secp256k1_testrand_int(2**N) -> secp256k1_testrand_bits(N)
This commit is contained in:
Pieter Wuille
parent
09971a3ffd
commit
5f2efe684e
@ -795,18 +795,18 @@ void test_schnorrsig_sign_verify(void) {
|
|||||||
/* Flip a few bits in the signature and in the message and check that
|
/* Flip a few bits in the signature and in the message and check that
|
||||||
* verify and verify_batch (TODO) fail */
|
* verify and verify_batch (TODO) fail */
|
||||||
size_t sig_idx = secp256k1_testrand_int(N_SIGS);
|
size_t sig_idx = secp256k1_testrand_int(N_SIGS);
|
||||||
size_t byte_idx = secp256k1_testrand_int(32);
|
size_t byte_idx = secp256k1_testrand_bits(5);
|
||||||
unsigned char xorbyte = secp256k1_testrand_int(254)+1;
|
unsigned char xorbyte = secp256k1_testrand_int(254)+1;
|
||||||
sig[sig_idx][byte_idx] ^= xorbyte;
|
sig[sig_idx][byte_idx] ^= xorbyte;
|
||||||
CHECK(!secp256k1_schnorrsig_verify(ctx, sig[sig_idx], msg[sig_idx], sizeof(msg[sig_idx]), &pk));
|
CHECK(!secp256k1_schnorrsig_verify(ctx, sig[sig_idx], msg[sig_idx], sizeof(msg[sig_idx]), &pk));
|
||||||
sig[sig_idx][byte_idx] ^= xorbyte;
|
sig[sig_idx][byte_idx] ^= xorbyte;
|
||||||
|
|
||||||
byte_idx = secp256k1_testrand_int(32);
|
byte_idx = secp256k1_testrand_bits(5);
|
||||||
sig[sig_idx][32+byte_idx] ^= xorbyte;
|
sig[sig_idx][32+byte_idx] ^= xorbyte;
|
||||||
CHECK(!secp256k1_schnorrsig_verify(ctx, sig[sig_idx], msg[sig_idx], sizeof(msg[sig_idx]), &pk));
|
CHECK(!secp256k1_schnorrsig_verify(ctx, sig[sig_idx], msg[sig_idx], sizeof(msg[sig_idx]), &pk));
|
||||||
sig[sig_idx][32+byte_idx] ^= xorbyte;
|
sig[sig_idx][32+byte_idx] ^= xorbyte;
|
||||||
|
|
||||||
byte_idx = secp256k1_testrand_int(32);
|
byte_idx = secp256k1_testrand_bits(5);
|
||||||
msg[sig_idx][byte_idx] ^= xorbyte;
|
msg[sig_idx][byte_idx] ^= xorbyte;
|
||||||
CHECK(!secp256k1_schnorrsig_verify(ctx, sig[sig_idx], msg[sig_idx], sizeof(msg[sig_idx]), &pk));
|
CHECK(!secp256k1_schnorrsig_verify(ctx, sig[sig_idx], msg[sig_idx], sizeof(msg[sig_idx]), &pk));
|
||||||
msg[sig_idx][byte_idx] ^= xorbyte;
|
msg[sig_idx][byte_idx] ^= xorbyte;
|
||||||
|
|||||||
@ -109,7 +109,7 @@ static void secp256k1_testrand256_test(unsigned char *b32) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void secp256k1_testrand_flip(unsigned char *b, size_t len) {
|
static void secp256k1_testrand_flip(unsigned char *b, size_t len) {
|
||||||
b[secp256k1_testrand_int(len)] ^= (1 << secp256k1_testrand_int(8));
|
b[secp256k1_testrand_int(len)] ^= (1 << secp256k1_testrand_bits(3));
|
||||||
}
|
}
|
||||||
|
|
||||||
static void secp256k1_testrand_init(const char* hexseed) {
|
static void secp256k1_testrand_init(const char* hexseed) {
|
||||||
|
|||||||
18
src/tests.c
18
src/tests.c
@ -790,7 +790,7 @@ void signed30_to_uint16(uint16_t* out, const secp256k1_modinv32_signed30* in) {
|
|||||||
void mutate_sign_signed30(secp256k1_modinv32_signed30* x) {
|
void mutate_sign_signed30(secp256k1_modinv32_signed30* x) {
|
||||||
int i;
|
int i;
|
||||||
for (i = 0; i < 16; ++i) {
|
for (i = 0; i < 16; ++i) {
|
||||||
int pos = secp256k1_testrand_int(8);
|
int pos = secp256k1_testrand_bits(3);
|
||||||
if (x->v[pos] > 0 && x->v[pos + 1] <= 0x3fffffff) {
|
if (x->v[pos] > 0 && x->v[pos + 1] <= 0x3fffffff) {
|
||||||
x->v[pos] -= 0x40000000;
|
x->v[pos] -= 0x40000000;
|
||||||
x->v[pos + 1] += 1;
|
x->v[pos + 1] += 1;
|
||||||
@ -862,7 +862,7 @@ void mutate_sign_signed62(secp256k1_modinv64_signed62* x) {
|
|||||||
static const int64_t M62 = (int64_t)(UINT64_MAX >> 2);
|
static const int64_t M62 = (int64_t)(UINT64_MAX >> 2);
|
||||||
int i;
|
int i;
|
||||||
for (i = 0; i < 8; ++i) {
|
for (i = 0; i < 8; ++i) {
|
||||||
int pos = secp256k1_testrand_int(4);
|
int pos = secp256k1_testrand_bits(2);
|
||||||
if (x->v[pos] > 0 && x->v[pos + 1] <= M62) {
|
if (x->v[pos] > 0 && x->v[pos + 1] <= M62) {
|
||||||
x->v[pos] -= (M62 + 1);
|
x->v[pos] -= (M62 + 1);
|
||||||
x->v[pos + 1] += 1;
|
x->v[pos + 1] += 1;
|
||||||
@ -4261,7 +4261,7 @@ void test_secp256k1_pippenger_bucket_window_inv(void) {
|
|||||||
* for a given scratch space.
|
* for a given scratch space.
|
||||||
*/
|
*/
|
||||||
void test_ecmult_multi_pippenger_max_points(void) {
|
void test_ecmult_multi_pippenger_max_points(void) {
|
||||||
size_t scratch_size = secp256k1_testrand_int(256);
|
size_t scratch_size = secp256k1_testrand_bits(8);
|
||||||
size_t max_size = secp256k1_pippenger_scratch_size(secp256k1_pippenger_bucket_window_inv(PIPPENGER_MAX_BUCKET_WINDOW-1)+512, 12);
|
size_t max_size = secp256k1_pippenger_scratch_size(secp256k1_pippenger_bucket_window_inv(PIPPENGER_MAX_BUCKET_WINDOW-1)+512, 12);
|
||||||
secp256k1_scratch *scratch;
|
secp256k1_scratch *scratch;
|
||||||
size_t n_points_supported;
|
size_t n_points_supported;
|
||||||
@ -6023,14 +6023,14 @@ static void random_ber_signature(unsigned char *sig, size_t *len, int* certainly
|
|||||||
/* We generate two classes of numbers: nlow==1 "low" ones (up to 32 bytes), nlow==0 "high" ones (32 bytes with 129 top bits set, or larger than 32 bytes) */
|
/* We generate two classes of numbers: nlow==1 "low" ones (up to 32 bytes), nlow==0 "high" ones (32 bytes with 129 top bits set, or larger than 32 bytes) */
|
||||||
nlow[n] = der ? 1 : (secp256k1_testrand_bits(3) != 0);
|
nlow[n] = der ? 1 : (secp256k1_testrand_bits(3) != 0);
|
||||||
/* The length of the number in bytes (the first byte of which will always be nonzero) */
|
/* The length of the number in bytes (the first byte of which will always be nonzero) */
|
||||||
nlen[n] = nlow[n] ? secp256k1_testrand_int(33) : 32 + secp256k1_testrand_int(200) * secp256k1_testrand_int(8) / 8;
|
nlen[n] = nlow[n] ? secp256k1_testrand_int(33) : 32 + secp256k1_testrand_int(200) * secp256k1_testrand_bits(3) / 8;
|
||||||
CHECK(nlen[n] <= 232);
|
CHECK(nlen[n] <= 232);
|
||||||
/* The top bit of the number. */
|
/* The top bit of the number. */
|
||||||
nhbit[n] = (nlow[n] == 0 && nlen[n] == 32) ? 1 : (nlen[n] == 0 ? 0 : secp256k1_testrand_bits(1));
|
nhbit[n] = (nlow[n] == 0 && nlen[n] == 32) ? 1 : (nlen[n] == 0 ? 0 : secp256k1_testrand_bits(1));
|
||||||
/* The top byte of the number (after the potential hardcoded 16 0xFF characters for "high" 32 bytes numbers) */
|
/* The top byte of the number (after the potential hardcoded 16 0xFF characters for "high" 32 bytes numbers) */
|
||||||
nhbyte[n] = nlen[n] == 0 ? 0 : (nhbit[n] ? 128 + secp256k1_testrand_bits(7) : 1 + secp256k1_testrand_int(127));
|
nhbyte[n] = nlen[n] == 0 ? 0 : (nhbit[n] ? 128 + secp256k1_testrand_bits(7) : 1 + secp256k1_testrand_int(127));
|
||||||
/* The number of zero bytes in front of the number (which is 0 or 1 in case of DER, otherwise we extend up to 300 bytes) */
|
/* The number of zero bytes in front of the number (which is 0 or 1 in case of DER, otherwise we extend up to 300 bytes) */
|
||||||
nzlen[n] = der ? ((nlen[n] == 0 || nhbit[n]) ? 1 : 0) : (nlow[n] ? secp256k1_testrand_int(3) : secp256k1_testrand_int(300 - nlen[n]) * secp256k1_testrand_int(8) / 8);
|
nzlen[n] = der ? ((nlen[n] == 0 || nhbit[n]) ? 1 : 0) : (nlow[n] ? secp256k1_testrand_int(3) : secp256k1_testrand_int(300 - nlen[n]) * secp256k1_testrand_bits(3) / 8);
|
||||||
if (nzlen[n] > ((nlen[n] == 0 || nhbit[n]) ? 1 : 0)) {
|
if (nzlen[n] > ((nlen[n] == 0 || nhbit[n]) ? 1 : 0)) {
|
||||||
*certainly_not_der = 1;
|
*certainly_not_der = 1;
|
||||||
}
|
}
|
||||||
@ -6039,7 +6039,7 @@ static void random_ber_signature(unsigned char *sig, size_t *len, int* certainly
|
|||||||
nlenlen[n] = nlen[n] + nzlen[n] < 128 ? 0 : (nlen[n] + nzlen[n] < 256 ? 1 : 2);
|
nlenlen[n] = nlen[n] + nzlen[n] < 128 ? 0 : (nlen[n] + nzlen[n] < 256 ? 1 : 2);
|
||||||
if (!der) {
|
if (!der) {
|
||||||
/* nlenlen[n] max 127 bytes */
|
/* nlenlen[n] max 127 bytes */
|
||||||
int add = secp256k1_testrand_int(127 - nlenlen[n]) * secp256k1_testrand_int(16) * secp256k1_testrand_int(16) / 256;
|
int add = secp256k1_testrand_int(127 - nlenlen[n]) * secp256k1_testrand_bits(4) * secp256k1_testrand_bits(4) / 256;
|
||||||
nlenlen[n] += add;
|
nlenlen[n] += add;
|
||||||
if (add != 0) {
|
if (add != 0) {
|
||||||
*certainly_not_der = 1;
|
*certainly_not_der = 1;
|
||||||
@ -6053,7 +6053,7 @@ static void random_ber_signature(unsigned char *sig, size_t *len, int* certainly
|
|||||||
CHECK(tlen <= 856);
|
CHECK(tlen <= 856);
|
||||||
|
|
||||||
/* The length of the garbage inside the tuple. */
|
/* The length of the garbage inside the tuple. */
|
||||||
elen = (der || indet) ? 0 : secp256k1_testrand_int(980 - tlen) * secp256k1_testrand_int(8) / 8;
|
elen = (der || indet) ? 0 : secp256k1_testrand_int(980 - tlen) * secp256k1_testrand_bits(3) / 8;
|
||||||
if (elen != 0) {
|
if (elen != 0) {
|
||||||
*certainly_not_der = 1;
|
*certainly_not_der = 1;
|
||||||
}
|
}
|
||||||
@ -6061,7 +6061,7 @@ static void random_ber_signature(unsigned char *sig, size_t *len, int* certainly
|
|||||||
CHECK(tlen <= 980);
|
CHECK(tlen <= 980);
|
||||||
|
|
||||||
/* The length of the garbage after the end of the tuple. */
|
/* The length of the garbage after the end of the tuple. */
|
||||||
glen = der ? 0 : secp256k1_testrand_int(990 - tlen) * secp256k1_testrand_int(8) / 8;
|
glen = der ? 0 : secp256k1_testrand_int(990 - tlen) * secp256k1_testrand_bits(3) / 8;
|
||||||
if (glen != 0) {
|
if (glen != 0) {
|
||||||
*certainly_not_der = 1;
|
*certainly_not_der = 1;
|
||||||
}
|
}
|
||||||
@ -6076,7 +6076,7 @@ static void random_ber_signature(unsigned char *sig, size_t *len, int* certainly
|
|||||||
} else {
|
} else {
|
||||||
int tlenlen = tlen < 128 ? 0 : (tlen < 256 ? 1 : 2);
|
int tlenlen = tlen < 128 ? 0 : (tlen < 256 ? 1 : 2);
|
||||||
if (!der) {
|
if (!der) {
|
||||||
int add = secp256k1_testrand_int(127 - tlenlen) * secp256k1_testrand_int(16) * secp256k1_testrand_int(16) / 256;
|
int add = secp256k1_testrand_int(127 - tlenlen) * secp256k1_testrand_bits(4) * secp256k1_testrand_bits(4) / 256;
|
||||||
tlenlen += add;
|
tlenlen += add;
|
||||||
if (add != 0) {
|
if (add != 0) {
|
||||||
*certainly_not_der = 1;
|
*certainly_not_der = 1;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user