FqElemStr fq_multi_exp_base_1[1];
  250. static const BigNumStr fq_multi_exp_exp_1[1];
  251. static const FqElemStr fq_multi_exp_res_1;
  252. static const std::vector<uint8_t> fq_multi_exp_exp_1_264;
  253. static const FqElemStr fq_multi_exp_res_1_264;
  254. static const FqElemStr fq_multi_exp_res_1_256_264;
  255. static const FqElemStr fq_multi_exp_base_2[2];
  256. static const BigNumStr fq_multi_exp_exp_2[2];
  257. static const FqElemStr fq_multi_exp_res_2;
  258. static const FqElemStr fq_multi_exp_base_3[3];
  259. static const BigNumStr fq_multi_exp_exp_3[3];
  260. static const FqElemStr fq_multi_exp_res_3;
  261. static const FqElemStr fq_multi_exp_base_4[4];
  262. static const BigNumStr fq_multi_exp_exp_4[4];
  263. static const FqElemStr fq_multi_exp_res_4;
  264. static const FqElemStr fq_multi_exp_base_5[5];
  265. static const BigNumStr fq_multi_exp_exp_5[5];
  266. static const FqElemStr fq_multi_exp_res_5;
  267. static const FqElemStr fq_multi_exp_base_6[6];
  268. static const BigNumStr fq_multi_exp_exp_6[6];
  269. static const FqElemStr fq_multi_exp_res_6;
  270. // EPID 1.1 GT Multi Exp Data
  271. static const Fq6ElemStr epid11_GT_multi_exp_base_3[3];
  272. static const std::vector<uint8_t> epid11_GT_multi_exp_exp_3[3];
  273. static const Fq6ElemStr epid11_GT_multi_exp_res_3;
  274. // Fq12 Multi Exp Data
  275. static const Fq12ElemStr fq12_multi_exp_base_4[4];
  276. static const BigNumStr fq12_multi_exp_exp_4[4];
  277. static const Fq12ElemStr fq12_multi_exp_res_4;
  278. };
  279. const Fq2ElemStr FfElementTest::fq2_2_1_str = {
  280. {{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  281. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  282. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02}}},
  283. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  284. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  285. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}}}}};
  286. const Fq6ElemStr FfElementTest::fq6_0_0_1_0_0_0_str = {
  287. {{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  288. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  289. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  290. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  291. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  292. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  293. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  294. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  295. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
  296. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  297. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  298. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  299. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  300. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  301. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  302. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  303. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  304. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}};
  305. // Intel(R) EPID 2.0 parameter p
  306. const BigNumStr FfElementTest::bn_p_str = {
  307. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  308. 0x5E, 0xEE, 0x71, 0xA4, 0x9E, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99,
  309. 0x92, 0x1A, 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x0D};
  310. // Intel(R) EPID 2.0 parameter p - 0x0D
  311. const FpElemStr FfElementTest::fp_p_str = {
  312. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  313. 0x5E, 0xEE, 0x71, 0xA4, 0x9E, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99,
  314. 0x92, 0x1A, 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x00};
  315. // Intel(R) EPID 2.0 parameter p - 1
  316. const BigNumStr FfElementTest::fp_pm1_str = {
  317. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  318. 0x5E, 0xEE, 0x71, 0xA4, 0x9E, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99,
  319. 0x92, 0x1A, 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x0C,
  320. };
  321. // Intel(R) EPID 2.0 parameter q
  322. const BigNumStr FfElementTest::bn_q_str = {
  323. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  324. 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
  325. 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x13};
  326. // Intel(R) EPID 2.0 parameter q - 1
  327. const FqElemStr FfElementTest::fq_qm1_str = {
  328. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  329. 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
  330. 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x12};
  331. const BigNumStr FfElementTest::bn_qm1_str = {
  332. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  333. 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
  334. 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x12};
  335. // Intel(R) EPID 2.0 parameter q - 2
  336. const FqElemStr FfElementTest::fq_qm2_str = {
  337. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  338. 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
  339. 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x11};
  340. // Intel(R) EPID 2.0 parameter q + 1
  341. const BigNumStr FfElementTest::bn_qp1_str = {
  342. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  343. 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
  344. 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x14};
  345. // Intel(R) EPID 2.0 parameter q - 0x3013
  346. const BigNumStr FfElementTest::fq_qm0x3013_str = {
  347. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
  348. 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
  349. 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x00, 0x00};
  350. // Intel(R) EPID 1.1 parameter q
  351. const BigNumStr FfElementTest::bn_epid11_bn_q_str = {
  352. 0x09, 0xF9, 0x24, 0xE5, 0xD9, 0xBC, 0x67, 0x7F, 0x81, 0x0D, 0xF0,
  353. 0x25, 0x58, 0xF7, 0x53, 0x13, 0xA9, 0x8A, 0xA6, 0x10, 0x47, 0x65,
  354. 0x5D, 0x73, 0x9E, 0xF1, 0x94, 0xEB, 0x05, 0xB1, 0xA7, 0x11};
  355. // Intel(R) EPID 1.1 parameter qnr
  356. const FqElemStr FfElementTest::fq_epid11_fq_qnr = {
  357. {0x08, 0x66, 0xA7, 0x67, 0x36, 0x6E, 0x62, 0x71, 0xB7, 0xA6, 0x52, 0x94,
  358. 0x8F, 0xFB, 0x25, 0x9E, 0xE6, 0x4F, 0x25, 0xE5, 0x26, 0x9A, 0x2B, 0x6E,
  359. 0x7E, 0xF8, 0xA6, 0x39, 0xAE, 0x46, 0xAA, 0x24}};
  360. // Intel(R) EPID 1.1 parameter coeff
  361. const BigNumStr FfElementTest::bn_epid11_fq_coeffs[3] = {
  362. {{{0x02, 0x16, 0x7A, 0x61, 0x53, 0xDD, 0xF6, 0xE2, 0x89, 0x15, 0xA0, 0x94,
  363. 0xF1, 0xB5, 0xDC, 0x65, 0x21, 0x15, 0x62, 0xE1, 0x7D, 0xC5, 0x43, 0x89,
  364. 0xEE, 0xB4, 0xEF, 0xC8, 0xA0, 0x8E, 0x34, 0x0F}}},
  365. {{{0x04, 0x82, 0x27, 0xE1, 0xEB, 0x98, 0x64, 0xC2, 0x8D, 0x8F, 0xDD, 0x0E,
  366. 0x82, 0x40, 0xAE, 0xD4, 0x31, 0x63, 0xD6, 0x46, 0x32, 0x16, 0x85, 0x7A,
  367. 0xB7, 0x18, 0x68, 0xB8, 0x17, 0x02, 0x81, 0xA6}}},
  368. {{{0x06, 0x20, 0x76, 0xE8, 0x54, 0x54, 0x53, 0xB4, 0xA9, 0xD8, 0x44, 0x4B,
  369. 0xAA, 0xFB, 0x1C, 0xFD, 0xAE, 0x15, 0xCA, 0x29, 0x79, 0xA6, 0x24, 0xA4,
  370. 0x0A, 0xF6, 0x1E, 0xAC, 0xED, 0xFB, 0x10, 0x41}}}};
  371. // zero
  372. const BigNumStr FfElementTest::bn_0_str = {
  373. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  374. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  375. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
  376. const FqElemStr FfElementTest::fq_0_str = {
  377. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  378. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  379. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
  380. // one
  381. const BigNumStr FfElementTest::bn_1_str = {
  382. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  383. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  384. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
  385. const FqElemStr FfElementTest::fq_1_str = {
  386. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  387. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  388. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
  389. // two
  390. const BigNumStr FfElementTest::bn_2_str = {
  391. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  392. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  393. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
  394. const FqElemStr FfElementTest::fq_2_str = {
  395. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  396. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  397. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
  398. // three
  399. const FqElemStr FfElementTest::fq_3_str = {
  400. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  401. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  402. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03};
  403. // four
  404. const FqElemStr FfElementTest::fq_4_str = {
  405. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  406. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  407. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04};
  408. // five
  409. const FqElemStr FfElementTest::fq_5_str = {
  410. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  411. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  412. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05};
  413. const BigNumStr FfElementTest::bn_0xffff_str = {
  414. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  415. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  416. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff};
  417. // arbitrary constant a (256 bit value)
  418. const BigNumStr FfElementTest::bn_a_str = {
  419. 0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D,
  420. 0x52, 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A,
  421. 0x37, 0xE0, 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A};
  422. const FqElemStr FfElementTest::fq_a_str = {
  423. 0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D,
  424. 0x52, 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A,
  425. 0x37, 0xE0, 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A};
  426. const Fq2ElemStr FfElementTest::fq2_a_str = {
  427. {{{{0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D, 0x52,
  428. 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A, 0x37, 0xE0,
  429. 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A}}},
  430. {{{0xDD, 0x2B, 0xE9, 0x59, 0x24, 0xA5, 0xB3, 0xFD, 0xEB, 0xE1, 0x3C, 0xC0,
  431. 0x73, 0x4E, 0x99, 0xEE, 0x36, 0xF6, 0xC0, 0x1A, 0x76, 0x01, 0x0A, 0xF0,
  432. 0xCB, 0xB4, 0x71, 0x88, 0x95, 0xCB, 0x35, 0xBA}}}}};
  433. // arbitrary constant b (256 bit value)
  434. const BigNumStr FfElementTest::bn_b_str = {
  435. 0xE6, 0x65, 0x23, 0x9B, 0xD4, 0x07, 0x16, 0x83, 0x38, 0x23, 0xB2,
  436. 0x67, 0x57, 0xEB, 0x0F, 0x23, 0x3A, 0xF4, 0x8E, 0xDA, 0x71, 0x5E,
  437. 0xD9, 0x98, 0x63, 0x98, 0x2B, 0xBC, 0x78, 0xD1, 0x94, 0xF2};
  438. const FqElemStr FfElementTest::fq_b_str = {
  439. 0xE6, 0x65, 0x23, 0x9B, 0xD4, 0x07, 0x16, 0x83, 0x38, 0x23, 0xB2,
  440. 0x67, 0x57, 0xEB, 0x0F, 0x23, 0x3A, 0xF4, 0x8E, 0xDA, 0x71, 0x5E,
  441. 0xD9, 0x98, 0x63, 0x98, 0x2B, 0xBC, 0x78, 0xD1, 0x94, 0xF2};
  442. // a + b
  443. const FqElemStr FfElementTest::fq_sum_ab_str = {
  444. 0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F,
  445. 0xBA, 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79,
  446. 0x11, 0x78, 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C};
  447. const Fq2ElemStr FfElementTest::fq2_sum_ab_str = {
  448. {{{{0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F, 0xBA,
  449. 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79, 0x11, 0x78,
  450. 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C}}},
  451. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  452. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  453. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}};
  454. const Fq6ElemStr FfElementTest::fq6_sum_ab_str = {
  455. {{{{0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F, 0xBA,
  456. 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79, 0x11, 0x78,
  457. 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C},
  458. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  459. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  460. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  461. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  462. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  463. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  464. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  465. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  466. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  467. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  468. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  469. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  470. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  471. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  472. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}};
  473. const Fq12ElemStr FfElementTest::fq12_sum_ab_str = {
  474. {{{{{{0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F,
  475. 0xBA, 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79,
  476. 0x11, 0x78, 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C},
  477. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  478. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  479. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  480. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  481. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  482. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  483. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  484. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  485. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  486. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  487. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  488. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  489. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  490. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  491. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}},
  492. {{{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  493. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  494. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  495. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  496. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  497. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  498. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  499. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  500. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  501. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  502. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  503. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
  504. {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  505. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  506. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
  507. {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  508. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  509. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}}}};
  510. // a * b
  511. const FqElemStr FfElementTest::fq_mul_ab_str = {
  512. 0xE4, 0xAB, 0xE3, 0xE4, 0x08, 0xC3, 0x8A, 0x00, 0x78, 0x50, 0x01,
  513. 0xA9, 0x4A, 0xFC, 0x43, 0x15, 0xA2, 0x99, 0x51, 0x20, 0x6B, 0x9C,
  514. 0x00, 0xCF, 0x82, 0x88, 0xBD, 0x39, 0x0B, 0xA2, 0x0B, 0x58};
  515. const Fq2ElemStr FfElementTest::fq2_mul_ab_str = {
  516. {{{{0xE4, 0xAB, 0xE3, 0xE4, 0x08, 0xC3, 0x8A, 0x00, 0x78, 0x50, 0x01, 0xA9,
  517. 0x4A, 0xFC, 0x43, 0x15, 0xA2, 0x99, 0x51, 0x20, 0x6B, 0x9C, 0x00, 0xCF,
  518. 0x82, 0x88, 0xBD, 0x39, 0x0B, 0xA2, 0x0B, 0x58}}},
  519. {{{0xB4, 0xE4, 0x39, 0xEA, 0x70, 0xDE, 0x15, 0xC3, 0xC6, 0x91, 0xFD, 0x7F,
  520. 0xBE, 0x2B, 0xF5, 0xD2, 0xC0, 0xB7, 0x20, 0xFC, 0x1F, 0x02, 0x33, 0xC9,
  521. 0x39, 0x93, 0xB9, 0x5E, 0x55, 0x51, 0xB6, 0x46}}}}};
  522. // 1/a
  523. const FqElemStr FfElementTest::fq_inv_a_str = {
  524. 0x15, 0x17, 0x1A, 0x1E, 0x93, 0x71, 0x1B, 0x39, 0xC5, 0x97, 0xEF,
  525. 0x78, 0xA5, 0x51, 0x34, 0x62, 0x44, 0xAD, 0x8D, 0x51, 0xDF, 0x90,
  526. 0x7C, 0x6F, 0x56, 0xB6, 0xAB, 0x63, 0x5A, 0x68, 0x6D, 0xF6};
  527. // -a
  528. const FqElemStr FfElementTest::fq_neg_a_str = {
  529. 0xED, 0x59, 0xA4, 0x29, 0x6E, 0x6F, 0xA0, 0x25, 0xDF, 0xFA, 0x75,
  530. 0x0C, 0x0B, 0x31, 0x8D, 0x3E, 0x8C, 0xFC, 0xF9, 0x59, 0xE6, 0x7D,
  531. 0xD2, 0xA2, 0x40, 0x68, 0x36, 0x22, 0x38, 0x27, 0x7E, 0x89};
  532. // pow(a, b)
  533. const FqElemStr FfElementTest::fq_exp_ab_str = {
  534. 0x29, 0x65, 0x68, 0x0E, 0x56, 0xB9, 0x8F, 0xBA, 0xA6, 0xEA, 0x8F,
  535. 0xE1, 0x13, 0x44, 0x3B, 0x12, 0x5C, 0xB9, 0xF8, 0x76, 0x42, 0x12,
  536. 0xCB, 0xB2, 0xED, 0xC0, 0x23, 0xA3, 0x5C, 0xAD, 0x38, 0xD1};
  537. const uint8_t FfElementTest::sha_msg[] = {'a', 'b', 'c'};
  538. const FqElemStr FfElementTest::fq_abc_sha256_str = {
  539. 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, 0x41, 0x41, 0x40,
  540. 0xDE, 0x5D, 0xAE, 0x22, 0x23, 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17,
  541. 0x7A, 0x9C, 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD,
  542. };
  543. const FqElemStr FfElementTest::fq_abc_sha384_str = {
  544. 0x10, 0xAC, 0xE4, 0xE8, 0x8F, 0xBB, 0x96, 0xBF, 0x53, 0xB6, 0xAF,
  545. 0xE4, 0x4E, 0x95, 0xDE, 0xA5, 0x98, 0x8F, 0x10, 0xBF, 0x59, 0xC4,
  546. 0x11, 0xFE, 0x1F, 0x7A, 0xA6, 0x1E, 0x57, 0x3E, 0xE3, 0x3C,
  547. };
  548. const FqElemStr FfElementTest::fq_abc_sha512_str = {
  549. 0x14, 0xB4, 0x28, 0x89, 0xD2, 0x86, 0xA4, 0x79, 0xE3, 0x5B, 0xC4,
  550. 0x50, 0xD1, 0x3B, 0xF2, 0x35, 0xF7, 0x97, 0x91, 0x05, 0x3D, 0x64,
  551. 0xC0, 0x06, 0x45, 0x9F, 0xEC, 0xD8, 0xDB, 0x53, 0x3E, 0xC3,
  552. };
  553. const Fq12ElemStr FfElementTest::fq12_g_str = {
  554. {{{{{{0xBA, 0x10, 0x1F, 0xF6, 0x46, 0x8B, 0xE9, 0x32, 0x4F, 0xC0, 0xA5,
  555. 0x01, 0xAD, 0x5E, 0xE2, 0x31, 0x16, 0x29, 0x96, 0xED, 0xA7, 0xDE,
  556. 0x4C, 0xE1, 0xD2, 0x8D, 0x33, 0xCA, 0x50, 0xAB, 0x7B, 0xC6},
  557. {0x15, 0xEB, 0x79, 0xF4, 0xEB, 0xDE, 0x30, 0xB6, 0xC4, 0x07, 0x7C,
  558. 0x42, 0xCB, 0x04, 0x54, 0xF2, 0x1F, 0x4D, 0x1F, 0xC0, 0xDF, 0xA2,
  559. 0x2B, 0x9E, 0x34, 0xC4, 0x4C, 0x84, 0x14, 0xD3, 0x62, 0x07}}},
  560. {{{0xF1, 0x8B, 0x84, 0xD1, 0x46, 0x57, 0xB6, 0xE7, 0x80, 0xE1, 0x46,
  561. 0x49, 0x1C, 0x0D, 0xEF, 0x81, 0x31, 0xB0, 0xBE, 0x8C, 0xB9, 0x08,
  562. 0xD0, 0xD3, 0xC4, 0x56, 0xCA, 0xAD, 0xF9, 0x1D, 0x75, 0x19},
  563. {0x3F, 0xEE, 0x7C, 0x43, 0xC1, 0xFA, 0x4E, 0x50, 0xB7, 0x19, 0x01,
  564. 0x00, 0x6F, 0xD5, 0x16, 0xB6, 0xF4, 0x85, 0xE0, 0xEB, 0x2E, 0x5F,
  565. 0x0A, 0x7E, 0xF8, 0xAC, 0xBC, 0x05, 0xEC, 0x73, 0xB5, 0x57}}},
  566. {{{0xE3, 0xB3, 0x18, 0x29, 0xBB, 0xEF, 0x86, 0x50, 0x87, 0xCF, 0x70,
  567. 0xBA, 0x13, 0x8B, 0xB1, 0xB6, 0x2D, 0x6F, 0x65, 0x3D, 0xA1, 0x0B,
  568. 0xE3, 0x92, 0xC5, 0x72, 0x86, 0x6A, 0xB3, 0xEB, 0xE0, 0xE5},
  569. {0xDA, 0x0E, 0x57, 0x87, 0xD5, 0xA9, 0x61, 0xA5, 0x1E, 0xCB, 0x04,
  570. 0x86, 0xCD, 0xC3, 0x18, 0x2A, 0x36, 0xA0, 0x81, 0x73, 0xE7, 0x13,
  571. 0x87, 0x80, 0x8D, 0x1A, 0xFE, 0x6E, 0x4B, 0xA3, 0x13, 0x03}}}}},
  572. {{{{{0x66, 0x9E, 0x80, 0x4D, 0x8A, 0xAA, 0x00, 0x95, 0x72, 0xCE, 0xBB,
  573. 0x51, 0xE8, 0x01, 0x09, 0x41, 0xD3, 0x63, 0x28, 0x05, 0xA4, 0xBE,
  574. 0xD6, 0x41, 0xA6, 0x2F, 0x5F, 0xBF, 0x0B, 0x13, 0xB4, 0x54},
  575. {0x5B, 0x50, 0x65, 0xDC, 0x6F, 0x29, 0xD6, 0xDA, 0xBF, 0xC2, 0x06,
  576. 0xEA, 0x3B, 0xB2, 0xF1, 0xD4, 0x26, 0x5C, 0x92, 0x6B, 0x95, 0x6D,
  577. 0x88, 0xAB, 0x8F, 0xC6, 0x9D, 0x31, 0xE4, 0x9B, 0x71, 0x49}}},
  578. {{{0xE0, 0xCE, 0x97, 0x8F, 0xC9, 0x9F, 0xBC, 0xA8, 0x4A, 0xC6, 0xAA,
  579. 0x4A, 0xC8, 0x0D, 0x2A, 0x60, 0x1A, 0x43, 0x40, 0x03, 0xB3, 0x53,
  580. 0x30, 0x98, 0x1F, 0x3F, 0xDF, 0x5C, 0x0F, 0xF0, 0x84, 0x8E},
  581. {0x5A, 0x5D, 0x41, 0xD2, 0x47, 0x78, 0x6D, 0x9F, 0x89, 0xCE, 0xF5,
  582. 0x8E, 0xB6, 0x54, 0xA2, 0x26, 0xE5, 0x40, 0x39, 0x5C, 0x59, 0x08,
  583. 0xB3, 0xDA, 0xF5, 0xF8, 0xA0, 0x18, 0x33, 0x57, 0xD1, 0x72}}},
  584. {{{0xBB, 0xBA, 0x6C, 0xED, 0xE8, 0xA0, 0x5E, 0xC8, 0x81, 0xC5, 0xAC,
  585. 0x15, 0x1B, 0xD0, 0xE6, 0xC8, 0x92, 0xF9, 0x43, 0x03, 0x5A, 0x00,
  586. 0x42, 0xE3, 0x49, 0xA5, 0xF7, 0x19, 0x78, 0x8A, 0x39, 0x89},
  587. {0x32, 0xAE, 0xBF, 0x4D, 0x4B, 0xB3, 0x33, 0x76, 0x16, 0xFD, 0x0B,
  588. 0xFE, 0x42, 0x1E, 0x17, 0x37, 0x2A, 0x04, 0xEA, 0x26, 0xBA, 0x6E,
  589. 0x2C, 0x36, 0xAF, 0x35, 0x1B, 0x75, 0x6D, 0x17, 0xDC, 0x8E}}}}}}};
  590. const Fq12ElemStr FfElementTest::fq12_h_str = {
  591. {{{{{{0x41, 0xFB, 0xBE, 0xD2, 0x20, 0x95, 0xE5, 0xBA, 0x87, 0x54, 0x23,
  592. 0xCC, 0x04, 0x97, 0x38, 0x4B, 0x69, 0x28, 0x18, 0x6D, 0xAE, 0x19,
  593. 0xE3, 0x3D, 0xFE, 0x39, 0xE2, 0x1C, 0xC2, 0x53, 0x17, 0xF6},
  594. {0xEA, 0xA3, 0x0F, 0x62, 0x6E, 0xBF, 0x6F, 0x8F, 0xBC, 0xFA, 0x6E,
  595. 0x07, 0xD3, 0xD3, 0xAE, 0x5C, 0xAA, 0xB5, 0x9C, 0xD7, 0xB8, 0x5B,
  596. 0x1B, 0x69, 0x52, 0x93, 0xBF, 0xDB, 0x87, 0x5C, 0x19, 0x07}}},
  597. {{{0x1B, 0x03, 0xE1, 0x79, 0x3C, 0x10, 0x0B, 0x65, 0xBF, 0xD7, 0xF3,
  598. 0x45, 0x1A, 0xD4, 0xDD, 0xB8, 0x67, 0x1A, 0x8F, 0x41, 0x1A, 0xD4,
  599. 0x04, 0x3C, 0xD2, 0xA4, 0x3B, 0x47, 0xFE, 0xBD, 0xEA, 0x87},
  600. {0xDF, 0x7F, 0x94, 0x9C, 0xB8, 0x65, 0x54, 0x8D, 0xD7, 0x0B, 0x33,
  601. 0x26, 0x25, 0x89, 0xD4, 0x60, 0x0C, 0x89, 0x5F, 0x2C, 0x00, 0x7F,
  602. 0xAF, 0x89, 0x35, 0xE5, 0xB9, 0x23, 0x7F, 0x79, 0x1A, 0x86}}},
  603. {{{0xCE, 0x01, 0x4F, 0x24, 0x3C, 0x3A, 0xC3, 0x61, 0x5B, 0xD9, 0x2D,
  604. 0x87, 0x94, 0xA3, 0xD2, 0x8B, 0x57, 0xC4, 0x07, 0xF8, 0x29, 0x5E,
  605. 0x09, 0x23, 0xCA, 0xE9, 0x85, 0xA1, 0xDB, 0xF2, 0x0C, 0x8F},
  606. {0xC2, 0xFB, 0x9A, 0xCC, 0xD9, 0x82, 0x63, 0x28, 0x83, 0xB7, 0x4F,
  607. 0x99, 0x3A, 0x19, 0x11, 0xB0, 0xB4, 0xE7, 0x73, 0x94, 0x35, 0x19,
  608. 0x6B, 0xC2, 0x5D, 0x2E, 0x8C, 0x33, 0xFF, 0x13, 0xCD, 0xBE}}}}},
  609. {{{{{0x29, 0x43, 0xF6, 0xA0, 0xE9, 0xDC, 0x27, 0x27, 0x9B, 0x0A, 0x33,
  610. 0xBC, 0x85, 0x6A, 0xBF, 0x8B, 0xC5, 0x89, 0x10, 0x92, 0xAE, 0x73,
  611. 0xC9, 0x32, 0x46, 0x8D, 0x24, 0x1F, 0x32, 0x96, 0xED, 0x0B},
  612. {0x44, 0x8C, 0x6D, 0xF6, 0x1A, 0x2F, 0xCA, 0x18, 0x8E, 0x84, 0xFF,
  613. 0x5F, 0x5F, 0xAF, 0xC0, 0x52, 0x35, 0xA1, 0xB3, 0xA0, 0xDE, 0xEE,
  614. 0x97, 0xBF, 0xB8, 0xFA, 0x8B, 0x9E, 0x00, 0x13, 0xE7, 0x26}}},
  615. {{{0xFB, 0x78, 0xA1, 0x6D, 0x41, 0x92, 0xA6, 0xC6, 0x7F, 0xAD, 0xB7,
  616. 0xFC, 0x4F, 0x5F, 0x48, 0x94, 0x7D, 0xB7, 0xF5, 0xCC, 0xB5, 0x7E,
  617. 0x08, 0xCD, 0xBF, 0x58, 0xC9, 0x30, 0xEB, 0xE4, 0xA0, 0xBF},
  618. {0x0C, 0x6A, 0x89, 0x18, 0x97, 0x37, 0x54, 0x76, 0x79, 0x3E, 0x8E,
  619. 0xA6, 0x5B, 0x77, 0xCE, 0x4A, 0xCB, 0xD9, 0x8B, 0x7B, 0x32, 0x1A,
  620. 0x30, 0x40, 0x49, 0xFF, 0x84, 0xE7, 0xBE, 0xD8, 0xCF, 0xFD}}},
  621. {{{0x2D, 0x23, 0x54, 0xB5, 0x2E, 0x29, 0xE9, 0xC7, 0x62, 0x1B, 0x03,
  622. 0x34, 0x3A, 0xEB, 0xC9, 0x69, 0x38, 0x9F, 0xD1, 0x2B, 0xDA, 0x8B,
  623. 0x07, 0x58, 0x30, 0xF8, 0x38, 0x08, 0x09, 0x07, 0xCA, 0x5B},
  624. {0x3A, 0x13, 0xED, 0xF4, 0x5D, 0xC9, 0x23, 0x66, 0x85, 0x8C, 0x6A,
  625. 0x7D, 0xE9, 0x11, 0x17, 0xE6, 0x43, 0x2F, 0x12, 0xC5, 0x07, 0x63,
  626. 0x84, 0x98, 0xA0, 0x1C, 0xDC, 0xF3, 0x91, 0x91, 0x11, 0x55}}}}}}};
  627. const Fq12ElemStr FfElementTest::fq12_i_str = {
  628. {{{{{{0x0F, 0xD0, 0x1C, 0x59, 0x98, 0x52, 0x5A, 0x40, 0xFF, 0x26, 0x0A,
  629. 0xFD, 0x70, 0xEC, 0x23, 0x48, 0x1B, 0x4B, 0x70, 0xA0, 0x15, 0xC5,
  630. 0xB1, 0x8B, 0xA5, 0x75, 0xAC, 0xCE, 0xF3, 0x6C, 0xE8, 0xBA},
  631. {0xA7, 0xFB, 0xF9, 0xEA, 0x18, 0x70, 0xD8, 0x9B, 0x3C, 0xC3, 0x66,
  632. 0x10, 0x38, 0xAC, 0x16, 0x32, 0xDC, 0x9D, 0xF0, 0xD4, 0x2C, 0xE7,
  633. 0xF6, 0x69, 0x47, 0x69, 0x84, 0xEE, 0x39, 0x5F, 0xD8, 0xCC}}},
  634. {{{0x1B, 0xEF, 0x81, 0x13, 0x81, 0xB9, 0x56, 0xAE, 0xD0, 0xD4, 0xAE,
  635. 0xCB, 0x24, 0x7C, 0x7B, 0x7F, 0xC0, 0x41, 0x42, 0x0A, 0x9D, 0x90,
  636. 0x6B, 0x1E, 0x3A, 0xAD, 0x39, 0x7A, 0x1F, 0xEF, 0x56, 0x9E},
  637. {0xBD, 0x84, 0x48, 0xAF, 0x65, 0x66, 0x33, 0xE5, 0x67, 0xF1, 0xC4,
  638. 0x48, 0xF0, 0xB6, 0x61, 0x06, 0xC7, 0x78, 0xB3, 0xC1, 0x12, 0xB8,
  639. 0x31, 0xD4, 0x69, 0x2E, 0x0E, 0xD3, 0xD4, 0x91, 0x81, 0x9A}}},
  640. {{{0x23, 0x62, 0x9B, 0x83, 0x95, 0xF6, 0x7F, 0xF6, 0xCC, 0x6B, 0xEE,
  641. 0x84, 0xF0, 0x5B, 0x93, 0xA6, 0x90, 0x48, 0x1A, 0xA7, 0xA8, 0xE8,
  642. 0x10, 0xA5, 0x53, 0x7E, 0x4F, 0xD5, 0x0D, 0xB0, 0x86, 0xF7},
  643. {0x1F, 0xB8, 0xB7, 0xD4, 0x2E, 0x41, 0x83, 0x2C, 0xFC, 0x62, 0x14,
  644. 0xB8, 0xC2, 0xF6, 0xC1, 0x5E, 0xC1, 0xC1, 0x40, 0x8B, 0x28, 0xB5,
  645. 0x1B, 0x85, 0xEE, 0x71, 0xC8, 0x14, 0x56, 0xB9, 0x3B, 0x90}}}}},
  646. {{{{{0x4A, 0xFE, 0x73, 0xFA, 0xCF, 0x20, 0x67, 0x0E, 0x89, 0x1D, 0xCB,
  647. 0x05, 0x38, 0x27, 0x1C, 0xD5, 0x7A, 0x0C, 0xAC, 0x92, 0x17, 0x94,
  648. 0x7F, 0x10, 0x3E, 0xFF, 0x97, 0x23, 0x66, 0x8D, 0x70, 0xAE},
  649. {0x80, 0x97, 0xFF, 0x88, 0xF8, 0x01, 0x2B, 0x99, 0x81, 0xEB, 0xF8,
  650. 0x19, 0xEF, 0xDA, 0xE3, 0xAE, 0xD9, 0x9B, 0x4C, 0x13, 0xFC, 0x9E,
  651. 0x18, 0xD6, 0xB0, 0xCF, 0x4E, 0x29, 0xA8, 0xCF, 0x01, 0xFA}}},
  652. {{{0xDA, 0x22, 0x85, 0x18, 0x9A, 0x51, 0x17, 0xAC, 0x26, 0x57, 0xF6,
  653. 0x73, 0x59, 0x24, 0xD5, 0xC9, 0x4D, 0xAC, 0xB6, 0xE4, 0x51, 0xF7,
  654. 0x5E, 0x30, 0x5B, 0x25, 0x3D, 0x52, 0xA3, 0xE0, 0x4B, 0xA2},
  655. {0xC3, 0x4C, 0x2F, 0x53, 0xD5, 0x92, 0x33, 0x7E, 0x8B, 0x66, 0x5F,
  656. 0x48, 0x48, 0xCA, 0xA8, 0x98, 0x0F, 0x73, 0xD3, 0x60, 0xAF, 0x25,
  657. 0x02, 0xEE, 0x64, 0xE7, 0x02, 0x89, 0x9A, 0xD2, 0x96, 0x45}}},
  658. {{{0x04, 0xE1, 0x30, 0x9B, 0xD8, 0x85, 0xF0, 0x99, 0x7C, 0x01, 0xD5,
  659. 0x58, 0x5A, 0x74, 0x0B, 0xD4, 0xF2, 0xFA, 0xC7, 0x59, 0x36, 0xFD,
  660. 0x91, 0x07, 0x60, 0xF7, 0xDC, 0x11, 0x3E, 0x8A, 0xC6, 0x48},
  661. {0x0D, 0x02, 0x30, 0x18, 0xD0, 0xB9, 0x6B, 0xD6, 0x39, 0x6A, 0x41,
  662. 0x82, 0xDD, 0xE3, 0xCE, 0xB8, 0xB6, 0xF5, 0x61, 0x80, 0x61, 0x16,
  663. 0xF4, 0x9A, 0xB8, 0x58, 0x1D, 0x3F, 0x4D, 0xC2, 0xCA, 0xCF}}}}}}};
  664. const Fq12ElemStr FfElementTest::fq12_j_str = {
  665. {{{{{{0x3A, 0x30, 0x33, 0xA2, 0x14, 0xDF, 0xDC, 0x70, 0x48, 0xF3, 0xBA,
  666. 0x3F, 0xCE, 0xFC, 0x69, 0x24, 0xAE, 0xA1, 0xF3, 0xCF, 0xD8, 0x77,
  667. 0x69, 0x38, 0x38, 0xF4, 0x8E, 0xFB, 0x51, 0xFB, 0x10, 0x7C},
  668. {0x73, 0xB4, 0xEE, 0xF9, 0x76, 0xBB, 0x45, 0xEC, 0x07, 0x24, 0x23,
  669. 0xA3, 0x38, 0x64, 0x39, 0x4C, 0x03, 0x94, 0xF5, 0xEE, 0x5F, 0xC9,
  670. 0x83, 0x4F, 0xD1, 0xA6, 0x4A, 0x05, 0x25, 0x0C, 0x46, 0x33}}},
  671. {{{0xD4, 0x40, 0x47, 0xAE, 0xEC, 0xDA, 0x30, 0xF9, 0xE1, 0x28, 0xFB,
  672. 0xB1, 0x4C, 0x62, 0xFB, 0x6C, 0x90, 0x0D, 0xB1, 0xEC, 0xAF, 0x2D,
  673. 0x95, 0x64, 0x11, 0x93, 0xDA, 0x8E, 0xB8, 0x7D, 0xE4, 0xA3},
  674. {0x8E, 0xA6, 0x9B, 0xAA, 0x58, 0xD5, 0xDC, 0x59, 0x1A, 0x51, 0x53,
  675. 0x47, 0x30, 0x1C, 0x2B, 0xB0, 0xBB, 0x57, 0x57, 0x0A, 0x8C, 0x5F,
  676. 0x62, 0x9C, 0x52, 0x28, 0xC0, 0x25, 0x27, 0xAE, 0xCD, 0x36}}},
  677. {{{0xBF, 0x2D, 0x03, 0xB1, 0x33, 0xFD, 0x24, 0x81, 0x3C, 0x91, 0x43,
  678. 0x90, 0x0C, 0x20, 0xC4, 0xE3, 0x69, 0x3F, 0xA9, 0xA2, 0x7C, 0xC2,
  679. 0x48, 0x28, 0x1B, 0xF0, 0x81, 0x1F, 0x2B, 0x8F, 0x8D, 0x43},
  680. {0x38, 0x18, 0x12, 0xA3, 0x89, 0xF1, 0xD7, 0x60, 0x89, 0x68, 0x6A,
  681. 0xC4, 0xCC, 0x5D, 0xF4, 0xCE, 0x43, 0x95, 0x84, 0xCD, 0x01, 0x55,
  682. 0xB8, 0x5D, 0x24, 0x50, 0xCD, 0xE3, 0x68, 0x1C, 0xFF, 0x59}}}}},
  683. {{{{{0x0D, 0xAC, 0xCB, 0xE7, 0x9D, 0x68, 0x0F, 0x4A, 0xAF, 0xEB, 0xB5,
  684. 0xFB, 0xF9, 0xB1, 0x58, 0x80, 0xD5, 0x71, 0x53, 0x26, 0x2E, 0x9C,
  685. 0xCE, 0x10, 0xAC, 0xD2, 0x0A, 0xEB, 0xB4, 0x5C, 0xC8, 0xD7},
  686. {0x16, 0x26, 0x66, 0x71, 0xDD, 0x67, 0xBA, 0xDB, 0x35, 0x76, 0x64,
  687. 0xC6, 0x0B, 0x0B, 0x07, 0x4B, 0x65, 0xA2, 0xF7, 0x68, 0x9E, 0xFE,
  688. 0xE8, 0xE3, 0xA7, 0x09, 0x79, 0xC5, 0xDF, 0x5E, 0x9C, 0xEC}}},
  689. {{{0xEE, 0x83, 0x59, 0xB5, 0x89, 0x81, 0xA2, 0x87, 0xD7, 0x75, 0x65,
  690. 0x90, 0xDE, 0x78, 0x37, 0x59, 0x04, 0x9B, 0x50, 0xC3, 0xBA, 0x90,
  691. 0x09, 0x15, 0xAB, 0x17, 0xC5, 0xBF, 0x5B, 0xB9, 0xE4, 0x6C},
  692. {0xA9, 0xB1, 0x49, 0x76, 0x25, 0x74, 0x5D, 0x9C, 0x78, 0xC5, 0x09,
  693. 0xEE, 0xEB, 0xEB, 0x9D, 0x1C, 0x6C, 0xC0, 0x27, 0x9D, 0x66, 0xE6,
  694. 0x7F, 0x31, 0xCD, 0xB0, 0x8A, 0xE4, 0x9E, 0xBD, 0x70, 0x18}}},
  695. {{{0x88, 0xA1, 0x08, 0x39, 0xA2, 0x48, 0xA5, 0x98, 0xB6, 0xAD, 0x10,
  696. 0x54, 0x07, 0xCD, 0xFC, 0x6D, 0xB1, 0x02, 0xFF, 0xE3, 0x92, 0xD7,
  697. 0x9D, 0x48, 0xFB, 0xCE, 0x88, 0x46, 0x92, 0x07, 0x02, 0xBA},
  698. {0xEE, 0xEB, 0xAE, 0x88, 0xB1, 0x4E, 0xD0, 0xF2, 0xCE, 0xD7, 0x57,
  699. 0x07, 0xD4, 0x39, 0xD2, 0x7D, 0x1A, 0x0C, 0xEF, 0xF2, 0x84, 0x84,
  700. 0x22, 0x8A, 0xB1, 0x80, 0x0D, 0xDC, 0x64, 0x86, 0xFD, 0x70}}}}}}};
  701. const Fq12ElemStr FfElementTest::fq12_mul_ij_str = {
  702. {{{{{{0x4A, 0x0E, 0x83, 0x4F, 0x62, 0xCA, 0x56, 0x0B, 0x0F, 0x2E, 0xF3,
  703. 0x1A, 0xC6, 0xFC, 0x76, 0x4F, 0x4B, 0x85, 0x78, 0x6F, 0x9D, 0xB9,
  704. 0xBD, 0xC8, 0xBB, 0x7C, 0x73, 0x12, 0x28, 0xFF, 0xBC, 0x8F},
  705. {0x18, 0x8E, 0x5E, 0x4B, 0x72, 0xA5, 0x4A, 0x99, 0xFC, 0xE7, 0x05,
  706. 0xE5, 0xD2, 0x2C, 0x06, 0x95, 0xF5, 0xE4, 0xA5, 0x87, 0xCB, 0x85,
  707. 0x25, 0xF8, 0xDA, 0x71, 0x7B, 0x9A, 0xF1, 0x52, 0xF9, 0x33}}},
  708. {{{0x05, 0x5F, 0x15, 0x72, 0xA3, 0x61, 0xA6, 0x6C, 0xB8, 0x43, 0xBB,
  709. 0xCA, 0x33, 0xB2, 0xDB, 0x59, 0xCA, 0xAB, 0xAD, 0xA0, 0x4D, 0xE3,
  710. 0xB8, 0xF5, 0xC9, 0x8C, 0x06, 0x91, 0xE5, 0xE4, 0x5A, 0xAD},
  711. {0xE7, 0x66, 0xCC, 0x2B, 0x2C, 0x11, 0x88, 0x29, 0xB1, 0x3C, 0x52,
  712. 0xFE, 0x50, 0xDF, 0x8F, 0x15, 0x6A, 0x6B, 0xB8, 0x32, 0x96, 0x90,
  713. 0x85, 0x03, 0x78, 0x88, 0x97, 0x7B, 0x5B, 0x50, 0x2E, 0xDE}}},
  714. {{{0xE7, 0x53, 0x22, 0x11, 0xEB, 0xFF, 0x1B, 0x19, 0xAE, 0x5F, 0x58,
  715. 0x3A, 0x4F, 0x6F, 0x34, 0xFB, 0x2A, 0x49, 0xCA, 0x4B, 0x9C, 0x31,
  716. 0xFC, 0x74, 0x0F, 0x11, 0xCC, 0x45, 0xCD, 0xA2, 0x12, 0xCA},
  717. {0xF4, 0x2F, 0x30, 0x9A, 0x6A, 0xCB, 0xEE, 0x88, 0x15, 0x56, 0x29,
  718. 0x2A, 0xBF, 0x33, 0x7B, 0xDB, 0x59, 0x74, 0x4D, 0xC0, 0x64, 0xF0,
  719. 0x0B, 0x9F, 0xF2, 0x65, 0xB7, 0x3A, 0xDA, 0xE2, 0xB5, 0x63}}}}},
  720. {{{{{0x3A, 0x3E, 0x06, 0xEF, 0x73, 0xA3, 0xBC, 0xEA, 0xCC, 0x68, 0xD9,
  721. 0xF5, 0x6E, 0x94, 0x1C, 0x54, 0x47, 0xF1, 0x99, 0x2C, 0x44, 0x64,
  722. 0x45, 0x84, 0x50, 0x10, 0xFD, 0xC5, 0x16, 0x65, 0x89, 0xEC},
  723. {0x72, 0xA6, 0x7E, 0x82, 0x7F, 0xE2, 0xE3, 0xEA, 0x82, 0xA3, 0x18,
  724. 0xF4, 0x9B, 0x93, 0x4D, 0x79, 0xA0, 0x2C, 0xBF, 0x90, 0x0E, 0xDB,
  725. 0x41, 0x09, 0x27, 0x44, 0x19, 0xD1, 0xB4, 0xE5, 0xC6, 0x8C}}},
  726. {{{0xA5, 0xC7, 0x82, 0xBF, 0x00, 0x7B, 0x8D, 0x7A, 0x05, 0x7B, 0x7E,
  727. 0x33, 0x60, 0x28, 0x34, 0x9C, 0x86, 0x5A, 0x6B, 0xCE, 0xA5, 0xED,
  728. 0x26, 0x22, 0x63, 0x4A, 0xE9, 0x57, 0xCD, 0x55, 0xD2, 0xD3},
  729. {0x0E, 0x73, 0x14, 0xE4, 0xEE, 0xE7, 0x3C, 0x43, 0xFC, 0xAE, 0x84,
  730. 0x59, 0x2F, 0xEA, 0x35, 0x84, 0xA5, 0x77, 0xCE, 0xA8, 0xC5, 0xAA,
  731. 0xB8, 0xDC, 0xB9, 0xD6, 0x71, 0x11, 0xE2, 0x95, 0x00, 0x97}}},
  732. {{{0xBD, 0x50, 0xDA, 0x58, 0x1B, 0xDA, 0xB3, 0x25, 0x19, 0x2F, 0x9D,
  733. 0xFA, 0x2C, 0xFB, 0x96, 0x26, 0xBB, 0x4A, 0x41, 0x82, 0xA9, 0x45,
  734. 0x24, 0xEE, 0xEE, 0xEA, 0xD3, 0xC5, 0x94, 0xFC, 0x2A, 0x37},
  735. {0x6A, 0x43, 0xB8, 0x6C, 0xBB, 0x98, 0xB7, 0x17, 0x03, 0xC0, 0x3D,
  736. 0x6D, 0x59, 0x56, 0x3D, 0x23, 0x42, 0x94, 0x25, 0x64, 0xB9, 0x62,
  737. 0xAD, 0x4D, 0x84, 0x9B, 0x3C, 0x05, 0x8C, 0xF0, 0xD3, 0xD3}}}}}},
  738. };
  739. const Fq12ElemStr FfElementTest::fq12_k_str = {
  740. {{{{{{0xE4, 0xCA, 0x0B, 0xA8, 0x9C, 0x70, 0xE2, 0x20, 0x24, 0xD9, 0x8F,
  741. 0x09, 0x12, 0x79, 0x55, 0x44, 0x8C, 0x58, 0x42, 0x8F, 0x18, 0x97,
  742. 0x0A, 0xC3, 0x0A, 0x40, 0x68, 0x0E, 0x1E, 0x21, 0x7F, 0xB4},
  743. {0x73, 0xCF, 0x8D, 0x54, 0x68, 0xAE, 0x1C, 0xC4, 0x95, 0x01, 0xE3,
  744. 0x52, 0x33, 0xFE, 0x69, 0xB5, 0x23, 0x45, 0xEF, 0xFF, 0x79, 0x14,
  745. 0xEF, 0x98, 0xA8, 0x4E, 0xB1, 0x2E, 0xE1, 0x15, 0x81, 0x0C}}},
  746. {{{0x9F, 0x65, 0x90, 0x6A, 0x53, 0xD7, 0xF6, 0x73, 0x08, 0xDA, 0x45,
  747. 0x11, 0xDE, 0xCF, 0xED, 0x4C, 0x8C, 0x21, 0x02, 0xF5, 0x3F, 0x97,
  748. 0xB6, 0xB2, 0xF5, 0xC6, 0x58, 0xFC, 0x9A, 0xA6, 0xBB, 0xF9},
  749. {0x3C, 0xD8, 0xFC, 0x86, 0x09, 0x1C, 0x16, 0xA4, 0x6F, 0x5E, 0x7A,
  750. 0x81, 0x01, 0xF9, 0x8A, 0x6D, 0x38, 0xB5, 0xC9, 0x5F, 0xE9, 0x7D,
  751. 0x6F, 0x46, 0x92, 0x49, 0x5B, 0xB8, 0x61, 0x03, 0x6F, 0x5E}}},
  752. {{{0xDA, 0x53, 0xCB, 0x62, 0xCD, 0x82, 0x63, 0x96, 0xC7, 0xC0, 0x39,
  753. 0xA4, 0x31, 0xEE, 0x15, 0x26, 0x1C, 0xE6, 0x4E, 0xE4, 0xB4, 0x40,
  754. 0xFA, 0x65, 0xA3, 0xF4, 0x73, 0x03, 0x85, 0x84, 0x41, 0xF9},
  755. {0x77, 0xF3, 0x90, 0xDC, 0x88, 0x26, 0xBD, 0x27, 0x9A, 0x9D, 0x37,
  756. 0xF0, 0x80, 0xEE, 0x02, 0x1D, 0x3E, 0x4F, 0x88, 0xED, 0x8F, 0x89,
  757. 0x90, 0xF1, 0x6D, 0x5D, 0x70, 0x49, 0x99, 0x07, 0x61, 0x22}}}}},
  758. {{{{{0x43, 0x52, 0xBA, 0xEE, 0xA8, 0xE9, 0x8E, 0x2E, 0x83, 0x30, 0x41,
  759. 0x85, 0xE3, 0x51, 0xB0, 0x8C, 0x86, 0x31, 0xEC, 0x02, 0x76, 0xE8,
  760. 0x41, 0x1F, 0x88, 0xBC, 0x39, 0xA2, 0xE4, 0xC1, 0x34, 0xA7},
  761. {0x1D, 0x5F, 0x8C, 0x23, 0x0F, 0xF0, 0xDC, 0xCD, 0xBA, 0x67, 0xD5,
  762. 0x78, 0xD6, 0x8D, 0x32, 0x6A, 0xC1, 0x7F, 0x6F, 0x97, 0xCF, 0x46,
  763. 0xF0, 0x04, 0x7B, 0xE3, 0x5A, 0xEE, 0x31, 0xC4, 0xC0, 0x79}}},
  764. {{{0x96, 0xBC, 0x01, 0x78, 0x9F, 0xBE, 0x8B, 0xBA, 0x59, 0x22, 0xFB,
  765. 0x64, 0x1B, 0x37, 0x5C, 0x33, 0x57, 0xAF, 0x83, 0x5A, 0x96, 0xEA,
  766. 0x56, 0xAA, 0x6E, 0x9C, 0xFA, 0xE6, 0xF9, 0xDF, 0xD8, 0x44},
  767. {0xBB, 0x4E, 0xBF, 0xA8, 0xEC, 0x0F, 0x16, 0xA8, 0x59, 0x1F, 0x49,
  768. 0xF4, 0x8C, 0x80, 0x6C, 0x52, 0x7F, 0x74, 0x94, 0xC2, 0xE3, 0x29,
  769. 0x34, 0x9C, 0x97, 0xB9, 0x5E, 0xED, 0xFD, 0x59, 0x9D, 0xD4}}},
  770. {{{0x83, 0xFB, 0xC2, 0xAD, 0x72, 0xE8, 0xF3, 0x68, 0x43, 0xD0, 0xD4,
  771. 0xDC, 0xB2, 0x36, 0xC1, 0xDB, 0x03, 0x29, 0xEE, 0x8C, 0x1A, 0x10,
  772. 0xD7, 0xFB, 0xC2, 0xEA, 0xDA, 0xBA, 0x42, 0x18, 0xE6, 0xE4},
  773. {0x63, 0x41, 0x6E, 0x8C, 0xB3, 0x14, 0x68, 0x9A, 0x0F, 0x64, 0x87,
  774. 0x16, 0x02, 0xA3, 0x59, 0xF4, 0x60, 0x80, 0x04, 0x2B, 0xA4, 0xE6,
  775. 0x10, 0x2D, 0x61, 0x59, 0x14, 0xFE, 0xAF, 0x84, 0xA0, 0x67}}}}}}};
  776. const Fq12ElemStr FfElementTest::fq12_mul_gb_str = {
  777. {{{{{{0xE4, 0xCA, 0x0B, 0xA8, 0x9C, 0x70, 0xE2, 0x20, 0x24, 0xD9, 0x8F,
  778. 0x09, 0x12, 0x79, 0x55, 0x44, 0x8C, 0x58, 0x42, 0x8F, 0x18, 0x97,
  779. 0x0A, 0xC3, 0x0A, 0x40, 0x68, 0x0E, 0x1E, 0x21, 0x7F, 0xB4},
  780. {0x73, 0xCF, 0x8D, 0x54, 0x68, 0xAE, 0x1C, 0xC4, 0x95, 0x01, 0xE3,
  781. 0x52, 0x33, 0xFE, 0x69, 0xB5, 0x23, 0x45, 0xEF, 0xFF, 0x79, 0x14,
  782. 0xEF, 0x98, 0xA8, 0x4E, 0xB1, 0x2E, 0xE1, 0x15, 0x81, 0x0C}}},
  783. {{{0x9F, 0x65, 0x90, 0x6A, 0x53, 0xD7, 0xF6, 0x73, 0x08, 0xDA, 0x45,
  784. 0x11, 0xDE, 0xCF, 0xED, 0x4C, 0x8C, 0x21, 0x02, 0xF5, 0x3F, 0x97,
  785. 0xB6, 0xB2, 0xF5, 0xC6, 0x58, 0xFC, 0x9A, 0xA6, 0xBB, 0xF9},
  786. {0x3C, 0xD8, 0xFC, 0x86, 0x09, 0x1C, 0x16, 0xA4, 0x6F, 0x5E, 0x7A,
  787. 0x81, 0x01, 0xF9, 0x8A, 0x6D, 0x38, 0xB5, 0xC9, 0x5F, 0xE9, 0x7D,
  788. 0x6F, 0x46, 0x92, 0x49, 0x5B, 0xB8, 0x61, 0x03, 0x6F, 0x5E}}},
  789. {{{0xDA, 0x53, 0xCB, 0x62, 0xCD, 0x82, 0x63, 0x96, 0xC7, 0xC0, 0x39,
  790. 0xA4, 0x31, 0xEE, 0x15, 0x26, 0x1C, 0xE6, 0x4E, 0xE4, 0xB4, 0x40,
  791. 0xFA, 0x65, 0xA3, 0xF4, 0x73, 0x03, 0x85, 0x84, 0x41, 0xF9},
  792. {0x77, 0xF3, 0x90, 0xDC, 0x88, 0x26, 0xBD, 0x27, 0x9A, 0x9D, 0x37,
  793. 0xF0, 0x80, 0xEE, 0x02, 0x1D, 0x3E, 0x4F, 0x88, 0xED, 0x8F, 0x89,
  794. 0x90, 0xF1, 0x6D, 0x5D, 0x70, 0x49, 0x99, 0x07, 0x61, 0x22}}}}},
  795. {{{{{0xBC, 0xAD, 0x45, 0x11, 0x57, 0x13, 0x62, 0x9E, 0xC3, 0xB5, 0xB0,
  796. 0xD9, 0x0B, 0x1F, 0xF4, 0x12, 0x86, 0xAA, 0x79, 0xF8, 0x9B, 0xAF,
  797. 0xC9, 0x63, 0x4A, 0x6C, 0xF4, 0x38, 0xCA, 0x11, 0xFB, 0x6C},
  798. {0xE2, 0xA0, 0x73, 0xDC, 0xF0, 0x0C, 0x13, 0xFF, 0x8C, 0x7E, 0x1C,
  799. 0xE6, 0x17, 0xE4, 0x72, 0x34, 0x4B, 0x5C, 0xF6, 0x63, 0x43, 0x51,
  800. 0x1A, 0x7E, 0x57, 0x45, 0xD2, 0xED, 0x7D, 0x0E, 0x6F, 0x9A}}},
  801. {{{0x69, 0x43, 0xFE, 0x87, 0x60, 0x3E, 0x65, 0x12, 0xED, 0xC2, 0xF6,
  802. 0xFA, 0xD3, 0x3A, 0x48, 0x6B, 0xB5, 0x2C, 0xE2, 0xA0, 0x7B, 0xAD,
  803. 0xB3, 0xD8, 0x64, 0x8C, 0x32, 0xF4, 0xB4, 0xF3, 0x57, 0xCF},
  804. {0x44, 0xB1, 0x40, 0x57, 0x13, 0xED, 0xDA, 0x24, 0xED, 0xC6, 0xA8,
  805. 0x6A, 0x61, 0xF1, 0x38, 0x4C, 0x8D, 0x67, 0xD1, 0x38, 0x2F, 0x6E,
  806. 0xD5, 0xE6, 0x3B, 0x6F, 0xCE, 0xED, 0xB1, 0x79, 0x92, 0x3F}}},
  807. {{{0x7C, 0x04, 0x3D, 0x52, 0x8D, 0x13, 0xFD, 0x65, 0x03, 0x15, 0x1D,
  808. 0x82, 0x3C, 0x3A, 0xE2, 0xC4, 0x09, 0xB2, 0x77, 0x6E, 0xF8, 0x87,
  809. 0x32, 0x87, 0x10, 0x3E, 0x53, 0x21, 0x6C, 0xBA, 0x49, 0x2F},
  810. {0x9C, 0xBE, 0x91, 0x73, 0x4C, 0xE8, 0x88, 0x33, 0x37, 0x81, 0x6B,
  811. 0x48, 0xEB, 0xCE, 0x4A, 0xAA, 0xAC, 0x5C, 0x61, 0xCF, 0x6D, 0xB1,
  812. 0xFA, 0x55, 0x71, 0xD0, 0x18, 0xDC, 0xFF, 0x4E, 0x8F, 0xAC}}}}}},
  813. };
  814. const FqElemStr FfElementTest::fq_multi_exp_base_1[1] = {{
  815. 0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D, 0x52,
  816. 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A, 0x37, 0xE0,
  817. 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A,
  818. }};
  819. const BigNumStr FfElementTest::fq_multi_exp_exp_1[1] = {{
  820. 0xFF, 0xFB, 0x3E, 0x5D, 0xFF, 0x9A, 0xFF, 0x02, 0x00, 0xFF, 0xFF, 0xFF,
  821. 0xF2, 0xE1, 0x85, 0x81, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x81,
  822. 0xFF, 0xFD, 0xFF, 0xEB, 0xFF, 0x29, 0xA7, 0xFF,
  823. }};
  824. const FqElemStr FfElementTest::fq_multi_exp_res_1 = {
  825. 0x6A, 0x21, 0xEC, 0x89, 0xCC, 0x13, 0x2F, 0x6F, 0x29, 0x1B, 0x3A,
  826. 0x94, 0xF6, 0xE6, 0xA8, 0xBD, 0x98, 0x25, 0x43, 0x7A, 0xDC, 0xC1,
  827. 0x20, 0xBA, 0x30, 0xD8, 0x1C, 0x8E, 0x79, 0xFC, 0xDA, 0x67,
  828. };
  829. const std::vector<uint8_t> FfElementTest::fq_multi_exp_exp_1_264({
  830. 0x08, 0xFF, 0xFB, 0x3E, 0x5D, 0xFF, 0x9A, 0xFF, 0x02, 0x00, 0xFF, 0xFF,
  831. 0xFF, 0xF2, 0xE1, 0x85, 0x81, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  832. 0x81, 0xFF, 0xFD, 0xFF, 0xEB, 0xFF, 0x29, 0xA7, 0xFF,
  833. });
  834. const FqElemStr FfElementTest::fq_multi_exp_res_1_264 = {
  835. 0x71, 0x41, 0xa1, 0xdb, 0xd1, 0xd1, 0x50, 0xc2, 0x73, 0x07, 0xc1,
  836. 0x93, 0xeb, 0xae, 0x89, 0x4c, 0x6e, 0x49, 0x74, 0xf7, 0x46, 0x23,
  837. 0x75, 0xca, 0xc8, 0x67, 0x82, 0xaf, 0xcf, 0x35, 0x34, 0x1c};
  838. const FqElemStr FfElementTest::fq_multi_exp_res_1_256_264 = {
  839. 0x10, 0x2f, 0x3a, 0xe5, 0x6e, 0x95, 0x92, 0x8f, 0x98, 0x03, 0x67,
  840. 0x79, 0xec, 0x0c, 0xc9, 0x46, 0x07, 0xd9, 0xd9, 0x40, 0x46, 0x29,
  841. 0x99, 0xe9, 0x23, 0xf9, 0x6b, 0x10, 0x35, 0x7c, 0xf1, 0xa3};
  842. const FqElemStr FfElementTest::fq_multi_exp_base_2[2] = {
  843. {0xE6, 0x65, 0x23, 0x9B, 0xD4, 0x07, 0x16, 0x83, 0x38, 0x23, 0xB2, 0x67,
  844. 0x57, 0xEB, 0x0F, 0x23, 0x3A, 0xF4, 0x8E, 0xDA, 0x71, 0x5E, 0xD9, 0x98,
  845. 0x63, 0x98, 0x2B, 0xBC, 0x78, 0xD1, 0x94, 0xF2},
  846. {0xDD, 0x2B, 0xE9, 0x59, 0x24, 0xA5, 0xB3, 0xFD, 0xEB, 0xE1, 0x3C, 0xC0,
  847. 0x73, 0x4E, 0x99, 0xEE, 0x36, 0xF6, 0xC0, 0x1A, 0x76, 0x01, 0x0A, 0xF0,
  848. 0xCB, 0xB4, 0x71, 0x88, 0x95, 0xCB, 0x35, 0xBA}};
  849. const BigNumStr FfElementTest::fq_multi_exp_exp_2[2] = {
  850. {0x11, 0xFF, 0xFF, 0xFF, 0x4F, 0x59, 0xB1, 0xD3, 0x6B, 0x08, 0xFF, 0xFF,
  851. 0x0B, 0xF3, 0xAF, 0x27, 0xFF, 0xB8, 0xFF, 0xFF, 0x98, 0xFF, 0xEB, 0xFF,
  852. 0xF2, 0x6A, 0xFF, 0xFF, 0xEA, 0x31, 0xFF, 0xFF},
  853. {0xE2, 0xFF, 0x03, 0x1D, 0xFF, 0x19, 0x81, 0xCB, 0xFF, 0xFF, 0x6B, 0xD5,
  854. 0x3E, 0xFF, 0xFF, 0xFF, 0xFF, 0xBD, 0xFF, 0x5A, 0xFF, 0x5C, 0x7C, 0xFF,
  855. 0x84, 0xFF, 0xFF, 0x8C, 0x03, 0xB2, 0x26, 0xFF}};
  856. const FqElemStr FfElementTest::fq_multi_exp_res_2 = {
  857. 0x8A, 0xF7, 0x96, 0x53, 0x9C, 0xC3, 0x57, 0x89, 0x50, 0xE3, 0xAB,
  858. 0x12, 0x62, 0xEA, 0x0C, 0xE4, 0x65, 0xA6, 0x91, 0x09, 0x93, 0x81,
  859. 0xFC, 0xBB, 0x0E, 0xFA, 0xC1, 0xC4, 0xDC, 0x3F, 0x0A, 0xD1,
  860. };
  861. const FqElemStr FfElementTest::fq_multi_exp_base_3[3] = {
  862. {0x24, 0x9D, 0xDD, 0x1A, 0xC0, 0x07, 0x1F, 0x65, 0xDF, 0xBB, 0xC7, 0x39,
  863. 0x99, 0x44, 0x63, 0x8E, 0x7E, 0xB2, 0x85, 0x82, 0xC6, 0x4E, 0x2D, 0x39,
  864. 0xA8, 0x3F, 0x12, 0xB4, 0xE9, 0x9D, 0x67, 0x28},
  865. {0x6B, 0x51, 0x6B, 0x33, 0x0B, 0x2E, 0x2A, 0x94, 0x34, 0xCC, 0x7E, 0x97,
  866. 0xFA, 0x85, 0x51, 0x44, 0x30, 0xE5, 0xF2, 0x68, 0x23, 0x31, 0x84, 0xFF,
  867. 0xBB, 0x95, 0x9A, 0xB2, 0x80, 0x95, 0xC4, 0x91},
  868. {0x77, 0xED, 0xA2, 0x53, 0xA3, 0xBF, 0x6C, 0x58, 0x16, 0x7D, 0xEF, 0x8A,
  869. 0x7D, 0x38, 0x65, 0x3F, 0x92, 0xA6, 0x85, 0xD7, 0x9F, 0x80, 0xA4, 0xA1,
  870. 0x70, 0x02, 0xE5, 0x66, 0xF2, 0xD8, 0xD7, 0xD2}};
  871. const BigNumStr FfElementTest::fq_multi_exp_exp_3[3] = {
  872. {0xFF, 0xFF, 0xFF, 0xB4, 0x48, 0xFF, 0xFF, 0xFF, 0xA3, 0xFF, 0xE3, 0xFF,
  873. 0x61, 0xFF, 0xA2, 0x97, 0x9A, 0xFF, 0x6F, 0x04, 0xC6, 0xB9, 0xFF, 0x22,
  874. 0xFF, 0x20, 0x9E, 0xFF, 0x43, 0xFF, 0xFF, 0xFF},
  875. {0xB1, 0x19, 0xBF, 0xFF, 0x74, 0x7F, 0xCC, 0x34, 0x1E, 0x30, 0x7D, 0xC5,
  876. 0xC4, 0xFF, 0xE7, 0xF8, 0xFF, 0x5F, 0xFF, 0x73, 0xFF, 0x58, 0xFF, 0xD6,
  877. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEC, 0xFF, 0xFF},
  878. {0xFF, 0xFF, 0x0D, 0xFF, 0xFF, 0xFF, 0xFF, 0x26, 0xA8, 0xFF, 0xFF, 0xFF,
  879. 0x3E, 0xFF, 0xFF, 0xFF, 0xE0, 0x4F, 0xFF, 0xE3, 0xFF, 0xFF, 0xEB, 0x04,
  880. 0x4B, 0xFF, 0x5D, 0x55, 0xFF, 0x2D, 0xFF, 0xFF}};
  881. const FqElemStr FfElementTest::fq_multi_exp_res_3 = {
  882. 0x04, 0x22, 0x21, 0xE7, 0x9F, 0xE3, 0x07, 0x2F, 0xA4, 0xBB, 0x56,
  883. 0x84, 0xD5, 0x93, 0x4A, 0xDA, 0x5B, 0x89, 0x07, 0xBE, 0xC5, 0x5F,
  884. 0xE6, 0x5C, 0x18, 0xF0, 0xF8, 0x8E, 0x8E, 0x00, 0xB9, 0x87,
  885. };
  886. const FqElemStr FfElementTest::fq_multi_exp_base_4[4] = {
  887. {0x81, 0xEE, 0x78, 0x31, 0x4C, 0xC0, 0x3C, 0xDD, 0x16, 0x52, 0xC6, 0x7E,
  888. 0x07, 0x4C, 0xFE, 0xC4, 0x50, 0x63, 0x5A, 0x40, 0xC8, 0xDF, 0x94, 0x23,
  889. 0x1A, 0x90, 0xDD, 0x24, 0x61, 0x23, 0xDD, 0x87},
  890. {0x76, 0xBB, 0x2C, 0x1C, 0xB3, 0x78, 0x93, 0x7E, 0x10, 0x29, 0xC3, 0xEC,
  891. 0xBD, 0xA3, 0x75, 0x3A, 0xF1, 0x0B, 0xE1, 0xCA, 0xEE, 0x02, 0x58, 0x74,
  892. 0xC7, 0xDC, 0xB8, 0x4F, 0x3F, 0x7B, 0xA2, 0xFC},
  893. {0x3A, 0xD3, 0x04, 0xAA, 0x9D, 0x2A, 0xDE, 0x86, 0x56, 0x84, 0x80, 0x42,
  894. 0xA5, 0x68, 0xD8, 0x6E, 0x65, 0xC4, 0x08, 0x07, 0x87, 0x4B, 0xC1, 0x92,
  895. 0xCB, 0x68, 0x52, 0x6C, 0x5A, 0x4F, 0x7C, 0xFB},
  896. {0x56, 0xE7, 0xBD, 0x59, 0x54, 0xCC, 0x20, 0x16, 0xAE, 0x36, 0xD1, 0xB0,
  897. 0xE4, 0x82, 0x47, 0x27, 0x32, 0xD1, 0x38, 0x7C, 0x53, 0x7F, 0xDD, 0xF4,
  898. 0xDE, 0xFA, 0xF7, 0x0F, 0xDD, 0xDF, 0x48, 0xA9}};
  899. const BigNumStr FfElementTest::fq_multi_exp_exp_4[4] = {
  900. {0xFF, 0xA5, 0xC3, 0xFF, 0xFF, 0x09, 0x18, 0x18, 0x95, 0x40, 0xFF, 0xFF,
  901. 0xDB, 0xFF, 0xFF, 0xFF, 0xFF, 0x99, 0xFF, 0x25, 0xFF, 0xFF, 0x42, 0x07,
  902. 0xB5, 0xFF, 0x26, 0xE0, 0x4F, 0xB5, 0xB4, 0xFF},
  903. {0x1F, 0xFF, 0xAA, 0xF1, 0xFF, 0xFF, 0x7E, 0xFF, 0xFF, 0xFF, 0x07, 0xFF,
  904. 0xE7, 0xDF, 0xFF, 0xEE, 0xFF, 0x57, 0xFF, 0xFF, 0xFF, 0xB8, 0xB3, 0x9C,
  905. 0xFF, 0x8A, 0x89, 0xFF, 0xFE, 0x32, 0xFF, 0xC1},
  906. {0x9A, 0xFF, 0xFF, 0x9B, 0xFF, 0xAB, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  907. 0xFF, 0x36, 0xF0, 0xC5, 0xAE, 0x87, 0x41, 0xFF, 0x5C, 0xDD, 0xFF, 0xFF,
  908. 0xFF, 0xFF, 0x59, 0xC9, 0xFF, 0x44, 0x5C, 0x58},
  909. {0x00, 0xFF, 0x95, 0xFF, 0x21, 0xFF, 0xFF, 0x1D, 0x1A, 0x06, 0xD3, 0xFF,
  910. 0xFF, 0xFF, 0xFF, 0x07, 0xFF, 0xFF, 0xFF, 0xB0, 0x31, 0xFF, 0xFF, 0x1F,
  911. 0x61, 0x48, 0xFF, 0xFF, 0xFF, 0x17, 0xC9, 0x79}};
  912. const FqElemStr FfElementTest::fq_multi_exp_res_4 = {
  913. 0x26, 0x2C, 0x23, 0x55, 0xD5, 0xBD, 0x7B, 0x67, 0x60, 0xFE, 0x06,
  914. 0x7B, 0xCC, 0xB8, 0x6B, 0xC9, 0x00, 0x81, 0xAE, 0xCB, 0xEC, 0x91,
  915. 0x6D, 0x1B, 0x9E, 0x1C, 0xD8, 0xC0, 0x8D, 0x3F, 0x1B, 0x20,
  916. };
  917. const Fq12ElemStr FfElementTest::fq12_multi_exp_base_4[4] = {
  918. {
  919. {{{{{{0x2C, 0x86, 0xEE, 0x80, 0x61, 0x45, 0x8F, 0xFD, 0x96, 0xC2, 0x81,
  920. 0x11, 0xE8, 0x96, 0xE2, 0xCA, 0x21, 0x78, 0xF7, 0xA3, 0x4B, 0xBA,
  921. 0xDC, 0x0D, 0x34, 0x8A, 0x56, 0x12, 0x67, 0x8D, 0x72, 0x37},
  922. {0xA8, 0xEB, 0x5F, 0x1A, 0x1B, 0xF0, 0x5C, 0xC6, 0x6F, 0xC2, 0xC5,
  923. 0x03, 0xC4, 0x19, 0x85, 0xA6, 0xE0, 0x64, 0xFE, 0x71, 0x51, 0x46,
  924. 0xDF, 0xC2, 0xD6, 0xF9, 0xA0, 0xD6, 0x84, 0xC1, 0x4A, 0x11}}},
  925. {{{0xE0, 0x33, 0xA3, 0x1C, 0x73, 0x71, 0x62, 0x17, 0x10, 0x4C, 0xD8,
  926. 0x3E, 0xEE, 0xA1, 0x38, 0x9F, 0xA5, 0xFB, 0x1D, 0xC4, 0x9D, 0x2F,
  927. 0x08, 0x4A, 0xD3, 0x61, 0x37, 0x79, 0xAB, 0xC1, 0x37, 0x7E},
  928. {0x90, 0xFD, 0xA3, 0x9D, 0x0C, 0x81, 0x52, 0xF4, 0x58, 0x24, 0x89,
  929. 0xC4, 0xF4, 0xD4, 0x82, 0x33, 0xCA, 0x5D, 0xB4, 0x58, 0xA6, 0x1E,
  930. 0xE6, 0x2B, 0x86, 0xEF, 0x56, 0xC4, 0x4F, 0x9B, 0x27, 0x3C}}},
  931. {{{0x96, 0x54, 0xDA, 0xB5, 0x32, 0x23, 0x8A, 0x93, 0xCC, 0xA5, 0x7D,
  932. 0x28, 0x4A, 0x97, 0xA4, 0x30, 0xA8, 0x11, 0xBC, 0x43, 0x22, 0x7F,
  933. 0x02, 0x73, 0x0E, 0x5C, 0x63, 0x52, 0x2F, 0x4B, 0x5F, 0x7D},
  934. {0xC3, 0x1E, 0x30, 0xAE, 0xAC, 0x8C, 0xE8, 0x93, 0xD6, 0xCE, 0x05,
  935. 0x4B, 0x6B, 0x21, 0x01, 0x14, 0x4A, 0x1D, 0xD9, 0x08, 0x0C, 0xA1,
  936. 0x4C, 0x0B, 0x44, 0x28, 0x9C, 0xB6, 0xD1, 0x96, 0xBD, 0x07}}}}},
  937. {{{{{0x8B, 0x3D, 0x77, 0x4E, 0xBD, 0x7B, 0x9F, 0x65, 0x20, 0xDB, 0xA0,
  938. 0x95, 0x25, 0x44, 0x44, 0x7A, 0xE3, 0xDC, 0xDD, 0x2F, 0xBA, 0x75,
  939. 0x16, 0x19, 0xCB, 0x90, 0x31, 0x79, 0x38, 0xB6, 0x1A, 0x82},
  940. {0xBC, 0xB6, 0x85, 0xCD, 0xEB, 0xB9, 0x13, 0x43, 0xEA, 0xC2, 0x78,
  941. 0xBE, 0x25, 0x97, 0x1C, 0x6E, 0x18, 0x55, 0xFD, 0xCB, 0xE6, 0x7E,
  942. 0x1E, 0x92, 0xAD, 0x48, 0xE7, 0xA7, 0x02, 0x87, 0x0B, 0x8F}}},
  943. {{{0x16, 0xD7, 0x8E, 0x95, 0x8E, 0x62, 0x0A, 0xAD, 0x20, 0x2D, 0x6A,
  944. 0x2B, 0x4E, 0x6F, 0xC1, 0xC2, 0x63, 0xBA, 0x82, 0xF3, 0x8C, 0xD0,
  945. 0xA2, 0x09, 0xD3, 0xE5, 0xBA, 0x1F, 0x65, 0x35, 0xD0, 0x1C},
  946. {0x09, 0x98, 0x47, 0x65, 0xF2, 0x90, 0xD4, 0xE2, 0xD0, 0x6F, 0x9E,
  947. 0xDB, 0xA2, 0x14, 0x9B, 0x4B, 0x3D, 0xAA, 0x75, 0x25, 0x67, 0xF4,
  948. 0x7D, 0x77, 0xE9, 0x24, 0xED, 0xEE, 0x1B, 0x07, 0x7F, 0xE0}}},
  949. {{{0x7A, 0x34, 0xB7, 0x3C, 0x36, 0x0D, 0xCE, 0xF9, 0xBF, 0xF9, 0xE5,
  950. 0x09, 0x86, 0xEB, 0xB9, 0xD8, 0xC4, 0x67, 0xC5, 0xCD, 0xD4, 0xBC,
  951. 0xEE, 0x45, 0xF7, 0x11, 0x68, 0xD9, 0x23, 0x6D, 0xD6, 0x24},
  952. {0x6E, 0x97, 0x83, 0x13, 0x76, 0x9F, 0x35, 0xEA, 0xB8, 0x47, 0x57,
  953. 0x9B, 0x74, 0x47, 0x1F, 0x19, 0xE7, 0x97, 0x74, 0x1B, 0xB1, 0xA0,
  954. 0xF3, 0x92, 0xDC, 0x35, 0xFD, 0x7F, 0x4F, 0x07, 0x22, 0xAC}}}}}},
  955. },
  956. {{{{{{{0xFD, 0x05, 0x41, 0x27, 0x00, 0x7A, 0xAD, 0x17, 0xBC, 0xBF, 0x22,
  957. 0x5E, 0xDA, 0xEB, 0x7D, 0xAA, 0xB5, 0x2D, 0xC8, 0x61, 0xFE, 0x2C,
  958. 0xBA, 0x9E, 0x54, 0x43, 0x94, 0xDC, 0xFD, 0x0E, 0x6D, 0x6D},
  959. {0xA1, 0x5E, 0x05, 0xA5, 0x05, 0x55, 0xE7, 0x2A, 0xF7, 0x53, 0x37,
  960. 0x2C, 0xEF, 0x44, 0x95, 0xCA, 0x2C, 0xE8, 0xEB, 0xAE, 0x61, 0x05,
  961. 0x33, 0xE7, 0x0F, 0x30, 0x67, 0xBE, 0xCD, 0xB2, 0x93, 0x44}}},
  962. {{{0x44, 0x31, 0x96, 0x4D, 0x72, 0x61, 0xCD, 0x23, 0x1F, 0x7B, 0x57,
  963. 0x33, 0x39, 0xAC, 0x57, 0x53, 0x3D, 0x70, 0x57, 0xB3, 0x6D, 0xD5,
  964. 0x8A, 0x89, 0x30, 0xBC, 0xED, 0x29, 0x19, 0x39, 0x6E, 0x6A},
  965. {0x80, 0x21, 0x1E, 0xB7, 0x84, 0xB1, 0x0A, 0xA4, 0xD0, 0xFF, 0x59,
  966. 0x31, 0xE9, 0xBA, 0x39, 0xF7, 0x81, 0xDF, 0x1B, 0x7B, 0xD9, 0xDB,
  967. 0x02, 0x17, 0xBE, 0x97, 0x63, 0xBD, 0x37, 0x14, 0xB8, 0x8B}}},
  968. {{{0x6C, 0xCC, 0x5B, 0xA3, 0xEE, 0xC8, 0x0B, 0x7B, 0xF5, 0xDE, 0xBC,
  969. 0xB7, 0xA8, 0x25, 0x35, 0xAE, 0x0B, 0x30, 0x96, 0x33, 0x52, 0x13,
  970. 0xA3, 0x89, 0x3A, 0x2E, 0xA4, 0x7E, 0x5F, 0x4E, 0xB1, 0xF7},
  971. {0x87, 0xBA, 0x08, 0xB0, 0xFB, 0xCB, 0x31, 0xA6, 0x2B, 0x3E, 0xE7,
  972. 0xC4, 0xCC, 0xA5, 0x14, 0x61, 0xC9, 0x18, 0xFC, 0x74, 0x59, 0x06,
  973. 0xF4, 0xAD, 0xFC, 0x2D, 0x0C, 0x7D, 0xDB, 0x2A, 0xEC, 0xD4}}}}},
  974. {{{{{0xE9, 0x31, 0x31, 0x50, 0x25, 0xB7, 0x0C, 0x48, 0x30, 0xD5, 0x78,
  975. 0xB1, 0x10, 0xEA, 0x5D, 0xAA, 0xAA, 0x03, 0xEC, 0xE3, 0x0F, 0x36,
  976. 0xA6, 0xBC, 0x18, 0x3A, 0x76, 0x87, 0xA3, 0xE9, 0x33, 0xDA},
  977. {0x48, 0x78, 0x93, 0x64, 0x72, 0x9B, 0x2A, 0x1E, 0x0D, 0x50, 0x9F,
  978. 0x6F, 0xBD, 0xA5, 0x18, 0xB1, 0xA8, 0x14, 0x9A, 0x1B, 0xB9, 0xB4,
  979. 0x2C, 0x1F, 0x46, 0xB8, 0x9B, 0x7A, 0xC7, 0x84, 0xAE, 0x27}}},
  980. {{{0xD1, 0xEC, 0x1C, 0xEC, 0x69, 0xF0, 0x35, 0x40, 0x77, 0x7E, 0x27,
  981. 0x22, 0x36, 0x38, 0xDF, 0x15, 0xC2, 0xB3, 0xB8, 0x63, 0x4A, 0x6E,
  982. 0x68, 0x8C, 0xC1, 0x39, 0x3C, 0x02, 0x4C, 0x2A, 0x31, 0x18},
  983. {0x2E, 0x35, 0xF5, 0xCA, 0xA2, 0xE9, 0x24, 0x92, 0xD5, 0xE5, 0x2E,
  984. 0x5D, 0x1C, 0x94, 0xD9, 0xC7, 0xF0, 0x22, 0x16, 0x20, 0xA8, 0x37,
  985. 0xDD, 0x0E, 0xAB, 0x1B, 0x5E, 0x8B, 0xEE, 0x81, 0xC6, 0x17}}},
  986. {{{0xF1, 0x29, 0x5D, 0x1D, 0x6F, 0x53, 0x5A, 0xB2, 0x20, 0x88, 0x3D,
  987. 0xA4, 0x98, 0x81, 0xA4, 0xEF, 0x11, 0x1B, 0x64, 0x9E, 0x2C, 0x95,
  988. 0xDD, 0xD7, 0x57, 0xB3, 0x95, 0xCA, 0x40, 0xB9, 0x0D, 0x62},
  989. {0xDC, 0x86, 0x8B, 0xE6, 0xD3, 0x7B, 0x33, 0xEA, 0x50, 0x25, 0xE2,
  990. 0x77, 0xE3, 0x0B, 0x5A, 0xC8, 0x81, 0xFC, 0xAE, 0x74, 0x38, 0x69,
  991. 0x07, 0xF8, 0x4E, 0xD7, 0x85, 0xA6, 0x2F, 0x13, 0xB7, 0x0A}}}}}}},
  992. {{{{{{{0xF4, 0xDC, 0xAC, 0x02, 0xC0, 0x95, 0x07, 0xDC, 0x12, 0x4F, 0x3A,
  993. 0x01, 0xA9, 0xEE, 0xF3, 0x07, 0x46, 0x94, 0x47, 0x15, 0x63, 0xA6,
  994. 0x8E, 0x0A, 0xC4, 0xC4, 0xE4, 0x23, 0x85, 0x63, 0xE4, 0x4E},
  995. {0x9A, 0x9E, 0x9F, 0xC1, 0xED, 0x4E, 0x94, 0x10, 0xFE, 0x7D, 0x90,
  996. 0xEF, 0x82, 0x21, 0xAC, 0x67, 0x24, 0x99, 0x86, 0xC6, 0x85, 0x8B,
  997. 0x19, 0x9A, 0x9B, 0x90, 0x0B, 0xA4, 0x90, 0x78, 0x34, 0x53}}},
  998. {{{0xB1, 0x4C, 0xBA, 0xB8, 0xC6, 0x40, 0x71, 0xC2, 0x17, 0x51, 0x05,
  999. 0xC2, 0xC9, 0xBC, 0x03, 0x10, 0x4E, 0xFE, 0x2F, 0x94, 0xED, 0x13,
  1000. 0x35, 0x7B, 0x20, 0xA6, 0x59, 0x44, 0x81, 0xD0, 0xEC, 0x12},
  1001. {0x74, 0xA2, 0x4A, 0xFB, 0xD7, 0x28, 0x70, 0xAD, 0xDE, 0x86, 0x2F,
  1002. 0xEF, 0xF9, 0x50, 0x5D, 0x1E, 0x46, 0x3B, 0x82, 0x1C, 0x6A, 0xC9,
  1003. 0x3F, 0x32, 0xAE, 0xCD, 0x93, 0x2C, 0xA5, 0x70, 0x45, 0x24}}},
  1004. {{{0x38, 0x19, 0x79, 0xBF, 0x35, 0xF5, 0xC1, 0x53, 0x06, 0x42, 0xAA,
  1005. 0x6B, 0xF3, 0xB7, 0x8F, 0xFB, 0xFC, 0x28, 0x46, 0x9A, 0x65, 0x2A,
  1006. 0x45, 0x3D, 0x4C, 0x3C, 0x6B, 0x9C, 0x44, 0xC5, 0x82, 0xB8},
  1007. {0x80, 0xF9, 0xB3, 0x44, 0x95, 0x17, 0x39, 0x01, 0x6B, 0xD6, 0x1D,
  1008. 0x73, 0x22, 0x94, 0xFF, 0x6F, 0x7B, 0x4E, 0xB6, 0xA4, 0xE4, 0x6C,
  1009. 0xA8, 0xDB, 0x38, 0x74, 0x0B, 0xDB, 0xFA, 0x14, 0x99, 0x39}}}}},
  1010. {{{{{0x28, 0xEE, 0xFC, 0x62, 0xE5, 0x33, 0x9C, 0x63, 0xD5, 0x7F, 0x2C,
  1011. 0x4C, 0xF4, 0x76, 0x4C, 0xF7, 0x7B, 0x27, 0x2C, 0xA9, 0xB9, 0x01,
  1012. 0x3C, 0x58, 0xF7, 0xCE, 0xAA, 0x0A, 0x21, 0xC0, 0xA3, 0xA7},
  1013. {0xA1, 0x85, 0xBC, 0xFE, 0x55, 0xFC, 0x3B, 0x9B, 0x3D, 0xEF, 0x14,
  1014. 0x85, 0x8A, 0x4E, 0x5E, 0x1F, 0x4F, 0xC9, 0x86, 0xB8, 0xF2, 0xB2,
  1015. 0xE3, 0xE7, 0x7E, 0x87, 0xE2, 0x20, 0xD7, 0x85, 0x2C, 0xD1}}},
  1016. {{{0x13, 0xCB, 0x46, 0xAD, 0xD7, 0xEC, 0x66, 0xD5, 0x2B, 0x6E, 0x87,
  1017. 0x92, 0x13, 0xB2, 0x7D, 0x18, 0x69, 0x35, 0xCB, 0xF1, 0xBE, 0xC2,
  1018. 0x9D, 0xEB, 0xF5, 0x00, 0x0B, 0x73, 0xA3, 0xFD, 0x51, 0xDC},
  1019. {0x91, 0x0E, 0xE4, 0x46, 0x41, 0x23, 0xDD, 0x85, 0x53, 0x0C, 0xAE,
  1020. 0xF9, 0x74, 0xCF, 0x1C, 0x32, 0x22, 0xDA, 0x4A, 0x14, 0x80, 0x71,
  1021. 0x51, 0x23, 0xC3, 0xAB, 0x7E, 0xEC, 0x77, 0xCC, 0x59, 0x12}}},
  1022. {{{0x1C, 0x0F, 0x65, 0x6B, 0xD8, 0x41, 0xE0, 0x1B, 0x51, 0x9C, 0x89,
  1023. 0x26, 0xAB, 0x88, 0x63, 0x5D, 0xBB, 0x95, 0x92, 0x5B, 0x2C, 0x1D,
  1024. 0xDE, 0xC1, 0x88, 0xD6, 0xF1, 0x02, 0x48, 0xE0, 0xE2, 0xD1},
  1025. {0x40, 0x7F, 0xF1, 0x23, 0x4A, 0xCF, 0x36, 0xD5, 0xCF, 0x76, 0x0D,
  1026. 0x00, 0x2A, 0xF7, 0x5F, 0x31, 0xBB, 0xCC, 0x46, 0x84, 0x07, 0x04,
  1027. 0x98, 0x9C, 0xB4, 0x31, 0x15, 0x2D, 0x91, 0xF6, 0x29, 0x33}}}}}}},
  1028. {{{{{{{0xA8, 0x8E, 0x9A, 0xF9, 0x25, 0x12, 0x98, 0xE2, 0xC3, 0x61, 0x2E,
  1029. 0xE8, 0xD6, 0xA6, 0x77, 0x16, 0x49, 0x04, 0x75, 0x69, 0xD1, 0x83,
  1030. 0x2D, 0x3F, 0x2A, 0x79, 0xB6, 0x9B, 0xC9, 0x1D, 0x03, 0x90},
  1031. {0x2A, 0xD8, 0x11, 0x9F, 0x26, 0x36, 0xE7, 0xE9, 0x3A, 0x05, 0x4C,
  1032. 0x15, 0x49, 0x93, 0xDA, 0xE9, 0xD0, 0x5A, 0xE4, 0x8D, 0x8A, 0xFA,
  1033. 0x04, 0xF1, 0x20, 0x84, 0x56, 0xEC, 0x3C, 0x27, 0x19, 0x5C}}},
  1034. {{{0xF1, 0xAF, 0xBF, 0xF6, 0x0E, 0x58, 0x84, 0x2D, 0x94, 0x11, 0xF4,
  1035. 0xB5, 0xF4, 0x14, 0x51, 0xB0, 0x90, 0x46, 0x1A, 0x81, 0xED, 0xCF,
  1036. 0x91, 0x66, 0x58, 0xA6, 0x36, 0x3A, 0x52, 0x18, 0x5A, 0xC1},
  1037. {0x08, 0x4C, 0x99, 0xD3, 0xDC, 0xCE, 0x7F, 0xCE, 0x78, 0xE0, 0x38,
  1038. 0x87, 0x32, 0xF1, 0x80, 0x3C, 0x7B, 0x67, 0xAA, 0x6F, 0xDD, 0xE0,
  1039. 0xFC, 0xCB, 0xD0, 0xB0, 0x3A, 0x59, 0x52, 0x2A, 0x84, 0xE4}}},
  1040. {{{0xF8, 0x4A, 0xFF, 0x50, 0xA0, 0x65, 0xC4, 0xEE, 0xF4, 0x9C, 0xAA,
  1041. 0x34, 0x46, 0xF9, 0xD2, 0x6C, 0xA1, 0x61, 0x71, 0x49, 0x32, 0x25,
  1042. 0x84, 0x54, 0x90, 0x44, 0xBE, 0xA4, 0x0B, 0xF7, 0xFE, 0x26},
  1043. {0x81, 0x63, 0x73, 0xF7, 0x2F, 0xF2, 0xFA, 0x24, 0x52, 0xA4, 0xD9,
  1044. 0x4C, 0xC1, 0xA7, 0xA5, 0xC3, 0x03, 0x36, 0x13, 0x9B, 0x16, 0x45,
  1045. 0x16, 0xCB, 0x4B, 0x99, 0x38, 0xF3, 0x6D, 0xC8, 0x7E, 0xAB}}}}},
  1046. {{{{{0xB3, 0x53, 0xDF, 0xB6, 0x82, 0x60, 0x12, 0x11, 0x36, 0x69, 0x0E,
  1047. 0x05, 0x31, 0x8E, 0xCF, 0xD7, 0x3F, 0x32, 0xE7, 0x95, 0x84, 0x1D,
  1048. 0xC8, 0xB5, 0xBE, 0x49, 0x17, 0x9D, 0xCF, 0xA9, 0x5A, 0x2A},
  1049. {0xC4, 0x11, 0x86, 0xE8, 0x6C, 0x02, 0x56, 0xB0, 0x25, 0x2F, 0xA0,
  1050. 0x06, 0xB3, 0x62, 0xB2, 0x11, 0xAF, 0xBE, 0xA4, 0xE8, 0x61, 0x64,
  1051. 0x85, 0xFB, 0xEB, 0x1C, 0xF1, 0xBC, 0x2C, 0xAE, 0x10, 0x51}}},
  1052. {{{0x16, 0xA6, 0xC0, 0xB3, 0x86, 0x8E, 0x6D, 0x79, 0xB6, 0xBD, 0xDE,
  1053. 0x1E, 0x26, 0x06, 0x46, 0x65, 0x82, 0x84, 0x5A, 0x97, 0xD3, 0xB7,
  1054. 0x93, 0x78, 0x6B, 0x9D, 0x14, 0x33, 0x94, 0x43, 0x34, 0x04},
  1055. {0x45, 0xD1, 0x47, 0xD4, 0x2F, 0x17, 0xCF, 0xF1, 0xDD, 0xEA, 0x11,
  1056. 0x52, 0xAE, 0x01, 0x88, 0x3A, 0x10, 0xEE, 0x5C, 0x16, 0xCD, 0xB5,
  1057. 0x48, 0xE9, 0x16, 0x2C, 0x70, 0xB4, 0x1E, 0x19, 0x38, 0xE0}}},
  1058. {{{0x18, 0xE9, 0xAE, 0xC5, 0xDA, 0x74, 0x41, 0x2D, 0x70, 0x07, 0x60,
  1059. 0x37, 0x27, 0x66, 0xF7, 0x00, 0xBB, 0x79, 0x51, 0xF3, 0x7C, 0x8A,
  1060. 0x2B, 0xB5, 0x69, 0x6E, 0x10, 0x1F, 0xE0, 0x0A, 0x5E, 0xBE},
  1061. {0xB4, 0x4E, 0x0E, 0x02, 0x59, 0xB5, 0xCB, 0x4A, 0x6A, 0x86, 0x8B,
  1062. 0xCC, 0xA2, 0x13, 0xA0, 0xE9, 0xF2, 0x5C, 0xB0, 0x23, 0xB2, 0x15,
  1063. 0xF9, 0xBB, 0x43, 0xC1, 0x54, 0xF4, 0xC8, 0xAB, 0x16, 0xA6}}}}}}},
  1064. };
  1065. const BigNumStr FfElementTest::fq12_multi_exp_exp_4[4] = {
  1066. {
  1067. 0x14, 0x92, 0xD1, 0x1F, 0xAC, 0x90, 0x4D, 0xC3, 0x3E, 0xB8, 0xA7, 0xFE,
  1068. 0x35, 0x98, 0xDA, 0x94, 0xD6, 0xF3, 0x27, 0x29, 0x4B, 0x70, 0xCF, 0x0F,
  1069. 0xDA, 0x14, 0x97, 0xA1, 0x9B, 0x6B, 0x24, 0x08,
  1070. },
  1071. {
  1072. 0x76, 0x8D, 0xE5, 0xC2, 0xAB, 0x78, 0xD9, 0x76, 0x98, 0xFF, 0x92, 0xEA,
  1073. 0x95, 0x58, 0xC5, 0x0C, 0x6F, 0x1B, 0x35, 0xC4, 0xBF, 0x4A, 0x9E, 0xC2,
  1074. 0x6A, 0xEC, 0xE2, 0xF6, 0xAF, 0xEB, 0xAC, 0x06,
  1075. },
  1076. {
  1077. 0x50, 0x38, 0x60, 0x31, 0xAB, 0x05, 0xCC, 0xB1, 0xC2, 0x06, 0xA0, 0xD7,
  1078. 0x92, 0x12, 0xBD, 0x17, 0x81, 0xB9, 0x7E, 0x07, 0x9B, 0xD4, 0x3B, 0x2D,
  1079. 0x3C, 0x15, 0x3A, 0x5A, 0xF1, 0xC0, 0xC4, 0x75,
  1080. },
  1081. {
  1082. 0xA1, 0x3F, 0xEA, 0x99, 0x7E, 0xC7, 0x65, 0xF5, 0x41, 0xA6, 0xD6, 0xD3,
  1083. 0x77, 0xEC, 0x27, 0xF8, 0x6C, 0x18, 0x28, 0x69, 0x97, 0x08, 0x0E, 0x63,
  1084. 0x5A, 0xDA, 0xFE, 0x9F, 0xD1, 0x4A, 0x61, 0x4F,
  1085. },
  1086. };
  1087. const Fq12ElemStr FfElementTest::fq12_multi_exp_res_4 = {
  1088. {{{{{{0x3A, 0x30, 0x33, 0xA2, 0x14, 0xDF, 0xDC, 0x70, 0x48, 0xF3, 0xBA,
  1089. 0x3F, 0xCE, 0xFC, 0x69, 0x24, 0xAE, 0xA1, 0xF3, 0xCF, 0xD8, 0x77,
  1090. 0x69, 0x38, 0x38, 0xF4, 0x8E, 0xFB, 0x51, 0xFB, 0x10, 0x7C},
  1091. {0x73, 0xB4, 0xEE, 0xF9, 0x76, 0xBB, 0x45, 0xEC, 0x07, 0x24, 0x23,
  1092. 0xA3, 0x38, 0x64, 0x39, 0x4C, 0x03, 0x94, 0xF5, 0xEE, 0x5F, 0xC9,
  1093. 0x83, 0x4F, 0xD1, 0xA6, 0x4A, 0x05, 0x25, 0x0C, 0x46, 0x33}}},
  1094. {{{0xD4, 0x40, 0x47, 0xAE, 0xEC, 0xDA, 0x30, 0xF9, 0xE1, 0x28, 0xFB,
  1095. 0xB1, 0x4C, 0x62, 0xFB, 0x6C, 0x90, 0x0D, 0xB1, 0xEC, 0xAF, 0x2D,
  1096. 0x95, 0x64, 0x11, 0x93, 0xDA, 0x8E, 0xB8, 0x7D, 0xE4, 0xA3},
  1097. {0x8E, 0xA6, 0x9B, 0xAA, 0x58, 0xD5, 0xDC, 0x59, 0x1A, 0x51, 0x53,
  1098. 0x47, 0x30, 0x1C, 0x2B, 0xB0, 0xBB, 0x57, 0x57, 0x0A, 0x8C, 0x5F,
  1099. 0x62, 0x9C, 0x52, 0x28, 0xC0, 0x25, 0x27, 0xAE, 0xCD, 0x36}}},
  1100. {{{0xBF, 0x2D, 0x03, 0xB1, 0x33, 0xFD, 0x24, 0x81, 0x3C, 0x91, 0x43,
  1101. 0x90, 0x0C, 0x20, 0xC4, 0xE3, 0x69, 0x3F, 0xA9, 0xA2, 0x7C, 0xC2,
  1102. 0x48, 0x28, 0x1B, 0xF0, 0x81, 0x1F, 0x2B, 0x8F, 0x8D, 0x43},
  1103. {0x38, 0x18, 0x12, 0xA3, 0x89, 0xF1, 0xD7, 0x60, 0x89, 0x68, 0x6A,
  1104. 0xC4, 0xCC, 0x5D, 0xF4, 0xCE, 0x43, 0x95, 0x84, 0xCD, 0x01, 0x55,
  1105. 0xB8, 0x5D, 0x24, 0x50, 0xCD, 0xE3, 0x68, 0x1C, 0xFF, 0x59}}}}},
  1106. {{{{{0x0D, 0xAC, 0xCB, 0xE7, 0x9D, 0x68, 0x0F, 0x4A, 0xAF, 0xEB, 0xB5,
  1107. 0xFB, 0xF9, 0xB1, 0x58, 0x80, 0xD5, 0x71, 0x53, 0x26, 0x2E, 0x9C,
  1108. 0xCE, 0x10, 0xAC, 0xD2, 0x0A, 0xEB, 0xB4, 0x5C, 0xC8, 0xD7},
  1109. {0x16, 0x26, 0x66, 0x71, 0xDD, 0x67, 0xBA, 0xDB, 0x35, 0x76, 0x64,
  1110. 0xC6, 0x0B, 0x0B, 0x07, 0x4B, 0x65, 0xA2, 0xF7, 0x68, 0x9E, 0xFE,
  1111. 0xE8, 0xE3, 0xA7, 0x09, 0x79, 0xC5, 0xDF, 0x5E, 0x9C, 0xEC}}},
  1112. {{{0xEE, 0x83, 0x59, 0xB5, 0x89, 0x81, 0xA2, 0x87, 0xD7, 0x75, 0x65,
  1113. 0x90, 0xDE, 0x78, 0x37, 0x59, 0x04, 0x9B, 0x50, 0xC3, 0xBA, 0x90,
  1114. 0x09, 0x15, 0xAB, 0x17, 0xC5, 0xBF, 0x5B, 0xB9, 0xE4, 0x6C},
  1115. {0xA9, 0xB1, 0x49, 0x76, 0x25, 0x74, 0x5D, 0x9C, 0x78, 0xC5, 0x09,
  1116. 0xEE, 0xEB, 0xEB, 0x9D, 0x1C, 0x6C, 0xC0, 0x27, 0x9D, 0x66, 0xE6,
  1117. 0x7F, 0x31, 0xCD, 0xB0, 0x8A, 0xE4, 0x9E, 0xBD, 0x70, 0x18}}},
  1118. {{{0x88, 0xA1, 0x08, 0x39, 0xA2, 0x48, 0xA5, 0x98, 0xB6, 0xAD, 0x10,
  1119. 0x54, 0x07, 0xCD, 0xFC, 0x6D, 0xB1, 0x02, 0xFF, 0xE3, 0x92, 0xD7,
  1120. 0x9D, 0x48, 0xFB, 0xCE, 0x88, 0x46, 0x92, 0x07, 0x02, 0xBA},
  1121. {0xEE, 0xEB, 0xAE, 0x88, 0xB1, 0x4E, 0xD0, 0xF2, 0xCE, 0xD7, 0x57,
  1122. 0x07, 0xD4, 0x39, 0xD2, 0x7D, 0x1A, 0x0C, 0xEF, 0xF2, 0x84, 0x84,
  1123. 0x22, 0x8A, 0xB1, 0x80, 0x0D, 0xDC, 0x64, 0x86, 0xFD, 0x70}}}}}}};
  1124. const FqElemStr FfElementTest::fq_multi_exp_base_5[5] = {
  1125. {0x7B, 0x26, 0x96, 0x84, 0x04, 0x0D, 0x6F, 0x10, 0xAA, 0x7F, 0xD0, 0x0C,
  1126. 0x41, 0x3A, 0x68, 0x48, 0xBF, 0x3D, 0xB5, 0xCE, 0x3A, 0x9C, 0xA9, 0x10,
  1127. 0xA4, 0x67, 0x7C, 0xC0, 0x41, 0x52, 0xCA, 0xE7},
  1128. {0x2E, 0xD9, 0xEF, 0x86, 0xB6, 0x32, 0x72, 0x89, 0x37, 0xCF, 0x16, 0xCE,
  1129. 0x27, 0x15, 0x7A, 0x95, 0xCF, 0x94, 0x1B, 0xF3, 0xCE, 0x49, 0x20, 0x29,
  1130. 0x9A, 0x61, 0x2E, 0x0A, 0xF5, 0xE1, 0xDC, 0x9F},
  1131. {0xE0, 0x19, 0x37, 0x44, 0xA7, 0x45, 0x49, 0x7E, 0x19, 0x02, 0x09, 0x78,
  1132. 0xBE, 0xA4, 0x65, 0x60, 0x7A, 0xF5, 0xC8, 0xAF, 0x97, 0x5E, 0xDA, 0x3A,
  1133. 0xB4, 0x16, 0x70, 0x31, 0xE3, 0xB4, 0x18, 0xA8},
  1134. {0xBC, 0x92, 0x29, 0x92, 0x14, 0xD3, 0x3F, 0xB8, 0xB8, 0x8C, 0x41, 0xDF,
  1135. 0xC5, 0xA1, 0xCA, 0x77, 0xE5, 0x73, 0xFE, 0xA7, 0xAC, 0x81, 0x66, 0x11,
  1136. 0x5A, 0x6D, 0x7D, 0x97, 0x13, 0x92, 0x8D, 0x1D},
  1137. {0xE1, 0xA0, 0x0D, 0xDC, 0x8F, 0x20, 0xF5, 0x2D, 0x1D, 0x1F, 0xBD, 0x24,
  1138. 0x8C, 0xC2, 0x26, 0x06, 0x89, 0xE9, 0x46, 0xA9, 0xD2, 0x44, 0x8F, 0x1A,
  1139. 0x8D, 0xAF, 0x20, 0x73, 0x60, 0x0B, 0x66, 0x9C}};
  1140. const BigNumStr FfElementTest::fq_multi_exp_exp_5[5] = {
  1141. {0x78, 0xE6, 0x3F, 0x42, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xD7, 0x6E,
  1142. 0xE9, 0xFF, 0x4F, 0xFF, 0x23, 0xFF, 0x67, 0xB4, 0xED, 0xEE, 0xD7, 0xC6,
  1143. 0xFF, 0x4B, 0x0B, 0x6F, 0x1F, 0xD6, 0xFD, 0x7F},
  1144. {0xA1, 0x87, 0xFF, 0x1B, 0xFF, 0x85, 0x68, 0xFF, 0x1C, 0xFF, 0xD5, 0xFF,
  1145. 0x95, 0x73, 0xFF, 0xFF, 0xFF, 0x9E, 0x7E, 0xFF, 0xFF, 0xFF, 0xFF, 0x5E,
  1146. 0x9E, 0x62, 0xFF, 0xFF, 0x97, 0xFF, 0xFF, 0xF3},
  1147. {0x2E, 0xE8, 0x1E, 0x35, 0xFF, 0x82, 0x0B, 0x99, 0xEC, 0x30, 0x2B, 0xCE,
  1148. 0xEC, 0x83, 0x05, 0xFF, 0x9E, 0x3C, 0xFF, 0xFF, 0xA1, 0xFF, 0xFF, 0xFF,
  1149. 0x57, 0x26, 0x5B, 0x6C, 0xFF, 0xE6, 0x94, 0xFF},
  1150. {0xFF, 0xFF, 0xFF, 0xFF, 0x94, 0xFF, 0xFF, 0x79, 0xFC, 0xFF, 0x83, 0xFF,
  1151. 0xFF, 0xFF, 0xFF, 0xFF, 0xA9, 0xFF, 0x2F, 0x6B, 0xD1, 0xE7, 0xFF, 0xFF,
  1152. 0xFF, 0x7C, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
  1153. {0x63, 0x53, 0x53, 0xFF, 0xFF, 0xFF, 0x4F, 0xFF, 0xFF, 0xFF, 0x09, 0xFF,
  1154. 0xC0, 0xD8, 0x17, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x45,
  1155. 0xFF, 0x3A, 0xFF, 0xFF, 0xFF, 0xFF, 0x60, 0x06}};
  1156. const FqElemStr FfElementTest::fq_multi_exp_res_5 = {
  1157. 0x8F, 0x6D, 0x54, 0xCA, 0x00, 0x85, 0xD8, 0x78, 0xA4, 0x45, 0x36,
  1158. 0x7C, 0x23, 0xD0, 0x3C, 0x2D, 0x20, 0x78, 0xD9, 0xD7, 0xF1, 0xC3,
  1159. 0x99, 0xD9, 0xD3, 0x0A, 0x0E, 0x86, 0x98, 0xC2, 0xA7, 0x97,
  1160. };
  1161. const FqElemStr FfElementTest::fq_multi_exp_base_6[6] = {
  1162. {0x75, 0x18, 0x6A, 0x3D, 0xCC, 0x76, 0x33, 0x92, 0xD0, 0x57, 0xDA, 0xE0,
  1163. 0x37, 0x6F, 0x71, 0xD5, 0x9E, 0x7E, 0x65, 0xED, 0xD7, 0xFD, 0x82, 0xC0,
  1164. 0x6C, 0x83, 0x60, 0x30, 0xC1, 0xD3, 0x3D, 0x4D},
  1165. {0xF5, 0x3A, 0x20, 0xAB, 0x22, 0x47, 0x07, 0xAE, 0x71, 0xC1, 0x91, 0x73,
  1166. 0xEF, 0x1F, 0x1D, 0x76, 0x2E, 0xEE, 0x0D, 0xDE, 0xD9, 0xF8, 0x5C, 0x85,
  1167. 0xC7, 0x5B, 0x93, 0x88, 0xF6, 0xFF, 0x4C, 0xA5},
  1168. {0x21, 0xB3, 0x5E, 0xE8, 0xD2, 0xDA, 0x14, 0x1C, 0xB5, 0x2C, 0xFC, 0x61,
  1169. 0x9D, 0xEB, 0x65, 0x87, 0xBB, 0x5B, 0xBC, 0xFD, 0x37, 0x54, 0x6B, 0xDC,
  1170. 0xD9, 0xFA, 0x7A, 0xCD, 0x18, 0x7E, 0x8B, 0x89},
  1171. {0x70, 0xB7, 0x19, 0x42, 0xB4, 0x41, 0x2C, 0x1B, 0xBD, 0x7B, 0x25, 0x06,
  1172. 0xA2, 0x95, 0xB5, 0xB6, 0x70, 0xDF, 0x58, 0x71, 0xCA, 0x09, 0x12, 0x66,
  1173. 0x5A, 0x7B, 0xF0, 0x5F, 0x43, 0x69, 0x32, 0xF6},
  1174. {0x3D, 0x57, 0xE8, 0x3F, 0x1E, 0x39, 0x2B, 0xE5, 0xD0, 0xCF, 0xA9, 0xC8,
  1175. 0x72, 0x10, 0x7F, 0xC5, 0x4F, 0xAE, 0xE9, 0x73, 0x28, 0x4C, 0xFC, 0x3F,
  1176. 0xD5, 0xFF, 0xE8, 0xCF, 0x2C, 0xEB, 0x33, 0xD3},
  1177. {0x51, 0x80, 0x15, 0x1C, 0xE6, 0x9C, 0x4B, 0x80, 0x40, 0xBA, 0x40, 0x29,
  1178. 0x3A, 0x86, 0xA8, 0xB2, 0x66, 0x08, 0x97, 0x8D, 0xEB, 0x8B, 0xA7, 0x93,
  1179. 0xE3, 0x49, 0xC6, 0xC0, 0x46, 0x93, 0xC1, 0x75}};
  1180. const BigNumStr FfElementTest::fq_multi_exp_exp_6[6] = {
  1181. {0xFF, 0xFF, 0xFF, 0x49, 0x50, 0xFF, 0x19, 0xFF, 0xEB, 0xFF, 0xFF, 0xFF,
  1182. 0xFF, 0x28, 0x4A, 0x0E, 0xFF, 0x74, 0xFF, 0xC7, 0xFF, 0xD9, 0x81, 0xFF,
  1183. 0xFF, 0xFF, 0xD5, 0x2C, 0xFF, 0xFF, 0xFF, 0xAE},
  1184. {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xBF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  1185. 0xFF, 0x0C, 0x03, 0xFF, 0x95, 0xFF, 0x11, 0x9D, 0xFF, 0x9B, 0xFF, 0xFF,
  1186. 0x68, 0x44, 0xFF, 0xC9, 0xFF, 0x10, 0xC7, 0xBF},
  1187. {0x64, 0xFF, 0x89, 0x4A, 0xFF, 0x20, 0xFF, 0xE7, 0xFF, 0x36, 0x23, 0xDD,
  1188. 0xFF, 0xFF, 0xFC, 0xFF, 0x6B, 0xFF, 0xFF, 0xFF, 0xFF, 0x48, 0xFF, 0xFF,
  1189. 0xFF, 0xFF, 0xFF, 0xFF, 0x94, 0xD3, 0x59, 0xBE},
  1190. {0x0F, 0xFF, 0x76, 0xA5, 0x9E, 0x02, 0x9B, 0xFF, 0xA1, 0xFF, 0xC2, 0xFF,
  1191. 0x9D, 0xFF, 0x23, 0xFF, 0xFF, 0xFF, 0xFF, 0x6B, 0x81, 0x2A, 0xFF, 0x98,
  1192. 0xFF, 0xFF, 0xB9, 0xFF, 0xB7, 0x78, 0xE6, 0xFF},
  1193. {0xAF, 0xF3, 0xFF, 0x3C, 0xA8, 0xFF, 0xB9, 0x3A, 0xFF, 0xFF, 0xFF, 0x70,
  1194. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x85, 0xFF, 0xFF, 0x52,
  1195. 0xFF, 0x41, 0x10, 0x62, 0xFF, 0x51, 0x35, 0xFF},
  1196. {0xFF, 0xFF, 0xFF, 0xFF, 0xD3, 0xC3, 0xD9, 0xFF, 0xFF, 0x3A, 0x44, 0x88,
  1197. 0x04, 0xFF, 0x0B, 0xFF, 0xFF, 0xFF, 0x64, 0xFF, 0xFF, 0x52, 0xFF, 0x7D,
  1198. 0x6B, 0x24, 0x6E, 0xFF, 0xFF, 0xFF, 0xA7, 0x71}};
  1199. const FqElemStr FfElementTest::fq_multi_exp_res_6 = {
  1200. 0xFB, 0x89, 0x4F, 0xBB, 0x91, 0xEE, 0xD6, 0x57, 0x2D, 0x34, 0xF9,
  1201. 0x0B, 0xE3, 0xEB, 0x71, 0x1D, 0x63, 0x74, 0x96, 0x3B, 0xD4, 0x02,
  1202. 0x2F, 0x08, 0xDB, 0x95, 0x6A, 0x40, 0x68, 0xD4, 0x55, 0x76,
  1203. };
  1204. const Fq6ElemStr FfElementTest::epid11_GT_multi_exp_base_3[3] = {
  1205. {0x02, 0x7C, 0xAC, 0xE1, 0x58, 0x08, 0x6A, 0x83, 0x50, 0xD8, 0xBA, 0xBA,
  1206. 0x4B, 0x60, 0x6C, 0xEB, 0x51, 0xCE, 0x7E, 0x6D, 0x8E, 0xA8, 0x56, 0x41,
  1207. 0x33, 0xF3, 0xB0, 0xA6, 0xFC, 0xCD, 0xC8, 0x41, 0x05, 0x9E, 0xCC, 0x4F,
  1208. 0x51, 0x77, 0xD9, 0xEC, 0x57, 0x34, 0x48, 0x47, 0x22, 0x7A, 0x7C, 0xA1,
  1209. 0x14, 0xB8, 0x2A, 0xC9, 0x16, 0x0A, 0xB4, 0xB3, 0x5D, 0x44, 0x28, 0x23,
  1210. 0x80, 0x7A, 0x3E, 0xDA, 0x02, 0x6D, 0x03, 0x47, 0xCD, 0x2A, 0xAB, 0xA4,
  1211. 0xCE, 0x63, 0x0B, 0x5E, 0x3A, 0xF2, 0x96, 0x86, 0xA9, 0x9F, 0x2A, 0x9A,
  1212. 0xFF, 0x8F, 0x94, 0x91, 0xC8, 0x3C, 0xF2, 0x5A, 0xAA, 0xDA, 0x6B, 0x8E,
  1213. 0x02, 0xFC, 0x42, 0x4B, 0xFE, 0xF3, 0x23, 0x0A, 0xF8, 0x1A, 0x5C, 0x9A,
  1214. 0x5C, 0x0D, 0x71, 0xEF, 0x85, 0x64, 0xA6, 0x4D, 0x6A, 0x8B, 0x82, 0x58,
  1215. 0x2E, 0xBC, 0xFB, 0xB9, 0xDF, 0xB8, 0xCE, 0x3D, 0x03, 0xF3, 0x07, 0x18,
  1216. 0x4A, 0x13, 0x82, 0x8A, 0xEA, 0x24, 0x57, 0x72, 0xE2, 0x33, 0x9D, 0xB3,
  1217. 0x0C, 0x57, 0xCF, 0xAB, 0xDD, 0xEE, 0xF8, 0xD7, 0x2A, 0x75, 0xF5, 0xD7,
  1218. 0x28, 0xED, 0x0F, 0xB7, 0x02, 0xEC, 0x5F, 0xED, 0x50, 0xAE, 0x6B, 0xF3,
  1219. 0x80, 0x29, 0x7B, 0xA2, 0x75, 0x61, 0xFD, 0x20, 0x01, 0x2B, 0xDF, 0x8B,
  1220. 0x3C, 0x2A, 0xB9, 0x1D, 0x92, 0xED, 0x0F, 0xAD, 0x73, 0x74, 0x1E, 0xD8},
  1221. {0x06, 0xA6, 0x4A, 0x6B, 0x89, 0xD0, 0x07, 0x2A, 0xE6, 0x0B, 0x56, 0xD3,
  1222. 0x48, 0x17, 0xF6, 0x99, 0x31, 0x41, 0x21, 0x99, 0x51, 0xF6, 0xB1, 0x6C,
  1223. 0x02, 0xCD, 0x11, 0xE7, 0xCC, 0xD3, 0xC5, 0x6C, 0x06, 0xF4, 0x39, 0x62,
  1224. 0x37, 0x88, 0x37, 0xAD, 0x1F, 0x36, 0x81, 0xFA, 0xD7, 0x4B, 0x9F, 0x57,
  1225. 0x0F, 0x5B, 0xC3, 0x53, 0x14, 0x53, 0x41, 0x3A, 0x2B, 0xAB, 0x6E, 0xF4,
  1226. 0xD8, 0x7F, 0xC5, 0x67, 0x08, 0x70, 0xD7, 0x9B, 0x59, 0xE1, 0xE0, 0x57,
  1227. 0xE2, 0xF4, 0x04, 0x82, 0x06, 0x6A, 0xD5, 0xA2, 0x76, 0x64, 0x41, 0x7F,
  1228. 0x3B, 0xE6, 0x33, 0xB9, 0x39, 0x68, 0xDA, 0x0D, 0x13, 0x03, 0x63, 0xC8,
  1229. 0x07, 0x94, 0x70, 0xF9, 0xFB, 0xD8, 0x99, 0x31, 0xA1, 0x53, 0x1C, 0x20,
  1230. 0x43, 0x12, 0xEB, 0xFF, 0xA4, 0x5D, 0x64, 0x7C, 0x24, 0x9E, 0xE0, 0x03,
  1231. 0x80, 0x8E, 0xFB, 0xDC, 0xEE, 0xFD, 0x1F, 0xEF, 0x03, 0x43, 0x07, 0x44,
  1232. 0xEF, 0xB3, 0x71, 0x39, 0x77, 0x61, 0x5C, 0xA9, 0x32, 0x54, 0x33, 0x98,
  1233. 0xA2, 0x14, 0x6A, 0x13, 0x53, 0x22, 0x94, 0xA2, 0xCE, 0x15, 0xE7, 0xD0,
  1234. 0x30, 0xF2, 0x6B, 0x07, 0x02, 0x56, 0x28, 0xC3, 0xB1, 0x39, 0xF9, 0xC7,
  1235. 0xDA, 0xE2, 0xFD, 0xD0, 0xA8, 0x1B, 0xE8, 0xB2, 0xE3, 0x75, 0x02, 0xB8,
  1236. 0x90, 0xA4, 0xA5, 0x8F, 0x23, 0xA1, 0xCD, 0x75, 0xE7, 0x51, 0x37, 0xE5},
  1237. {0x09, 0x27, 0x38, 0x30, 0x06, 0x44, 0x13, 0xEF, 0xFE, 0x70, 0x5C, 0x4A,
  1238. 0x21, 0xFF, 0xF8, 0xF5, 0xBB, 0xC9, 0x6E, 0xA8, 0x7E, 0x00, 0xB1, 0xD7,
  1239. 0x5E, 0x55, 0xCF, 0xC7, 0x34, 0x6B, 0x8D, 0xD5, 0x04, 0xCE, 0x6E, 0xCA,
  1240. 0x11, 0x5A, 0xB3, 0x0C, 0x33, 0x79, 0x5F, 0xDE, 0xD9, 0xDB, 0x8C, 0xFA,
  1241. 0x73, 0x4E, 0x1E, 0xFA, 0xA1, 0x21, 0x6D, 0xA3, 0x6D, 0xE8, 0x69, 0x02,
  1242. 0x9E, 0xCC, 0x4D, 0x14, 0x09, 0xB5, 0x7C, 0xBA, 0x98, 0xC2, 0xE3, 0xAA,
  1243. 0x82, 0x6A, 0x0F, 0x1E, 0x4C, 0x6C, 0x9E, 0xB8, 0xB6, 0xA3, 0x5D, 0x06,
  1244. 0xFE, 0x99, 0x5C, 0x62, 0xA9, 0x19, 0x4E, 0x84, 0x61, 0xC7, 0xF9, 0x78,
  1245. 0x04, 0x39, 0xDA, 0xB4, 0x79, 0x32, 0x63, 0x60, 0xA6, 0x69, 0x86, 0x5C,
  1246. 0xFF, 0xB0, 0x71, 0xD0, 0xF5, 0x5E, 0x3C, 0xB2, 0x5D, 0x81, 0x4F, 0x9F,
  1247. 0xE4, 0xF7, 0x3B, 0xC7, 0xC5, 0x80, 0x5E, 0x8E, 0x01, 0x23, 0xFA, 0xFC,
  1248. 0x09, 0xAE, 0x12, 0x55, 0xF2, 0xD0, 0x50, 0x5C, 0xED, 0xC6, 0xD6, 0x81,
  1249. 0x9A, 0xA7, 0x93, 0xA3, 0xF4, 0xAC, 0xE5, 0x3E, 0xDB, 0x5A, 0x05, 0xB7,
  1250. 0x0B, 0x80, 0xAD, 0xA9, 0x08, 0xF1, 0x5A, 0xB5, 0x09, 0x23, 0x52, 0x65,
  1251. 0x46, 0x64, 0x79, 0xF2, 0x47, 0x04, 0x72, 0x48, 0x4E, 0x01, 0x55, 0x4A,
  1252. 0x67, 0x8D, 0x1E, 0x07, 0xC7, 0x46, 0x87, 0xF6, 0x50, 0xC3, 0xA6, 0x6B}};
  1253. const std::vector<uint8_t> FfElementTest::epid11_GT_multi_exp_exp_3[3] = {
  1254. {0x00, 0x00, 0xAF, 0x5B, 0x22, 0x71, 0x98, 0xB6, 0xEB, 0x67, 0x3D, 0x94,
  1255. 0x4A, 0xB6, 0x5E, 0x99, 0x81, 0xC5, 0x96, 0x91, 0x55, 0xBA, 0x2F, 0x16,
  1256. 0x01, 0x4E, 0xE1, 0x25, 0xAD, 0xCA, 0x94, 0x88, 0x60, 0x3B, 0xA2, 0x56,
  1257. 0x0A, 0x94, 0x0B, 0x2C, 0x3E, 0xD0, 0x8F, 0x15, 0x07, 0x3D, 0xD5, 0xBE,
  1258. 0x72, 0x3E, 0x2D, 0x06, 0x74, 0xFF, 0x06, 0xED, 0x47, 0x28, 0x08, 0x0C,
  1259. 0xA0, 0x6F, 0xDB, 0x75, 0x55, 0x32, 0xDC, 0x97, 0x47, 0x60, 0x4E, 0x6F,
  1260. 0xB4, 0x29, 0x89, 0x0C},
  1261. {0x00, 0x00, 0x01, 0xB8, 0x40, 0xBB, 0xE1, 0x1C, 0x84, 0x8E, 0x02, 0xC0,
  1262. 0xEF, 0x69, 0x84, 0x90, 0xED, 0xEB, 0x99, 0x94, 0xBC, 0x79, 0x48, 0xC8,
  1263. 0x08, 0x3C, 0x25, 0xDA, 0xAC, 0xFF, 0x3A, 0xDD},
  1264. {0x00, 0x00, 0x37, 0x1E, 0xCD, 0x0F, 0x66, 0x09, 0x7D, 0x33, 0x9A, 0xDC,
  1265. 0x47, 0x28, 0xF7, 0x91, 0xF3, 0xC2, 0xBC, 0x3A, 0xA9, 0x05, 0x62, 0xFC,
  1266. 0xDD, 0x8C, 0x65, 0xC2, 0xA8, 0x14, 0x55, 0x52},
  1267. };
  1268. const Fq6ElemStr FfElementTest::epid11_GT_multi_exp_res_3 = {
  1269. 0x09, 0xCF, 0x1D, 0xB6, 0x97, 0x14, 0x58, 0xAA, 0x29, 0x7E, 0x03, 0x96,
  1270. 0xD2, 0xDC, 0xD4, 0x2C, 0x1F, 0x2F, 0xB0, 0xC1, 0x5E, 0x71, 0xFB, 0x0C,
  1271. 0x8D, 0xDB, 0xBD, 0x1D, 0x20, 0xD9, 0x9A, 0xA5, 0x02, 0x69, 0x62, 0x1C,
  1272. 0x5C, 0xE8, 0x12, 0x11, 0xB1, 0x49, 0x93, 0x29, 0x23, 0xAF, 0xB4, 0xFF,
  1273. 0x77, 0x1E, 0xC9, 0xA6, 0xA0, 0x6D, 0xD9, 0x38, 0x89, 0x1A, 0xC7, 0xB9,
  1274. 0xF9, 0x66, 0x25, 0xD3, 0x00, 0x59, 0xE1, 0xAC, 0x0D, 0xDE, 0xCF, 0xC0,
  1275. 0xCF, 0x50, 0x48, 0x6B, 0xCE, 0x32, 0x15, 0x79, 0x13, 0x71, 0x12, 0x9B,
  1276. 0x63, 0x09, 0x4D, 0x20, 0xD9, 0x4A, 0xCD, 0x4F, 0x00, 0x7F, 0x8A, 0x19,
  1277. 0x06, 0x3F, 0x0F, 0x3E, 0x83, 0xA3, 0xEE, 0x0F, 0xAB, 0x72, 0xC9, 0x9A,
  1278. 0x5D, 0xD1, 0x67, 0xBF, 0xF1, 0x0E, 0xAB, 0x9C, 0xE8, 0x50, 0x04, 0xA7,
  1279. 0x20, 0xAA, 0xF6, 0xB9, 0x8E, 0x2F, 0x69, 0x44, 0x02, 0x68, 0x7A, 0x2E,
  1280. 0x70, 0xD4, 0x7E, 0x83, 0x8F, 0xAB, 0x58, 0x3E, 0xD2, 0x95, 0xA0, 0x1A,
  1281. 0x61, 0xC8, 0x93, 0xA0, 0xCC, 0xA4, 0x90, 0xFB, 0x73, 0xC2, 0xD2, 0x91,
  1282. 0x70, 0x34, 0x6A, 0x67, 0x03, 0x67, 0x49, 0x84, 0xEE, 0x3B, 0x9E, 0x8B,
  1283. 0x6D, 0x47, 0x95, 0xBD, 0x0E, 0x47, 0x97, 0x9E, 0x0A, 0x87, 0x61, 0x83,
  1284. 0x80, 0xEF, 0x4F, 0x91, 0xA8, 0xA6, 0xB7, 0xC0, 0x44, 0xE2, 0x21, 0x8D};
  1285. ////////////////////////////////////////////////
  1286. // NewFfElement
  1287. TEST_F(FfElementTest, NewFailsGivenNullPointer) {
  1288. FfElement* ff_elem = nullptr;
  1289. EXPECT_EQ(kEpidBadArgErr, NewFfElement(nullptr, &ff_elem));
  1290. EXPECT_EQ(kEpidBadArgErr, NewFfElement(this->fq, nullptr));
  1291. DeleteFfElement(&ff_elem);
  1292. }
  1293. TEST_F(FfElementTest, NewSucceedsGiven256BitFiniteField) {
  1294. FfElement* ff_elem = nullptr;
  1295. EXPECT_EQ(kEpidNoErr, NewFfElement(this->fq, &ff_elem));
  1296. DeleteFfElement(&ff_elem);
  1297. }
  1298. TEST_F(FfElementTest, Default256BitElementIsZero) {
  1299. FfElement* ff_elem = nullptr;
  1300. THROW_ON_EPIDERR(NewFfElement(this->fq, &ff_elem));
  1301. FqElemStr ff_elem_str;
  1302. EpidStatus sts =
  1303. WriteFfElement(this->fq, ff_elem, &ff_elem_str, sizeof(ff_elem_str));
  1304. DeleteFfElement(&ff_elem);
  1305. THROW_ON_EPIDERR(sts);
  1306. FqElemStr fq_zero_str = {0};
  1307. EXPECT_EQ(fq_zero_str, ff_elem_str);
  1308. }
  1309. ////////////////////////////////////////////////
  1310. // DeleteFfElement
  1311. TEST_F(FfElementTest, DeleteNullsPointer) {
  1312. FfElement* ff_elem = nullptr;
  1313. EpidStatus sts = NewFfElement(this->fq, &ff_elem);
  1314. DeleteFfElement(&ff_elem);
  1315. THROW_ON_EPIDERR(sts);
  1316. EXPECT_EQ(nullptr, ff_elem);
  1317. }
  1318. TEST_F(FfElementTest, DeleteWorksGivenNullPointer) {
  1319. EXPECT_NO_THROW(DeleteFfElement(nullptr));
  1320. FfElement* ff_elem = nullptr;
  1321. EXPECT_NO_THROW(DeleteFfElement(&ff_elem));
  1322. }
  1323. ////////////////////////////////////////////////
  1324. // ReadFfElement
  1325. TEST_F(FfElementTest, ReadFailsGivenArgumentsMismatch) {
  1326. uint8_t buf[sizeof(Fq12ElemStr)] = {0};
  1327. EXPECT_EQ(kEpidBadArgErr,
  1328. ReadFfElement(this->fq12, buf, sizeof(Fq12ElemStr), this->fq_a));
  1329. EXPECT_EQ(kEpidBadArgErr,
  1330. ReadFfElement(this->fq, buf, sizeof(FqElemStr), this->fq12_result));
  1331. }
  1332. TEST_F(FfElementTest, ReadFailsGivenNullPointer) {
  1333. FqElemStr ff_elem_str;
  1334. EXPECT_EQ(kEpidBadArgErr, ReadFfElement(nullptr, &ff_elem_str,
  1335. sizeof(ff_elem_str), this->fq_a));
  1336. EXPECT_EQ(kEpidBadArgErr,
  1337. ReadFfElement(this->fq, nullptr, sizeof(ff_elem_str), this->fq_a));
  1338. EXPECT_EQ(kEpidBadArgErr, ReadFfElement(this->fq, &ff_elem_str,
  1339. sizeof(ff_elem_str), nullptr));
  1340. }
  1341. TEST_F(FfElementTest, ReadFailsGivenInvalidBufferSize) {
  1342. FqElemStr ff_elem_str;
  1343. EXPECT_EQ(kEpidBadArgErr,
  1344. ReadFfElement(this->fq, &ff_elem_str, 0, this->fq_a));
  1345. EXPECT_EQ(kEpidBadArgErr,
  1346. ReadFfElement(this->fq, &ff_elem_str,
  1347. std::numeric_limits<size_t>::max(), this->fq_a));
  1348. }
  1349. TEST_F(FfElementTest, ReadFailsGivenElementDoesNotBelongToFF) {
  1350. // q does not belong to Fq
  1351. EXPECT_EQ(kEpidBadArgErr, ReadFfElement(this->fq, &this->bn_q_str,
  1352. sizeof(this->bn_q_str), this->fq_a));
  1353. }
  1354. TEST_F(FfElementTest, Read256BitElementCorrectly) {
  1355. // q-1 is valid element of Fq
  1356. ASSERT_EQ(kEpidNoErr, ReadFfElement(this->fq, &this->fq_qm1_str,
  1357. sizeof(this->fq_qm1_str), this->fq_a));
  1358. FqElemStr buf;
  1359. EXPECT_EQ(kEpidNoErr,
  1360. WriteFfElement(this->fq, this->fq_a, &buf, sizeof(buf)));
  1361. EXPECT_EQ(this->fq_qm1_str, buf);
  1362. }
  1363. TEST_F(FfElementTest, ReadIgnoreLeadingZerosForPrimeField) {
  1364. // q-1 is valid element of Fq
  1365. std::vector<uint8_t> ff_elem_str = {
  1366. 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5,
  1367. 0xF2, 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12,
  1368. 0x98, 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x12};
  1369. ASSERT_EQ(kEpidNoErr, ReadFfElement(this->fq, ff_elem_str.data(),
  1370. ff_elem_str.size(), this->fq_a));
  1371. FqElemStr buf;
  1372. EXPECT_EQ(kEpidNoErr,
  1373. WriteFfElement(this->fq, this->fq_a, &buf, sizeof(buf)));
  1374. EXPECT_EQ(this->fq_qm1_str, buf);
  1375. }
  1376. TEST_F(FfElementTest, ReadExpectExactSizeForFieldExtensions) {
  1377. uint8_t buf[sizeof(Fq2ElemStr) + 1] = {0};
  1378. EXPECT_EQ(kEpidBadArgErr,
  1379. ReadFfElement(this->fq2, buf, sizeof(buf), this->fq2_a));
  1380. }
  1381. ///////////////////////////////////////////////////////////////////////
  1382. // InitFfElementFromBn
  1383. TEST_F(FfElementTest, InitFromBnFailsGivenNonPrimeField) {
  1384. BigNumStr str = {0x01};
  1385. FfElementObj ffe(&this->fq2);
  1386. BigNumObj bn(sizeof(str), str);
  1387. EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(this->fq2, bn, ffe));
  1388. }
  1389. TEST_F(FfElementTest, InitFromBnFailsGivenNullPointer) {
  1390. BigNumStr str = {0x01};
  1391. FfElementObj ffe(&this->fq);
  1392. BigNumObj bn(sizeof(str), str);
  1393. EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(nullptr, bn, ffe));
  1394. EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(this->fq, nullptr, ffe));
  1395. EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(this->fq, bn, nullptr));
  1396. }
  1397. TEST_F(FfElementTest, InitFromBnInFieldElementCorrectly) {
  1398. FfElementObj ffe(&this->fq);
  1399. BigNumObj qm1_bn(this->bn_qm1_str);
  1400. FqElemStr buf;
  1401. EXPECT_EQ(kEpidNoErr, InitFfElementFromBn(this->fq, qm1_bn, ffe));
  1402. EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, ffe, &buf, sizeof(buf)));
  1403. EXPECT_EQ(this->fq_qm1_str, buf);
  1404. }
  1405. TEST_F(FfElementTest, InitFromBnOutOfFieldElementCorrectly) {
  1406. FfElementObj ffe(&this->fq);
  1407. BigNumObj q_bn(this->bn_q_str);
  1408. BigNumObj qp1_bn(this->bn_qp1_str);
  1409. FqElemStr buf;
  1410. EXPECT_EQ(kEpidNoErr, InitFfElementFromBn(this->fq, q_bn, ffe));
  1411. EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, ffe, &buf, sizeof(buf)));
  1412. EXPECT_EQ(this->bn_0_str, buf);
  1413. EXPECT_EQ(kEpidNoErr, InitFfElementFromBn(this->fq, qp1_bn, ffe));
  1414. EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, ffe, &buf, sizeof(buf)));
  1415. EXPECT_EQ(this->bn_1_str, buf);
  1416. }
  1417. ///////////////////////////////////////////////////////////////////////
  1418. // FfIsEqual
  1419. TEST_F(FfElementTest, FfIsEqualFailsGivenArgumentsMismatch) {
  1420. bool result;
  1421. EXPECT_EQ(kEpidBadArgErr,
  1422. FfIsEqual(this->fq12, this->fq_a, this->fq_b, &result));
  1423. EXPECT_EQ(kEpidBadArgErr,
  1424. FfIsEqual(this->fq, this->fq12_g, this->fq_b, &result));
  1425. EXPECT_EQ(kEpidBadArgErr,
  1426. FfIsEqual(this->fq, this->fq_a, this->fq12_h, &result));
  1427. }
  1428. TEST_F(FfElementTest, FfIsEqualFailsGivenNullPointer) {
  1429. bool result;
  1430. EXPECT_EQ(kEpidBadArgErr,
  1431. FfIsEqual(nullptr, this->fq_a, this->fq_a, &result));
  1432. EXPECT_EQ(kEpidBadArgErr, FfIsEqual(this->fq, nullptr, this->fq_a, &result));
  1433. EXPECT_EQ(kEpidBadArgErr, FfIsEqual(this->fq, this->fq_a, nullptr, &result));
  1434. EXPECT_EQ(kEpidBadArgErr,
  1435. FfIsEqual(this->fq, this->fq_a, this->fq_a, nullptr));
  1436. }
  1437. TEST_F(FfElementTest, FfIsEqualCanCompareElementWithItself) {
  1438. bool result;
  1439. EXPECT_EQ(kEpidNoErr, FfIsEqual(this->fq, this->fq_a, this->fq_a, &result));
  1440. EXPECT_TRUE(result);
  1441. }
  1442. TEST_F(FfElementTest, Different256BitFiniteFieldElementsAreNotEqual) {
  1443. bool result;
  1444. EXPECT_EQ(kEpidNoErr, FfIsEqual(this->fq, this->fq_a, this->fq_b, &result));
  1445. EXPECT_FALSE(result);
  1446. }
  1447. TEST_F(FfElementTest, Same256BitFiniteFieldElementsAreEqual) {
  1448. FfElementObj fq_a_local(&this->fq, &this->fq_a_str, sizeof(this->fq_a_str));
  1449. bool result;
  1450. EXPECT_EQ(kEpidNoErr, FfIsEqual(this->fq, this->fq_a, fq_a_local, &result));
  1451. EXPECT_TRUE(result);
  1452. }
  1453. TEST_F(FfElementTest, DifferentFq12ElementsAreNotEqual) {
  1454. bool result;
  1455. EXPECT_EQ(kEpidNoErr,
  1456. FfIsEqual(this->fq12, this->fq12_g, this->fq12_h, &result));
  1457. EXPECT_FALSE(result);
  1458. }
  1459. TEST_F(FfElementTest, SameFq12ElementsAreEqual) {
  1460. FfElementObj fq12_g_local(&this->fq12, &this->fq12_g_str,
  1461. sizeof(this->fq12_g_str));
  1462. bool result;
  1463. EXPECT_EQ(kEpidNoErr,
  1464. FfIsEqual(this->fq12, this->fq12_g, fq12_g_local, &result));
  1465. EXPECT_TRUE(result);
  1466. }
  1467. ////////////////////////////////////////////////
  1468. // WriteFfElement
  1469. TEST_F(FfElementTest, WriteFailsGivenArgumentsMismatch) {
  1470. uint8_t buf[sizeof(Fq12ElemStr)] = {0};
  1471. EXPECT_EQ(kEpidBadArgErr,
  1472. WriteFfElement(this->fq12, this->fq_a, buf, sizeof(Fq12ElemStr)));
  1473. EXPECT_EQ(kEpidBadArgErr,
  1474. WriteFfElement(this->fq, this->fq12_g, buf, sizeof(Fq12ElemStr)));
  1475. }
  1476. TEST_F(FfElementTest, WriteFailsGivenNullPointer) {
  1477. FqElemStr ff_elem_str;
  1478. EXPECT_EQ(kEpidBadArgErr, WriteFfElement(nullptr, this->fq_a, &ff_elem_str,
  1479. sizeof(ff_elem_str)));
  1480. EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq, nullptr, &ff_elem_str,
  1481. sizeof(ff_elem_str)));
  1482. EXPECT_EQ(kEpidBadArgErr,
  1483. WriteFfElement(this->fq, this->fq_a, nullptr, sizeof(ff_elem_str)));
  1484. }
  1485. TEST_F(FfElementTest, WriteFailsGivenInvalidBufferSize) {
  1486. FqElemStr ff_elem_str;
  1487. EXPECT_EQ(kEpidBadArgErr,
  1488. WriteFfElement(this->fq, this->fq_a, &ff_elem_str, 0));
  1489. EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str,
  1490. sizeof(ff_elem_str) - 1));
  1491. EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str,
  1492. std::numeric_limits<size_t>::max()));
  1493. }
  1494. TEST_F(FfElementTest, WriteWorksGiven256BitElement) {
  1495. FqElemStr ff_elem_str;
  1496. EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str,
  1497. sizeof(ff_elem_str)));
  1498. EXPECT_EQ(this->fq_a_str, ff_elem_str);
  1499. }
  1500. TEST_F(FfElementTest, WritePadPrimeFieldElement) {
  1501. FqElemStr ff_elem_str[2] = {0xcd};
  1502. EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str[0],
  1503. sizeof(ff_elem_str)));
  1504. EXPECT_EQ(this->fq_0_str, ff_elem_str[0]);
  1505. EXPECT_EQ(this->fq_a_str, ff_elem_str[1]);
  1506. }
  1507. TEST_F(FfElementTest, WriteExpectExactSizeForFieldExtensions) {
  1508. uint8_t buf[sizeof(Fq12ElemStr) + 1] = {0};
  1509. EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq12, this->fq12_g, buf,
  1510. sizeof(Fq12ElemStr) + 1));
  1511. EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq12, this->fq12_g, buf,
  1512. sizeof(Fq12ElemStr) - 1));
  1513. EXPECT_EQ(kEpidBadArgErr,
  1514. WriteFfElement(this->fq12, this->fq12_g, buf, sizeof(FqElemStr)));
  1515. }
  1516. ///////////////////////////////////////////////////////////////////////
  1517. // FfNeg
  1518. TEST_F(FfElementTest, FfNegFailsGivenArgumentsMismatch) {
  1519. EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq12, this->fq_a, this->fq_result));
  1520. EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, this->fq12_g, this->fq_result));
  1521. EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, this->fq_a, this->fq12_result));
  1522. }
  1523. TEST_F(FfElementTest, FfNegFailsGivenNullPointer) {
  1524. EXPECT_EQ(kEpidBadArgErr, FfNeg(nullptr, this->fq_a, this->fq_result));
  1525. EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, nullptr, this->fq_result));
  1526. EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, this->fq_a, nullptr));
  1527. }
  1528. TEST_F(FfElementTest, FfNegSucceedsGivenElementZero) {
  1529. FqElemStr fq_r_str;
  1530. EXPECT_EQ(kEpidNoErr, FfNeg(this->fq, this->fq_0, this->fq_result));
  1531. THROW_ON_EPIDERR(
  1532. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1533. EXPECT_EQ(this->fq_0_str, fq_r_str)
  1534. << "FfNeg: Negate element does not match to reference neg zero value";
  1535. }
  1536. TEST_F(FfElementTest, FfNegSucceedsGivenNonZeroElement) {
  1537. FqElemStr fq_r_str;
  1538. EXPECT_EQ(kEpidNoErr, FfNeg(this->fq, this->fq_a, this->fq_result));
  1539. THROW_ON_EPIDERR(
  1540. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1541. EXPECT_EQ(this->fq_neg_a_str, fq_r_str)
  1542. << "FfNeg: Negate element does not match to reference neg value";
  1543. }
  1544. ////////////////////////////////////////////////
  1545. // FfIsZero
  1546. TEST_F(FfElementTest, FfIsZeroFailsGivenNullPointer) {
  1547. bool result = false;
  1548. EXPECT_EQ(kEpidBadArgErr, FfIsZero(nullptr, this->fq_0, &result));
  1549. EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq, nullptr, &result));
  1550. EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq, this->fq_0, nullptr));
  1551. }
  1552. TEST_F(FfElementTest, FfIsZeroFailsGivenArgumentsMismatch) {
  1553. bool result;
  1554. EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq12, this->fq_a, &result));
  1555. EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq, this->fq12_g, &result));
  1556. }
  1557. TEST_F(FfElementTest, FfIsZeroSucceedsGivenZeroElement) {
  1558. bool result = false;
  1559. EXPECT_EQ(kEpidNoErr, FfIsZero(this->fq, this->fq_0, &result));
  1560. EXPECT_TRUE(result);
  1561. }
  1562. TEST_F(FfElementTest, FfIsZeroSucceedsGivenNonZeroElement) {
  1563. bool result = false;
  1564. EXPECT_EQ(kEpidNoErr, FfIsZero(this->fq, this->fq_1, &result));
  1565. EXPECT_FALSE(result);
  1566. }
  1567. ////////////////////////////////////////////////
  1568. // FfMul
  1569. TEST_F(FfElementTest, FfMulFailsGivenNullPointer) {
  1570. EXPECT_EQ(kEpidBadArgErr,
  1571. FfMul(nullptr, this->fq_a, this->fq_b, this->fq_result));
  1572. EXPECT_EQ(kEpidBadArgErr,
  1573. FfMul(this->fq, nullptr, this->fq_b, this->fq_result));
  1574. EXPECT_EQ(kEpidBadArgErr,
  1575. FfMul(this->fq, this->fq_a, nullptr, this->fq_result));
  1576. EXPECT_EQ(kEpidBadArgErr, FfMul(this->fq, this->fq_a, this->fq_b, nullptr));
  1577. }
  1578. TEST_F(FfElementTest, FfMulFailsGivenArgumentsMismatch) {
  1579. EXPECT_EQ(kEpidBadArgErr,
  1580. FfMul(this->fq12, this->fq_a, this->fq_b, this->fq_result));
  1581. EXPECT_EQ(kEpidBadArgErr,
  1582. FfMul(this->fq, this->fq12_g, this->fq_b, this->fq_result));
  1583. EXPECT_EQ(kEpidBadArgErr,
  1584. FfMul(this->fq, this->fq_a, this->fq12_h, this->fq_result));
  1585. EXPECT_EQ(kEpidBadArgErr,
  1586. FfMul(this->fq, this->fq_a, this->fq_b, this->fq12_result));
  1587. EXPECT_EQ(kEpidBadArgErr,
  1588. FfMul(this->fq2, this->fq_a, this->fq2_a, this->fq2_result));
  1589. }
  1590. TEST_F(FfElementTest, FfMulSucceedsGivenElementZero) {
  1591. FqElemStr fq_r_str;
  1592. EXPECT_EQ(kEpidNoErr,
  1593. FfMul(this->fq, this->fq_0, this->fq_b, this->fq_result));
  1594. THROW_ON_EPIDERR(
  1595. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1596. EXPECT_EQ(this->fq_0_str, fq_r_str);
  1597. EXPECT_EQ(kEpidNoErr,
  1598. FfMul(this->fq, this->fq_a, this->fq_0, this->fq_result));
  1599. THROW_ON_EPIDERR(
  1600. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1601. EXPECT_EQ(this->fq_0_str, fq_r_str);
  1602. }
  1603. TEST_F(FfElementTest, FfMulSucceedsGivenElementOne) {
  1604. FqElemStr fq_r_str;
  1605. EXPECT_EQ(kEpidNoErr,
  1606. FfMul(this->fq, this->fq_1, this->fq_b, this->fq_result));
  1607. THROW_ON_EPIDERR(
  1608. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1609. EXPECT_EQ(this->fq_b_str, fq_r_str);
  1610. EXPECT_EQ(kEpidNoErr,
  1611. FfMul(this->fq, this->fq_a, this->fq_1, this->fq_result));
  1612. THROW_ON_EPIDERR(
  1613. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1614. EXPECT_EQ(this->fq_a_str, fq_a_str);
  1615. }
  1616. TEST_F(FfElementTest, FfMulSucceedsGivenTwoElements) {
  1617. FqElemStr fq_r_str;
  1618. EXPECT_EQ(kEpidNoErr,
  1619. FfMul(this->fq, this->fq_a, this->fq_b, this->fq_result));
  1620. THROW_ON_EPIDERR(
  1621. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1622. EXPECT_EQ(this->fq_mul_ab_str, fq_r_str);
  1623. Fq2ElemStr fq2_r_str;
  1624. THROW_ON_EPIDERR(
  1625. ReadFfElement(this->fq, &(fq_b_str), sizeof(fq_b_str), this->fq_b));
  1626. EXPECT_EQ(kEpidNoErr,
  1627. FfMul(this->fq2, this->fq2_a, this->fq_b, this->fq2_result));
  1628. THROW_ON_EPIDERR(WriteFfElement(this->fq2, this->fq2_result, &fq2_r_str,
  1629. sizeof(fq2_r_str)));
  1630. EXPECT_EQ(this->fq2_mul_ab_str, fq2_r_str);
  1631. Fq12ElemStr fq12_r_str;
  1632. THROW_ON_EPIDERR(ReadFfElement(this->fq12, &(this->fq12_i_str),
  1633. sizeof(this->fq12_i_str), this->fq12_i));
  1634. THROW_ON_EPIDERR(ReadFfElement(this->fq12, &(fq12_j_str), sizeof(fq12_j_str),
  1635. this->fq12_j));
  1636. EXPECT_EQ(kEpidNoErr,
  1637. FfMul(this->fq12, this->fq12_i, this->fq12_j, this->fq12_result));
  1638. THROW_ON_EPIDERR(WriteFfElement(this->fq12, this->fq12_result, &fq12_r_str,
  1639. sizeof(fq12_r_str)));
  1640. EXPECT_EQ(fq12_mul_ij_str, fq12_r_str);
  1641. }
  1642. ////////////////////////////////////////////////
  1643. // FfSub
  1644. TEST_F(FfElementTest, FfSubFailsGivenArgumentsMismatch) {
  1645. EXPECT_EQ(kEpidBadArgErr,
  1646. FfSub(this->fq12, this->fq_a, this->fq_b, this->fq_result));
  1647. EXPECT_EQ(kEpidBadArgErr,
  1648. FfSub(this->fq, this->fq12_g, this->fq_b, this->fq_result));
  1649. EXPECT_EQ(kEpidBadArgErr,
  1650. FfSub(this->fq, this->fq_a, this->fq12_h, this->fq_result));
  1651. EXPECT_EQ(kEpidBadArgErr,
  1652. FfSub(this->fq, this->fq_a, this->fq_b, this->fq12_result));
  1653. }
  1654. TEST_F(FfElementTest, FfSubFailsGivenNullPtr) {
  1655. EXPECT_EQ(kEpidBadArgErr,
  1656. FfSub(nullptr, this->fq_a, this->fq_b, this->fq_result));
  1657. EXPECT_EQ(kEpidBadArgErr,
  1658. FfSub(this->fq, nullptr, this->fq_b, this->fq_result));
  1659. EXPECT_EQ(kEpidBadArgErr,
  1660. FfSub(this->fq, this->fq_a, nullptr, this->fq_result));
  1661. EXPECT_EQ(kEpidBadArgErr, FfSub(this->fq, this->fq_a, this->fq_b, nullptr));
  1662. }
  1663. TEST_F(FfElementTest, FfSubSucceedsGivenElementZero) {
  1664. FqElemStr fq_r_str = {0x0};
  1665. // additive identity
  1666. EXPECT_EQ(kEpidNoErr,
  1667. FfSub(this->fq, this->fq_a, this->fq_0, this->fq_result));
  1668. THROW_ON_EPIDERR(
  1669. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1670. EXPECT_EQ(this->fq_a_str, fq_r_str);
  1671. EXPECT_EQ(kEpidNoErr,
  1672. FfSub(this->fq, this->fq_0, this->fq_0, this->fq_result));
  1673. THROW_ON_EPIDERR(
  1674. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1675. EXPECT_EQ(this->fq_0_str, fq_r_str);
  1676. }
  1677. TEST_F(FfElementTest, FfSubSucceedsGivenTwoEqualElements) {
  1678. FqElemStr fq_r_str = {0x0};
  1679. EXPECT_EQ(kEpidNoErr,
  1680. FfSub(this->fq, this->fq_a, this->fq_a, this->fq_result));
  1681. THROW_ON_EPIDERR(
  1682. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1683. EXPECT_EQ(this->fq_0_str, fq_r_str);
  1684. }
  1685. TEST_F(FfElementTest, FfSubSucceedsGivenTwoElements) {
  1686. FqElemStr fq_r_str = {0x0};
  1687. EXPECT_EQ(kEpidNoErr,
  1688. FfSub(this->fq, this->fq_sum_ab, this->fq_b, this->fq_result));
  1689. THROW_ON_EPIDERR(
  1690. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1691. EXPECT_EQ(this->fq_a_str, fq_r_str);
  1692. }
  1693. TEST_F(FfElementTest, FfSubSucceedsGivenTwoElementsFq2) {
  1694. FfElementObj a(&this->fq2, &this->bn_a_str, sizeof(this->bn_a_str));
  1695. FfElementObj b(&this->fq2, &this->bn_b_str, sizeof(this->bn_b_str));
  1696. FfElementObj sum_ab(&this->fq2, this->fq2_sum_ab_str);
  1697. FfElementObj r(&this->fq2);
  1698. EXPECT_EQ(kEpidNoErr, FfSub(this->fq2, sum_ab, b, r));
  1699. EXPECT_EQ(a, r);
  1700. }
  1701. TEST_F(FfElementTest, FfSubSucceedsGivenTwoElementsFq6) {
  1702. FfElementObj a(&this->fq6, &this->bn_a_str, sizeof(this->bn_a_str));
  1703. FfElementObj b(&this->fq6, &this->bn_b_str, sizeof(this->bn_b_str));
  1704. FfElementObj sum_ab(&this->fq6, this->fq6_sum_ab_str);
  1705. FfElementObj r(&this->fq6);
  1706. EXPECT_EQ(kEpidNoErr, FfSub(this->fq6, sum_ab, b, r));
  1707. EXPECT_EQ(a, r);
  1708. }
  1709. TEST_F(FfElementTest, FfSubSucceedsGivenTwoElementsFq12) {
  1710. FfElementObj a(&this->fq12, &this->bn_a_str, sizeof(this->bn_a_str));
  1711. FfElementObj b(&this->fq12, &this->bn_b_str, sizeof(this->bn_b_str));
  1712. FfElementObj sum_ab(&this->fq12, this->fq12_sum_ab_str);
  1713. FfElementObj r(&this->fq12);
  1714. EXPECT_EQ(kEpidNoErr, FfSub(this->fq12, sum_ab, b, r));
  1715. EXPECT_EQ(a, r);
  1716. }
  1717. ////////////////////////////////////////////////
  1718. // FfAdd
  1719. TEST_F(FfElementTest, FfAddFailsGivenArgumentsMismatch) {
  1720. EXPECT_EQ(kEpidBadArgErr,
  1721. FfAdd(this->fq12, this->fq_a, this->fq_b, this->fq_result));
  1722. EXPECT_EQ(kEpidBadArgErr,
  1723. FfAdd(this->fq, this->fq12_g, this->fq_b, this->fq_result));
  1724. EXPECT_EQ(kEpidBadArgErr,
  1725. FfAdd(this->fq, this->fq_a, this->fq12_h, this->fq_result));
  1726. EXPECT_EQ(kEpidBadArgErr,
  1727. FfAdd(this->fq, this->fq_a, this->fq_b, this->fq12_result));
  1728. }
  1729. TEST_F(FfElementTest, FfAddFailsGivenNullPtr) {
  1730. EXPECT_EQ(kEpidBadArgErr,
  1731. FfAdd(nullptr, this->fq_a, this->fq_b, this->fq_result));
  1732. EXPECT_EQ(kEpidBadArgErr,
  1733. FfAdd(this->fq, nullptr, this->fq_b, this->fq_result));
  1734. EXPECT_EQ(kEpidBadArgErr,
  1735. FfAdd(this->fq, this->fq_a, nullptr, this->fq_result));
  1736. EXPECT_EQ(kEpidBadArgErr, FfAdd(this->fq, this->fq_a, this->fq_b, nullptr));
  1737. }
  1738. TEST_F(FfElementTest, FfAddSucceedsGivenElementZero) {
  1739. FqElemStr fq_r_str = {0x0};
  1740. // additive identity
  1741. EXPECT_EQ(kEpidNoErr,
  1742. FfAdd(this->fq, this->fq_a, this->fq_0, this->fq_result));
  1743. THROW_ON_EPIDERR(
  1744. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1745. EXPECT_EQ(this->fq_a_str, fq_r_str);
  1746. EXPECT_EQ(kEpidNoErr,
  1747. FfAdd(this->fq, this->fq_0, this->fq_b, this->fq_result));
  1748. THROW_ON_EPIDERR(
  1749. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1750. EXPECT_EQ(this->fq_b_str, fq_r_str);
  1751. EXPECT_EQ(kEpidNoErr,
  1752. FfAdd(this->fq, this->fq_0, this->fq_0, this->fq_result));
  1753. THROW_ON_EPIDERR(
  1754. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1755. EXPECT_EQ(this->fq_0_str, fq_r_str);
  1756. }
  1757. TEST_F(FfElementTest, FfAddSucceedsGivenTwoElements) {
  1758. FqElemStr fq_r_str = {0x0};
  1759. EXPECT_EQ(kEpidNoErr,
  1760. FfAdd(this->fq, this->fq_a, this->fq_b, this->fq_result));
  1761. THROW_ON_EPIDERR(
  1762. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1763. EXPECT_EQ(this->fq_sum_ab_str, fq_r_str);
  1764. }
  1765. TEST_F(FfElementTest, FfAddSucceedsGivenTwoElementsFq2) {
  1766. FfElementObj a(&this->fq2, &this->bn_a_str, sizeof(this->bn_a_str));
  1767. FfElementObj b(&this->fq2, &this->bn_b_str, sizeof(this->bn_b_str));
  1768. FfElementObj r(&this->fq2);
  1769. EXPECT_EQ(kEpidNoErr, FfAdd(this->fq2, a, b, r));
  1770. EXPECT_EQ(FfElementObj(&this->fq2, this->fq2_sum_ab_str), r);
  1771. }
  1772. TEST_F(FfElementTest, FfAddSucceedsGivenTwoElementsFq6) {
  1773. FfElementObj a(&this->fq6, &this->bn_a_str, sizeof(this->bn_a_str));
  1774. FfElementObj b(&this->fq6, &this->bn_b_str, sizeof(this->bn_b_str));
  1775. FfElementObj r(&this->fq6);
  1776. EXPECT_EQ(kEpidNoErr, FfAdd(this->fq6, a, b, r));
  1777. EXPECT_EQ(FfElementObj(&this->fq6, this->fq6_sum_ab_str), r);
  1778. }
  1779. TEST_F(FfElementTest, FfAddSucceedsGivenTwoElementsFq12) {
  1780. FfElementObj a(&this->fq12, &this->bn_a_str, sizeof(this->bn_a_str));
  1781. FfElementObj b(&this->fq12, &this->bn_b_str, sizeof(this->bn_b_str));
  1782. FfElementObj r(&this->fq12);
  1783. EXPECT_EQ(kEpidNoErr, FfAdd(this->fq12, a, b, r));
  1784. EXPECT_EQ(FfElementObj(&this->fq12, this->fq12_sum_ab_str), r);
  1785. }
  1786. ////////////////////////////////////////////////
  1787. // FfInv
  1788. TEST_F(FfElementTest, FfInvFailsGivenNullPointer) {
  1789. EXPECT_EQ(kEpidBadArgErr, FfInv(nullptr, (this->fq_a), this->fq_result));
  1790. EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, nullptr, this->fq_result));
  1791. EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, this->fq_a, nullptr));
  1792. }
  1793. TEST_F(FfElementTest, FfInvFailsGivenArgumentsMismatch) {
  1794. EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq12, this->fq_a, this->fq_result));
  1795. EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, this->fq12_g, this->fq_result));
  1796. EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, this->fq_a, this->fq12_result));
  1797. }
  1798. TEST_F(FfElementTest, FfInvFailsGivenElementZero) {
  1799. EXPECT_EQ(kEpidDivByZeroErr, FfInv(this->fq, this->fq_0, this->fq_result));
  1800. }
  1801. TEST_F(FfElementTest, FfInvSucceedsGivenElementOne) {
  1802. FqElemStr fq_r_str;
  1803. EXPECT_EQ(kEpidNoErr, FfInv(this->fq, this->fq_1, this->fq_result));
  1804. THROW_ON_EPIDERR(
  1805. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1806. EXPECT_EQ(this->fq_1_str, fq_r_str);
  1807. }
  1808. TEST_F(FfElementTest, FfInvSucceedsGivenAnElement) {
  1809. FqElemStr fq_r_str;
  1810. EXPECT_EQ(kEpidNoErr, FfInv(this->fq, this->fq_a, this->fq_result));
  1811. THROW_ON_EPIDERR(
  1812. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1813. EXPECT_EQ(this->fq_inv_a_str, fq_r_str);
  1814. }
  1815. ////////////////////////////////////////////////
  1816. // FfExp
  1817. TEST_F(FfElementTest, FfExpFailsGivenNullPointer) {
  1818. EXPECT_EQ(kEpidBadArgErr,
  1819. FfExp(nullptr, this->fq_a, this->bn_a, this->fq_result));
  1820. EXPECT_EQ(kEpidBadArgErr,
  1821. FfExp(this->fq, nullptr, this->bn_a, this->fq_result));
  1822. EXPECT_EQ(kEpidBadArgErr,
  1823. FfExp(this->fq, this->fq_a, nullptr, this->fq_result));
  1824. EXPECT_EQ(kEpidBadArgErr, FfExp(this->fq, this->fq_a, this->bn_a, nullptr));
  1825. }
  1826. TEST_F(FfElementTest, FfExpFailsGivenArgumentsMismatch) {
  1827. EXPECT_EQ(kEpidBadArgErr,
  1828. FfExp(this->fq12, this->fq_a, this->bn_0, this->fq_result));
  1829. EXPECT_EQ(kEpidBadArgErr,
  1830. FfExp(this->fq, this->fq12_g, this->bn_0, this->fq_result));
  1831. EXPECT_EQ(kEpidBadArgErr,
  1832. FfExp(this->fq, this->fq_a, this->bn_0, this->fq12_result));
  1833. }
  1834. TEST_F(FfElementTest, FfExpSucceedsGivenElementZero) {
  1835. FqElemStr fq_r_str;
  1836. EXPECT_EQ(kEpidNoErr,
  1837. FfExp(this->fq, this->fq_0, this->bn_a, this->fq_result));
  1838. THROW_ON_EPIDERR(
  1839. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1840. EXPECT_EQ(this->fq_0_str, fq_r_str);
  1841. }
  1842. TEST_F(FfElementTest, FfExpSucceedsGivenExponentZero) {
  1843. FqElemStr fq_r_str;
  1844. EXPECT_EQ(kEpidNoErr,
  1845. FfExp(this->fq, this->fq_a, this->bn_0, this->fq_result));
  1846. THROW_ON_EPIDERR(
  1847. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1848. EXPECT_EQ(this->fq_1_str, fq_r_str);
  1849. }
  1850. TEST_F(FfElementTest, FfExpSucceedsGivenElementOne) {
  1851. FqElemStr fq_r_str;
  1852. EXPECT_EQ(kEpidNoErr,
  1853. FfExp(this->fq, this->fq_1, this->bn_a, this->fq_result));
  1854. THROW_ON_EPIDERR(
  1855. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1856. EXPECT_EQ(this->fq_1_str, fq_r_str);
  1857. }
  1858. TEST_F(FfElementTest, FfExpSucceedsGivenExponentOne) {
  1859. FqElemStr fq_r_str;
  1860. EXPECT_EQ(kEpidNoErr,
  1861. FfExp(this->fq, this->fq_a, this->bn_1, this->fq_result));
  1862. THROW_ON_EPIDERR(
  1863. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1864. EXPECT_EQ(this->fq_a_str, fq_r_str);
  1865. }
  1866. TEST_F(FfElementTest, FfExpSucceedsGivenAnElement) {
  1867. FqElemStr fq_r_str;
  1868. EXPECT_EQ(kEpidNoErr,
  1869. FfExp(this->fq, this->fq_a, this->bn_a, this->fq_result));
  1870. THROW_ON_EPIDERR(
  1871. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1872. EXPECT_EQ(this->fq_exp_ab_str, fq_r_str);
  1873. Fq12ElemStr fq12_r_str;
  1874. BigNumObj bn_pm1(sizeof(this->fp_pm1_str), this->fp_pm1_str);
  1875. EXPECT_EQ(kEpidNoErr,
  1876. FfExp(this->fq12, this->fq12_k, bn_pm1, this->fq12_result));
  1877. THROW_ON_EPIDERR(WriteFfElement(this->fq12, this->fq12_result, &fq12_r_str,
  1878. sizeof(fq12_r_str)));
  1879. EXPECT_EQ(this->fq12_mul_gb_str, fq12_r_str);
  1880. }
  1881. ////////////////////////////////////////////////
  1882. // FfHash
  1883. TEST_F(FfElementTest, FfHashFailsGivenArgumentsMismatch) {
  1884. EXPECT_EQ(kEpidBadArgErr,
  1885. FfHash(this->fq12, this->sha_msg, sizeof(this->sha_msg), kSha256,
  1886. this->fq_result));
  1887. EXPECT_EQ(kEpidBadArgErr,
  1888. FfHash(this->fq, this->sha_msg, sizeof(this->sha_msg), kSha256,
  1889. this->fq12_result));
  1890. }
  1891. TEST_F(FfElementTest, FfHashFailsGivenNullPointer) {
  1892. uint8_t const msg[] = {0};
  1893. EXPECT_EQ(kEpidBadArgErr,
  1894. FfHash(nullptr, msg, sizeof(msg), kSha256, this->fq_result));
  1895. EXPECT_EQ(kEpidBadArgErr,
  1896. FfHash(this->fq, nullptr, sizeof(msg), kSha256, this->fq_result));
  1897. EXPECT_EQ(kEpidBadArgErr,
  1898. FfHash(this->fq, msg, sizeof(msg), kSha256, nullptr));
  1899. }
  1900. TEST_F(FfElementTest, FfHashFailsGivenUnsupportedHashAlg) {
  1901. uint8_t const msg[] = {0};
  1902. EXPECT_EQ(kEpidHashAlgorithmNotSupported,
  1903. FfHash(this->fq, msg, sizeof(msg), kSha512_256, this->fq_result));
  1904. EXPECT_EQ(kEpidHashAlgorithmNotSupported,
  1905. FfHash(this->fq, msg, sizeof(msg), kSha3_256, this->fq_result));
  1906. EXPECT_EQ(kEpidHashAlgorithmNotSupported,
  1907. FfHash(this->fq, msg, sizeof(msg), kSha3_384, this->fq_result));
  1908. EXPECT_EQ(kEpidHashAlgorithmNotSupported,
  1909. FfHash(this->fq, msg, sizeof(msg), kSha3_512, this->fq_result));
  1910. }
  1911. TEST_F(FfElementTest, FfHashFailsGivenIncorrectMsgLen) {
  1912. uint8_t const msg[] = {0};
  1913. size_t len_greater_int_max = (size_t)INT_MAX + 1;
  1914. EXPECT_EQ(kEpidBadArgErr, FfHash(this->fq, msg, 0, kSha256, this->fq_result));
  1915. EXPECT_EQ(kEpidBadArgErr,
  1916. FfHash(this->fq, msg, std::numeric_limits<size_t>::max(), kSha256,
  1917. this->fq_result));
  1918. EXPECT_EQ(kEpidBadArgErr, FfHash(this->fq, msg, len_greater_int_max, kSha256,
  1919. this->fq_result));
  1920. }
  1921. TEST_F(FfElementTest, FfHashWorksGivenSHA256HashAlg) {
  1922. FqElemStr fq_r_str;
  1923. EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha256,
  1924. this->fq_result));
  1925. THROW_ON_EPIDERR(
  1926. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1927. EXPECT_EQ(this->fq_abc_sha256_str, fq_r_str)
  1928. << "FfHash: Hash element does not match to reference value";
  1929. }
  1930. TEST_F(FfElementTest, FfHashWorksGivenSHA384HashAlg) {
  1931. FqElemStr fq_r_str;
  1932. EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha384,
  1933. this->fq_result));
  1934. THROW_ON_EPIDERR(
  1935. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1936. EXPECT_EQ(this->fq_abc_sha384_str, fq_r_str)
  1937. << "FfHash: Hash element does not match to reference value";
  1938. }
  1939. TEST_F(FfElementTest, FfHashWorksGivenSHA512HashAlg) {
  1940. FqElemStr fq_r_str;
  1941. EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha512,
  1942. this->fq_result));
  1943. THROW_ON_EPIDERR(
  1944. WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
  1945. EXPECT_EQ(this->fq_abc_sha512_str, fq_r_str)
  1946. << "FfHash: Hash element does not match to reference value";
  1947. }
  1948. ////////////////////////////////////////////////
  1949. // FfMultiExp
  1950. TEST_F(FfElementTest, FfMultiExpFailsGivenArgumentsMismatch) {
  1951. FfElement const* p[] = {this->fq_a, this->fq_b};
  1952. FfElement const* p12[] = {this->fq12_g, this->fq12_h};
  1953. BigNumStr const* b[] = {&this->bn_0_str, &this->bn_0_str};
  1954. EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq12, p, b, 2, this->fq_result));
  1955. EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p12, b, 2, this->fq_result));
  1956. EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p, b, 2, this->fq12_result));
  1957. }
  1958. TEST_F(FfElementTest, FfMultiExpFailsGivenNullPointer) {
  1959. FfElement const* p[] = {this->fq_a, this->fq_b};
  1960. FfElement const* p_withnull[] = {nullptr, this->fq_b};
  1961. BigNumStr const* b[] = {&fq_multi_exp_exp_2[0], &this->fq_multi_exp_exp_2[1]};
  1962. BigNumStr const* b_withnull[] = {nullptr, &this->fq_multi_exp_exp_2[1]};
  1963. size_t m = 2;
  1964. EXPECT_EQ(kEpidBadArgErr, FfMultiExp(nullptr, p, b, m, this->fq_result));
  1965. EXPECT_EQ(kEpidBadArgErr,
  1966. FfMultiExp(this->fq, nullptr, b, m, this->fq_result));
  1967. EXPECT_EQ(kEpidBadArgErr,
  1968. FfMultiExp(this->fq, p, nullptr, m, this->fq_result));
  1969. EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p, b, m, nullptr));
  1970. EXPECT_EQ(kEpidBadArgErr,
  1971. FfMultiExp(this->fq, p_withnull, b, m, this->fq_result));
  1972. EXPECT_EQ(kEpidBadArgErr,
  1973. FfMultiExp(this->fq, p, b_withnull, m, this->fq_result));
  1974. }
  1975. TEST_F(FfElementTest, FfMultiExpFailsGivenIncorrectMLen) {
  1976. FfElement const* p[] = {this->fq_a, this->fq_b};
  1977. BigNumStr const* b[] = {&this->fq_multi_exp_exp_2[0],
  1978. &this->fq_multi_exp_exp_2[1]};
  1979. size_t len_greater_int_max = (size_t)INT_MAX + 1;
  1980. EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p, b, 0, this->fq_result));
  1981. EXPECT_EQ(kEpidBadArgErr,
  1982. FfMultiExp(this->fq, p, b, std::numeric_limits<size_t>::max(),
  1983. this->fq_result));
  1984. EXPECT_EQ(kEpidBadArgErr,
  1985. FfMultiExp(this->fq, p, b, len_greater_int_max, this->fq_result));
  1986. }
  1987. TEST_F(FfElementTest, FfMultiExpWorksGivenOneExponent) {
  1988. FfElementObj r(&this->fq);
  1989. FfElementObj fq_exp[1];
  1990. FfElement const* p[1];
  1991. BigNumStr const* b[1];
  1992. int m = 0;
  1993. // prepare data for test
  1994. for (m = 0; m < 1; m++) {
  1995. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_1[m]);
  1996. // initialize data for test
  1997. p[m] = fq_exp[m];
  1998. b[m] = &this->fq_multi_exp_exp_1[m];
  1999. }
  2000. // do test
  2001. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 1, r));
  2002. // verify calculation is correct
  2003. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_1), r)
  2004. << "FfMultiExp: Finite field element does not match with reference value";
  2005. }
  2006. TEST_F(FfElementTest, FfMultiExpWorksGivenTwoExponents) {
  2007. FfElementObj r(&this->fq);
  2008. FfElementObj fq_exp[2];
  2009. FfElement const* p[2];
  2010. BigNumStr const* b[2];
  2011. int m = 0;
  2012. // prepare data for test
  2013. for (m = 0; m < 2; m++) {
  2014. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_2[m]);
  2015. // initialize data for test
  2016. p[m] = fq_exp[m];
  2017. b[m] = &this->fq_multi_exp_exp_2[m];
  2018. }
  2019. // do test
  2020. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 2, r));
  2021. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_2), r)
  2022. << "FfMultiExp: Finite field element does not match with reference value";
  2023. }
  2024. TEST_F(FfElementTest, FfMultiExpWorksGivenThreeExponents) {
  2025. FfElementObj r(&this->fq);
  2026. FfElementObj fq_exp[3];
  2027. FfElement const* p[3];
  2028. BigNumStr const* b[3];
  2029. int m = 0;
  2030. // prepare data for test
  2031. for (m = 0; m < 3; m++) {
  2032. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_3[m]);
  2033. // initialize data for test
  2034. p[m] = fq_exp[m];
  2035. b[m] = &this->fq_multi_exp_exp_3[m];
  2036. }
  2037. // do test
  2038. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 3, r));
  2039. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_3), r)
  2040. << "FfMultiExp: Finite field element does not match with reference value";
  2041. }
  2042. TEST_F(FfElementTest, FfMultiExpWorksGivenFourExponents) {
  2043. FfElementObj r(&this->fq);
  2044. FfElementObj fq_exp[4];
  2045. FfElement const* p[4];
  2046. BigNumStr const* b[4];
  2047. int m = 0;
  2048. // prepare data for test
  2049. for (m = 0; m < 4; m++) {
  2050. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_4[m]);
  2051. // initialize data for test
  2052. p[m] = fq_exp[m];
  2053. b[m] = &this->fq_multi_exp_exp_4[m];
  2054. }
  2055. // do test
  2056. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 4, r));
  2057. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_4), r)
  2058. << "FfMultiExp: Finite field element does not match with reference value";
  2059. }
  2060. TEST_F(FfElementTest, FfMultiExpWorksGivenFourFq12Exponents) {
  2061. FfElementObj r12(&this->fq12);
  2062. FfElementObj fq12_exp[4];
  2063. FfElement const* p[4];
  2064. BigNumStr const* b[4];
  2065. int m = 0;
  2066. // prepare data for test
  2067. for (m = 0; m < 4; m++) {
  2068. fq12_exp[m] = FfElementObj(&this->fq12, this->fq12_multi_exp_base_4[m]);
  2069. // initialize data for test
  2070. p[m] = fq12_exp[m];
  2071. b[m] = &this->fq12_multi_exp_exp_4[m];
  2072. }
  2073. // do test
  2074. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq12, p, b, 4, r12));
  2075. EXPECT_EQ(FfElementObj(&this->fq12, this->fq12_multi_exp_res_4), r12)
  2076. << "FfMultiExp: Finite field element does not match with reference value";
  2077. }
  2078. TEST_F(FfElementTest, FfMultiExpWorksGivenFiveExponents) {
  2079. FfElementObj r(&this->fq);
  2080. FfElementObj fq_exp[5];
  2081. FfElement const* p[5];
  2082. BigNumStr const* b[5];
  2083. int m = 0;
  2084. // prepare data for test
  2085. for (m = 0; m < 5; m++) {
  2086. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_5[m]);
  2087. // initialize data for test
  2088. p[m] = fq_exp[m];
  2089. b[m] = &this->fq_multi_exp_exp_5[m];
  2090. }
  2091. // do test
  2092. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 5, r));
  2093. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_5), r)
  2094. << "FfMultiExp: Finite field element does not match with reference value";
  2095. }
  2096. TEST_F(FfElementTest, FfMultiExpWorksGivenSixExponents) {
  2097. FfElementObj r(&this->fq);
  2098. FfElementObj fq_exp[6];
  2099. FfElement const* p[6];
  2100. BigNumStr const* b[6];
  2101. int m = 0;
  2102. // prepare data for test
  2103. for (m = 0; m < 6; m++) {
  2104. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_6[m]);
  2105. // initialize data for test
  2106. p[m] = fq_exp[m];
  2107. b[m] = &this->fq_multi_exp_exp_6[m];
  2108. }
  2109. // do test
  2110. EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 6, r));
  2111. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_6), r)
  2112. << "FfMultiExp: Finite field element does not match with reference value";
  2113. }
  2114. ///////////////////////////////////////////////////////////////////////
  2115. // FfMultiExpBn
  2116. TEST_F(FfElementTest, FfMultiExpBnFailsGivenArgumentsMismatch) {
  2117. FfElement const* p[] = {this->fq_a, this->fq_b};
  2118. FfElement const* p12[] = {this->fq12_g, this->fq12_h};
  2119. BigNum const* b[] = {bn_0, bn_0};
  2120. EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq12, p, b, 2, this->fq_result));
  2121. EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p12, b, 2, this->fq_result));
  2122. EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p, b, 2, this->fq12_result));
  2123. }
  2124. TEST_F(FfElementTest, FfMultiExpBnFailsGivenNullPointer) {
  2125. FfElement const* p[] = {this->fq_a, this->fq_b};
  2126. FfElement const* p_withnull[] = {nullptr, this->fq_b};
  2127. BigNumObj bn_exp_0(this->fq_multi_exp_exp_2[0]);
  2128. BigNumObj bn_exp_1(this->fq_multi_exp_exp_2[1]);
  2129. BigNum const* b[] = {bn_exp_0, bn_exp_1};
  2130. BigNum const* b_withnull[] = {nullptr, bn_exp_1};
  2131. size_t m = 2;
  2132. EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(nullptr, p, b, m, this->fq_result));
  2133. EXPECT_EQ(kEpidBadArgErr,
  2134. FfMultiExpBn(this->fq, nullptr, b, m, this->fq_result));
  2135. EXPECT_EQ(kEpidBadArgErr,
  2136. FfMultiExpBn(this->fq, p, nullptr, m, this->fq_result));
  2137. EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p, b, m, nullptr));
  2138. EXPECT_EQ(kEpidBadArgErr,
  2139. FfMultiExpBn(this->fq, p_withnull, b, m, this->fq_result));
  2140. EXPECT_EQ(kEpidBadArgErr,
  2141. FfMultiExpBn(this->fq, p, b_withnull, m, this->fq_result));
  2142. }
  2143. TEST_F(FfElementTest, FfMultiExpBnFailsGivenIncorrectMLen) {
  2144. FfElement const* p[] = {this->fq_a, this->fq_b};
  2145. BigNumObj bn_exp_0(this->fq_multi_exp_exp_2[0]);
  2146. BigNumObj bn_exp_1(this->fq_multi_exp_exp_2[1]);
  2147. BigNum const* b[] = {bn_exp_0, bn_exp_1};
  2148. size_t len_greater_int_max = (size_t)INT_MAX + 1;
  2149. EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p, b, 0, this->fq_result));
  2150. EXPECT_EQ(kEpidBadArgErr,
  2151. FfMultiExpBn(this->fq, p, b, std::numeric_limits<size_t>::max(),
  2152. this->fq_result));
  2153. EXPECT_EQ(kEpidBadArgErr,
  2154. FfMultiExpBn(this->fq, p, b, len_greater_int_max, this->fq_result));
  2155. }
  2156. TEST_F(FfElementTest, FfMultiExpBnWorksGivenOneExponent) {
  2157. const int items = 1;
  2158. FfElementObj r(&this->fq);
  2159. FfElementObj fq_base[1];
  2160. BigNumObj bn_exp[1];
  2161. FfElement const* p[1];
  2162. BigNum const* b[1];
  2163. int m = 0;
  2164. // prepare data for test
  2165. for (m = 0; m < items; m++) {
  2166. fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_1[m]);
  2167. bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_1[m]);
  2168. // initialize data for test
  2169. p[m] = fq_base[m];
  2170. b[m] = bn_exp[m];
  2171. }
  2172. // do test
  2173. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
  2174. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_1), r)
  2175. << "FfMultiExpBn: Finite field element does not "
  2176. "match with reference value";
  2177. }
  2178. TEST_F(FfElementTest, FfMultiExpBnWorksGivenTwoExponents) {
  2179. const int items = 2;
  2180. FfElementObj r(&this->fq);
  2181. FfElementObj fq_base[2];
  2182. BigNumObj bn_exp[2];
  2183. FfElement const* p[2];
  2184. BigNum const* b[2];
  2185. int m = 0;
  2186. // prepare data for test
  2187. for (m = 0; m < items; m++) {
  2188. fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_2[m]);
  2189. bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_2[m]);
  2190. // initialize data for test
  2191. p[m] = fq_base[m];
  2192. b[m] = bn_exp[m];
  2193. }
  2194. // do test
  2195. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
  2196. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_2), r)
  2197. << "FfMultiExpBn: Finite field element does not "
  2198. "match with reference value";
  2199. }
  2200. TEST_F(FfElementTest, FfMultiExpBnWorksGivenThreeExponents) {
  2201. const int items = 3;
  2202. FfElementObj r(&this->fq);
  2203. FfElementObj fq_base[3];
  2204. BigNumObj bn_exp[3];
  2205. FfElement const* p[3];
  2206. BigNum const* b[3];
  2207. int m = 0;
  2208. // prepare data for test
  2209. for (m = 0; m < items; m++) {
  2210. fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_3[m]);
  2211. bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_3[m]);
  2212. // initialize data for test
  2213. p[m] = fq_base[m];
  2214. b[m] = bn_exp[m];
  2215. }
  2216. // do test
  2217. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
  2218. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_3), r)
  2219. << "FfMultiExpBn: Finite field element does not "
  2220. "match with reference value";
  2221. }
  2222. TEST_F(FfElementTest, FfMultiExpBnWorksGivenFourExponents) {
  2223. const int items = 4;
  2224. FfElementObj r(&this->fq);
  2225. FfElementObj fq_base[4];
  2226. BigNumObj bn_exp[4];
  2227. FfElement const* p[4];
  2228. BigNum const* b[4];
  2229. int m = 0;
  2230. // prepare data for test
  2231. for (m = 0; m < items; m++) {
  2232. fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_4[m]);
  2233. bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_4[m]);
  2234. // initialize data for test
  2235. p[m] = fq_base[m];
  2236. b[m] = bn_exp[m];
  2237. }
  2238. // do test
  2239. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
  2240. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_4), r)
  2241. << "FfMultiExpBn: Finite field element does not "
  2242. "match with reference value";
  2243. }
  2244. TEST_F(FfElementTest, DISABLED_FfMultiExpBnWorksGivenFourFq12Exponents) {
  2245. const int items = 4;
  2246. FfElementObj fq12_r(&this->fq12);
  2247. FfElementObj fq12_base[4];
  2248. BigNumObj fq12_bn_exp[4];
  2249. FfElement const* fq12_p[4];
  2250. BigNum const* fq12_b[4];
  2251. int m = 0;
  2252. // prepare data for test
  2253. for (m = 0; m < items; m++) {
  2254. fq12_base[m] = FfElementObj(&this->fq12, this->fq12_multi_exp_base_4[m]);
  2255. fq12_bn_exp[m] = BigNumObj(this->fq12_multi_exp_exp_4[m]);
  2256. // initialize data for test
  2257. fq12_p[m] = fq12_base[m];
  2258. fq12_b[m] = fq12_bn_exp[m];
  2259. }
  2260. // do test
  2261. EXPECT_EQ(kEpidNoErr,
  2262. FfMultiExpBn(this->fq12, fq12_p, fq12_b, items, fq12_r));
  2263. EXPECT_EQ(FfElementObj(&this->fq12, this->fq_multi_exp_res_4), fq12_r)
  2264. << "FfMultiExpBn: Finite field element does not "
  2265. "match with reference value";
  2266. }
  2267. TEST_F(FfElementTest, FfMultiExpBnWorksGivenFiveExponents) {
  2268. const int items = 5;
  2269. FfElementObj r(&this->fq);
  2270. FfElementObj fq_base[5];
  2271. BigNumObj bn_exp[5];
  2272. FfElement const* p[5];
  2273. BigNum const* b[5];
  2274. int m = 0;
  2275. // prepare data for test
  2276. for (m = 0; m < items; m++) {
  2277. fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_5[m]);
  2278. bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_5[m]);
  2279. // initialize data for test
  2280. p[m] = fq_base[m];
  2281. b[m] = bn_exp[m];
  2282. }
  2283. // do test
  2284. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
  2285. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_5), r)
  2286. << "FfSscmMultiExp: Finite field element does not "
  2287. "match with reference value";
  2288. }
  2289. TEST_F(FfElementTest, FfMultiExpBnWorksGivenSixExponents) {
  2290. const int items = 6;
  2291. FfElementObj r(&this->fq);
  2292. FfElementObj fq_base[6];
  2293. BigNumObj bn_exp[6];
  2294. FfElement const* p[6];
  2295. BigNum const* b[6];
  2296. int m = 0;
  2297. // prepare data for test
  2298. for (m = 0; m < items; m++) {
  2299. fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_6[m]);
  2300. bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_6[m]);
  2301. // initialize data for test
  2302. p[m] = fq_base[m];
  2303. b[m] = bn_exp[m];
  2304. }
  2305. // do test
  2306. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
  2307. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_6), r)
  2308. << "FfSscmMultiExp: Finite field element does not "
  2309. "match with reference value";
  2310. }
  2311. TEST_F(FfElementTest, FfMultiExpBnWorksOverEpid11GT) {
  2312. const int items = 3;
  2313. FfElementObj r(&this->epid11_GT);
  2314. FfElementObj ff_base[3];
  2315. BigNumObj bn_exp[3];
  2316. FfElement const* p[3];
  2317. BigNum const* b[3];
  2318. int m = 0;
  2319. // prepare data for test
  2320. for (m = 0; m < items; m++) {
  2321. ff_base[m] =
  2322. FfElementObj(&this->epid11_GT, this->epid11_GT_multi_exp_base_3[m]);
  2323. bn_exp[m] = BigNumObj(this->epid11_GT_multi_exp_exp_3[m]);
  2324. // initialize data for test
  2325. p[m] = ff_base[m];
  2326. b[m] = bn_exp[m];
  2327. }
  2328. // do test
  2329. EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->epid11_GT, p, b, items, r));
  2330. EXPECT_EQ(FfElementObj(&this->epid11_GT, this->epid11_GT_multi_exp_res_3), r)
  2331. << "FfSscmMultiExp: Finite field element does not "
  2332. "match with reference value";
  2333. }
  2334. ///////////////////////////////////////////////////////////////////////
  2335. // FfSscmMultiExp
  2336. TEST_F(FfElementTest, SscmFfMultiExpFailsGivenArgumentsMismatch) {
  2337. FfElement const* p[] = {this->fq_a, this->fq_b};
  2338. FfElement const* p12[] = {this->fq12_g, this->fq12_h};
  2339. BigNumStr const* b[] = {&this->bn_0_str, &this->bn_0_str};
  2340. EXPECT_EQ(kEpidBadArgErr,
  2341. FfSscmMultiExp(this->fq12, p, b, 2, this->fq_result));
  2342. EXPECT_EQ(kEpidBadArgErr,
  2343. FfSscmMultiExp(this->fq, p12, b, 2, this->fq_result));
  2344. EXPECT_EQ(kEpidBadArgErr,
  2345. FfSscmMultiExp(this->fq, p, b, 2, this->fq12_result));
  2346. }
  2347. TEST_F(FfElementTest, SscmFfMultiExpFailsGivenNullPointer) {
  2348. FfElement const* p[] = {this->fq_a, this->fq_b};
  2349. FfElement const* p_withnull[] = {nullptr, this->fq_b};
  2350. BigNumStr const* b[] = {&this->fq_multi_exp_exp_2[0],
  2351. &this->fq_multi_exp_exp_2[1]};
  2352. BigNumStr const* b_withnull[] = {nullptr, &this->fq_multi_exp_exp_2[1]};
  2353. size_t m = 2;
  2354. EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(nullptr, p, b, m, this->fq_result));
  2355. EXPECT_EQ(kEpidBadArgErr,
  2356. FfSscmMultiExp(this->fq, nullptr, b, m, this->fq_result));
  2357. EXPECT_EQ(kEpidBadArgErr,
  2358. FfSscmMultiExp(this->fq, p, nullptr, m, this->fq_result));
  2359. EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(this->fq, p, b, m, nullptr));
  2360. EXPECT_EQ(kEpidBadArgErr,
  2361. FfSscmMultiExp(this->fq, p_withnull, b, m, this->fq_result));
  2362. EXPECT_EQ(kEpidBadArgErr,
  2363. FfSscmMultiExp(this->fq, p, b_withnull, m, this->fq_result));
  2364. }
  2365. TEST_F(FfElementTest, SscmFfMultiExpFailsGivenIncorrectMLen) {
  2366. FfElement const* p[] = {this->fq_a, this->fq_b};
  2367. BigNumStr const* b[] = {&this->fq_multi_exp_exp_2[0],
  2368. &this->fq_multi_exp_exp_2[1]};
  2369. size_t len_greater_int_max = (size_t)INT_MAX + 1;
  2370. EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(this->fq, p, b, 0, this->fq_result));
  2371. EXPECT_EQ(kEpidBadArgErr,
  2372. FfSscmMultiExp(this->fq, p, b, std::numeric_limits<size_t>::max(),
  2373. this->fq_result));
  2374. EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(this->fq, p, b, len_greater_int_max,
  2375. this->fq_result));
  2376. }
  2377. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenOneExponent) {
  2378. FfElementObj r(&this->fq);
  2379. FfElementObj fq_exp[1];
  2380. FfElement const* p[1];
  2381. BigNumStr const* b[1];
  2382. int m = 0;
  2383. // prepare data for test
  2384. for (m = 0; m < 1; m++) {
  2385. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_1[m]);
  2386. // initialize data for test
  2387. p[m] = fq_exp[m];
  2388. b[m] = &this->fq_multi_exp_exp_1[m];
  2389. }
  2390. // do test
  2391. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 1, r));
  2392. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_1), r)
  2393. << "FfSscmMultiExp: Finite field element does not "
  2394. "match with reference value";
  2395. }
  2396. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenTwoExponents) {
  2397. FfElementObj r(&this->fq);
  2398. FfElementObj fq_exp[2];
  2399. FfElement const* p[2];
  2400. BigNumStr const* b[2];
  2401. int m = 0;
  2402. // prepare data for test
  2403. for (m = 0; m < 2; m++) {
  2404. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_2[m]);
  2405. // initialize data for test
  2406. p[m] = fq_exp[m];
  2407. b[m] = &this->fq_multi_exp_exp_2[m];
  2408. }
  2409. // do test
  2410. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 2, r));
  2411. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_2), r)
  2412. << "FfSscmMultiExp: Finite field element does not "
  2413. "match with reference value";
  2414. }
  2415. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenThreeExponents) {
  2416. FfElementObj r(&this->fq);
  2417. FfElementObj fq_exp[3];
  2418. FfElement const* p[3];
  2419. BigNumStr const* b[3];
  2420. int m = 0;
  2421. // prepare data for test
  2422. for (m = 0; m < 3; m++) {
  2423. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_3[m]);
  2424. // initialize data for test
  2425. p[m] = fq_exp[m];
  2426. b[m] = &this->fq_multi_exp_exp_3[m];
  2427. }
  2428. // do test
  2429. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 3, r));
  2430. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_3), r)
  2431. << "FfSscmMultiExp: Finite field element does not "
  2432. "match with reference value";
  2433. }
  2434. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenFourExponents) {
  2435. FfElementObj r(&this->fq);
  2436. FfElementObj fq_exp[4];
  2437. FfElement const* p[4];
  2438. BigNumStr const* b[4];
  2439. int m = 0;
  2440. // prepare data for test
  2441. for (m = 0; m < 4; m++) {
  2442. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_4[m]);
  2443. // initialize data for test
  2444. p[m] = fq_exp[m];
  2445. b[m] = &this->fq_multi_exp_exp_4[m];
  2446. }
  2447. // do test
  2448. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 4, r));
  2449. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_4), r)
  2450. << "FfSscmMultiExp: Finite field element does not "
  2451. "match with reference value";
  2452. }
  2453. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenFourFq12Exponents) {
  2454. FfElementObj r12(&this->fq12);
  2455. FfElementObj fq12_exp[4];
  2456. FfElement const* p[4];
  2457. BigNumStr const* b[4];
  2458. int m = 0;
  2459. // prepare data for test
  2460. for (m = 0; m < 4; m++) {
  2461. fq12_exp[m] = FfElementObj(&this->fq12, this->fq12_multi_exp_base_4[m]);
  2462. // initialize data for test
  2463. p[m] = fq12_exp[m];
  2464. b[m] = &this->fq12_multi_exp_exp_4[m];
  2465. }
  2466. // do test
  2467. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq12, p, b, 4, r12));
  2468. EXPECT_EQ(FfElementObj(&this->fq12, this->fq12_multi_exp_res_4), r12)
  2469. << "FfSscmMultiExp: Finite field element does not match with reference "
  2470. "value";
  2471. }
  2472. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenFiveExponents) {
  2473. FfElementObj r(&this->fq);
  2474. FfElementObj fq_exp[5];
  2475. FfElement const* p[5];
  2476. BigNumStr const* b[5];
  2477. int m = 0;
  2478. // prepare data for test
  2479. for (m = 0; m < 5; m++) {
  2480. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_5[m]);
  2481. // initialize data for test
  2482. p[m] = fq_exp[m];
  2483. b[m] = &this->fq_multi_exp_exp_5[m];
  2484. }
  2485. // do test
  2486. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 5, r));
  2487. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_5), r)
  2488. << "FfSscmMultiExp: Finite field element does not "
  2489. "match with reference value";
  2490. }
  2491. TEST_F(FfElementTest, SscmFfMultiExpWorksGivenSixExponents) {
  2492. FfElementObj r(&this->fq);
  2493. FfElementObj fq_exp[6];
  2494. FfElement const* p[6];
  2495. BigNumStr const* b[6];
  2496. int m = 0;
  2497. // prepare data for test
  2498. for (m = 0; m < 6; m++) {
  2499. fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_6[m]);
  2500. // initialize data for test
  2501. p[m] = fq_exp[m];
  2502. b[m] = &this->fq_multi_exp_exp_6[m];
  2503. }
  2504. // do test
  2505. EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 6, r));
  2506. EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_6), r)
  2507. << "FfSscmMultiExp: Finite field element does not "
  2508. "match with reference value";
  2509. }
  2510. ////////////////////////////////////////////////
  2511. // FfGetRandom
  2512. TEST_F(FfElementTest, FfGetRandomFailsGivenArgumentsMismatch) {
  2513. Prng my_prng;
  2514. EXPECT_EQ(kEpidBadArgErr,
  2515. FfGetRandom(this->fq12, &this->bn_1_str, &Prng::Generate, &my_prng,
  2516. this->fq_result));
  2517. EXPECT_EQ(kEpidBadArgErr,
  2518. FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate, &my_prng,
  2519. this->fq12_result));
  2520. }
  2521. TEST_F(FfElementTest, FfGetRandomFailsGivenNullPtr) {
  2522. Prng my_prng;
  2523. FfElementObj r(&this->fq);
  2524. EXPECT_EQ(kEpidBadArgErr, FfGetRandom(nullptr, &this->bn_1_str,
  2525. &Prng::Generate, &my_prng, r));
  2526. EXPECT_EQ(kEpidBadArgErr,
  2527. FfGetRandom(this->fq, nullptr, &Prng::Generate, &my_prng, r));
  2528. EXPECT_EQ(kEpidBadArgErr,
  2529. FfGetRandom(this->fq, &this->bn_1_str, nullptr, &my_prng, r));
  2530. EXPECT_EQ(kEpidBadArgErr, FfGetRandom(this->fq, &this->bn_1_str,
  2531. &Prng::Generate, &my_prng, nullptr));
  2532. }
  2533. TEST_F(FfElementTest, FfGetRandomSucceedsGivenFq2) {
  2534. Prng my_prng;
  2535. FfElementObj r(&this->fq2);
  2536. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq2, &this->bn_1_str, &Prng::Generate,
  2537. &my_prng, r));
  2538. }
  2539. TEST_F(FfElementTest, FfGetRandomSucceedsGivenFq6) {
  2540. Prng my_prng;
  2541. FfElementObj r(&this->fq6);
  2542. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq6, &this->bn_1_str, &Prng::Generate,
  2543. &my_prng, r));
  2544. }
  2545. TEST_F(FfElementTest, FfGetRandomSucceedsGivenFq12) {
  2546. Prng my_prng;
  2547. FfElementObj r(&this->fq12);
  2548. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq12, &this->bn_1_str,
  2549. &Prng::Generate, &my_prng, r));
  2550. }
  2551. TEST_F(FfElementTest, FfGetRandomSuccedsGivenLowBound) {
  2552. Prng my_prng;
  2553. FfElementObj r(&this->fq);
  2554. FqElemStr buf;
  2555. unsigned int result;
  2556. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate,
  2557. &my_prng, r));
  2558. THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
  2559. THROW_ON_EPIDERR(Cmp_OctStr256(&this->bn_1_str.data, &buf.data, &result));
  2560. EXPECT_EQ(result, (unsigned int)2);
  2561. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_2_str, &Prng::Generate,
  2562. &my_prng, r));
  2563. THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
  2564. THROW_ON_EPIDERR(Cmp_OctStr256(&this->bn_2_str.data, &buf.data, &result));
  2565. EXPECT_EQ(result, (unsigned int)2);
  2566. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_0xffff_str,
  2567. &Prng::Generate, &my_prng, r));
  2568. THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
  2569. THROW_ON_EPIDERR(
  2570. Cmp_OctStr256(&this->bn_0xffff_str.data, &buf.data, &result));
  2571. EXPECT_EQ(result, (unsigned int)2);
  2572. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_0xffff_str,
  2573. &Prng::Generate, &my_prng, r));
  2574. THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
  2575. THROW_ON_EPIDERR(
  2576. Cmp_OctStr256(&this->bn_0xffff_str.data, &buf.data, &result));
  2577. EXPECT_EQ(result, (unsigned int)2);
  2578. }
  2579. TEST_F(FfElementTest, FfGetRandomGeneratesDifferentNumbers) {
  2580. Prng my_prng;
  2581. FfElementObj r1(&this->fq);
  2582. FfElementObj r2(&this->fq);
  2583. bool result;
  2584. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate,
  2585. &my_prng, r1));
  2586. EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate,
  2587. &my_prng, r2));
  2588. THROW_ON_EPIDERR(FfIsEqual(this->fq, r1, r2, &result));
  2589. EXPECT_FALSE(result);
  2590. }
  2591. TEST_F(FfElementTest, FfGetRandomFailsOnMaxIterGivenLargeLowBound) {
  2592. Prng my_prng;
  2593. FfElementObj r(&this->fq);
  2594. // FfGetRandom generates random data between [low_bound, modulus-1]
  2595. // modulus in this case is Intel(R) EPID 2.0 parameter q
  2596. // giving low_bound = modulus - {0x30, 0x13} should get kEpidRandMaxIterErr
  2597. EXPECT_EQ(kEpidRandMaxIterErr, FfGetRandom(this->fq, &this->fq_qm0x3013_str,
  2598. &Prng::Generate, &my_prng, r));
  2599. }
  2600. ////////////////////////////////////////////////
  2601. // FfSqrt
  2602. TEST_F(FfElementTest, FfSqrtFailsGivenNullPtr) {
  2603. FfElementObj r(&this->fq);
  2604. EXPECT_EQ(kEpidBadArgErr, FfSqrt(nullptr, this->fq_4, r));
  2605. EXPECT_EQ(kEpidBadArgErr, FfSqrt(this->fq, nullptr, r));
  2606. EXPECT_EQ(kEpidBadArgErr, FfSqrt(this->fq, this->fq_4, nullptr));
  2607. }
  2608. TEST_F(FfElementTest, FfSqrtWorksForOne) {
  2609. FfElementObj r(&this->fq);
  2610. FfElementObj s(&this->fq);
  2611. EXPECT_EQ(kEpidNoErr, FfSqrt(this->fq, this->fq_1, r));
  2612. EXPECT_EQ(this->fq_1, r);
  2613. }
  2614. TEST_F(FfElementTest, FfSqrtFailsForTwo) {
  2615. FfElementObj r(&this->fq);
  2616. EXPECT_EQ(kEpidMathQuadraticNonResidueError, FfSqrt(this->fq, this->fq_2, r));
  2617. }
  2618. TEST_F(FfElementTest, FfSqrtFailsForThree) {
  2619. FfElementObj r(&this->fq);
  2620. EXPECT_EQ(kEpidMathQuadraticNonResidueError, FfSqrt(this->fq, this->fq_3, r));
  2621. }
  2622. TEST_F(FfElementTest, FfSqrtWorksForFour) {
  2623. FfElementObj r(&this->fq);
  2624. EXPECT_EQ(kEpidNoErr, FfSqrt(this->fq, this->fq_4, r));
  2625. EXPECT_EQ(this->fq_qm2, r);
  2626. }
  2627. TEST_F(FfElementTest, FfSqrtFailsForFive) {
  2628. FfElementObj r(&this->fq);
  2629. EXPECT_EQ(kEpidMathQuadraticNonResidueError, FfSqrt(this->fq, this->fq_5, r));
  2630. }
  2631. TEST_F(FfElementTest, FfSqrtWorksForEpid11Prime) {
  2632. // given b_str value ensure sqrt algorithm step 7 if clause is triggered
  2633. const BigNumStr b_str = {0x06, 0xc1, 0x26, 0xe8, 0xa5, 0xa5, 0x21, 0x19,
  2634. 0x07, 0x42, 0x49, 0x77, 0x7c, 0x5c, 0x98, 0x7f,
  2635. 0xd4, 0x0c, 0x42, 0xf5, 0x25, 0x2c, 0xac, 0xb9,
  2636. 0x7e, 0x09, 0x70, 0xf0, 0x84, 0x3b, 0x81, 0x46};
  2637. FfElementObj b(&this->epid11_fq, &b_str, sizeof((b_str)));
  2638. FfElementObj r(&this->epid11_fq);
  2639. FfElementObj s(&this->epid11_fq);
  2640. FfElementObj r2(&this->epid11_fq);
  2641. EXPECT_EQ(kEpidNoErr, FfMul(this->epid11_fq, b, b, s));
  2642. EXPECT_EQ(kEpidNoErr, FfSqrt(this->epid11_fq, s, r));
  2643. EXPECT_EQ(kEpidNoErr, FfMul(this->epid11_fq, r, r, r2));
  2644. EXPECT_EQ(s, r2);
  2645. }
  2646. TEST_F(FfElementTest, FfSqrtReturnsARoot) {
  2647. Prng my_prng;
  2648. FfElementObj r(&this->fq);
  2649. FfElementObj b(&this->fq);
  2650. FfElementObj s(&this->fq);
  2651. FfElementObj r2(&this->fq);
  2652. unsigned int i;
  2653. for (i = 0; i < 1000; i++) {
  2654. ASSERT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_2_str,
  2655. &Prng::Generate, &my_prng, b));
  2656. ASSERT_EQ(kEpidNoErr, FfMul(this->fq, b, b, s));
  2657. ASSERT_EQ(kEpidNoErr, FfSqrt(this->fq, s, r));
  2658. ASSERT_EQ(kEpidNoErr, FfMul(this->fq, r, r, r2));
  2659. ASSERT_EQ(s, r2);
  2660. }
  2661. }
  2662. TEST_F(FfElementTest, FfSqrtReturnsARootInEpid11) {
  2663. Prng my_prng;
  2664. FfElementObj r(&this->epid11_fq);
  2665. FfElementObj b(&this->epid11_fq);
  2666. FfElementObj s(&this->epid11_fq);
  2667. FfElementObj r2(&this->epid11_fq);
  2668. unsigned int i;
  2669. for (i = 0; i < 1000; i++) {
  2670. ASSERT_EQ(kEpidNoErr, FfGetRandom(this->epid11_fq, &this->bn_2_str,
  2671. &Prng::Generate, &my_prng, b));
  2672. ASSERT_EQ(kEpidNoErr, FfMul(this->epid11_fq, b, b, s));
  2673. ASSERT_EQ(kEpidNoErr, FfSqrt(this->epid11_fq, s, r));
  2674. ASSERT_EQ(kEpidNoErr, FfMul(this->epid11_fq, r, r, r2));
  2675. ASSERT_EQ(s, r2);
  2676. }
  2677. }
  2678. TEST_F(FfElementTest, FfSqrtReturnsARoot224Prime) {
  2679. const BigNumStr prime_224r1 = {
  2680. 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
  2681. 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00,
  2682. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
  2683. FiniteFieldObj f_q(prime_224r1);
  2684. Prng my_prng;
  2685. FfElementObj r(&f_q);
  2686. FfElementObj b(&f_q);
  2687. FfElementObj s(&f_q);
  2688. FfElementObj r2(&f_q);
  2689. unsigned int i;
  2690. for (i = 0; i < 100; i++) {
  2691. EXPECT_EQ(kEpidNoErr,
  2692. FfGetRandom(f_q, &this->bn_2_str, &Prng::Generate, &my_prng, b));
  2693. EXPECT_EQ(kEpidNoErr, FfMul(f_q, b, b, s));
  2694. EXPECT_EQ(kEpidNoErr, FfSqrt(f_q, s, r));
  2695. EXPECT_EQ(kEpidNoErr, FfMul(f_q, r, r, r2));
  2696. EXPECT_EQ(s, r2);
  2697. }
  2698. }
  2699. } // namespace