1 /*############################################################################
2 # Copyright 2016-2017 Intel Corporation
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 ############################################################################*/
16
17 /*!
18 * \file
19 * \brief FfElement unit tests.
20 */
21
22 #include <algorithm>
23 #include <cstring>
24 #include <limits>
25
26 #include "epid/common-testhelper/epid_gtest-testhelper.h"
27 #include "gtest/gtest.h"
28
29 #include "epid/common-testhelper/bignum_wrapper-testhelper.h"
30 #include "epid/common-testhelper/errors-testhelper.h"
31 #include "epid/common-testhelper/ffelement_wrapper-testhelper.h"
32 #include "epid/common-testhelper/finite_field_wrapper-testhelper.h"
33 #include "epid/common-testhelper/octstr-testhelper.h"
34 #include "epid/common-testhelper/prng-testhelper.h"
35
36 extern "C" {
37 #include "epid/common/math/finitefield.h"
38 }
39
40 #include "epid/common/types.h"
41
42 #ifndef COUNT_OF
43 #define COUNT_OF(a) (sizeof(a) / sizeof((a)[0]))
44 #endif // COUNT_OF
45
46 /// compares BigNumStr values
operator ==(BigNumStr const & lhs,BigNumStr const & rhs)47 bool operator==(BigNumStr const& lhs, BigNumStr const& rhs) {
48 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
49 }
50 /// compares BigNumStr to FqElemStr values
operator ==(BigNumStr const & lhs,FqElemStr const & rhs)51 bool operator==(BigNumStr const& lhs, FqElemStr const& rhs) {
52 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
53 }
54 /// compares FqElemStr to BigNumStr values
operator ==(FqElemStr const & lhs,BigNumStr const & rhs)55 bool operator==(FqElemStr const& lhs, BigNumStr const& rhs) {
56 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
57 }
58 /// compares FqElemStr values
operator ==(FqElemStr const & lhs,FqElemStr const & rhs)59 bool operator==(FqElemStr const& lhs, FqElemStr const& rhs) {
60 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
61 }
62 /// compares Fq2ElemStr values
operator ==(Fq2ElemStr const & lhs,Fq2ElemStr const & rhs)63 bool operator==(Fq2ElemStr const& lhs, Fq2ElemStr const& rhs) {
64 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
65 }
66 /// compares Fq6ElemStr values
operator ==(Fq6ElemStr const & lhs,Fq6ElemStr const & rhs)67 bool operator==(Fq6ElemStr const& lhs, Fq6ElemStr const& rhs) {
68 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
69 }
70 /// compares Fq12ElemStr values
operator ==(Fq12ElemStr const & lhs,Fq12ElemStr const & rhs)71 bool operator==(Fq12ElemStr const& lhs, Fq12ElemStr const& rhs) {
72 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
73 }
74 /// compares FpElemStr values
operator ==(FpElemStr const & lhs,FpElemStr const & rhs)75 bool operator==(FpElemStr const& lhs, FpElemStr const& rhs) {
76 return 0 == std::memcmp(&lhs, &rhs, sizeof(lhs));
77 }
78
79 /// compares FfElementObj values
operator ==(FfElementObj const & lhs,FfElementObj const & rhs)80 bool operator==(FfElementObj const& lhs, FfElementObj const& rhs) {
81 auto lhs_data = lhs.data();
82 auto rhs_data = rhs.data();
83 return lhs_data.size() == rhs_data.size() &&
84 std::equal(lhs_data.begin(), lhs_data.end(), rhs_data.begin());
85 }
86
87 namespace {
88
89 class FfElementTest : public ::testing::Test {
90 public:
SetUp()91 virtual void SetUp() {
92 fq = FiniteFieldObj(bn_q_str);
93
94 // construct Fq^2 finite field
95 FfElementObj neg_beta(&fq);
96 THROW_ON_EPIDERR(FfNeg(fq, FfElementObj(&fq, fq_qm1_str), neg_beta));
97 fq2 = FiniteFieldObj(fq, neg_beta, 2);
98
99 // construct Fq^6 finite field
100 FfElementObj neg_xi(&fq2);
101 THROW_ON_EPIDERR(FfNeg(fq2, FfElementObj(&fq2, this->fq2_2_1_str), neg_xi));
102 fq6 = FiniteFieldObj(fq2, neg_xi, 3);
103
104 // construct Fq^12 finite field
105 FfElementObj neg_v(&fq6);
106 THROW_ON_EPIDERR(
107 FfNeg(fq6, FfElementObj(&fq6, this->fq6_0_0_1_0_0_0_str), neg_v));
108 fq12 = FiniteFieldObj(fq6, neg_v, 2);
109
110 fq_0 = FfElementObj(&fq, &bn_0_str, sizeof(bn_0_str));
111 fq_2 = FfElementObj(&fq, &fq_2_str, sizeof(fq_2_str));
112 fq_qm2 = FfElementObj(&fq, &fq_qm2_str, sizeof(fq_qm2_str));
113 fq_3 = FfElementObj(&fq, &fq_3_str, sizeof(fq_3_str));
114 fq_4 = FfElementObj(&fq, &fq_4_str, sizeof(fq_4_str));
115 fq_5 = FfElementObj(&fq, &fq_5_str, sizeof(fq_5_str));
116 fq_a = FfElementObj(&fq, &bn_a_str, sizeof(bn_a_str));
117 // construct Intel(R) EPID 1.1 Fq finite field
118 epid11_fq = FiniteFieldObj(bn_epid11_bn_q_str);
119
120 // construct Intel(R) EPID 1.1 Fqd finite field
121 epid11_fqd = FiniteFieldObj(epid11_fq, bn_epid11_fq_coeffs,
122 COUNT_OF(bn_epid11_fq_coeffs));
123
124 // Fqk ground element is {-qnr, 0, 0}
125 FfElementObj epid11_neg_qnr(&epid11_fq);
126 THROW_ON_EPIDERR(FfNeg(
127 epid11_fq, FfElementObj(&epid11_fq, fq_epid11_fq_qnr), epid11_neg_qnr));
128 Fq3ElemStr epid11_ground_element_str = {0};
129 THROW_ON_EPIDERR(WriteFfElement(epid11_fq, epid11_neg_qnr,
130 &epid11_ground_element_str.a[0],
131 sizeof(epid11_ground_element_str.a[0])));
132 // construct Intel(R) EPID 1.1 Fqk finite field
133 epid11_GT = FiniteFieldObj(
134 epid11_fqd, FfElementObj(&epid11_fqd, epid11_ground_element_str), 2);
135
136 fq_0 = FfElementObj(&fq, &bn_0_str, sizeof((bn_0_str)));
137 fq_1 = FfElementObj(&fq, &bn_1_str, sizeof(bn_1_str));
138 fq_a = FfElementObj(&fq, &bn_a_str, sizeof(bn_a_str));
139 fq_b = FfElementObj(&fq, &bn_b_str, sizeof(bn_b_str));
140 fq_result = FfElementObj(&fq);
141 fq_sum_ab = FfElementObj(&fq, &fq_sum_ab_str, sizeof(fq_sum_ab_str));
142
143 fp = FiniteFieldObj(bn_p_str);
144
145 bn_0 = BigNumObj(bn_0_str);
146 bn_1 = BigNumObj(bn_1_str);
147 bn_a = BigNumObj(bn_a_str);
148
149 fq2_a = FfElementObj(&fq2, &fq2_a_str, sizeof(fq2_a_str));
150 fq2_result = FfElementObj(&fq2);
151
152 fq12_g = FfElementObj(&fq12, &fq12_g_str, sizeof(fq12_g_str));
153 fq12_h = FfElementObj(&fq12, &fq12_h_str, sizeof(fq12_h_str));
154 fq12_i = FfElementObj(&fq12, &fq12_i_str, sizeof(fq12_i_str));
155 fq12_j = FfElementObj(&fq12, &fq12_j_str, sizeof(fq12_j_str));
156 fq12_k = FfElementObj(&fq12, &fq12_k_str, sizeof(fq12_k_str));
157 fq12_result = FfElementObj(&fq12);
158 }
159
160 FiniteFieldObj fq;
161 FiniteFieldObj fq2;
162 FiniteFieldObj fq6;
163 FiniteFieldObj fq12;
164 FiniteFieldObj epid11_fq;
165 FiniteFieldObj epid11_fqd;
166 FiniteFieldObj epid11_GT;
167
168 FfElementObj fq_0;
169 FfElementObj fq_1;
170 FfElementObj fq_2;
171 FfElementObj fq_qm2; // Intel(R) EPID 2.0 parameter q - 2
172 FfElementObj fq_3;
173 FfElementObj fq_4;
174 FfElementObj fq_5;
175 FfElementObj fq_a;
176 FfElementObj fq_b;
177 FfElementObj fq_result;
178 FfElementObj fq_sum_ab;
179
180 FfElementObj fq2_a;
181 FfElementObj fq2_result;
182
183 FfElementObj fq12_g;
184 FfElementObj fq12_h;
185 FfElementObj fq12_i;
186 FfElementObj fq12_j;
187 FfElementObj fq12_k;
188 FfElementObj fq12_result;
189
190 FiniteFieldObj fp;
191
192 BigNumObj bn_0;
193 BigNumObj bn_1;
194 BigNumObj bn_a;
195
196 // Intel(R) EPID 2.0 parameter p
197 static const BigNumStr bn_p_str;
198 static const FpElemStr fp_p_str;
199
200 // Intel(R) EPID 2.0 parameter p - 1
201 static const BigNumStr fp_pm1_str;
202
203 // Intel(R) EPID 2.0 parameter q
204 static const BigNumStr bn_q_str;
205
206 // Intel(R) EPID 2.0 parameter q - 1
207 static const FqElemStr fq_qm1_str;
208 static const BigNumStr bn_qm1_str;
209
210 // Intel(R) EPID 2.0 parameter q - 2
211 static const FqElemStr fq_qm2_str;
212
213 // Intel(R) EPID 2.0 parameter q + 1
214 static const BigNumStr bn_qp1_str;
215
216 // Intel(R) EPID 2.0 parameter q - 0x3013
217 static const BigNumStr fq_qm0x3013_str;
218
219 // Intel(R) EPID 1.1 parameter q
220 static const BigNumStr bn_epid11_bn_q_str;
221
222 // Intel(R) EPID 1.1 parameter qnr
223 static const FqElemStr fq_epid11_fq_qnr;
224
225 // Intel(R) EPID 1.1 parameter coeff
226 static const BigNumStr bn_epid11_fq_coeffs[3];
227
228 // zero
229 static const BigNumStr bn_0_str;
230 static const FqElemStr fq_0_str;
231
232 // one
233 static const BigNumStr bn_1_str;
234 static const FqElemStr fq_1_str;
235
236 // two
237 static const BigNumStr bn_2_str;
238 static const FqElemStr fq_2_str;
239
240 // three
241 static const FqElemStr fq_3_str;
242
243 // four
244 static const FqElemStr fq_4_str;
245
246 // five
247 static const FqElemStr fq_5_str;
248
249 // 0x0000FFFF
250 static const BigNumStr bn_0xffff_str;
251
252 // Fq2 element containing {2, 1}
253 static const Fq2ElemStr fq2_2_1_str;
254
255 // Fq6 element containing {0, 0, 1, 0, 0, 0}
256 static const Fq6ElemStr fq6_0_0_1_0_0_0_str;
257
258 // arbitrary constant a (256 bit value)
259 static const BigNumStr bn_a_str;
260 static const FqElemStr fq_a_str;
261 static const Fq2ElemStr fq2_a_str;
262
263 // arbitrary constant b (256 bit value)
264 static const BigNumStr bn_b_str;
265 static const FqElemStr fq_b_str;
266
267 // a + b
268 static const FqElemStr fq_sum_ab_str;
269 static const Fq2ElemStr fq2_sum_ab_str;
270 static const Fq6ElemStr fq6_sum_ab_str;
271 static const Fq12ElemStr fq12_sum_ab_str;
272
273 // a * b
274 static const FqElemStr fq_mul_ab_str;
275 static const Fq2ElemStr fq2_mul_ab_str;
276
277 // 1/a
278 static const FqElemStr fq_inv_a_str;
279
280 // -a
281 static const FqElemStr fq_neg_a_str;
282
283 // pow(a, b), that is a raised to the power b
284 static const FqElemStr fq_exp_ab_str;
285
286 static const uint8_t sha_msg[3]; // predefined message for tests "abc"
287 static const FqElemStr fq_abc_sha256_str;
288 static const FqElemStr fq_abc_sha384_str;
289 static const FqElemStr fq_abc_sha512_str;
290 static const FqElemStr fq_abc_sha512256_str;
291
292 // arbitrary Fq12 constant a (unrelated to a above)
293 static const Fq12ElemStr fq12_g_str;
294 // arbitrary Fq12 constant b (unrelated to a above)
295 static const Fq12ElemStr fq12_h_str;
296 // arbitrary Fq12 constant c
297 static const Fq12ElemStr fq12_i_str;
298 // arbitrary Fq12 constant d
299 static const Fq12ElemStr fq12_j_str;
300 // arbitrary Fq12 constant e
301 static const Fq12ElemStr fq12_k_str;
302 // c * d
303 static const Fq12ElemStr fq12_mul_ij_str;
304 // e * b
305 static const Fq12ElemStr fq12_mul_gb_str;
306
307 // Fq Multi Exp Data
308 static const FqElemStr fq_multi_exp_base_1[1];
309 static const BigNumStr fq_multi_exp_exp_1[1];
310 static const FqElemStr fq_multi_exp_res_1;
311 static const std::vector<uint8_t> fq_multi_exp_exp_1_264;
312 static const FqElemStr fq_multi_exp_res_1_264;
313 static const FqElemStr fq_multi_exp_res_1_256_264;
314 static const FqElemStr fq_multi_exp_base_2[2];
315 static const BigNumStr fq_multi_exp_exp_2[2];
316 static const FqElemStr fq_multi_exp_res_2;
317 static const FqElemStr fq_multi_exp_base_3[3];
318 static const BigNumStr fq_multi_exp_exp_3[3];
319 static const FqElemStr fq_multi_exp_res_3;
320 static const FqElemStr fq_multi_exp_base_4[4];
321 static const BigNumStr fq_multi_exp_exp_4[4];
322 static const FqElemStr fq_multi_exp_res_4;
323 static const FqElemStr fq_multi_exp_base_5[5];
324 static const BigNumStr fq_multi_exp_exp_5[5];
325 static const FqElemStr fq_multi_exp_res_5;
326 static const FqElemStr fq_multi_exp_base_6[6];
327 static const BigNumStr fq_multi_exp_exp_6[6];
328 static const FqElemStr fq_multi_exp_res_6;
329
330 // Intel(R) EPID 1.1 GT Multi Exp Data
331 static const Fq6ElemStr epid11_GT_multi_exp_base_3[3];
332 static const std::vector<uint8_t> epid11_GT_multi_exp_exp_3[3];
333 static const Fq6ElemStr epid11_GT_multi_exp_res_3;
334
335 // Fq12 Multi Exp Data
336 static const Fq12ElemStr fq12_multi_exp_base_4[4];
337 static const BigNumStr fq12_multi_exp_exp_4[4];
338 static const Fq12ElemStr fq12_multi_exp_res_4;
339 };
340
341 const Fq2ElemStr FfElementTest::fq2_2_1_str = {
342 {{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
343 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
344 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02}}},
345 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
346 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
347 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01}}}}};
348 const Fq6ElemStr FfElementTest::fq6_0_0_1_0_0_0_str = {
349 {{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
350 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
351 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
352 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
353 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
354 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
355 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
356 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
357 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
358 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
359 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
360 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
361 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
362 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
363 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
364 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
365 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
366 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}};
367
368 // Intel(R) EPID 2.0 parameter p
369 const BigNumStr FfElementTest::bn_p_str = {
370 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
371 0x5E, 0xEE, 0x71, 0xA4, 0x9E, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99,
372 0x92, 0x1A, 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x0D};
373
374 // Intel(R) EPID 2.0 parameter p - 0x0D
375 const FpElemStr FfElementTest::fp_p_str = {
376 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
377 0x5E, 0xEE, 0x71, 0xA4, 0x9E, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99,
378 0x92, 0x1A, 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x00};
379
380 // Intel(R) EPID 2.0 parameter p - 1
381 const BigNumStr FfElementTest::fp_pm1_str = {
382 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
383 0x5E, 0xEE, 0x71, 0xA4, 0x9E, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x99,
384 0x92, 0x1A, 0xF6, 0x2D, 0x53, 0x6C, 0xD1, 0x0B, 0x50, 0x0C,
385 };
386
387 // Intel(R) EPID 2.0 parameter q
388 const BigNumStr FfElementTest::bn_q_str = {
389 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
390 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
391 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x13};
392
393 // Intel(R) EPID 2.0 parameter q - 1
394 const FqElemStr FfElementTest::fq_qm1_str = {
395 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
396 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
397 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x12};
398
399 const BigNumStr FfElementTest::bn_qm1_str = {
400 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
401 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
402 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x12};
403
404 // Intel(R) EPID 2.0 parameter q - 2
405 const FqElemStr FfElementTest::fq_qm2_str = {
406 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
407 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
408 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x11};
409
410 // Intel(R) EPID 2.0 parameter q + 1
411 const BigNumStr FfElementTest::bn_qp1_str = {
412 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
413 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
414 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x14};
415
416 // Intel(R) EPID 2.0 parameter q - 0x3013
417 const BigNumStr FfElementTest::fq_qm0x3013_str = {
418 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5, 0xF2,
419 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12, 0x98,
420 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x00, 0x00};
421
422 // Intel(R) EPID 1.1 parameter q
423 const BigNumStr FfElementTest::bn_epid11_bn_q_str = {
424 0x09, 0xF9, 0x24, 0xE5, 0xD9, 0xBC, 0x67, 0x7F, 0x81, 0x0D, 0xF0,
425 0x25, 0x58, 0xF7, 0x53, 0x13, 0xA9, 0x8A, 0xA6, 0x10, 0x47, 0x65,
426 0x5D, 0x73, 0x9E, 0xF1, 0x94, 0xEB, 0x05, 0xB1, 0xA7, 0x11};
427
428 // Intel(R) EPID 1.1 parameter qnr
429 const FqElemStr FfElementTest::fq_epid11_fq_qnr = {
430 {0x08, 0x66, 0xA7, 0x67, 0x36, 0x6E, 0x62, 0x71, 0xB7, 0xA6, 0x52,
431 0x94, 0x8F, 0xFB, 0x25, 0x9E, 0xE6, 0x4F, 0x25, 0xE5, 0x26, 0x9A,
432 0x2B, 0x6E, 0x7E, 0xF8, 0xA6, 0x39, 0xAE, 0x46, 0xAA, 0x24}};
433
434 // Intel(R) EPID 1.1 parameter coeff
435 const BigNumStr FfElementTest::bn_epid11_fq_coeffs[3] = {
436 {{{0x02, 0x16, 0x7A, 0x61, 0x53, 0xDD, 0xF6, 0xE2, 0x89, 0x15, 0xA0,
437 0x94, 0xF1, 0xB5, 0xDC, 0x65, 0x21, 0x15, 0x62, 0xE1, 0x7D, 0xC5,
438 0x43, 0x89, 0xEE, 0xB4, 0xEF, 0xC8, 0xA0, 0x8E, 0x34, 0x0F}}},
439
440 {{{0x04, 0x82, 0x27, 0xE1, 0xEB, 0x98, 0x64, 0xC2, 0x8D, 0x8F, 0xDD,
441 0x0E, 0x82, 0x40, 0xAE, 0xD4, 0x31, 0x63, 0xD6, 0x46, 0x32, 0x16,
442 0x85, 0x7A, 0xB7, 0x18, 0x68, 0xB8, 0x17, 0x02, 0x81, 0xA6}}},
443
444 {{{0x06, 0x20, 0x76, 0xE8, 0x54, 0x54, 0x53, 0xB4, 0xA9, 0xD8, 0x44,
445 0x4B, 0xAA, 0xFB, 0x1C, 0xFD, 0xAE, 0x15, 0xCA, 0x29, 0x79, 0xA6,
446 0x24, 0xA4, 0x0A, 0xF6, 0x1E, 0xAC, 0xED, 0xFB, 0x10, 0x41}}}};
447
448 // zero
449 const BigNumStr FfElementTest::bn_0_str = {
450 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
451 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
452 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
453
454 const FqElemStr FfElementTest::fq_0_str = {
455 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
456 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
457 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
458
459 // one
460 const BigNumStr FfElementTest::bn_1_str = {
461 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
462 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
463 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
464
465 const FqElemStr FfElementTest::fq_1_str = {
466 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
467 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
468 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
469
470 // two
471 const BigNumStr FfElementTest::bn_2_str = {
472 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
473 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
474 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
475
476 const FqElemStr FfElementTest::fq_2_str = {
477 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
478 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
479 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
480
481 // three
482 const FqElemStr FfElementTest::fq_3_str = {
483 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
484 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
485 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03};
486
487 // four
488 const FqElemStr FfElementTest::fq_4_str = {
489 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
490 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
491 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04};
492
493 // five
494 const FqElemStr FfElementTest::fq_5_str = {
495 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
496 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
497 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05};
498
499 const BigNumStr FfElementTest::bn_0xffff_str = {
500 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
501 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
502 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff};
503
504 // arbitrary constant a (256 bit value)
505 const BigNumStr FfElementTest::bn_a_str = {
506 0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D,
507 0x52, 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A,
508 0x37, 0xE0, 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A};
509
510 const FqElemStr FfElementTest::fq_a_str = {
511 0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D,
512 0x52, 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A,
513 0x37, 0xE0, 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A};
514
515 const Fq2ElemStr FfElementTest::fq2_a_str = {
516 {{{{0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D,
517 0x52, 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A,
518 0x37, 0xE0, 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A}}},
519 {{{0xDD, 0x2B, 0xE9, 0x59, 0x24, 0xA5, 0xB3, 0xFD, 0xEB, 0xE1, 0x3C,
520 0xC0, 0x73, 0x4E, 0x99, 0xEE, 0x36, 0xF6, 0xC0, 0x1A, 0x76, 0x01,
521 0x0A, 0xF0, 0xCB, 0xB4, 0x71, 0x88, 0x95, 0xCB, 0x35, 0xBA}}}}};
522
523 // arbitrary constant b (256 bit value)
524 const BigNumStr FfElementTest::bn_b_str = {
525 0xE6, 0x65, 0x23, 0x9B, 0xD4, 0x07, 0x16, 0x83, 0x38, 0x23, 0xB2,
526 0x67, 0x57, 0xEB, 0x0F, 0x23, 0x3A, 0xF4, 0x8E, 0xDA, 0x71, 0x5E,
527 0xD9, 0x98, 0x63, 0x98, 0x2B, 0xBC, 0x78, 0xD1, 0x94, 0xF2};
528
529 const FqElemStr FfElementTest::fq_b_str = {
530 0xE6, 0x65, 0x23, 0x9B, 0xD4, 0x07, 0x16, 0x83, 0x38, 0x23, 0xB2,
531 0x67, 0x57, 0xEB, 0x0F, 0x23, 0x3A, 0xF4, 0x8E, 0xDA, 0x71, 0x5E,
532 0xD9, 0x98, 0x63, 0x98, 0x2B, 0xBC, 0x78, 0xD1, 0x94, 0xF2};
533
534 // a + b
535 const FqElemStr FfElementTest::fq_sum_ab_str = {
536 0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F,
537 0xBA, 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79,
538 0x11, 0x78, 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C};
539
540 const Fq2ElemStr FfElementTest::fq2_sum_ab_str = {
541 {{{{0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F,
542 0xBA, 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79,
543 0x11, 0x78, 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C}}},
544 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
545 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
546 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}};
547
548 const Fq6ElemStr FfElementTest::fq6_sum_ab_str = {
549 {{{{0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F,
550 0xBA, 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79,
551 0x11, 0x78, 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C},
552 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
553 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
554 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
555 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
556 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
557 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
558 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
559 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
560 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
561 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
562 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
563 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
564 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
565 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
566 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}};
567
568 const Fq12ElemStr FfElementTest::fq12_sum_ab_str = {
569 {{{{{{0xF9, 0x0B, 0x7F, 0x72, 0x65, 0x94, 0x67, 0x2A, 0x9F, 0x0F, 0x2F,
570 0xBA, 0x3B, 0x2B, 0x26, 0x83, 0xBA, 0xD3, 0xFB, 0x7B, 0x9D, 0x79,
571 0x11, 0x78, 0xF6, 0x59, 0x23, 0x75, 0xEF, 0x7D, 0x46, 0x7C},
572 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
573 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
574 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
575 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
576 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
577 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
578 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
579 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
580 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
581 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
582 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
583 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
584 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
585 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
586 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}},
587
588 {{{{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
589 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
590 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
591 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
592 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
593 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
594 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
595 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
596 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
597 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
598 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
599 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}},
600 {{{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
601 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
602 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
603 {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
604 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
605 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}}}}}};
606
607 // a * b
608 const FqElemStr FfElementTest::fq_mul_ab_str = {
609 0xE4, 0xAB, 0xE3, 0xE4, 0x08, 0xC3, 0x8A, 0x00, 0x78, 0x50, 0x01,
610 0xA9, 0x4A, 0xFC, 0x43, 0x15, 0xA2, 0x99, 0x51, 0x20, 0x6B, 0x9C,
611 0x00, 0xCF, 0x82, 0x88, 0xBD, 0x39, 0x0B, 0xA2, 0x0B, 0x58};
612
613 const Fq2ElemStr FfElementTest::fq2_mul_ab_str = {
614 {{{{0xE4, 0xAB, 0xE3, 0xE4, 0x08, 0xC3, 0x8A, 0x00, 0x78, 0x50, 0x01,
615 0xA9, 0x4A, 0xFC, 0x43, 0x15, 0xA2, 0x99, 0x51, 0x20, 0x6B, 0x9C,
616 0x00, 0xCF, 0x82, 0x88, 0xBD, 0x39, 0x0B, 0xA2, 0x0B, 0x58}}},
617 {{{0xB4, 0xE4, 0x39, 0xEA, 0x70, 0xDE, 0x15, 0xC3, 0xC6, 0x91, 0xFD,
618 0x7F, 0xBE, 0x2B, 0xF5, 0xD2, 0xC0, 0xB7, 0x20, 0xFC, 0x1F, 0x02,
619 0x33, 0xC9, 0x39, 0x93, 0xB9, 0x5E, 0x55, 0x51, 0xB6, 0x46}}}}};
620
621 // 1/a
622 const FqElemStr FfElementTest::fq_inv_a_str = {
623 0x15, 0x17, 0x1A, 0x1E, 0x93, 0x71, 0x1B, 0x39, 0xC5, 0x97, 0xEF,
624 0x78, 0xA5, 0x51, 0x34, 0x62, 0x44, 0xAD, 0x8D, 0x51, 0xDF, 0x90,
625 0x7C, 0x6F, 0x56, 0xB6, 0xAB, 0x63, 0x5A, 0x68, 0x6D, 0xF6};
626
627 // -a
628 const FqElemStr FfElementTest::fq_neg_a_str = {
629 0xED, 0x59, 0xA4, 0x29, 0x6E, 0x6F, 0xA0, 0x25, 0xDF, 0xFA, 0x75,
630 0x0C, 0x0B, 0x31, 0x8D, 0x3E, 0x8C, 0xFC, 0xF9, 0x59, 0xE6, 0x7D,
631 0xD2, 0xA2, 0x40, 0x68, 0x36, 0x22, 0x38, 0x27, 0x7E, 0x89};
632
633 // pow(a, b)
634 const FqElemStr FfElementTest::fq_exp_ab_str = {
635 0x29, 0x65, 0x68, 0x0E, 0x56, 0xB9, 0x8F, 0xBA, 0xA6, 0xEA, 0x8F,
636 0xE1, 0x13, 0x44, 0x3B, 0x12, 0x5C, 0xB9, 0xF8, 0x76, 0x42, 0x12,
637 0xCB, 0xB2, 0xED, 0xC0, 0x23, 0xA3, 0x5C, 0xAD, 0x38, 0xD1};
638
639 const uint8_t FfElementTest::sha_msg[] = {'a', 'b', 'c'};
640
641 const FqElemStr FfElementTest::fq_abc_sha256_str = {
642 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, 0x41, 0x41, 0x40,
643 0xDE, 0x5D, 0xAE, 0x22, 0x23, 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17,
644 0x7A, 0x9C, 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD,
645 };
646 const FqElemStr FfElementTest::fq_abc_sha384_str = {
647 0x10, 0xAC, 0xE4, 0xE8, 0x8F, 0xBB, 0x96, 0xBF, 0x53, 0xB6, 0xAF,
648 0xE4, 0x4E, 0x95, 0xDE, 0xA5, 0x98, 0x8F, 0x10, 0xBF, 0x59, 0xC4,
649 0x11, 0xFE, 0x1F, 0x7A, 0xA6, 0x1E, 0x57, 0x3E, 0xE3, 0x3C,
650 };
651 const FqElemStr FfElementTest::fq_abc_sha512_str = {
652 0x14, 0xB4, 0x28, 0x89, 0xD2, 0x86, 0xA4, 0x79, 0xE3, 0x5B, 0xC4,
653 0x50, 0xD1, 0x3B, 0xF2, 0x35, 0xF7, 0x97, 0x91, 0x05, 0x3D, 0x64,
654 0xC0, 0x06, 0x45, 0x9F, 0xEC, 0xD8, 0xDB, 0x53, 0x3E, 0xC3,
655 };
656
657 const FqElemStr FfElementTest::fq_abc_sha512256_str = {
658 0x53, 0x04, 0x8E, 0x26, 0x81, 0x94, 0x1E, 0xF9, 0x9B, 0x2E, 0x29,
659 0xB7, 0x6B, 0x4C, 0x7D, 0xAB, 0xE4, 0xC2, 0xD0, 0xC6, 0x34, 0xFC,
660 0x6D, 0x46, 0xE0, 0xE2, 0xF1, 0x31, 0x07, 0xE7, 0xAF, 0x23,
661 };
662
663 const Fq12ElemStr FfElementTest::fq12_g_str = {
664 {{{{{{0xBA, 0x10, 0x1F, 0xF6, 0x46, 0x8B, 0xE9, 0x32, 0x4F, 0xC0, 0xA5,
665 0x01, 0xAD, 0x5E, 0xE2, 0x31, 0x16, 0x29, 0x96, 0xED, 0xA7, 0xDE,
666 0x4C, 0xE1, 0xD2, 0x8D, 0x33, 0xCA, 0x50, 0xAB, 0x7B, 0xC6},
667 {0x15, 0xEB, 0x79, 0xF4, 0xEB, 0xDE, 0x30, 0xB6, 0xC4, 0x07, 0x7C,
668 0x42, 0xCB, 0x04, 0x54, 0xF2, 0x1F, 0x4D, 0x1F, 0xC0, 0xDF, 0xA2,
669 0x2B, 0x9E, 0x34, 0xC4, 0x4C, 0x84, 0x14, 0xD3, 0x62, 0x07}}},
670 {{{0xF1, 0x8B, 0x84, 0xD1, 0x46, 0x57, 0xB6, 0xE7, 0x80, 0xE1, 0x46,
671 0x49, 0x1C, 0x0D, 0xEF, 0x81, 0x31, 0xB0, 0xBE, 0x8C, 0xB9, 0x08,
672 0xD0, 0xD3, 0xC4, 0x56, 0xCA, 0xAD, 0xF9, 0x1D, 0x75, 0x19},
673 {0x3F, 0xEE, 0x7C, 0x43, 0xC1, 0xFA, 0x4E, 0x50, 0xB7, 0x19, 0x01,
674 0x00, 0x6F, 0xD5, 0x16, 0xB6, 0xF4, 0x85, 0xE0, 0xEB, 0x2E, 0x5F,
675 0x0A, 0x7E, 0xF8, 0xAC, 0xBC, 0x05, 0xEC, 0x73, 0xB5, 0x57}}},
676 {{{0xE3, 0xB3, 0x18, 0x29, 0xBB, 0xEF, 0x86, 0x50, 0x87, 0xCF, 0x70,
677 0xBA, 0x13, 0x8B, 0xB1, 0xB6, 0x2D, 0x6F, 0x65, 0x3D, 0xA1, 0x0B,
678 0xE3, 0x92, 0xC5, 0x72, 0x86, 0x6A, 0xB3, 0xEB, 0xE0, 0xE5},
679 {0xDA, 0x0E, 0x57, 0x87, 0xD5, 0xA9, 0x61, 0xA5, 0x1E, 0xCB, 0x04,
680 0x86, 0xCD, 0xC3, 0x18, 0x2A, 0x36, 0xA0, 0x81, 0x73, 0xE7, 0x13,
681 0x87, 0x80, 0x8D, 0x1A, 0xFE, 0x6E, 0x4B, 0xA3, 0x13, 0x03}}}}},
682 {{{{{0x66, 0x9E, 0x80, 0x4D, 0x8A, 0xAA, 0x00, 0x95, 0x72, 0xCE, 0xBB,
683 0x51, 0xE8, 0x01, 0x09, 0x41, 0xD3, 0x63, 0x28, 0x05, 0xA4, 0xBE,
684 0xD6, 0x41, 0xA6, 0x2F, 0x5F, 0xBF, 0x0B, 0x13, 0xB4, 0x54},
685 {0x5B, 0x50, 0x65, 0xDC, 0x6F, 0x29, 0xD6, 0xDA, 0xBF, 0xC2, 0x06,
686 0xEA, 0x3B, 0xB2, 0xF1, 0xD4, 0x26, 0x5C, 0x92, 0x6B, 0x95, 0x6D,
687 0x88, 0xAB, 0x8F, 0xC6, 0x9D, 0x31, 0xE4, 0x9B, 0x71, 0x49}}},
688 {{{0xE0, 0xCE, 0x97, 0x8F, 0xC9, 0x9F, 0xBC, 0xA8, 0x4A, 0xC6, 0xAA,
689 0x4A, 0xC8, 0x0D, 0x2A, 0x60, 0x1A, 0x43, 0x40, 0x03, 0xB3, 0x53,
690 0x30, 0x98, 0x1F, 0x3F, 0xDF, 0x5C, 0x0F, 0xF0, 0x84, 0x8E},
691 {0x5A, 0x5D, 0x41, 0xD2, 0x47, 0x78, 0x6D, 0x9F, 0x89, 0xCE, 0xF5,
692 0x8E, 0xB6, 0x54, 0xA2, 0x26, 0xE5, 0x40, 0x39, 0x5C, 0x59, 0x08,
693 0xB3, 0xDA, 0xF5, 0xF8, 0xA0, 0x18, 0x33, 0x57, 0xD1, 0x72}}},
694 {{{0xBB, 0xBA, 0x6C, 0xED, 0xE8, 0xA0, 0x5E, 0xC8, 0x81, 0xC5, 0xAC,
695 0x15, 0x1B, 0xD0, 0xE6, 0xC8, 0x92, 0xF9, 0x43, 0x03, 0x5A, 0x00,
696 0x42, 0xE3, 0x49, 0xA5, 0xF7, 0x19, 0x78, 0x8A, 0x39, 0x89},
697 {0x32, 0xAE, 0xBF, 0x4D, 0x4B, 0xB3, 0x33, 0x76, 0x16, 0xFD, 0x0B,
698 0xFE, 0x42, 0x1E, 0x17, 0x37, 0x2A, 0x04, 0xEA, 0x26, 0xBA, 0x6E,
699 0x2C, 0x36, 0xAF, 0x35, 0x1B, 0x75, 0x6D, 0x17, 0xDC, 0x8E}}}}}}};
700
701 const Fq12ElemStr FfElementTest::fq12_h_str = {
702 {{{{{{0x41, 0xFB, 0xBE, 0xD2, 0x20, 0x95, 0xE5, 0xBA, 0x87, 0x54, 0x23,
703 0xCC, 0x04, 0x97, 0x38, 0x4B, 0x69, 0x28, 0x18, 0x6D, 0xAE, 0x19,
704 0xE3, 0x3D, 0xFE, 0x39, 0xE2, 0x1C, 0xC2, 0x53, 0x17, 0xF6},
705 {0xEA, 0xA3, 0x0F, 0x62, 0x6E, 0xBF, 0x6F, 0x8F, 0xBC, 0xFA, 0x6E,
706 0x07, 0xD3, 0xD3, 0xAE, 0x5C, 0xAA, 0xB5, 0x9C, 0xD7, 0xB8, 0x5B,
707 0x1B, 0x69, 0x52, 0x93, 0xBF, 0xDB, 0x87, 0x5C, 0x19, 0x07}}},
708 {{{0x1B, 0x03, 0xE1, 0x79, 0x3C, 0x10, 0x0B, 0x65, 0xBF, 0xD7, 0xF3,
709 0x45, 0x1A, 0xD4, 0xDD, 0xB8, 0x67, 0x1A, 0x8F, 0x41, 0x1A, 0xD4,
710 0x04, 0x3C, 0xD2, 0xA4, 0x3B, 0x47, 0xFE, 0xBD, 0xEA, 0x87},
711 {0xDF, 0x7F, 0x94, 0x9C, 0xB8, 0x65, 0x54, 0x8D, 0xD7, 0x0B, 0x33,
712 0x26, 0x25, 0x89, 0xD4, 0x60, 0x0C, 0x89, 0x5F, 0x2C, 0x00, 0x7F,
713 0xAF, 0x89, 0x35, 0xE5, 0xB9, 0x23, 0x7F, 0x79, 0x1A, 0x86}}},
714 {{{0xCE, 0x01, 0x4F, 0x24, 0x3C, 0x3A, 0xC3, 0x61, 0x5B, 0xD9, 0x2D,
715 0x87, 0x94, 0xA3, 0xD2, 0x8B, 0x57, 0xC4, 0x07, 0xF8, 0x29, 0x5E,
716 0x09, 0x23, 0xCA, 0xE9, 0x85, 0xA1, 0xDB, 0xF2, 0x0C, 0x8F},
717 {0xC2, 0xFB, 0x9A, 0xCC, 0xD9, 0x82, 0x63, 0x28, 0x83, 0xB7, 0x4F,
718 0x99, 0x3A, 0x19, 0x11, 0xB0, 0xB4, 0xE7, 0x73, 0x94, 0x35, 0x19,
719 0x6B, 0xC2, 0x5D, 0x2E, 0x8C, 0x33, 0xFF, 0x13, 0xCD, 0xBE}}}}},
720 {{{{{0x29, 0x43, 0xF6, 0xA0, 0xE9, 0xDC, 0x27, 0x27, 0x9B, 0x0A, 0x33,
721 0xBC, 0x85, 0x6A, 0xBF, 0x8B, 0xC5, 0x89, 0x10, 0x92, 0xAE, 0x73,
722 0xC9, 0x32, 0x46, 0x8D, 0x24, 0x1F, 0x32, 0x96, 0xED, 0x0B},
723 {0x44, 0x8C, 0x6D, 0xF6, 0x1A, 0x2F, 0xCA, 0x18, 0x8E, 0x84, 0xFF,
724 0x5F, 0x5F, 0xAF, 0xC0, 0x52, 0x35, 0xA1, 0xB3, 0xA0, 0xDE, 0xEE,
725 0x97, 0xBF, 0xB8, 0xFA, 0x8B, 0x9E, 0x00, 0x13, 0xE7, 0x26}}},
726 {{{0xFB, 0x78, 0xA1, 0x6D, 0x41, 0x92, 0xA6, 0xC6, 0x7F, 0xAD, 0xB7,
727 0xFC, 0x4F, 0x5F, 0x48, 0x94, 0x7D, 0xB7, 0xF5, 0xCC, 0xB5, 0x7E,
728 0x08, 0xCD, 0xBF, 0x58, 0xC9, 0x30, 0xEB, 0xE4, 0xA0, 0xBF},
729 {0x0C, 0x6A, 0x89, 0x18, 0x97, 0x37, 0x54, 0x76, 0x79, 0x3E, 0x8E,
730 0xA6, 0x5B, 0x77, 0xCE, 0x4A, 0xCB, 0xD9, 0x8B, 0x7B, 0x32, 0x1A,
731 0x30, 0x40, 0x49, 0xFF, 0x84, 0xE7, 0xBE, 0xD8, 0xCF, 0xFD}}},
732 {{{0x2D, 0x23, 0x54, 0xB5, 0x2E, 0x29, 0xE9, 0xC7, 0x62, 0x1B, 0x03,
733 0x34, 0x3A, 0xEB, 0xC9, 0x69, 0x38, 0x9F, 0xD1, 0x2B, 0xDA, 0x8B,
734 0x07, 0x58, 0x30, 0xF8, 0x38, 0x08, 0x09, 0x07, 0xCA, 0x5B},
735 {0x3A, 0x13, 0xED, 0xF4, 0x5D, 0xC9, 0x23, 0x66, 0x85, 0x8C, 0x6A,
736 0x7D, 0xE9, 0x11, 0x17, 0xE6, 0x43, 0x2F, 0x12, 0xC5, 0x07, 0x63,
737 0x84, 0x98, 0xA0, 0x1C, 0xDC, 0xF3, 0x91, 0x91, 0x11, 0x55}}}}}}};
738
739 const Fq12ElemStr FfElementTest::fq12_i_str = {
740 {{{{{{0x0F, 0xD0, 0x1C, 0x59, 0x98, 0x52, 0x5A, 0x40, 0xFF, 0x26, 0x0A,
741 0xFD, 0x70, 0xEC, 0x23, 0x48, 0x1B, 0x4B, 0x70, 0xA0, 0x15, 0xC5,
742 0xB1, 0x8B, 0xA5, 0x75, 0xAC, 0xCE, 0xF3, 0x6C, 0xE8, 0xBA},
743 {0xA7, 0xFB, 0xF9, 0xEA, 0x18, 0x70, 0xD8, 0x9B, 0x3C, 0xC3, 0x66,
744 0x10, 0x38, 0xAC, 0x16, 0x32, 0xDC, 0x9D, 0xF0, 0xD4, 0x2C, 0xE7,
745 0xF6, 0x69, 0x47, 0x69, 0x84, 0xEE, 0x39, 0x5F, 0xD8, 0xCC}}},
746 {{{0x1B, 0xEF, 0x81, 0x13, 0x81, 0xB9, 0x56, 0xAE, 0xD0, 0xD4, 0xAE,
747 0xCB, 0x24, 0x7C, 0x7B, 0x7F, 0xC0, 0x41, 0x42, 0x0A, 0x9D, 0x90,
748 0x6B, 0x1E, 0x3A, 0xAD, 0x39, 0x7A, 0x1F, 0xEF, 0x56, 0x9E},
749 {0xBD, 0x84, 0x48, 0xAF, 0x65, 0x66, 0x33, 0xE5, 0x67, 0xF1, 0xC4,
750 0x48, 0xF0, 0xB6, 0x61, 0x06, 0xC7, 0x78, 0xB3, 0xC1, 0x12, 0xB8,
751 0x31, 0xD4, 0x69, 0x2E, 0x0E, 0xD3, 0xD4, 0x91, 0x81, 0x9A}}},
752 {{{0x23, 0x62, 0x9B, 0x83, 0x95, 0xF6, 0x7F, 0xF6, 0xCC, 0x6B, 0xEE,
753 0x84, 0xF0, 0x5B, 0x93, 0xA6, 0x90, 0x48, 0x1A, 0xA7, 0xA8, 0xE8,
754 0x10, 0xA5, 0x53, 0x7E, 0x4F, 0xD5, 0x0D, 0xB0, 0x86, 0xF7},
755 {0x1F, 0xB8, 0xB7, 0xD4, 0x2E, 0x41, 0x83, 0x2C, 0xFC, 0x62, 0x14,
756 0xB8, 0xC2, 0xF6, 0xC1, 0x5E, 0xC1, 0xC1, 0x40, 0x8B, 0x28, 0xB5,
757 0x1B, 0x85, 0xEE, 0x71, 0xC8, 0x14, 0x56, 0xB9, 0x3B, 0x90}}}}},
758 {{{{{0x4A, 0xFE, 0x73, 0xFA, 0xCF, 0x20, 0x67, 0x0E, 0x89, 0x1D, 0xCB,
759 0x05, 0x38, 0x27, 0x1C, 0xD5, 0x7A, 0x0C, 0xAC, 0x92, 0x17, 0x94,
760 0x7F, 0x10, 0x3E, 0xFF, 0x97, 0x23, 0x66, 0x8D, 0x70, 0xAE},
761 {0x80, 0x97, 0xFF, 0x88, 0xF8, 0x01, 0x2B, 0x99, 0x81, 0xEB, 0xF8,
762 0x19, 0xEF, 0xDA, 0xE3, 0xAE, 0xD9, 0x9B, 0x4C, 0x13, 0xFC, 0x9E,
763 0x18, 0xD6, 0xB0, 0xCF, 0x4E, 0x29, 0xA8, 0xCF, 0x01, 0xFA}}},
764 {{{0xDA, 0x22, 0x85, 0x18, 0x9A, 0x51, 0x17, 0xAC, 0x26, 0x57, 0xF6,
765 0x73, 0x59, 0x24, 0xD5, 0xC9, 0x4D, 0xAC, 0xB6, 0xE4, 0x51, 0xF7,
766 0x5E, 0x30, 0x5B, 0x25, 0x3D, 0x52, 0xA3, 0xE0, 0x4B, 0xA2},
767 {0xC3, 0x4C, 0x2F, 0x53, 0xD5, 0x92, 0x33, 0x7E, 0x8B, 0x66, 0x5F,
768 0x48, 0x48, 0xCA, 0xA8, 0x98, 0x0F, 0x73, 0xD3, 0x60, 0xAF, 0x25,
769 0x02, 0xEE, 0x64, 0xE7, 0x02, 0x89, 0x9A, 0xD2, 0x96, 0x45}}},
770 {{{0x04, 0xE1, 0x30, 0x9B, 0xD8, 0x85, 0xF0, 0x99, 0x7C, 0x01, 0xD5,
771 0x58, 0x5A, 0x74, 0x0B, 0xD4, 0xF2, 0xFA, 0xC7, 0x59, 0x36, 0xFD,
772 0x91, 0x07, 0x60, 0xF7, 0xDC, 0x11, 0x3E, 0x8A, 0xC6, 0x48},
773 {0x0D, 0x02, 0x30, 0x18, 0xD0, 0xB9, 0x6B, 0xD6, 0x39, 0x6A, 0x41,
774 0x82, 0xDD, 0xE3, 0xCE, 0xB8, 0xB6, 0xF5, 0x61, 0x80, 0x61, 0x16,
775 0xF4, 0x9A, 0xB8, 0x58, 0x1D, 0x3F, 0x4D, 0xC2, 0xCA, 0xCF}}}}}}};
776
777 const Fq12ElemStr FfElementTest::fq12_j_str = {
778 {{{{{{0x3A, 0x30, 0x33, 0xA2, 0x14, 0xDF, 0xDC, 0x70, 0x48, 0xF3, 0xBA,
779 0x3F, 0xCE, 0xFC, 0x69, 0x24, 0xAE, 0xA1, 0xF3, 0xCF, 0xD8, 0x77,
780 0x69, 0x38, 0x38, 0xF4, 0x8E, 0xFB, 0x51, 0xFB, 0x10, 0x7C},
781 {0x73, 0xB4, 0xEE, 0xF9, 0x76, 0xBB, 0x45, 0xEC, 0x07, 0x24, 0x23,
782 0xA3, 0x38, 0x64, 0x39, 0x4C, 0x03, 0x94, 0xF5, 0xEE, 0x5F, 0xC9,
783 0x83, 0x4F, 0xD1, 0xA6, 0x4A, 0x05, 0x25, 0x0C, 0x46, 0x33}}},
784 {{{0xD4, 0x40, 0x47, 0xAE, 0xEC, 0xDA, 0x30, 0xF9, 0xE1, 0x28, 0xFB,
785 0xB1, 0x4C, 0x62, 0xFB, 0x6C, 0x90, 0x0D, 0xB1, 0xEC, 0xAF, 0x2D,
786 0x95, 0x64, 0x11, 0x93, 0xDA, 0x8E, 0xB8, 0x7D, 0xE4, 0xA3},
787 {0x8E, 0xA6, 0x9B, 0xAA, 0x58, 0xD5, 0xDC, 0x59, 0x1A, 0x51, 0x53,
788 0x47, 0x30, 0x1C, 0x2B, 0xB0, 0xBB, 0x57, 0x57, 0x0A, 0x8C, 0x5F,
789 0x62, 0x9C, 0x52, 0x28, 0xC0, 0x25, 0x27, 0xAE, 0xCD, 0x36}}},
790 {{{0xBF, 0x2D, 0x03, 0xB1, 0x33, 0xFD, 0x24, 0x81, 0x3C, 0x91, 0x43,
791 0x90, 0x0C, 0x20, 0xC4, 0xE3, 0x69, 0x3F, 0xA9, 0xA2, 0x7C, 0xC2,
792 0x48, 0x28, 0x1B, 0xF0, 0x81, 0x1F, 0x2B, 0x8F, 0x8D, 0x43},
793 {0x38, 0x18, 0x12, 0xA3, 0x89, 0xF1, 0xD7, 0x60, 0x89, 0x68, 0x6A,
794 0xC4, 0xCC, 0x5D, 0xF4, 0xCE, 0x43, 0x95, 0x84, 0xCD, 0x01, 0x55,
795 0xB8, 0x5D, 0x24, 0x50, 0xCD, 0xE3, 0x68, 0x1C, 0xFF, 0x59}}}}},
796 {{{{{0x0D, 0xAC, 0xCB, 0xE7, 0x9D, 0x68, 0x0F, 0x4A, 0xAF, 0xEB, 0xB5,
797 0xFB, 0xF9, 0xB1, 0x58, 0x80, 0xD5, 0x71, 0x53, 0x26, 0x2E, 0x9C,
798 0xCE, 0x10, 0xAC, 0xD2, 0x0A, 0xEB, 0xB4, 0x5C, 0xC8, 0xD7},
799 {0x16, 0x26, 0x66, 0x71, 0xDD, 0x67, 0xBA, 0xDB, 0x35, 0x76, 0x64,
800 0xC6, 0x0B, 0x0B, 0x07, 0x4B, 0x65, 0xA2, 0xF7, 0x68, 0x9E, 0xFE,
801 0xE8, 0xE3, 0xA7, 0x09, 0x79, 0xC5, 0xDF, 0x5E, 0x9C, 0xEC}}},
802 {{{0xEE, 0x83, 0x59, 0xB5, 0x89, 0x81, 0xA2, 0x87, 0xD7, 0x75, 0x65,
803 0x90, 0xDE, 0x78, 0x37, 0x59, 0x04, 0x9B, 0x50, 0xC3, 0xBA, 0x90,
804 0x09, 0x15, 0xAB, 0x17, 0xC5, 0xBF, 0x5B, 0xB9, 0xE4, 0x6C},
805 {0xA9, 0xB1, 0x49, 0x76, 0x25, 0x74, 0x5D, 0x9C, 0x78, 0xC5, 0x09,
806 0xEE, 0xEB, 0xEB, 0x9D, 0x1C, 0x6C, 0xC0, 0x27, 0x9D, 0x66, 0xE6,
807 0x7F, 0x31, 0xCD, 0xB0, 0x8A, 0xE4, 0x9E, 0xBD, 0x70, 0x18}}},
808 {{{0x88, 0xA1, 0x08, 0x39, 0xA2, 0x48, 0xA5, 0x98, 0xB6, 0xAD, 0x10,
809 0x54, 0x07, 0xCD, 0xFC, 0x6D, 0xB1, 0x02, 0xFF, 0xE3, 0x92, 0xD7,
810 0x9D, 0x48, 0xFB, 0xCE, 0x88, 0x46, 0x92, 0x07, 0x02, 0xBA},
811 {0xEE, 0xEB, 0xAE, 0x88, 0xB1, 0x4E, 0xD0, 0xF2, 0xCE, 0xD7, 0x57,
812 0x07, 0xD4, 0x39, 0xD2, 0x7D, 0x1A, 0x0C, 0xEF, 0xF2, 0x84, 0x84,
813 0x22, 0x8A, 0xB1, 0x80, 0x0D, 0xDC, 0x64, 0x86, 0xFD, 0x70}}}}}}};
814
815 const Fq12ElemStr FfElementTest::fq12_mul_ij_str = {
816 {{{{{{0x4A, 0x0E, 0x83, 0x4F, 0x62, 0xCA, 0x56, 0x0B, 0x0F, 0x2E, 0xF3,
817 0x1A, 0xC6, 0xFC, 0x76, 0x4F, 0x4B, 0x85, 0x78, 0x6F, 0x9D, 0xB9,
818 0xBD, 0xC8, 0xBB, 0x7C, 0x73, 0x12, 0x28, 0xFF, 0xBC, 0x8F},
819 {0x18, 0x8E, 0x5E, 0x4B, 0x72, 0xA5, 0x4A, 0x99, 0xFC, 0xE7, 0x05,
820 0xE5, 0xD2, 0x2C, 0x06, 0x95, 0xF5, 0xE4, 0xA5, 0x87, 0xCB, 0x85,
821 0x25, 0xF8, 0xDA, 0x71, 0x7B, 0x9A, 0xF1, 0x52, 0xF9, 0x33}}},
822 {{{0x05, 0x5F, 0x15, 0x72, 0xA3, 0x61, 0xA6, 0x6C, 0xB8, 0x43, 0xBB,
823 0xCA, 0x33, 0xB2, 0xDB, 0x59, 0xCA, 0xAB, 0xAD, 0xA0, 0x4D, 0xE3,
824 0xB8, 0xF5, 0xC9, 0x8C, 0x06, 0x91, 0xE5, 0xE4, 0x5A, 0xAD},
825 {0xE7, 0x66, 0xCC, 0x2B, 0x2C, 0x11, 0x88, 0x29, 0xB1, 0x3C, 0x52,
826 0xFE, 0x50, 0xDF, 0x8F, 0x15, 0x6A, 0x6B, 0xB8, 0x32, 0x96, 0x90,
827 0x85, 0x03, 0x78, 0x88, 0x97, 0x7B, 0x5B, 0x50, 0x2E, 0xDE}}},
828 {{{0xE7, 0x53, 0x22, 0x11, 0xEB, 0xFF, 0x1B, 0x19, 0xAE, 0x5F, 0x58,
829 0x3A, 0x4F, 0x6F, 0x34, 0xFB, 0x2A, 0x49, 0xCA, 0x4B, 0x9C, 0x31,
830 0xFC, 0x74, 0x0F, 0x11, 0xCC, 0x45, 0xCD, 0xA2, 0x12, 0xCA},
831 {0xF4, 0x2F, 0x30, 0x9A, 0x6A, 0xCB, 0xEE, 0x88, 0x15, 0x56, 0x29,
832 0x2A, 0xBF, 0x33, 0x7B, 0xDB, 0x59, 0x74, 0x4D, 0xC0, 0x64, 0xF0,
833 0x0B, 0x9F, 0xF2, 0x65, 0xB7, 0x3A, 0xDA, 0xE2, 0xB5, 0x63}}}}},
834 {{{{{0x3A, 0x3E, 0x06, 0xEF, 0x73, 0xA3, 0xBC, 0xEA, 0xCC, 0x68, 0xD9,
835 0xF5, 0x6E, 0x94, 0x1C, 0x54, 0x47, 0xF1, 0x99, 0x2C, 0x44, 0x64,
836 0x45, 0x84, 0x50, 0x10, 0xFD, 0xC5, 0x16, 0x65, 0x89, 0xEC},
837 {0x72, 0xA6, 0x7E, 0x82, 0x7F, 0xE2, 0xE3, 0xEA, 0x82, 0xA3, 0x18,
838 0xF4, 0x9B, 0x93, 0x4D, 0x79, 0xA0, 0x2C, 0xBF, 0x90, 0x0E, 0xDB,
839 0x41, 0x09, 0x27, 0x44, 0x19, 0xD1, 0xB4, 0xE5, 0xC6, 0x8C}}},
840 {{{0xA5, 0xC7, 0x82, 0xBF, 0x00, 0x7B, 0x8D, 0x7A, 0x05, 0x7B, 0x7E,
841 0x33, 0x60, 0x28, 0x34, 0x9C, 0x86, 0x5A, 0x6B, 0xCE, 0xA5, 0xED,
842 0x26, 0x22, 0x63, 0x4A, 0xE9, 0x57, 0xCD, 0x55, 0xD2, 0xD3},
843 {0x0E, 0x73, 0x14, 0xE4, 0xEE, 0xE7, 0x3C, 0x43, 0xFC, 0xAE, 0x84,
844 0x59, 0x2F, 0xEA, 0x35, 0x84, 0xA5, 0x77, 0xCE, 0xA8, 0xC5, 0xAA,
845 0xB8, 0xDC, 0xB9, 0xD6, 0x71, 0x11, 0xE2, 0x95, 0x00, 0x97}}},
846 {{{0xBD, 0x50, 0xDA, 0x58, 0x1B, 0xDA, 0xB3, 0x25, 0x19, 0x2F, 0x9D,
847 0xFA, 0x2C, 0xFB, 0x96, 0x26, 0xBB, 0x4A, 0x41, 0x82, 0xA9, 0x45,
848 0x24, 0xEE, 0xEE, 0xEA, 0xD3, 0xC5, 0x94, 0xFC, 0x2A, 0x37},
849 {0x6A, 0x43, 0xB8, 0x6C, 0xBB, 0x98, 0xB7, 0x17, 0x03, 0xC0, 0x3D,
850 0x6D, 0x59, 0x56, 0x3D, 0x23, 0x42, 0x94, 0x25, 0x64, 0xB9, 0x62,
851 0xAD, 0x4D, 0x84, 0x9B, 0x3C, 0x05, 0x8C, 0xF0, 0xD3, 0xD3}}}}}},
852 };
853
854 const Fq12ElemStr FfElementTest::fq12_k_str = {
855 {{{{{{0xE4, 0xCA, 0x0B, 0xA8, 0x9C, 0x70, 0xE2, 0x20, 0x24, 0xD9, 0x8F,
856 0x09, 0x12, 0x79, 0x55, 0x44, 0x8C, 0x58, 0x42, 0x8F, 0x18, 0x97,
857 0x0A, 0xC3, 0x0A, 0x40, 0x68, 0x0E, 0x1E, 0x21, 0x7F, 0xB4},
858 {0x73, 0xCF, 0x8D, 0x54, 0x68, 0xAE, 0x1C, 0xC4, 0x95, 0x01, 0xE3,
859 0x52, 0x33, 0xFE, 0x69, 0xB5, 0x23, 0x45, 0xEF, 0xFF, 0x79, 0x14,
860 0xEF, 0x98, 0xA8, 0x4E, 0xB1, 0x2E, 0xE1, 0x15, 0x81, 0x0C}}},
861 {{{0x9F, 0x65, 0x90, 0x6A, 0x53, 0xD7, 0xF6, 0x73, 0x08, 0xDA, 0x45,
862 0x11, 0xDE, 0xCF, 0xED, 0x4C, 0x8C, 0x21, 0x02, 0xF5, 0x3F, 0x97,
863 0xB6, 0xB2, 0xF5, 0xC6, 0x58, 0xFC, 0x9A, 0xA6, 0xBB, 0xF9},
864 {0x3C, 0xD8, 0xFC, 0x86, 0x09, 0x1C, 0x16, 0xA4, 0x6F, 0x5E, 0x7A,
865 0x81, 0x01, 0xF9, 0x8A, 0x6D, 0x38, 0xB5, 0xC9, 0x5F, 0xE9, 0x7D,
866 0x6F, 0x46, 0x92, 0x49, 0x5B, 0xB8, 0x61, 0x03, 0x6F, 0x5E}}},
867 {{{0xDA, 0x53, 0xCB, 0x62, 0xCD, 0x82, 0x63, 0x96, 0xC7, 0xC0, 0x39,
868 0xA4, 0x31, 0xEE, 0x15, 0x26, 0x1C, 0xE6, 0x4E, 0xE4, 0xB4, 0x40,
869 0xFA, 0x65, 0xA3, 0xF4, 0x73, 0x03, 0x85, 0x84, 0x41, 0xF9},
870 {0x77, 0xF3, 0x90, 0xDC, 0x88, 0x26, 0xBD, 0x27, 0x9A, 0x9D, 0x37,
871 0xF0, 0x80, 0xEE, 0x02, 0x1D, 0x3E, 0x4F, 0x88, 0xED, 0x8F, 0x89,
872 0x90, 0xF1, 0x6D, 0x5D, 0x70, 0x49, 0x99, 0x07, 0x61, 0x22}}}}},
873 {{{{{0x43, 0x52, 0xBA, 0xEE, 0xA8, 0xE9, 0x8E, 0x2E, 0x83, 0x30, 0x41,
874 0x85, 0xE3, 0x51, 0xB0, 0x8C, 0x86, 0x31, 0xEC, 0x02, 0x76, 0xE8,
875 0x41, 0x1F, 0x88, 0xBC, 0x39, 0xA2, 0xE4, 0xC1, 0x34, 0xA7},
876 {0x1D, 0x5F, 0x8C, 0x23, 0x0F, 0xF0, 0xDC, 0xCD, 0xBA, 0x67, 0xD5,
877 0x78, 0xD6, 0x8D, 0x32, 0x6A, 0xC1, 0x7F, 0x6F, 0x97, 0xCF, 0x46,
878 0xF0, 0x04, 0x7B, 0xE3, 0x5A, 0xEE, 0x31, 0xC4, 0xC0, 0x79}}},
879 {{{0x96, 0xBC, 0x01, 0x78, 0x9F, 0xBE, 0x8B, 0xBA, 0x59, 0x22, 0xFB,
880 0x64, 0x1B, 0x37, 0x5C, 0x33, 0x57, 0xAF, 0x83, 0x5A, 0x96, 0xEA,
881 0x56, 0xAA, 0x6E, 0x9C, 0xFA, 0xE6, 0xF9, 0xDF, 0xD8, 0x44},
882 {0xBB, 0x4E, 0xBF, 0xA8, 0xEC, 0x0F, 0x16, 0xA8, 0x59, 0x1F, 0x49,
883 0xF4, 0x8C, 0x80, 0x6C, 0x52, 0x7F, 0x74, 0x94, 0xC2, 0xE3, 0x29,
884 0x34, 0x9C, 0x97, 0xB9, 0x5E, 0xED, 0xFD, 0x59, 0x9D, 0xD4}}},
885 {{{0x83, 0xFB, 0xC2, 0xAD, 0x72, 0xE8, 0xF3, 0x68, 0x43, 0xD0, 0xD4,
886 0xDC, 0xB2, 0x36, 0xC1, 0xDB, 0x03, 0x29, 0xEE, 0x8C, 0x1A, 0x10,
887 0xD7, 0xFB, 0xC2, 0xEA, 0xDA, 0xBA, 0x42, 0x18, 0xE6, 0xE4},
888 {0x63, 0x41, 0x6E, 0x8C, 0xB3, 0x14, 0x68, 0x9A, 0x0F, 0x64, 0x87,
889 0x16, 0x02, 0xA3, 0x59, 0xF4, 0x60, 0x80, 0x04, 0x2B, 0xA4, 0xE6,
890 0x10, 0x2D, 0x61, 0x59, 0x14, 0xFE, 0xAF, 0x84, 0xA0, 0x67}}}}}}};
891 const Fq12ElemStr FfElementTest::fq12_mul_gb_str = {
892 {{{{{{0xE4, 0xCA, 0x0B, 0xA8, 0x9C, 0x70, 0xE2, 0x20, 0x24, 0xD9, 0x8F,
893 0x09, 0x12, 0x79, 0x55, 0x44, 0x8C, 0x58, 0x42, 0x8F, 0x18, 0x97,
894 0x0A, 0xC3, 0x0A, 0x40, 0x68, 0x0E, 0x1E, 0x21, 0x7F, 0xB4},
895 {0x73, 0xCF, 0x8D, 0x54, 0x68, 0xAE, 0x1C, 0xC4, 0x95, 0x01, 0xE3,
896 0x52, 0x33, 0xFE, 0x69, 0xB5, 0x23, 0x45, 0xEF, 0xFF, 0x79, 0x14,
897 0xEF, 0x98, 0xA8, 0x4E, 0xB1, 0x2E, 0xE1, 0x15, 0x81, 0x0C}}},
898 {{{0x9F, 0x65, 0x90, 0x6A, 0x53, 0xD7, 0xF6, 0x73, 0x08, 0xDA, 0x45,
899 0x11, 0xDE, 0xCF, 0xED, 0x4C, 0x8C, 0x21, 0x02, 0xF5, 0x3F, 0x97,
900 0xB6, 0xB2, 0xF5, 0xC6, 0x58, 0xFC, 0x9A, 0xA6, 0xBB, 0xF9},
901 {0x3C, 0xD8, 0xFC, 0x86, 0x09, 0x1C, 0x16, 0xA4, 0x6F, 0x5E, 0x7A,
902 0x81, 0x01, 0xF9, 0x8A, 0x6D, 0x38, 0xB5, 0xC9, 0x5F, 0xE9, 0x7D,
903 0x6F, 0x46, 0x92, 0x49, 0x5B, 0xB8, 0x61, 0x03, 0x6F, 0x5E}}},
904 {{{0xDA, 0x53, 0xCB, 0x62, 0xCD, 0x82, 0x63, 0x96, 0xC7, 0xC0, 0x39,
905 0xA4, 0x31, 0xEE, 0x15, 0x26, 0x1C, 0xE6, 0x4E, 0xE4, 0xB4, 0x40,
906 0xFA, 0x65, 0xA3, 0xF4, 0x73, 0x03, 0x85, 0x84, 0x41, 0xF9},
907 {0x77, 0xF3, 0x90, 0xDC, 0x88, 0x26, 0xBD, 0x27, 0x9A, 0x9D, 0x37,
908 0xF0, 0x80, 0xEE, 0x02, 0x1D, 0x3E, 0x4F, 0x88, 0xED, 0x8F, 0x89,
909 0x90, 0xF1, 0x6D, 0x5D, 0x70, 0x49, 0x99, 0x07, 0x61, 0x22}}}}},
910 {{{{{0xBC, 0xAD, 0x45, 0x11, 0x57, 0x13, 0x62, 0x9E, 0xC3, 0xB5, 0xB0,
911 0xD9, 0x0B, 0x1F, 0xF4, 0x12, 0x86, 0xAA, 0x79, 0xF8, 0x9B, 0xAF,
912 0xC9, 0x63, 0x4A, 0x6C, 0xF4, 0x38, 0xCA, 0x11, 0xFB, 0x6C},
913 {0xE2, 0xA0, 0x73, 0xDC, 0xF0, 0x0C, 0x13, 0xFF, 0x8C, 0x7E, 0x1C,
914 0xE6, 0x17, 0xE4, 0x72, 0x34, 0x4B, 0x5C, 0xF6, 0x63, 0x43, 0x51,
915 0x1A, 0x7E, 0x57, 0x45, 0xD2, 0xED, 0x7D, 0x0E, 0x6F, 0x9A}}},
916 {{{0x69, 0x43, 0xFE, 0x87, 0x60, 0x3E, 0x65, 0x12, 0xED, 0xC2, 0xF6,
917 0xFA, 0xD3, 0x3A, 0x48, 0x6B, 0xB5, 0x2C, 0xE2, 0xA0, 0x7B, 0xAD,
918 0xB3, 0xD8, 0x64, 0x8C, 0x32, 0xF4, 0xB4, 0xF3, 0x57, 0xCF},
919 {0x44, 0xB1, 0x40, 0x57, 0x13, 0xED, 0xDA, 0x24, 0xED, 0xC6, 0xA8,
920 0x6A, 0x61, 0xF1, 0x38, 0x4C, 0x8D, 0x67, 0xD1, 0x38, 0x2F, 0x6E,
921 0xD5, 0xE6, 0x3B, 0x6F, 0xCE, 0xED, 0xB1, 0x79, 0x92, 0x3F}}},
922 {{{0x7C, 0x04, 0x3D, 0x52, 0x8D, 0x13, 0xFD, 0x65, 0x03, 0x15, 0x1D,
923 0x82, 0x3C, 0x3A, 0xE2, 0xC4, 0x09, 0xB2, 0x77, 0x6E, 0xF8, 0x87,
924 0x32, 0x87, 0x10, 0x3E, 0x53, 0x21, 0x6C, 0xBA, 0x49, 0x2F},
925 {0x9C, 0xBE, 0x91, 0x73, 0x4C, 0xE8, 0x88, 0x33, 0x37, 0x81, 0x6B,
926 0x48, 0xEB, 0xCE, 0x4A, 0xAA, 0xAC, 0x5C, 0x61, 0xCF, 0x6D, 0xB1,
927 0xFA, 0x55, 0x71, 0xD0, 0x18, 0xDC, 0xFF, 0x4E, 0x8F, 0xAC}}}}}},
928 };
929
930 const FqElemStr FfElementTest::fq_multi_exp_base_1[1] = {{
931 0x12, 0xA6, 0x5B, 0xD6, 0x91, 0x8D, 0x50, 0xA7, 0x66, 0xEB, 0x7D,
932 0x52, 0xE3, 0x40, 0x17, 0x60, 0x7F, 0xDF, 0x6C, 0xA1, 0x2C, 0x1A,
933 0x37, 0xE0, 0x92, 0xC0, 0xF7, 0xB9, 0x76, 0xAB, 0xB1, 0x8A,
934 }};
935 const BigNumStr FfElementTest::fq_multi_exp_exp_1[1] = {{
936 0xFF, 0xFB, 0x3E, 0x5D, 0xFF, 0x9A, 0xFF, 0x02, 0x00, 0xFF, 0xFF,
937 0xFF, 0xF2, 0xE1, 0x85, 0x81, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
938 0xFF, 0x81, 0xFF, 0xFD, 0xFF, 0xEB, 0xFF, 0x29, 0xA7, 0xFF,
939 }};
940 const FqElemStr FfElementTest::fq_multi_exp_res_1 = {
941 0x6A, 0x21, 0xEC, 0x89, 0xCC, 0x13, 0x2F, 0x6F, 0x29, 0x1B, 0x3A,
942 0x94, 0xF6, 0xE6, 0xA8, 0xBD, 0x98, 0x25, 0x43, 0x7A, 0xDC, 0xC1,
943 0x20, 0xBA, 0x30, 0xD8, 0x1C, 0x8E, 0x79, 0xFC, 0xDA, 0x67,
944 };
945
946 const std::vector<uint8_t> FfElementTest::fq_multi_exp_exp_1_264({
947 0x08, 0xFF, 0xFB, 0x3E, 0x5D, 0xFF, 0x9A, 0xFF, 0x02, 0x00, 0xFF,
948 0xFF, 0xFF, 0xF2, 0xE1, 0x85, 0x81, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
949 0xFF, 0xFF, 0x81, 0xFF, 0xFD, 0xFF, 0xEB, 0xFF, 0x29, 0xA7, 0xFF,
950 });
951 const FqElemStr FfElementTest::fq_multi_exp_res_1_264 = {
952 0x71, 0x41, 0xa1, 0xdb, 0xd1, 0xd1, 0x50, 0xc2, 0x73, 0x07, 0xc1,
953 0x93, 0xeb, 0xae, 0x89, 0x4c, 0x6e, 0x49, 0x74, 0xf7, 0x46, 0x23,
954 0x75, 0xca, 0xc8, 0x67, 0x82, 0xaf, 0xcf, 0x35, 0x34, 0x1c};
955 const FqElemStr FfElementTest::fq_multi_exp_res_1_256_264 = {
956 0x10, 0x2f, 0x3a, 0xe5, 0x6e, 0x95, 0x92, 0x8f, 0x98, 0x03, 0x67,
957 0x79, 0xec, 0x0c, 0xc9, 0x46, 0x07, 0xd9, 0xd9, 0x40, 0x46, 0x29,
958 0x99, 0xe9, 0x23, 0xf9, 0x6b, 0x10, 0x35, 0x7c, 0xf1, 0xa3};
959
960 const FqElemStr FfElementTest::fq_multi_exp_base_2[2] = {
961 {0xE6, 0x65, 0x23, 0x9B, 0xD4, 0x07, 0x16, 0x83, 0x38, 0x23, 0xB2,
962 0x67, 0x57, 0xEB, 0x0F, 0x23, 0x3A, 0xF4, 0x8E, 0xDA, 0x71, 0x5E,
963 0xD9, 0x98, 0x63, 0x98, 0x2B, 0xBC, 0x78, 0xD1, 0x94, 0xF2},
964 {0xDD, 0x2B, 0xE9, 0x59, 0x24, 0xA5, 0xB3, 0xFD, 0xEB, 0xE1, 0x3C,
965 0xC0, 0x73, 0x4E, 0x99, 0xEE, 0x36, 0xF6, 0xC0, 0x1A, 0x76, 0x01,
966 0x0A, 0xF0, 0xCB, 0xB4, 0x71, 0x88, 0x95, 0xCB, 0x35, 0xBA}};
967 const BigNumStr FfElementTest::fq_multi_exp_exp_2[2] = {
968 {0x11, 0xFF, 0xFF, 0xFF, 0x4F, 0x59, 0xB1, 0xD3, 0x6B, 0x08, 0xFF,
969 0xFF, 0x0B, 0xF3, 0xAF, 0x27, 0xFF, 0xB8, 0xFF, 0xFF, 0x98, 0xFF,
970 0xEB, 0xFF, 0xF2, 0x6A, 0xFF, 0xFF, 0xEA, 0x31, 0xFF, 0xFF},
971 {0xE2, 0xFF, 0x03, 0x1D, 0xFF, 0x19, 0x81, 0xCB, 0xFF, 0xFF, 0x6B,
972 0xD5, 0x3E, 0xFF, 0xFF, 0xFF, 0xFF, 0xBD, 0xFF, 0x5A, 0xFF, 0x5C,
973 0x7C, 0xFF, 0x84, 0xFF, 0xFF, 0x8C, 0x03, 0xB2, 0x26, 0xFF}};
974 const FqElemStr FfElementTest::fq_multi_exp_res_2 = {
975 0x8A, 0xF7, 0x96, 0x53, 0x9C, 0xC3, 0x57, 0x89, 0x50, 0xE3, 0xAB,
976 0x12, 0x62, 0xEA, 0x0C, 0xE4, 0x65, 0xA6, 0x91, 0x09, 0x93, 0x81,
977 0xFC, 0xBB, 0x0E, 0xFA, 0xC1, 0xC4, 0xDC, 0x3F, 0x0A, 0xD1,
978 };
979
980 const FqElemStr FfElementTest::fq_multi_exp_base_3[3] = {
981 {0x24, 0x9D, 0xDD, 0x1A, 0xC0, 0x07, 0x1F, 0x65, 0xDF, 0xBB, 0xC7,
982 0x39, 0x99, 0x44, 0x63, 0x8E, 0x7E, 0xB2, 0x85, 0x82, 0xC6, 0x4E,
983 0x2D, 0x39, 0xA8, 0x3F, 0x12, 0xB4, 0xE9, 0x9D, 0x67, 0x28},
984 {0x6B, 0x51, 0x6B, 0x33, 0x0B, 0x2E, 0x2A, 0x94, 0x34, 0xCC, 0x7E,
985 0x97, 0xFA, 0x85, 0x51, 0x44, 0x30, 0xE5, 0xF2, 0x68, 0x23, 0x31,
986 0x84, 0xFF, 0xBB, 0x95, 0x9A, 0xB2, 0x80, 0x95, 0xC4, 0x91},
987 {0x77, 0xED, 0xA2, 0x53, 0xA3, 0xBF, 0x6C, 0x58, 0x16, 0x7D, 0xEF,
988 0x8A, 0x7D, 0x38, 0x65, 0x3F, 0x92, 0xA6, 0x85, 0xD7, 0x9F, 0x80,
989 0xA4, 0xA1, 0x70, 0x02, 0xE5, 0x66, 0xF2, 0xD8, 0xD7, 0xD2}};
990 const BigNumStr FfElementTest::fq_multi_exp_exp_3[3] = {
991 {0xFF, 0xFF, 0xFF, 0xB4, 0x48, 0xFF, 0xFF, 0xFF, 0xA3, 0xFF, 0xE3,
992 0xFF, 0x61, 0xFF, 0xA2, 0x97, 0x9A, 0xFF, 0x6F, 0x04, 0xC6, 0xB9,
993 0xFF, 0x22, 0xFF, 0x20, 0x9E, 0xFF, 0x43, 0xFF, 0xFF, 0xFF},
994 {0xB1, 0x19, 0xBF, 0xFF, 0x74, 0x7F, 0xCC, 0x34, 0x1E, 0x30, 0x7D,
995 0xC5, 0xC4, 0xFF, 0xE7, 0xF8, 0xFF, 0x5F, 0xFF, 0x73, 0xFF, 0x58,
996 0xFF, 0xD6, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEC, 0xFF, 0xFF},
997 {0xFF, 0xFF, 0x0D, 0xFF, 0xFF, 0xFF, 0xFF, 0x26, 0xA8, 0xFF, 0xFF,
998 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0xE0, 0x4F, 0xFF, 0xE3, 0xFF, 0xFF,
999 0xEB, 0x04, 0x4B, 0xFF, 0x5D, 0x55, 0xFF, 0x2D, 0xFF, 0xFF}};
1000 const FqElemStr FfElementTest::fq_multi_exp_res_3 = {
1001 0x04, 0x22, 0x21, 0xE7, 0x9F, 0xE3, 0x07, 0x2F, 0xA4, 0xBB, 0x56,
1002 0x84, 0xD5, 0x93, 0x4A, 0xDA, 0x5B, 0x89, 0x07, 0xBE, 0xC5, 0x5F,
1003 0xE6, 0x5C, 0x18, 0xF0, 0xF8, 0x8E, 0x8E, 0x00, 0xB9, 0x87,
1004 };
1005 const FqElemStr FfElementTest::fq_multi_exp_base_4[4] = {
1006 {0x81, 0xEE, 0x78, 0x31, 0x4C, 0xC0, 0x3C, 0xDD, 0x16, 0x52, 0xC6,
1007 0x7E, 0x07, 0x4C, 0xFE, 0xC4, 0x50, 0x63, 0x5A, 0x40, 0xC8, 0xDF,
1008 0x94, 0x23, 0x1A, 0x90, 0xDD, 0x24, 0x61, 0x23, 0xDD, 0x87},
1009 {0x76, 0xBB, 0x2C, 0x1C, 0xB3, 0x78, 0x93, 0x7E, 0x10, 0x29, 0xC3,
1010 0xEC, 0xBD, 0xA3, 0x75, 0x3A, 0xF1, 0x0B, 0xE1, 0xCA, 0xEE, 0x02,
1011 0x58, 0x74, 0xC7, 0xDC, 0xB8, 0x4F, 0x3F, 0x7B, 0xA2, 0xFC},
1012 {0x3A, 0xD3, 0x04, 0xAA, 0x9D, 0x2A, 0xDE, 0x86, 0x56, 0x84, 0x80,
1013 0x42, 0xA5, 0x68, 0xD8, 0x6E, 0x65, 0xC4, 0x08, 0x07, 0x87, 0x4B,
1014 0xC1, 0x92, 0xCB, 0x68, 0x52, 0x6C, 0x5A, 0x4F, 0x7C, 0xFB},
1015 {0x56, 0xE7, 0xBD, 0x59, 0x54, 0xCC, 0x20, 0x16, 0xAE, 0x36, 0xD1,
1016 0xB0, 0xE4, 0x82, 0x47, 0x27, 0x32, 0xD1, 0x38, 0x7C, 0x53, 0x7F,
1017 0xDD, 0xF4, 0xDE, 0xFA, 0xF7, 0x0F, 0xDD, 0xDF, 0x48, 0xA9}};
1018 const BigNumStr FfElementTest::fq_multi_exp_exp_4[4] = {
1019 {0xFF, 0xA5, 0xC3, 0xFF, 0xFF, 0x09, 0x18, 0x18, 0x95, 0x40, 0xFF,
1020 0xFF, 0xDB, 0xFF, 0xFF, 0xFF, 0xFF, 0x99, 0xFF, 0x25, 0xFF, 0xFF,
1021 0x42, 0x07, 0xB5, 0xFF, 0x26, 0xE0, 0x4F, 0xB5, 0xB4, 0xFF},
1022 {0x1F, 0xFF, 0xAA, 0xF1, 0xFF, 0xFF, 0x7E, 0xFF, 0xFF, 0xFF, 0x07,
1023 0xFF, 0xE7, 0xDF, 0xFF, 0xEE, 0xFF, 0x57, 0xFF, 0xFF, 0xFF, 0xB8,
1024 0xB3, 0x9C, 0xFF, 0x8A, 0x89, 0xFF, 0xFE, 0x32, 0xFF, 0xC1},
1025 {0x9A, 0xFF, 0xFF, 0x9B, 0xFF, 0xAB, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1026 0xFF, 0xFF, 0x36, 0xF0, 0xC5, 0xAE, 0x87, 0x41, 0xFF, 0x5C, 0xDD,
1027 0xFF, 0xFF, 0xFF, 0xFF, 0x59, 0xC9, 0xFF, 0x44, 0x5C, 0x58},
1028 {0x00, 0xFF, 0x95, 0xFF, 0x21, 0xFF, 0xFF, 0x1D, 0x1A, 0x06, 0xD3,
1029 0xFF, 0xFF, 0xFF, 0xFF, 0x07, 0xFF, 0xFF, 0xFF, 0xB0, 0x31, 0xFF,
1030 0xFF, 0x1F, 0x61, 0x48, 0xFF, 0xFF, 0xFF, 0x17, 0xC9, 0x79}};
1031 const FqElemStr FfElementTest::fq_multi_exp_res_4 = {
1032 0x26, 0x2C, 0x23, 0x55, 0xD5, 0xBD, 0x7B, 0x67, 0x60, 0xFE, 0x06,
1033 0x7B, 0xCC, 0xB8, 0x6B, 0xC9, 0x00, 0x81, 0xAE, 0xCB, 0xEC, 0x91,
1034 0x6D, 0x1B, 0x9E, 0x1C, 0xD8, 0xC0, 0x8D, 0x3F, 0x1B, 0x20,
1035 };
1036 const Fq12ElemStr FfElementTest::fq12_multi_exp_base_4[4] = {
1037 {
1038 {{{{{{0x2C, 0x86, 0xEE, 0x80, 0x61, 0x45, 0x8F, 0xFD, 0x96, 0xC2, 0x81,
1039 0x11, 0xE8, 0x96, 0xE2, 0xCA, 0x21, 0x78, 0xF7, 0xA3, 0x4B, 0xBA,
1040 0xDC, 0x0D, 0x34, 0x8A, 0x56, 0x12, 0x67, 0x8D, 0x72, 0x37},
1041 {0xA8, 0xEB, 0x5F, 0x1A, 0x1B, 0xF0, 0x5C, 0xC6, 0x6F, 0xC2, 0xC5,
1042 0x03, 0xC4, 0x19, 0x85, 0xA6, 0xE0, 0x64, 0xFE, 0x71, 0x51, 0x46,
1043 0xDF, 0xC2, 0xD6, 0xF9, 0xA0, 0xD6, 0x84, 0xC1, 0x4A, 0x11}}},
1044 {{{0xE0, 0x33, 0xA3, 0x1C, 0x73, 0x71, 0x62, 0x17, 0x10, 0x4C, 0xD8,
1045 0x3E, 0xEE, 0xA1, 0x38, 0x9F, 0xA5, 0xFB, 0x1D, 0xC4, 0x9D, 0x2F,
1046 0x08, 0x4A, 0xD3, 0x61, 0x37, 0x79, 0xAB, 0xC1, 0x37, 0x7E},
1047 {0x90, 0xFD, 0xA3, 0x9D, 0x0C, 0x81, 0x52, 0xF4, 0x58, 0x24, 0x89,
1048 0xC4, 0xF4, 0xD4, 0x82, 0x33, 0xCA, 0x5D, 0xB4, 0x58, 0xA6, 0x1E,
1049 0xE6, 0x2B, 0x86, 0xEF, 0x56, 0xC4, 0x4F, 0x9B, 0x27, 0x3C}}},
1050 {{{0x96, 0x54, 0xDA, 0xB5, 0x32, 0x23, 0x8A, 0x93, 0xCC, 0xA5, 0x7D,
1051 0x28, 0x4A, 0x97, 0xA4, 0x30, 0xA8, 0x11, 0xBC, 0x43, 0x22, 0x7F,
1052 0x02, 0x73, 0x0E, 0x5C, 0x63, 0x52, 0x2F, 0x4B, 0x5F, 0x7D},
1053 {0xC3, 0x1E, 0x30, 0xAE, 0xAC, 0x8C, 0xE8, 0x93, 0xD6, 0xCE, 0x05,
1054 0x4B, 0x6B, 0x21, 0x01, 0x14, 0x4A, 0x1D, 0xD9, 0x08, 0x0C, 0xA1,
1055 0x4C, 0x0B, 0x44, 0x28, 0x9C, 0xB6, 0xD1, 0x96, 0xBD, 0x07}}}}},
1056 {{{{{0x8B, 0x3D, 0x77, 0x4E, 0xBD, 0x7B, 0x9F, 0x65, 0x20, 0xDB, 0xA0,
1057 0x95, 0x25, 0x44, 0x44, 0x7A, 0xE3, 0xDC, 0xDD, 0x2F, 0xBA, 0x75,
1058 0x16, 0x19, 0xCB, 0x90, 0x31, 0x79, 0x38, 0xB6, 0x1A, 0x82},
1059 {0xBC, 0xB6, 0x85, 0xCD, 0xEB, 0xB9, 0x13, 0x43, 0xEA, 0xC2, 0x78,
1060 0xBE, 0x25, 0x97, 0x1C, 0x6E, 0x18, 0x55, 0xFD, 0xCB, 0xE6, 0x7E,
1061 0x1E, 0x92, 0xAD, 0x48, 0xE7, 0xA7, 0x02, 0x87, 0x0B, 0x8F}}},
1062 {{{0x16, 0xD7, 0x8E, 0x95, 0x8E, 0x62, 0x0A, 0xAD, 0x20, 0x2D, 0x6A,
1063 0x2B, 0x4E, 0x6F, 0xC1, 0xC2, 0x63, 0xBA, 0x82, 0xF3, 0x8C, 0xD0,
1064 0xA2, 0x09, 0xD3, 0xE5, 0xBA, 0x1F, 0x65, 0x35, 0xD0, 0x1C},
1065 {0x09, 0x98, 0x47, 0x65, 0xF2, 0x90, 0xD4, 0xE2, 0xD0, 0x6F, 0x9E,
1066 0xDB, 0xA2, 0x14, 0x9B, 0x4B, 0x3D, 0xAA, 0x75, 0x25, 0x67, 0xF4,
1067 0x7D, 0x77, 0xE9, 0x24, 0xED, 0xEE, 0x1B, 0x07, 0x7F, 0xE0}}},
1068 {{{0x7A, 0x34, 0xB7, 0x3C, 0x36, 0x0D, 0xCE, 0xF9, 0xBF, 0xF9, 0xE5,
1069 0x09, 0x86, 0xEB, 0xB9, 0xD8, 0xC4, 0x67, 0xC5, 0xCD, 0xD4, 0xBC,
1070 0xEE, 0x45, 0xF7, 0x11, 0x68, 0xD9, 0x23, 0x6D, 0xD6, 0x24},
1071 {0x6E, 0x97, 0x83, 0x13, 0x76, 0x9F, 0x35, 0xEA, 0xB8, 0x47, 0x57,
1072 0x9B, 0x74, 0x47, 0x1F, 0x19, 0xE7, 0x97, 0x74, 0x1B, 0xB1, 0xA0,
1073 0xF3, 0x92, 0xDC, 0x35, 0xFD, 0x7F, 0x4F, 0x07, 0x22, 0xAC}}}}}},
1074 },
1075 {{{{{{{0xFD, 0x05, 0x41, 0x27, 0x00, 0x7A, 0xAD, 0x17, 0xBC, 0xBF, 0x22,
1076 0x5E, 0xDA, 0xEB, 0x7D, 0xAA, 0xB5, 0x2D, 0xC8, 0x61, 0xFE, 0x2C,
1077 0xBA, 0x9E, 0x54, 0x43, 0x94, 0xDC, 0xFD, 0x0E, 0x6D, 0x6D},
1078 {0xA1, 0x5E, 0x05, 0xA5, 0x05, 0x55, 0xE7, 0x2A, 0xF7, 0x53, 0x37,
1079 0x2C, 0xEF, 0x44, 0x95, 0xCA, 0x2C, 0xE8, 0xEB, 0xAE, 0x61, 0x05,
1080 0x33, 0xE7, 0x0F, 0x30, 0x67, 0xBE, 0xCD, 0xB2, 0x93, 0x44}}},
1081 {{{0x44, 0x31, 0x96, 0x4D, 0x72, 0x61, 0xCD, 0x23, 0x1F, 0x7B, 0x57,
1082 0x33, 0x39, 0xAC, 0x57, 0x53, 0x3D, 0x70, 0x57, 0xB3, 0x6D, 0xD5,
1083 0x8A, 0x89, 0x30, 0xBC, 0xED, 0x29, 0x19, 0x39, 0x6E, 0x6A},
1084 {0x80, 0x21, 0x1E, 0xB7, 0x84, 0xB1, 0x0A, 0xA4, 0xD0, 0xFF, 0x59,
1085 0x31, 0xE9, 0xBA, 0x39, 0xF7, 0x81, 0xDF, 0x1B, 0x7B, 0xD9, 0xDB,
1086 0x02, 0x17, 0xBE, 0x97, 0x63, 0xBD, 0x37, 0x14, 0xB8, 0x8B}}},
1087 {{{0x6C, 0xCC, 0x5B, 0xA3, 0xEE, 0xC8, 0x0B, 0x7B, 0xF5, 0xDE, 0xBC,
1088 0xB7, 0xA8, 0x25, 0x35, 0xAE, 0x0B, 0x30, 0x96, 0x33, 0x52, 0x13,
1089 0xA3, 0x89, 0x3A, 0x2E, 0xA4, 0x7E, 0x5F, 0x4E, 0xB1, 0xF7},
1090 {0x87, 0xBA, 0x08, 0xB0, 0xFB, 0xCB, 0x31, 0xA6, 0x2B, 0x3E, 0xE7,
1091 0xC4, 0xCC, 0xA5, 0x14, 0x61, 0xC9, 0x18, 0xFC, 0x74, 0x59, 0x06,
1092 0xF4, 0xAD, 0xFC, 0x2D, 0x0C, 0x7D, 0xDB, 0x2A, 0xEC, 0xD4}}}}},
1093 {{{{{0xE9, 0x31, 0x31, 0x50, 0x25, 0xB7, 0x0C, 0x48, 0x30, 0xD5, 0x78,
1094 0xB1, 0x10, 0xEA, 0x5D, 0xAA, 0xAA, 0x03, 0xEC, 0xE3, 0x0F, 0x36,
1095 0xA6, 0xBC, 0x18, 0x3A, 0x76, 0x87, 0xA3, 0xE9, 0x33, 0xDA},
1096 {0x48, 0x78, 0x93, 0x64, 0x72, 0x9B, 0x2A, 0x1E, 0x0D, 0x50, 0x9F,
1097 0x6F, 0xBD, 0xA5, 0x18, 0xB1, 0xA8, 0x14, 0x9A, 0x1B, 0xB9, 0xB4,
1098 0x2C, 0x1F, 0x46, 0xB8, 0x9B, 0x7A, 0xC7, 0x84, 0xAE, 0x27}}},
1099 {{{0xD1, 0xEC, 0x1C, 0xEC, 0x69, 0xF0, 0x35, 0x40, 0x77, 0x7E, 0x27,
1100 0x22, 0x36, 0x38, 0xDF, 0x15, 0xC2, 0xB3, 0xB8, 0x63, 0x4A, 0x6E,
1101 0x68, 0x8C, 0xC1, 0x39, 0x3C, 0x02, 0x4C, 0x2A, 0x31, 0x18},
1102 {0x2E, 0x35, 0xF5, 0xCA, 0xA2, 0xE9, 0x24, 0x92, 0xD5, 0xE5, 0x2E,
1103 0x5D, 0x1C, 0x94, 0xD9, 0xC7, 0xF0, 0x22, 0x16, 0x20, 0xA8, 0x37,
1104 0xDD, 0x0E, 0xAB, 0x1B, 0x5E, 0x8B, 0xEE, 0x81, 0xC6, 0x17}}},
1105 {{{0xF1, 0x29, 0x5D, 0x1D, 0x6F, 0x53, 0x5A, 0xB2, 0x20, 0x88, 0x3D,
1106 0xA4, 0x98, 0x81, 0xA4, 0xEF, 0x11, 0x1B, 0x64, 0x9E, 0x2C, 0x95,
1107 0xDD, 0xD7, 0x57, 0xB3, 0x95, 0xCA, 0x40, 0xB9, 0x0D, 0x62},
1108 {0xDC, 0x86, 0x8B, 0xE6, 0xD3, 0x7B, 0x33, 0xEA, 0x50, 0x25, 0xE2,
1109 0x77, 0xE3, 0x0B, 0x5A, 0xC8, 0x81, 0xFC, 0xAE, 0x74, 0x38, 0x69,
1110 0x07, 0xF8, 0x4E, 0xD7, 0x85, 0xA6, 0x2F, 0x13, 0xB7, 0x0A}}}}}}},
1111 {{{{{{{0xF4, 0xDC, 0xAC, 0x02, 0xC0, 0x95, 0x07, 0xDC, 0x12, 0x4F, 0x3A,
1112 0x01, 0xA9, 0xEE, 0xF3, 0x07, 0x46, 0x94, 0x47, 0x15, 0x63, 0xA6,
1113 0x8E, 0x0A, 0xC4, 0xC4, 0xE4, 0x23, 0x85, 0x63, 0xE4, 0x4E},
1114 {0x9A, 0x9E, 0x9F, 0xC1, 0xED, 0x4E, 0x94, 0x10, 0xFE, 0x7D, 0x90,
1115 0xEF, 0x82, 0x21, 0xAC, 0x67, 0x24, 0x99, 0x86, 0xC6, 0x85, 0x8B,
1116 0x19, 0x9A, 0x9B, 0x90, 0x0B, 0xA4, 0x90, 0x78, 0x34, 0x53}}},
1117 {{{0xB1, 0x4C, 0xBA, 0xB8, 0xC6, 0x40, 0x71, 0xC2, 0x17, 0x51, 0x05,
1118 0xC2, 0xC9, 0xBC, 0x03, 0x10, 0x4E, 0xFE, 0x2F, 0x94, 0xED, 0x13,
1119 0x35, 0x7B, 0x20, 0xA6, 0x59, 0x44, 0x81, 0xD0, 0xEC, 0x12},
1120 {0x74, 0xA2, 0x4A, 0xFB, 0xD7, 0x28, 0x70, 0xAD, 0xDE, 0x86, 0x2F,
1121 0xEF, 0xF9, 0x50, 0x5D, 0x1E, 0x46, 0x3B, 0x82, 0x1C, 0x6A, 0xC9,
1122 0x3F, 0x32, 0xAE, 0xCD, 0x93, 0x2C, 0xA5, 0x70, 0x45, 0x24}}},
1123 {{{0x38, 0x19, 0x79, 0xBF, 0x35, 0xF5, 0xC1, 0x53, 0x06, 0x42, 0xAA,
1124 0x6B, 0xF3, 0xB7, 0x8F, 0xFB, 0xFC, 0x28, 0x46, 0x9A, 0x65, 0x2A,
1125 0x45, 0x3D, 0x4C, 0x3C, 0x6B, 0x9C, 0x44, 0xC5, 0x82, 0xB8},
1126 {0x80, 0xF9, 0xB3, 0x44, 0x95, 0x17, 0x39, 0x01, 0x6B, 0xD6, 0x1D,
1127 0x73, 0x22, 0x94, 0xFF, 0x6F, 0x7B, 0x4E, 0xB6, 0xA4, 0xE4, 0x6C,
1128 0xA8, 0xDB, 0x38, 0x74, 0x0B, 0xDB, 0xFA, 0x14, 0x99, 0x39}}}}},
1129 {{{{{0x28, 0xEE, 0xFC, 0x62, 0xE5, 0x33, 0x9C, 0x63, 0xD5, 0x7F, 0x2C,
1130 0x4C, 0xF4, 0x76, 0x4C, 0xF7, 0x7B, 0x27, 0x2C, 0xA9, 0xB9, 0x01,
1131 0x3C, 0x58, 0xF7, 0xCE, 0xAA, 0x0A, 0x21, 0xC0, 0xA3, 0xA7},
1132 {0xA1, 0x85, 0xBC, 0xFE, 0x55, 0xFC, 0x3B, 0x9B, 0x3D, 0xEF, 0x14,
1133 0x85, 0x8A, 0x4E, 0x5E, 0x1F, 0x4F, 0xC9, 0x86, 0xB8, 0xF2, 0xB2,
1134 0xE3, 0xE7, 0x7E, 0x87, 0xE2, 0x20, 0xD7, 0x85, 0x2C, 0xD1}}},
1135 {{{0x13, 0xCB, 0x46, 0xAD, 0xD7, 0xEC, 0x66, 0xD5, 0x2B, 0x6E, 0x87,
1136 0x92, 0x13, 0xB2, 0x7D, 0x18, 0x69, 0x35, 0xCB, 0xF1, 0xBE, 0xC2,
1137 0x9D, 0xEB, 0xF5, 0x00, 0x0B, 0x73, 0xA3, 0xFD, 0x51, 0xDC},
1138 {0x91, 0x0E, 0xE4, 0x46, 0x41, 0x23, 0xDD, 0x85, 0x53, 0x0C, 0xAE,
1139 0xF9, 0x74, 0xCF, 0x1C, 0x32, 0x22, 0xDA, 0x4A, 0x14, 0x80, 0x71,
1140 0x51, 0x23, 0xC3, 0xAB, 0x7E, 0xEC, 0x77, 0xCC, 0x59, 0x12}}},
1141 {{{0x1C, 0x0F, 0x65, 0x6B, 0xD8, 0x41, 0xE0, 0x1B, 0x51, 0x9C, 0x89,
1142 0x26, 0xAB, 0x88, 0x63, 0x5D, 0xBB, 0x95, 0x92, 0x5B, 0x2C, 0x1D,
1143 0xDE, 0xC1, 0x88, 0xD6, 0xF1, 0x02, 0x48, 0xE0, 0xE2, 0xD1},
1144 {0x40, 0x7F, 0xF1, 0x23, 0x4A, 0xCF, 0x36, 0xD5, 0xCF, 0x76, 0x0D,
1145 0x00, 0x2A, 0xF7, 0x5F, 0x31, 0xBB, 0xCC, 0x46, 0x84, 0x07, 0x04,
1146 0x98, 0x9C, 0xB4, 0x31, 0x15, 0x2D, 0x91, 0xF6, 0x29, 0x33}}}}}}},
1147 {{{{{{{0xA8, 0x8E, 0x9A, 0xF9, 0x25, 0x12, 0x98, 0xE2, 0xC3, 0x61, 0x2E,
1148 0xE8, 0xD6, 0xA6, 0x77, 0x16, 0x49, 0x04, 0x75, 0x69, 0xD1, 0x83,
1149 0x2D, 0x3F, 0x2A, 0x79, 0xB6, 0x9B, 0xC9, 0x1D, 0x03, 0x90},
1150 {0x2A, 0xD8, 0x11, 0x9F, 0x26, 0x36, 0xE7, 0xE9, 0x3A, 0x05, 0x4C,
1151 0x15, 0x49, 0x93, 0xDA, 0xE9, 0xD0, 0x5A, 0xE4, 0x8D, 0x8A, 0xFA,
1152 0x04, 0xF1, 0x20, 0x84, 0x56, 0xEC, 0x3C, 0x27, 0x19, 0x5C}}},
1153 {{{0xF1, 0xAF, 0xBF, 0xF6, 0x0E, 0x58, 0x84, 0x2D, 0x94, 0x11, 0xF4,
1154 0xB5, 0xF4, 0x14, 0x51, 0xB0, 0x90, 0x46, 0x1A, 0x81, 0xED, 0xCF,
1155 0x91, 0x66, 0x58, 0xA6, 0x36, 0x3A, 0x52, 0x18, 0x5A, 0xC1},
1156 {0x08, 0x4C, 0x99, 0xD3, 0xDC, 0xCE, 0x7F, 0xCE, 0x78, 0xE0, 0x38,
1157 0x87, 0x32, 0xF1, 0x80, 0x3C, 0x7B, 0x67, 0xAA, 0x6F, 0xDD, 0xE0,
1158 0xFC, 0xCB, 0xD0, 0xB0, 0x3A, 0x59, 0x52, 0x2A, 0x84, 0xE4}}},
1159 {{{0xF8, 0x4A, 0xFF, 0x50, 0xA0, 0x65, 0xC4, 0xEE, 0xF4, 0x9C, 0xAA,
1160 0x34, 0x46, 0xF9, 0xD2, 0x6C, 0xA1, 0x61, 0x71, 0x49, 0x32, 0x25,
1161 0x84, 0x54, 0x90, 0x44, 0xBE, 0xA4, 0x0B, 0xF7, 0xFE, 0x26},
1162 {0x81, 0x63, 0x73, 0xF7, 0x2F, 0xF2, 0xFA, 0x24, 0x52, 0xA4, 0xD9,
1163 0x4C, 0xC1, 0xA7, 0xA5, 0xC3, 0x03, 0x36, 0x13, 0x9B, 0x16, 0x45,
1164 0x16, 0xCB, 0x4B, 0x99, 0x38, 0xF3, 0x6D, 0xC8, 0x7E, 0xAB}}}}},
1165 {{{{{0xB3, 0x53, 0xDF, 0xB6, 0x82, 0x60, 0x12, 0x11, 0x36, 0x69, 0x0E,
1166 0x05, 0x31, 0x8E, 0xCF, 0xD7, 0x3F, 0x32, 0xE7, 0x95, 0x84, 0x1D,
1167 0xC8, 0xB5, 0xBE, 0x49, 0x17, 0x9D, 0xCF, 0xA9, 0x5A, 0x2A},
1168 {0xC4, 0x11, 0x86, 0xE8, 0x6C, 0x02, 0x56, 0xB0, 0x25, 0x2F, 0xA0,
1169 0x06, 0xB3, 0x62, 0xB2, 0x11, 0xAF, 0xBE, 0xA4, 0xE8, 0x61, 0x64,
1170 0x85, 0xFB, 0xEB, 0x1C, 0xF1, 0xBC, 0x2C, 0xAE, 0x10, 0x51}}},
1171 {{{0x16, 0xA6, 0xC0, 0xB3, 0x86, 0x8E, 0x6D, 0x79, 0xB6, 0xBD, 0xDE,
1172 0x1E, 0x26, 0x06, 0x46, 0x65, 0x82, 0x84, 0x5A, 0x97, 0xD3, 0xB7,
1173 0x93, 0x78, 0x6B, 0x9D, 0x14, 0x33, 0x94, 0x43, 0x34, 0x04},
1174 {0x45, 0xD1, 0x47, 0xD4, 0x2F, 0x17, 0xCF, 0xF1, 0xDD, 0xEA, 0x11,
1175 0x52, 0xAE, 0x01, 0x88, 0x3A, 0x10, 0xEE, 0x5C, 0x16, 0xCD, 0xB5,
1176 0x48, 0xE9, 0x16, 0x2C, 0x70, 0xB4, 0x1E, 0x19, 0x38, 0xE0}}},
1177 {{{0x18, 0xE9, 0xAE, 0xC5, 0xDA, 0x74, 0x41, 0x2D, 0x70, 0x07, 0x60,
1178 0x37, 0x27, 0x66, 0xF7, 0x00, 0xBB, 0x79, 0x51, 0xF3, 0x7C, 0x8A,
1179 0x2B, 0xB5, 0x69, 0x6E, 0x10, 0x1F, 0xE0, 0x0A, 0x5E, 0xBE},
1180 {0xB4, 0x4E, 0x0E, 0x02, 0x59, 0xB5, 0xCB, 0x4A, 0x6A, 0x86, 0x8B,
1181 0xCC, 0xA2, 0x13, 0xA0, 0xE9, 0xF2, 0x5C, 0xB0, 0x23, 0xB2, 0x15,
1182 0xF9, 0xBB, 0x43, 0xC1, 0x54, 0xF4, 0xC8, 0xAB, 0x16, 0xA6}}}}}}},
1183 };
1184 const BigNumStr FfElementTest::fq12_multi_exp_exp_4[4] = {
1185 {
1186 0x14, 0x92, 0xD1, 0x1F, 0xAC, 0x90, 0x4D, 0xC3, 0x3E, 0xB8, 0xA7,
1187 0xFE, 0x35, 0x98, 0xDA, 0x94, 0xD6, 0xF3, 0x27, 0x29, 0x4B, 0x70,
1188 0xCF, 0x0F, 0xDA, 0x14, 0x97, 0xA1, 0x9B, 0x6B, 0x24, 0x08,
1189 },
1190 {
1191 0x76, 0x8D, 0xE5, 0xC2, 0xAB, 0x78, 0xD9, 0x76, 0x98, 0xFF, 0x92,
1192 0xEA, 0x95, 0x58, 0xC5, 0x0C, 0x6F, 0x1B, 0x35, 0xC4, 0xBF, 0x4A,
1193 0x9E, 0xC2, 0x6A, 0xEC, 0xE2, 0xF6, 0xAF, 0xEB, 0xAC, 0x06,
1194 },
1195 {
1196 0x50, 0x38, 0x60, 0x31, 0xAB, 0x05, 0xCC, 0xB1, 0xC2, 0x06, 0xA0,
1197 0xD7, 0x92, 0x12, 0xBD, 0x17, 0x81, 0xB9, 0x7E, 0x07, 0x9B, 0xD4,
1198 0x3B, 0x2D, 0x3C, 0x15, 0x3A, 0x5A, 0xF1, 0xC0, 0xC4, 0x75,
1199 },
1200 {
1201 0xA1, 0x3F, 0xEA, 0x99, 0x7E, 0xC7, 0x65, 0xF5, 0x41, 0xA6, 0xD6,
1202 0xD3, 0x77, 0xEC, 0x27, 0xF8, 0x6C, 0x18, 0x28, 0x69, 0x97, 0x08,
1203 0x0E, 0x63, 0x5A, 0xDA, 0xFE, 0x9F, 0xD1, 0x4A, 0x61, 0x4F,
1204 },
1205 };
1206 const Fq12ElemStr FfElementTest::fq12_multi_exp_res_4 = {
1207 {{{{{{0x3A, 0x30, 0x33, 0xA2, 0x14, 0xDF, 0xDC, 0x70, 0x48, 0xF3, 0xBA,
1208 0x3F, 0xCE, 0xFC, 0x69, 0x24, 0xAE, 0xA1, 0xF3, 0xCF, 0xD8, 0x77,
1209 0x69, 0x38, 0x38, 0xF4, 0x8E, 0xFB, 0x51, 0xFB, 0x10, 0x7C},
1210 {0x73, 0xB4, 0xEE, 0xF9, 0x76, 0xBB, 0x45, 0xEC, 0x07, 0x24, 0x23,
1211 0xA3, 0x38, 0x64, 0x39, 0x4C, 0x03, 0x94, 0xF5, 0xEE, 0x5F, 0xC9,
1212 0x83, 0x4F, 0xD1, 0xA6, 0x4A, 0x05, 0x25, 0x0C, 0x46, 0x33}}},
1213 {{{0xD4, 0x40, 0x47, 0xAE, 0xEC, 0xDA, 0x30, 0xF9, 0xE1, 0x28, 0xFB,
1214 0xB1, 0x4C, 0x62, 0xFB, 0x6C, 0x90, 0x0D, 0xB1, 0xEC, 0xAF, 0x2D,
1215 0x95, 0x64, 0x11, 0x93, 0xDA, 0x8E, 0xB8, 0x7D, 0xE4, 0xA3},
1216 {0x8E, 0xA6, 0x9B, 0xAA, 0x58, 0xD5, 0xDC, 0x59, 0x1A, 0x51, 0x53,
1217 0x47, 0x30, 0x1C, 0x2B, 0xB0, 0xBB, 0x57, 0x57, 0x0A, 0x8C, 0x5F,
1218 0x62, 0x9C, 0x52, 0x28, 0xC0, 0x25, 0x27, 0xAE, 0xCD, 0x36}}},
1219 {{{0xBF, 0x2D, 0x03, 0xB1, 0x33, 0xFD, 0x24, 0x81, 0x3C, 0x91, 0x43,
1220 0x90, 0x0C, 0x20, 0xC4, 0xE3, 0x69, 0x3F, 0xA9, 0xA2, 0x7C, 0xC2,
1221 0x48, 0x28, 0x1B, 0xF0, 0x81, 0x1F, 0x2B, 0x8F, 0x8D, 0x43},
1222 {0x38, 0x18, 0x12, 0xA3, 0x89, 0xF1, 0xD7, 0x60, 0x89, 0x68, 0x6A,
1223 0xC4, 0xCC, 0x5D, 0xF4, 0xCE, 0x43, 0x95, 0x84, 0xCD, 0x01, 0x55,
1224 0xB8, 0x5D, 0x24, 0x50, 0xCD, 0xE3, 0x68, 0x1C, 0xFF, 0x59}}}}},
1225 {{{{{0x0D, 0xAC, 0xCB, 0xE7, 0x9D, 0x68, 0x0F, 0x4A, 0xAF, 0xEB, 0xB5,
1226 0xFB, 0xF9, 0xB1, 0x58, 0x80, 0xD5, 0x71, 0x53, 0x26, 0x2E, 0x9C,
1227 0xCE, 0x10, 0xAC, 0xD2, 0x0A, 0xEB, 0xB4, 0x5C, 0xC8, 0xD7},
1228 {0x16, 0x26, 0x66, 0x71, 0xDD, 0x67, 0xBA, 0xDB, 0x35, 0x76, 0x64,
1229 0xC6, 0x0B, 0x0B, 0x07, 0x4B, 0x65, 0xA2, 0xF7, 0x68, 0x9E, 0xFE,
1230 0xE8, 0xE3, 0xA7, 0x09, 0x79, 0xC5, 0xDF, 0x5E, 0x9C, 0xEC}}},
1231 {{{0xEE, 0x83, 0x59, 0xB5, 0x89, 0x81, 0xA2, 0x87, 0xD7, 0x75, 0x65,
1232 0x90, 0xDE, 0x78, 0x37, 0x59, 0x04, 0x9B, 0x50, 0xC3, 0xBA, 0x90,
1233 0x09, 0x15, 0xAB, 0x17, 0xC5, 0xBF, 0x5B, 0xB9, 0xE4, 0x6C},
1234 {0xA9, 0xB1, 0x49, 0x76, 0x25, 0x74, 0x5D, 0x9C, 0x78, 0xC5, 0x09,
1235 0xEE, 0xEB, 0xEB, 0x9D, 0x1C, 0x6C, 0xC0, 0x27, 0x9D, 0x66, 0xE6,
1236 0x7F, 0x31, 0xCD, 0xB0, 0x8A, 0xE4, 0x9E, 0xBD, 0x70, 0x18}}},
1237 {{{0x88, 0xA1, 0x08, 0x39, 0xA2, 0x48, 0xA5, 0x98, 0xB6, 0xAD, 0x10,
1238 0x54, 0x07, 0xCD, 0xFC, 0x6D, 0xB1, 0x02, 0xFF, 0xE3, 0x92, 0xD7,
1239 0x9D, 0x48, 0xFB, 0xCE, 0x88, 0x46, 0x92, 0x07, 0x02, 0xBA},
1240 {0xEE, 0xEB, 0xAE, 0x88, 0xB1, 0x4E, 0xD0, 0xF2, 0xCE, 0xD7, 0x57,
1241 0x07, 0xD4, 0x39, 0xD2, 0x7D, 0x1A, 0x0C, 0xEF, 0xF2, 0x84, 0x84,
1242 0x22, 0x8A, 0xB1, 0x80, 0x0D, 0xDC, 0x64, 0x86, 0xFD, 0x70}}}}}}};
1243 const FqElemStr FfElementTest::fq_multi_exp_base_5[5] = {
1244 {0x7B, 0x26, 0x96, 0x84, 0x04, 0x0D, 0x6F, 0x10, 0xAA, 0x7F, 0xD0,
1245 0x0C, 0x41, 0x3A, 0x68, 0x48, 0xBF, 0x3D, 0xB5, 0xCE, 0x3A, 0x9C,
1246 0xA9, 0x10, 0xA4, 0x67, 0x7C, 0xC0, 0x41, 0x52, 0xCA, 0xE7},
1247 {0x2E, 0xD9, 0xEF, 0x86, 0xB6, 0x32, 0x72, 0x89, 0x37, 0xCF, 0x16,
1248 0xCE, 0x27, 0x15, 0x7A, 0x95, 0xCF, 0x94, 0x1B, 0xF3, 0xCE, 0x49,
1249 0x20, 0x29, 0x9A, 0x61, 0x2E, 0x0A, 0xF5, 0xE1, 0xDC, 0x9F},
1250 {0xE0, 0x19, 0x37, 0x44, 0xA7, 0x45, 0x49, 0x7E, 0x19, 0x02, 0x09,
1251 0x78, 0xBE, 0xA4, 0x65, 0x60, 0x7A, 0xF5, 0xC8, 0xAF, 0x97, 0x5E,
1252 0xDA, 0x3A, 0xB4, 0x16, 0x70, 0x31, 0xE3, 0xB4, 0x18, 0xA8},
1253 {0xBC, 0x92, 0x29, 0x92, 0x14, 0xD3, 0x3F, 0xB8, 0xB8, 0x8C, 0x41,
1254 0xDF, 0xC5, 0xA1, 0xCA, 0x77, 0xE5, 0x73, 0xFE, 0xA7, 0xAC, 0x81,
1255 0x66, 0x11, 0x5A, 0x6D, 0x7D, 0x97, 0x13, 0x92, 0x8D, 0x1D},
1256 {0xE1, 0xA0, 0x0D, 0xDC, 0x8F, 0x20, 0xF5, 0x2D, 0x1D, 0x1F, 0xBD,
1257 0x24, 0x8C, 0xC2, 0x26, 0x06, 0x89, 0xE9, 0x46, 0xA9, 0xD2, 0x44,
1258 0x8F, 0x1A, 0x8D, 0xAF, 0x20, 0x73, 0x60, 0x0B, 0x66, 0x9C}};
1259
1260 const BigNumStr FfElementTest::fq_multi_exp_exp_5[5] = {
1261 {0x78, 0xE6, 0x3F, 0x42, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xD7,
1262 0x6E, 0xE9, 0xFF, 0x4F, 0xFF, 0x23, 0xFF, 0x67, 0xB4, 0xED, 0xEE,
1263 0xD7, 0xC6, 0xFF, 0x4B, 0x0B, 0x6F, 0x1F, 0xD6, 0xFD, 0x7F},
1264 {0xA1, 0x87, 0xFF, 0x1B, 0xFF, 0x85, 0x68, 0xFF, 0x1C, 0xFF, 0xD5,
1265 0xFF, 0x95, 0x73, 0xFF, 0xFF, 0xFF, 0x9E, 0x7E, 0xFF, 0xFF, 0xFF,
1266 0xFF, 0x5E, 0x9E, 0x62, 0xFF, 0xFF, 0x97, 0xFF, 0xFF, 0xF3},
1267 {0x2E, 0xE8, 0x1E, 0x35, 0xFF, 0x82, 0x0B, 0x99, 0xEC, 0x30, 0x2B,
1268 0xCE, 0xEC, 0x83, 0x05, 0xFF, 0x9E, 0x3C, 0xFF, 0xFF, 0xA1, 0xFF,
1269 0xFF, 0xFF, 0x57, 0x26, 0x5B, 0x6C, 0xFF, 0xE6, 0x94, 0xFF},
1270 {0xFF, 0xFF, 0xFF, 0xFF, 0x94, 0xFF, 0xFF, 0x79, 0xFC, 0xFF, 0x83,
1271 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xA9, 0xFF, 0x2F, 0x6B, 0xD1, 0xE7,
1272 0xFF, 0xFF, 0xFF, 0x7C, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
1273 {0x63, 0x53, 0x53, 0xFF, 0xFF, 0xFF, 0x4F, 0xFF, 0xFF, 0xFF, 0x09,
1274 0xFF, 0xC0, 0xD8, 0x17, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1275 0xFF, 0x45, 0xFF, 0x3A, 0xFF, 0xFF, 0xFF, 0xFF, 0x60, 0x06}};
1276
1277 const FqElemStr FfElementTest::fq_multi_exp_res_5 = {
1278 0x8F, 0x6D, 0x54, 0xCA, 0x00, 0x85, 0xD8, 0x78, 0xA4, 0x45, 0x36,
1279 0x7C, 0x23, 0xD0, 0x3C, 0x2D, 0x20, 0x78, 0xD9, 0xD7, 0xF1, 0xC3,
1280 0x99, 0xD9, 0xD3, 0x0A, 0x0E, 0x86, 0x98, 0xC2, 0xA7, 0x97,
1281 };
1282 const FqElemStr FfElementTest::fq_multi_exp_base_6[6] = {
1283 {0x75, 0x18, 0x6A, 0x3D, 0xCC, 0x76, 0x33, 0x92, 0xD0, 0x57, 0xDA,
1284 0xE0, 0x37, 0x6F, 0x71, 0xD5, 0x9E, 0x7E, 0x65, 0xED, 0xD7, 0xFD,
1285 0x82, 0xC0, 0x6C, 0x83, 0x60, 0x30, 0xC1, 0xD3, 0x3D, 0x4D},
1286 {0xF5, 0x3A, 0x20, 0xAB, 0x22, 0x47, 0x07, 0xAE, 0x71, 0xC1, 0x91,
1287 0x73, 0xEF, 0x1F, 0x1D, 0x76, 0x2E, 0xEE, 0x0D, 0xDE, 0xD9, 0xF8,
1288 0x5C, 0x85, 0xC7, 0x5B, 0x93, 0x88, 0xF6, 0xFF, 0x4C, 0xA5},
1289 {0x21, 0xB3, 0x5E, 0xE8, 0xD2, 0xDA, 0x14, 0x1C, 0xB5, 0x2C, 0xFC,
1290 0x61, 0x9D, 0xEB, 0x65, 0x87, 0xBB, 0x5B, 0xBC, 0xFD, 0x37, 0x54,
1291 0x6B, 0xDC, 0xD9, 0xFA, 0x7A, 0xCD, 0x18, 0x7E, 0x8B, 0x89},
1292 {0x70, 0xB7, 0x19, 0x42, 0xB4, 0x41, 0x2C, 0x1B, 0xBD, 0x7B, 0x25,
1293 0x06, 0xA2, 0x95, 0xB5, 0xB6, 0x70, 0xDF, 0x58, 0x71, 0xCA, 0x09,
1294 0x12, 0x66, 0x5A, 0x7B, 0xF0, 0x5F, 0x43, 0x69, 0x32, 0xF6},
1295 {0x3D, 0x57, 0xE8, 0x3F, 0x1E, 0x39, 0x2B, 0xE5, 0xD0, 0xCF, 0xA9,
1296 0xC8, 0x72, 0x10, 0x7F, 0xC5, 0x4F, 0xAE, 0xE9, 0x73, 0x28, 0x4C,
1297 0xFC, 0x3F, 0xD5, 0xFF, 0xE8, 0xCF, 0x2C, 0xEB, 0x33, 0xD3},
1298 {0x51, 0x80, 0x15, 0x1C, 0xE6, 0x9C, 0x4B, 0x80, 0x40, 0xBA, 0x40,
1299 0x29, 0x3A, 0x86, 0xA8, 0xB2, 0x66, 0x08, 0x97, 0x8D, 0xEB, 0x8B,
1300 0xA7, 0x93, 0xE3, 0x49, 0xC6, 0xC0, 0x46, 0x93, 0xC1, 0x75}};
1301 const BigNumStr FfElementTest::fq_multi_exp_exp_6[6] = {
1302 {0xFF, 0xFF, 0xFF, 0x49, 0x50, 0xFF, 0x19, 0xFF, 0xEB, 0xFF, 0xFF,
1303 0xFF, 0xFF, 0x28, 0x4A, 0x0E, 0xFF, 0x74, 0xFF, 0xC7, 0xFF, 0xD9,
1304 0x81, 0xFF, 0xFF, 0xFF, 0xD5, 0x2C, 0xFF, 0xFF, 0xFF, 0xAE},
1305 {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xBF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
1306 0xFF, 0xFF, 0x0C, 0x03, 0xFF, 0x95, 0xFF, 0x11, 0x9D, 0xFF, 0x9B,
1307 0xFF, 0xFF, 0x68, 0x44, 0xFF, 0xC9, 0xFF, 0x10, 0xC7, 0xBF},
1308 {0x64, 0xFF, 0x89, 0x4A, 0xFF, 0x20, 0xFF, 0xE7, 0xFF, 0x36, 0x23,
1309 0xDD, 0xFF, 0xFF, 0xFC, 0xFF, 0x6B, 0xFF, 0xFF, 0xFF, 0xFF, 0x48,
1310 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x94, 0xD3, 0x59, 0xBE},
1311 {0x0F, 0xFF, 0x76, 0xA5, 0x9E, 0x02, 0x9B, 0xFF, 0xA1, 0xFF, 0xC2,
1312 0xFF, 0x9D, 0xFF, 0x23, 0xFF, 0xFF, 0xFF, 0xFF, 0x6B, 0x81, 0x2A,
1313 0xFF, 0x98, 0xFF, 0xFF, 0xB9, 0xFF, 0xB7, 0x78, 0xE6, 0xFF},
1314 {0xAF, 0xF3, 0xFF, 0x3C, 0xA8, 0xFF, 0xB9, 0x3A, 0xFF, 0xFF, 0xFF,
1315 0x70, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x85, 0xFF,
1316 0xFF, 0x52, 0xFF, 0x41, 0x10, 0x62, 0xFF, 0x51, 0x35, 0xFF},
1317 {0xFF, 0xFF, 0xFF, 0xFF, 0xD3, 0xC3, 0xD9, 0xFF, 0xFF, 0x3A, 0x44,
1318 0x88, 0x04, 0xFF, 0x0B, 0xFF, 0xFF, 0xFF, 0x64, 0xFF, 0xFF, 0x52,
1319 0xFF, 0x7D, 0x6B, 0x24, 0x6E, 0xFF, 0xFF, 0xFF, 0xA7, 0x71}};
1320 const FqElemStr FfElementTest::fq_multi_exp_res_6 = {
1321 0xFB, 0x89, 0x4F, 0xBB, 0x91, 0xEE, 0xD6, 0x57, 0x2D, 0x34, 0xF9,
1322 0x0B, 0xE3, 0xEB, 0x71, 0x1D, 0x63, 0x74, 0x96, 0x3B, 0xD4, 0x02,
1323 0x2F, 0x08, 0xDB, 0x95, 0x6A, 0x40, 0x68, 0xD4, 0x55, 0x76,
1324 };
1325
1326 const Fq6ElemStr FfElementTest::epid11_GT_multi_exp_base_3[3] = {
1327 {0x02, 0x7C, 0xAC, 0xE1, 0x58, 0x08, 0x6A, 0x83, 0x50, 0xD8, 0xBA, 0xBA,
1328 0x4B, 0x60, 0x6C, 0xEB, 0x51, 0xCE, 0x7E, 0x6D, 0x8E, 0xA8, 0x56, 0x41,
1329 0x33, 0xF3, 0xB0, 0xA6, 0xFC, 0xCD, 0xC8, 0x41, 0x05, 0x9E, 0xCC, 0x4F,
1330 0x51, 0x77, 0xD9, 0xEC, 0x57, 0x34, 0x48, 0x47, 0x22, 0x7A, 0x7C, 0xA1,
1331 0x14, 0xB8, 0x2A, 0xC9, 0x16, 0x0A, 0xB4, 0xB3, 0x5D, 0x44, 0x28, 0x23,
1332 0x80, 0x7A, 0x3E, 0xDA, 0x02, 0x6D, 0x03, 0x47, 0xCD, 0x2A, 0xAB, 0xA4,
1333 0xCE, 0x63, 0x0B, 0x5E, 0x3A, 0xF2, 0x96, 0x86, 0xA9, 0x9F, 0x2A, 0x9A,
1334 0xFF, 0x8F, 0x94, 0x91, 0xC8, 0x3C, 0xF2, 0x5A, 0xAA, 0xDA, 0x6B, 0x8E,
1335 0x02, 0xFC, 0x42, 0x4B, 0xFE, 0xF3, 0x23, 0x0A, 0xF8, 0x1A, 0x5C, 0x9A,
1336 0x5C, 0x0D, 0x71, 0xEF, 0x85, 0x64, 0xA6, 0x4D, 0x6A, 0x8B, 0x82, 0x58,
1337 0x2E, 0xBC, 0xFB, 0xB9, 0xDF, 0xB8, 0xCE, 0x3D, 0x03, 0xF3, 0x07, 0x18,
1338 0x4A, 0x13, 0x82, 0x8A, 0xEA, 0x24, 0x57, 0x72, 0xE2, 0x33, 0x9D, 0xB3,
1339 0x0C, 0x57, 0xCF, 0xAB, 0xDD, 0xEE, 0xF8, 0xD7, 0x2A, 0x75, 0xF5, 0xD7,
1340 0x28, 0xED, 0x0F, 0xB7, 0x02, 0xEC, 0x5F, 0xED, 0x50, 0xAE, 0x6B, 0xF3,
1341 0x80, 0x29, 0x7B, 0xA2, 0x75, 0x61, 0xFD, 0x20, 0x01, 0x2B, 0xDF, 0x8B,
1342 0x3C, 0x2A, 0xB9, 0x1D, 0x92, 0xED, 0x0F, 0xAD, 0x73, 0x74, 0x1E, 0xD8},
1343 {0x06, 0xA6, 0x4A, 0x6B, 0x89, 0xD0, 0x07, 0x2A, 0xE6, 0x0B, 0x56, 0xD3,
1344 0x48, 0x17, 0xF6, 0x99, 0x31, 0x41, 0x21, 0x99, 0x51, 0xF6, 0xB1, 0x6C,
1345 0x02, 0xCD, 0x11, 0xE7, 0xCC, 0xD3, 0xC5, 0x6C, 0x06, 0xF4, 0x39, 0x62,
1346 0x37, 0x88, 0x37, 0xAD, 0x1F, 0x36, 0x81, 0xFA, 0xD7, 0x4B, 0x9F, 0x57,
1347 0x0F, 0x5B, 0xC3, 0x53, 0x14, 0x53, 0x41, 0x3A, 0x2B, 0xAB, 0x6E, 0xF4,
1348 0xD8, 0x7F, 0xC5, 0x67, 0x08, 0x70, 0xD7, 0x9B, 0x59, 0xE1, 0xE0, 0x57,
1349 0xE2, 0xF4, 0x04, 0x82, 0x06, 0x6A, 0xD5, 0xA2, 0x76, 0x64, 0x41, 0x7F,
1350 0x3B, 0xE6, 0x33, 0xB9, 0x39, 0x68, 0xDA, 0x0D, 0x13, 0x03, 0x63, 0xC8,
1351 0x07, 0x94, 0x70, 0xF9, 0xFB, 0xD8, 0x99, 0x31, 0xA1, 0x53, 0x1C, 0x20,
1352 0x43, 0x12, 0xEB, 0xFF, 0xA4, 0x5D, 0x64, 0x7C, 0x24, 0x9E, 0xE0, 0x03,
1353 0x80, 0x8E, 0xFB, 0xDC, 0xEE, 0xFD, 0x1F, 0xEF, 0x03, 0x43, 0x07, 0x44,
1354 0xEF, 0xB3, 0x71, 0x39, 0x77, 0x61, 0x5C, 0xA9, 0x32, 0x54, 0x33, 0x98,
1355 0xA2, 0x14, 0x6A, 0x13, 0x53, 0x22, 0x94, 0xA2, 0xCE, 0x15, 0xE7, 0xD0,
1356 0x30, 0xF2, 0x6B, 0x07, 0x02, 0x56, 0x28, 0xC3, 0xB1, 0x39, 0xF9, 0xC7,
1357 0xDA, 0xE2, 0xFD, 0xD0, 0xA8, 0x1B, 0xE8, 0xB2, 0xE3, 0x75, 0x02, 0xB8,
1358 0x90, 0xA4, 0xA5, 0x8F, 0x23, 0xA1, 0xCD, 0x75, 0xE7, 0x51, 0x37, 0xE5},
1359 {0x09, 0x27, 0x38, 0x30, 0x06, 0x44, 0x13, 0xEF, 0xFE, 0x70, 0x5C, 0x4A,
1360 0x21, 0xFF, 0xF8, 0xF5, 0xBB, 0xC9, 0x6E, 0xA8, 0x7E, 0x00, 0xB1, 0xD7,
1361 0x5E, 0x55, 0xCF, 0xC7, 0x34, 0x6B, 0x8D, 0xD5, 0x04, 0xCE, 0x6E, 0xCA,
1362 0x11, 0x5A, 0xB3, 0x0C, 0x33, 0x79, 0x5F, 0xDE, 0xD9, 0xDB, 0x8C, 0xFA,
1363 0x73, 0x4E, 0x1E, 0xFA, 0xA1, 0x21, 0x6D, 0xA3, 0x6D, 0xE8, 0x69, 0x02,
1364 0x9E, 0xCC, 0x4D, 0x14, 0x09, 0xB5, 0x7C, 0xBA, 0x98, 0xC2, 0xE3, 0xAA,
1365 0x82, 0x6A, 0x0F, 0x1E, 0x4C, 0x6C, 0x9E, 0xB8, 0xB6, 0xA3, 0x5D, 0x06,
1366 0xFE, 0x99, 0x5C, 0x62, 0xA9, 0x19, 0x4E, 0x84, 0x61, 0xC7, 0xF9, 0x78,
1367 0x04, 0x39, 0xDA, 0xB4, 0x79, 0x32, 0x63, 0x60, 0xA6, 0x69, 0x86, 0x5C,
1368 0xFF, 0xB0, 0x71, 0xD0, 0xF5, 0x5E, 0x3C, 0xB2, 0x5D, 0x81, 0x4F, 0x9F,
1369 0xE4, 0xF7, 0x3B, 0xC7, 0xC5, 0x80, 0x5E, 0x8E, 0x01, 0x23, 0xFA, 0xFC,
1370 0x09, 0xAE, 0x12, 0x55, 0xF2, 0xD0, 0x50, 0x5C, 0xED, 0xC6, 0xD6, 0x81,
1371 0x9A, 0xA7, 0x93, 0xA3, 0xF4, 0xAC, 0xE5, 0x3E, 0xDB, 0x5A, 0x05, 0xB7,
1372 0x0B, 0x80, 0xAD, 0xA9, 0x08, 0xF1, 0x5A, 0xB5, 0x09, 0x23, 0x52, 0x65,
1373 0x46, 0x64, 0x79, 0xF2, 0x47, 0x04, 0x72, 0x48, 0x4E, 0x01, 0x55, 0x4A,
1374 0x67, 0x8D, 0x1E, 0x07, 0xC7, 0x46, 0x87, 0xF6, 0x50, 0xC3, 0xA6, 0x6B}};
1375
1376 const std::vector<uint8_t> FfElementTest::epid11_GT_multi_exp_exp_3[3] = {
1377 {0x00, 0x00, 0xAF, 0x5B, 0x22, 0x71, 0x98, 0xB6, 0xEB, 0x67, 0x3D,
1378 0x94, 0x4A, 0xB6, 0x5E, 0x99, 0x81, 0xC5, 0x96, 0x91, 0x55, 0xBA,
1379 0x2F, 0x16, 0x01, 0x4E, 0xE1, 0x25, 0xAD, 0xCA, 0x94, 0x88, 0x60,
1380 0x3B, 0xA2, 0x56, 0x0A, 0x94, 0x0B, 0x2C, 0x3E, 0xD0, 0x8F, 0x15,
1381 0x07, 0x3D, 0xD5, 0xBE, 0x72, 0x3E, 0x2D, 0x06, 0x74, 0xFF, 0x06,
1382 0xED, 0x47, 0x28, 0x08, 0x0C, 0xA0, 0x6F, 0xDB, 0x75, 0x55, 0x32,
1383 0xDC, 0x97, 0x47, 0x60, 0x4E, 0x6F, 0xB4, 0x29, 0x89, 0x0C},
1384
1385 {0x00, 0x00, 0x01, 0xB8, 0x40, 0xBB, 0xE1, 0x1C, 0x84, 0x8E, 0x02,
1386 0xC0, 0xEF, 0x69, 0x84, 0x90, 0xED, 0xEB, 0x99, 0x94, 0xBC, 0x79,
1387 0x48, 0xC8, 0x08, 0x3C, 0x25, 0xDA, 0xAC, 0xFF, 0x3A, 0xDD},
1388
1389 {0x00, 0x00, 0x37, 0x1E, 0xCD, 0x0F, 0x66, 0x09, 0x7D, 0x33, 0x9A,
1390 0xDC, 0x47, 0x28, 0xF7, 0x91, 0xF3, 0xC2, 0xBC, 0x3A, 0xA9, 0x05,
1391 0x62, 0xFC, 0xDD, 0x8C, 0x65, 0xC2, 0xA8, 0x14, 0x55, 0x52},
1392 };
1393
1394 const Fq6ElemStr FfElementTest::epid11_GT_multi_exp_res_3 = {
1395 0x09, 0xCF, 0x1D, 0xB6, 0x97, 0x14, 0x58, 0xAA, 0x29, 0x7E, 0x03, 0x96,
1396 0xD2, 0xDC, 0xD4, 0x2C, 0x1F, 0x2F, 0xB0, 0xC1, 0x5E, 0x71, 0xFB, 0x0C,
1397 0x8D, 0xDB, 0xBD, 0x1D, 0x20, 0xD9, 0x9A, 0xA5, 0x02, 0x69, 0x62, 0x1C,
1398 0x5C, 0xE8, 0x12, 0x11, 0xB1, 0x49, 0x93, 0x29, 0x23, 0xAF, 0xB4, 0xFF,
1399 0x77, 0x1E, 0xC9, 0xA6, 0xA0, 0x6D, 0xD9, 0x38, 0x89, 0x1A, 0xC7, 0xB9,
1400 0xF9, 0x66, 0x25, 0xD3, 0x00, 0x59, 0xE1, 0xAC, 0x0D, 0xDE, 0xCF, 0xC0,
1401 0xCF, 0x50, 0x48, 0x6B, 0xCE, 0x32, 0x15, 0x79, 0x13, 0x71, 0x12, 0x9B,
1402 0x63, 0x09, 0x4D, 0x20, 0xD9, 0x4A, 0xCD, 0x4F, 0x00, 0x7F, 0x8A, 0x19,
1403 0x06, 0x3F, 0x0F, 0x3E, 0x83, 0xA3, 0xEE, 0x0F, 0xAB, 0x72, 0xC9, 0x9A,
1404 0x5D, 0xD1, 0x67, 0xBF, 0xF1, 0x0E, 0xAB, 0x9C, 0xE8, 0x50, 0x04, 0xA7,
1405 0x20, 0xAA, 0xF6, 0xB9, 0x8E, 0x2F, 0x69, 0x44, 0x02, 0x68, 0x7A, 0x2E,
1406 0x70, 0xD4, 0x7E, 0x83, 0x8F, 0xAB, 0x58, 0x3E, 0xD2, 0x95, 0xA0, 0x1A,
1407 0x61, 0xC8, 0x93, 0xA0, 0xCC, 0xA4, 0x90, 0xFB, 0x73, 0xC2, 0xD2, 0x91,
1408 0x70, 0x34, 0x6A, 0x67, 0x03, 0x67, 0x49, 0x84, 0xEE, 0x3B, 0x9E, 0x8B,
1409 0x6D, 0x47, 0x95, 0xBD, 0x0E, 0x47, 0x97, 0x9E, 0x0A, 0x87, 0x61, 0x83,
1410 0x80, 0xEF, 0x4F, 0x91, 0xA8, 0xA6, 0xB7, 0xC0, 0x44, 0xE2, 0x21, 0x8D};
1411
1412 ////////////////////////////////////////////////
1413 // NewFfElement
1414
TEST_F(FfElementTest,NewFailsGivenNullPointer)1415 TEST_F(FfElementTest, NewFailsGivenNullPointer) {
1416 FfElement* ff_elem = nullptr;
1417 EXPECT_EQ(kEpidBadArgErr, NewFfElement(nullptr, &ff_elem));
1418 EXPECT_EQ(kEpidBadArgErr, NewFfElement(this->fq, nullptr));
1419 DeleteFfElement(&ff_elem);
1420 }
1421
TEST_F(FfElementTest,NewSucceedsGiven256BitFiniteField)1422 TEST_F(FfElementTest, NewSucceedsGiven256BitFiniteField) {
1423 FfElement* ff_elem = nullptr;
1424 EXPECT_EQ(kEpidNoErr, NewFfElement(this->fq, &ff_elem));
1425 DeleteFfElement(&ff_elem);
1426 }
1427
TEST_F(FfElementTest,Default256BitElementIsZero)1428 TEST_F(FfElementTest, Default256BitElementIsZero) {
1429 FfElement* ff_elem = nullptr;
1430 THROW_ON_EPIDERR(NewFfElement(this->fq, &ff_elem));
1431 FqElemStr ff_elem_str;
1432 EpidStatus sts =
1433 WriteFfElement(this->fq, ff_elem, &ff_elem_str, sizeof(ff_elem_str));
1434 DeleteFfElement(&ff_elem);
1435 THROW_ON_EPIDERR(sts);
1436
1437 FqElemStr fq_zero_str = {0};
1438 EXPECT_EQ(fq_zero_str, ff_elem_str);
1439 }
1440
1441 ////////////////////////////////////////////////
1442 // DeleteFfElement
1443
TEST_F(FfElementTest,DeleteNullsPointer)1444 TEST_F(FfElementTest, DeleteNullsPointer) {
1445 FfElement* ff_elem = nullptr;
1446 EpidStatus sts = NewFfElement(this->fq, &ff_elem);
1447 DeleteFfElement(&ff_elem);
1448 THROW_ON_EPIDERR(sts);
1449 EXPECT_EQ(nullptr, ff_elem);
1450 }
1451
TEST_F(FfElementTest,DeleteWorksGivenNullPointer)1452 TEST_F(FfElementTest, DeleteWorksGivenNullPointer) {
1453 EXPECT_NO_THROW(DeleteFfElement(nullptr));
1454 FfElement* ff_elem = nullptr;
1455 EXPECT_NO_THROW(DeleteFfElement(&ff_elem));
1456 }
1457
1458 ////////////////////////////////////////////////
1459 // ReadFfElement
1460
TEST_F(FfElementTest,ReadFailsGivenArgumentsMismatch)1461 TEST_F(FfElementTest, ReadFailsGivenArgumentsMismatch) {
1462 uint8_t buf[sizeof(Fq12ElemStr)] = {0};
1463 EXPECT_EQ(kEpidBadArgErr,
1464 ReadFfElement(this->fq12, buf, sizeof(Fq12ElemStr), this->fq_a));
1465 EXPECT_EQ(kEpidBadArgErr,
1466 ReadFfElement(this->fq, buf, sizeof(FqElemStr), this->fq12_result));
1467 }
1468
TEST_F(FfElementTest,ReadFailsGivenNullPointer)1469 TEST_F(FfElementTest, ReadFailsGivenNullPointer) {
1470 FqElemStr ff_elem_str;
1471 EXPECT_EQ(kEpidBadArgErr, ReadFfElement(nullptr, &ff_elem_str,
1472 sizeof(ff_elem_str), this->fq_a));
1473 EXPECT_EQ(kEpidBadArgErr,
1474 ReadFfElement(this->fq, nullptr, sizeof(ff_elem_str), this->fq_a));
1475 EXPECT_EQ(kEpidBadArgErr, ReadFfElement(this->fq, &ff_elem_str,
1476 sizeof(ff_elem_str), nullptr));
1477 }
1478
TEST_F(FfElementTest,ReadFailsGivenInvalidBufferSize)1479 TEST_F(FfElementTest, ReadFailsGivenInvalidBufferSize) {
1480 EXPECT_EQ(kEpidBadArgErr,
1481 ReadFfElement(this->fq, &this->fq_qm1_str, 0, this->fq_a));
1482 EXPECT_EQ(kEpidBadArgErr,
1483 ReadFfElement(this->fq, &this->fq_qm1_str,
1484 std::numeric_limits<size_t>::max(), this->fq_a));
1485 }
1486
TEST_F(FfElementTest,ReadFailsGivenElementDoesNotBelongToFF)1487 TEST_F(FfElementTest, ReadFailsGivenElementDoesNotBelongToFF) {
1488 // q does not belong to Fq
1489 EXPECT_EQ(kEpidBadArgErr, ReadFfElement(this->fq, &this->bn_q_str,
1490 sizeof(this->bn_q_str), this->fq_a));
1491 }
1492
TEST_F(FfElementTest,Read256BitElementCorrectly)1493 TEST_F(FfElementTest, Read256BitElementCorrectly) {
1494 // q-1 is valid element of Fq
1495 ASSERT_EQ(kEpidNoErr, ReadFfElement(this->fq, &this->fq_qm1_str,
1496 sizeof(this->fq_qm1_str), this->fq_a));
1497
1498 FqElemStr buf;
1499 EXPECT_EQ(kEpidNoErr,
1500 WriteFfElement(this->fq, this->fq_a, &buf, sizeof(buf)));
1501 EXPECT_EQ(this->fq_qm1_str, buf);
1502 }
1503
TEST_F(FfElementTest,ReadIgnoreLeadingZerosForPrimeField)1504 TEST_F(FfElementTest, ReadIgnoreLeadingZerosForPrimeField) {
1505 // q-1 is valid element of Fq
1506 std::vector<uint8_t> ff_elem_str = {
1507 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0xF0, 0xCD, 0x46, 0xE5,
1508 0xF2, 0x5E, 0xEE, 0x71, 0xA4, 0x9F, 0x0C, 0xDC, 0x65, 0xFB, 0x12,
1509 0x98, 0x0A, 0x82, 0xD3, 0x29, 0x2D, 0xDB, 0xAE, 0xD3, 0x30, 0x12};
1510 ASSERT_EQ(kEpidNoErr, ReadFfElement(this->fq, ff_elem_str.data(),
1511 ff_elem_str.size(), this->fq_a));
1512
1513 FqElemStr buf;
1514 EXPECT_EQ(kEpidNoErr,
1515 WriteFfElement(this->fq, this->fq_a, &buf, sizeof(buf)));
1516 EXPECT_EQ(this->fq_qm1_str, buf);
1517 }
1518
TEST_F(FfElementTest,ReadExpectExactSizeForFieldExtensions)1519 TEST_F(FfElementTest, ReadExpectExactSizeForFieldExtensions) {
1520 uint8_t buf[sizeof(Fq2ElemStr) + 1] = {0};
1521 EXPECT_EQ(kEpidBadArgErr,
1522 ReadFfElement(this->fq2, buf, sizeof(buf), this->fq2_a));
1523 }
1524
1525 ///////////////////////////////////////////////////////////////////////
1526 // InitFfElementFromBn
1527
TEST_F(FfElementTest,InitFromBnFailsGivenNonPrimeField)1528 TEST_F(FfElementTest, InitFromBnFailsGivenNonPrimeField) {
1529 BigNumStr str = {0x01};
1530 FfElementObj ffe(&this->fq2);
1531 BigNumObj bn(sizeof(str), str);
1532 EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(this->fq2, bn, ffe));
1533 }
1534
TEST_F(FfElementTest,InitFromBnFailsGivenNullPointer)1535 TEST_F(FfElementTest, InitFromBnFailsGivenNullPointer) {
1536 BigNumStr str = {0x01};
1537 FfElementObj ffe(&this->fq);
1538 BigNumObj bn(sizeof(str), str);
1539 EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(nullptr, bn, ffe));
1540 EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(this->fq, nullptr, ffe));
1541 EXPECT_EQ(kEpidBadArgErr, InitFfElementFromBn(this->fq, bn, nullptr));
1542 }
1543
TEST_F(FfElementTest,InitFromBnInFieldElementCorrectly)1544 TEST_F(FfElementTest, InitFromBnInFieldElementCorrectly) {
1545 FfElementObj ffe(&this->fq);
1546 BigNumObj qm1_bn(this->bn_qm1_str);
1547 FqElemStr buf;
1548
1549 EXPECT_EQ(kEpidNoErr, InitFfElementFromBn(this->fq, qm1_bn, ffe));
1550 EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, ffe, &buf, sizeof(buf)));
1551 EXPECT_EQ(this->fq_qm1_str, buf);
1552 }
1553
TEST_F(FfElementTest,InitFromBnOutOfFieldElementCorrectly)1554 TEST_F(FfElementTest, InitFromBnOutOfFieldElementCorrectly) {
1555 FfElementObj ffe(&this->fq);
1556 BigNumObj q_bn(this->bn_q_str);
1557 BigNumObj qp1_bn(this->bn_qp1_str);
1558 FqElemStr buf;
1559
1560 EXPECT_EQ(kEpidNoErr, InitFfElementFromBn(this->fq, q_bn, ffe));
1561 EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, ffe, &buf, sizeof(buf)));
1562 EXPECT_EQ(this->bn_0_str, buf);
1563
1564 EXPECT_EQ(kEpidNoErr, InitFfElementFromBn(this->fq, qp1_bn, ffe));
1565 EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, ffe, &buf, sizeof(buf)));
1566 EXPECT_EQ(this->bn_1_str, buf);
1567 }
1568
1569 ///////////////////////////////////////////////////////////////////////
1570 // FfIsEqual
1571
TEST_F(FfElementTest,FfIsEqualFailsGivenArgumentsMismatch)1572 TEST_F(FfElementTest, FfIsEqualFailsGivenArgumentsMismatch) {
1573 bool result;
1574 EXPECT_EQ(kEpidBadArgErr,
1575 FfIsEqual(this->fq12, this->fq_a, this->fq_b, &result));
1576 EXPECT_EQ(kEpidBadArgErr,
1577 FfIsEqual(this->fq, this->fq12_g, this->fq_b, &result));
1578 EXPECT_EQ(kEpidBadArgErr,
1579 FfIsEqual(this->fq, this->fq_a, this->fq12_h, &result));
1580 }
1581
TEST_F(FfElementTest,FfIsEqualFailsGivenNullPointer)1582 TEST_F(FfElementTest, FfIsEqualFailsGivenNullPointer) {
1583 bool result;
1584 EXPECT_EQ(kEpidBadArgErr,
1585 FfIsEqual(nullptr, this->fq_a, this->fq_a, &result));
1586 EXPECT_EQ(kEpidBadArgErr, FfIsEqual(this->fq, nullptr, this->fq_a, &result));
1587 EXPECT_EQ(kEpidBadArgErr, FfIsEqual(this->fq, this->fq_a, nullptr, &result));
1588 EXPECT_EQ(kEpidBadArgErr,
1589 FfIsEqual(this->fq, this->fq_a, this->fq_a, nullptr));
1590 }
1591
TEST_F(FfElementTest,FfIsEqualCanCompareElementWithItself)1592 TEST_F(FfElementTest, FfIsEqualCanCompareElementWithItself) {
1593 bool result;
1594 EXPECT_EQ(kEpidNoErr, FfIsEqual(this->fq, this->fq_a, this->fq_a, &result));
1595 EXPECT_TRUE(result);
1596 }
1597
TEST_F(FfElementTest,Different256BitFiniteFieldElementsAreNotEqual)1598 TEST_F(FfElementTest, Different256BitFiniteFieldElementsAreNotEqual) {
1599 bool result;
1600 EXPECT_EQ(kEpidNoErr, FfIsEqual(this->fq, this->fq_a, this->fq_b, &result));
1601 EXPECT_FALSE(result);
1602 }
1603
TEST_F(FfElementTest,Same256BitFiniteFieldElementsAreEqual)1604 TEST_F(FfElementTest, Same256BitFiniteFieldElementsAreEqual) {
1605 FfElementObj fq_a_local(&this->fq, &this->fq_a_str, sizeof(this->fq_a_str));
1606 bool result;
1607 EXPECT_EQ(kEpidNoErr, FfIsEqual(this->fq, this->fq_a, fq_a_local, &result));
1608 EXPECT_TRUE(result);
1609 }
1610
TEST_F(FfElementTest,DifferentFq12ElementsAreNotEqual)1611 TEST_F(FfElementTest, DifferentFq12ElementsAreNotEqual) {
1612 bool result;
1613 EXPECT_EQ(kEpidNoErr,
1614 FfIsEqual(this->fq12, this->fq12_g, this->fq12_h, &result));
1615 EXPECT_FALSE(result);
1616 }
1617
TEST_F(FfElementTest,SameFq12ElementsAreEqual)1618 TEST_F(FfElementTest, SameFq12ElementsAreEqual) {
1619 FfElementObj fq12_g_local(&this->fq12, &this->fq12_g_str,
1620 sizeof(this->fq12_g_str));
1621 bool result;
1622 EXPECT_EQ(kEpidNoErr,
1623 FfIsEqual(this->fq12, this->fq12_g, fq12_g_local, &result));
1624 EXPECT_TRUE(result);
1625 }
1626
1627 ////////////////////////////////////////////////
1628 // WriteFfElement
1629
TEST_F(FfElementTest,WriteFailsGivenArgumentsMismatch)1630 TEST_F(FfElementTest, WriteFailsGivenArgumentsMismatch) {
1631 uint8_t buf[sizeof(Fq12ElemStr)] = {0};
1632 EXPECT_EQ(kEpidBadArgErr,
1633 WriteFfElement(this->fq12, this->fq_a, buf, sizeof(Fq12ElemStr)));
1634 EXPECT_EQ(kEpidBadArgErr,
1635 WriteFfElement(this->fq, this->fq12_g, buf, sizeof(Fq12ElemStr)));
1636 }
1637
TEST_F(FfElementTest,WriteFailsGivenNullPointer)1638 TEST_F(FfElementTest, WriteFailsGivenNullPointer) {
1639 FqElemStr ff_elem_str;
1640 EXPECT_EQ(kEpidBadArgErr, WriteFfElement(nullptr, this->fq_a, &ff_elem_str,
1641 sizeof(ff_elem_str)));
1642 EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq, nullptr, &ff_elem_str,
1643 sizeof(ff_elem_str)));
1644 EXPECT_EQ(kEpidBadArgErr,
1645 WriteFfElement(this->fq, this->fq_a, nullptr, sizeof(ff_elem_str)));
1646 }
1647
TEST_F(FfElementTest,WriteFailsGivenInvalidBufferSize)1648 TEST_F(FfElementTest, WriteFailsGivenInvalidBufferSize) {
1649 FqElemStr ff_elem_str;
1650 EXPECT_EQ(kEpidBadArgErr,
1651 WriteFfElement(this->fq, this->fq_a, &ff_elem_str, 0));
1652 EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str,
1653 sizeof(ff_elem_str) - 1));
1654 EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str,
1655 std::numeric_limits<size_t>::max()));
1656 }
1657
TEST_F(FfElementTest,WriteWorksGiven256BitElement)1658 TEST_F(FfElementTest, WriteWorksGiven256BitElement) {
1659 FqElemStr ff_elem_str;
1660 EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str,
1661 sizeof(ff_elem_str)));
1662 EXPECT_EQ(this->fq_a_str, ff_elem_str);
1663 }
1664
TEST_F(FfElementTest,WritePadPrimeFieldElement)1665 TEST_F(FfElementTest, WritePadPrimeFieldElement) {
1666 FqElemStr ff_elem_str[2] = {0xcd};
1667 EXPECT_EQ(kEpidNoErr, WriteFfElement(this->fq, this->fq_a, &ff_elem_str[0],
1668 sizeof(ff_elem_str)));
1669 EXPECT_EQ(this->fq_0_str, ff_elem_str[0]);
1670 EXPECT_EQ(this->fq_a_str, ff_elem_str[1]);
1671 }
1672
TEST_F(FfElementTest,WriteExpectExactSizeForFieldExtensions)1673 TEST_F(FfElementTest, WriteExpectExactSizeForFieldExtensions) {
1674 uint8_t buf[sizeof(Fq12ElemStr) + 1] = {0};
1675 EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq12, this->fq12_g, buf,
1676 sizeof(Fq12ElemStr) + 1));
1677 EXPECT_EQ(kEpidBadArgErr, WriteFfElement(this->fq12, this->fq12_g, buf,
1678 sizeof(Fq12ElemStr) - 1));
1679 EXPECT_EQ(kEpidBadArgErr,
1680 WriteFfElement(this->fq12, this->fq12_g, buf, sizeof(FqElemStr)));
1681 }
1682
1683 ///////////////////////////////////////////////////////////////////////
1684 // FfNeg
1685
TEST_F(FfElementTest,FfNegFailsGivenArgumentsMismatch)1686 TEST_F(FfElementTest, FfNegFailsGivenArgumentsMismatch) {
1687 EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq12, this->fq_a, this->fq_result));
1688 EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, this->fq12_g, this->fq_result));
1689 EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, this->fq_a, this->fq12_result));
1690 }
1691
TEST_F(FfElementTest,FfNegFailsGivenNullPointer)1692 TEST_F(FfElementTest, FfNegFailsGivenNullPointer) {
1693 EXPECT_EQ(kEpidBadArgErr, FfNeg(nullptr, this->fq_a, this->fq_result));
1694 EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, nullptr, this->fq_result));
1695 EXPECT_EQ(kEpidBadArgErr, FfNeg(this->fq, this->fq_a, nullptr));
1696 }
1697
TEST_F(FfElementTest,FfNegSucceedsGivenElementZero)1698 TEST_F(FfElementTest, FfNegSucceedsGivenElementZero) {
1699 FqElemStr fq_r_str;
1700 EXPECT_EQ(kEpidNoErr, FfNeg(this->fq, this->fq_0, this->fq_result));
1701 THROW_ON_EPIDERR(
1702 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1703 EXPECT_EQ(this->fq_0_str, fq_r_str)
1704 << "FfNeg: Negate element does not match to reference neg zero value";
1705 }
1706
TEST_F(FfElementTest,FfNegSucceedsGivenNonZeroElement)1707 TEST_F(FfElementTest, FfNegSucceedsGivenNonZeroElement) {
1708 FqElemStr fq_r_str;
1709 EXPECT_EQ(kEpidNoErr, FfNeg(this->fq, this->fq_a, this->fq_result));
1710 THROW_ON_EPIDERR(
1711 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1712 EXPECT_EQ(this->fq_neg_a_str, fq_r_str)
1713 << "FfNeg: Negate element does not match to reference neg value";
1714 }
1715
1716 ////////////////////////////////////////////////
1717 // FfIsZero
1718
TEST_F(FfElementTest,FfIsZeroFailsGivenNullPointer)1719 TEST_F(FfElementTest, FfIsZeroFailsGivenNullPointer) {
1720 bool result = false;
1721 EXPECT_EQ(kEpidBadArgErr, FfIsZero(nullptr, this->fq_0, &result));
1722 EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq, nullptr, &result));
1723 EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq, this->fq_0, nullptr));
1724 }
1725
TEST_F(FfElementTest,FfIsZeroFailsGivenArgumentsMismatch)1726 TEST_F(FfElementTest, FfIsZeroFailsGivenArgumentsMismatch) {
1727 bool result;
1728 EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq12, this->fq_a, &result));
1729 EXPECT_EQ(kEpidBadArgErr, FfIsZero(this->fq, this->fq12_g, &result));
1730 }
1731
TEST_F(FfElementTest,FfIsZeroSucceedsGivenZeroElement)1732 TEST_F(FfElementTest, FfIsZeroSucceedsGivenZeroElement) {
1733 bool result = false;
1734 EXPECT_EQ(kEpidNoErr, FfIsZero(this->fq, this->fq_0, &result));
1735 EXPECT_TRUE(result);
1736 }
1737
TEST_F(FfElementTest,FfIsZeroSucceedsGivenNonZeroElement)1738 TEST_F(FfElementTest, FfIsZeroSucceedsGivenNonZeroElement) {
1739 bool result = false;
1740 EXPECT_EQ(kEpidNoErr, FfIsZero(this->fq, this->fq_1, &result));
1741 EXPECT_FALSE(result);
1742 }
1743
1744 ////////////////////////////////////////////////
1745 // FfMul
1746
TEST_F(FfElementTest,FfMulFailsGivenNullPointer)1747 TEST_F(FfElementTest, FfMulFailsGivenNullPointer) {
1748 EXPECT_EQ(kEpidBadArgErr,
1749 FfMul(nullptr, this->fq_a, this->fq_b, this->fq_result));
1750 EXPECT_EQ(kEpidBadArgErr,
1751 FfMul(this->fq, nullptr, this->fq_b, this->fq_result));
1752 EXPECT_EQ(kEpidBadArgErr,
1753 FfMul(this->fq, this->fq_a, nullptr, this->fq_result));
1754 EXPECT_EQ(kEpidBadArgErr, FfMul(this->fq, this->fq_a, this->fq_b, nullptr));
1755 }
1756
TEST_F(FfElementTest,FfMulFailsGivenArgumentsMismatch)1757 TEST_F(FfElementTest, FfMulFailsGivenArgumentsMismatch) {
1758 EXPECT_EQ(kEpidBadArgErr,
1759 FfMul(this->fq12, this->fq_a, this->fq_b, this->fq_result));
1760 EXPECT_EQ(kEpidBadArgErr,
1761 FfMul(this->fq, this->fq12_g, this->fq_b, this->fq_result));
1762 EXPECT_EQ(kEpidBadArgErr,
1763 FfMul(this->fq, this->fq_a, this->fq12_h, this->fq_result));
1764 EXPECT_EQ(kEpidBadArgErr,
1765 FfMul(this->fq, this->fq_a, this->fq_b, this->fq12_result));
1766 EXPECT_EQ(kEpidBadArgErr,
1767 FfMul(this->fq2, this->fq_a, this->fq2_a, this->fq2_result));
1768 }
1769
TEST_F(FfElementTest,FfMulSucceedsGivenElementZero)1770 TEST_F(FfElementTest, FfMulSucceedsGivenElementZero) {
1771 FqElemStr fq_r_str;
1772
1773 EXPECT_EQ(kEpidNoErr,
1774 FfMul(this->fq, this->fq_0, this->fq_b, this->fq_result));
1775 THROW_ON_EPIDERR(
1776 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1777 EXPECT_EQ(this->fq_0_str, fq_r_str);
1778
1779 EXPECT_EQ(kEpidNoErr,
1780 FfMul(this->fq, this->fq_a, this->fq_0, this->fq_result));
1781 THROW_ON_EPIDERR(
1782 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1783 EXPECT_EQ(this->fq_0_str, fq_r_str);
1784 }
1785
TEST_F(FfElementTest,FfMulSucceedsGivenElementOne)1786 TEST_F(FfElementTest, FfMulSucceedsGivenElementOne) {
1787 FqElemStr fq_r_str;
1788
1789 EXPECT_EQ(kEpidNoErr,
1790 FfMul(this->fq, this->fq_1, this->fq_b, this->fq_result));
1791 THROW_ON_EPIDERR(
1792 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1793 EXPECT_EQ(this->fq_b_str, fq_r_str);
1794
1795 EXPECT_EQ(kEpidNoErr,
1796 FfMul(this->fq, this->fq_a, this->fq_1, this->fq_result));
1797 THROW_ON_EPIDERR(
1798 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1799 EXPECT_EQ(this->fq_a_str, fq_a_str);
1800 }
1801
TEST_F(FfElementTest,FfMulSucceedsGivenTwoElements)1802 TEST_F(FfElementTest, FfMulSucceedsGivenTwoElements) {
1803 FqElemStr fq_r_str;
1804
1805 EXPECT_EQ(kEpidNoErr,
1806 FfMul(this->fq, this->fq_a, this->fq_b, this->fq_result));
1807 THROW_ON_EPIDERR(
1808 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1809 EXPECT_EQ(this->fq_mul_ab_str, fq_r_str);
1810
1811 Fq2ElemStr fq2_r_str;
1812
1813 THROW_ON_EPIDERR(
1814 ReadFfElement(this->fq, &(fq_b_str), sizeof(fq_b_str), this->fq_b));
1815 EXPECT_EQ(kEpidNoErr,
1816 FfMul(this->fq2, this->fq2_a, this->fq_b, this->fq2_result));
1817 THROW_ON_EPIDERR(WriteFfElement(this->fq2, this->fq2_result, &fq2_r_str,
1818 sizeof(fq2_r_str)));
1819 EXPECT_EQ(this->fq2_mul_ab_str, fq2_r_str);
1820
1821 Fq12ElemStr fq12_r_str;
1822 THROW_ON_EPIDERR(ReadFfElement(this->fq12, &(this->fq12_i_str),
1823 sizeof(this->fq12_i_str), this->fq12_i));
1824 THROW_ON_EPIDERR(ReadFfElement(this->fq12, &(fq12_j_str), sizeof(fq12_j_str),
1825 this->fq12_j));
1826 EXPECT_EQ(kEpidNoErr,
1827 FfMul(this->fq12, this->fq12_i, this->fq12_j, this->fq12_result));
1828 THROW_ON_EPIDERR(WriteFfElement(this->fq12, this->fq12_result, &fq12_r_str,
1829 sizeof(fq12_r_str)));
1830 EXPECT_EQ(fq12_mul_ij_str, fq12_r_str);
1831 }
1832
1833 ////////////////////////////////////////////////
1834 // FfSub
TEST_F(FfElementTest,FfSubFailsGivenArgumentsMismatch)1835 TEST_F(FfElementTest, FfSubFailsGivenArgumentsMismatch) {
1836 EXPECT_EQ(kEpidBadArgErr,
1837 FfSub(this->fq12, this->fq_a, this->fq_b, this->fq_result));
1838 EXPECT_EQ(kEpidBadArgErr,
1839 FfSub(this->fq, this->fq12_g, this->fq_b, this->fq_result));
1840 EXPECT_EQ(kEpidBadArgErr,
1841 FfSub(this->fq, this->fq_a, this->fq12_h, this->fq_result));
1842 EXPECT_EQ(kEpidBadArgErr,
1843 FfSub(this->fq, this->fq_a, this->fq_b, this->fq12_result));
1844 }
1845
TEST_F(FfElementTest,FfSubFailsGivenNullPtr)1846 TEST_F(FfElementTest, FfSubFailsGivenNullPtr) {
1847 EXPECT_EQ(kEpidBadArgErr,
1848 FfSub(nullptr, this->fq_a, this->fq_b, this->fq_result));
1849 EXPECT_EQ(kEpidBadArgErr,
1850 FfSub(this->fq, nullptr, this->fq_b, this->fq_result));
1851 EXPECT_EQ(kEpidBadArgErr,
1852 FfSub(this->fq, this->fq_a, nullptr, this->fq_result));
1853 EXPECT_EQ(kEpidBadArgErr, FfSub(this->fq, this->fq_a, this->fq_b, nullptr));
1854 }
1855
TEST_F(FfElementTest,FfSubSucceedsGivenElementZero)1856 TEST_F(FfElementTest, FfSubSucceedsGivenElementZero) {
1857 FqElemStr fq_r_str = {0x0};
1858
1859 // additive identity
1860 EXPECT_EQ(kEpidNoErr,
1861 FfSub(this->fq, this->fq_a, this->fq_0, this->fq_result));
1862 THROW_ON_EPIDERR(
1863 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1864 EXPECT_EQ(this->fq_a_str, fq_r_str);
1865
1866 EXPECT_EQ(kEpidNoErr,
1867 FfSub(this->fq, this->fq_0, this->fq_0, this->fq_result));
1868 THROW_ON_EPIDERR(
1869 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1870 EXPECT_EQ(this->fq_0_str, fq_r_str);
1871 }
1872
TEST_F(FfElementTest,FfSubSucceedsGivenTwoEqualElements)1873 TEST_F(FfElementTest, FfSubSucceedsGivenTwoEqualElements) {
1874 FqElemStr fq_r_str = {0x0};
1875
1876 EXPECT_EQ(kEpidNoErr,
1877 FfSub(this->fq, this->fq_a, this->fq_a, this->fq_result));
1878 THROW_ON_EPIDERR(
1879 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1880 EXPECT_EQ(this->fq_0_str, fq_r_str);
1881 }
1882
TEST_F(FfElementTest,FfSubSucceedsGivenTwoElements)1883 TEST_F(FfElementTest, FfSubSucceedsGivenTwoElements) {
1884 FqElemStr fq_r_str = {0x0};
1885
1886 EXPECT_EQ(kEpidNoErr,
1887 FfSub(this->fq, this->fq_sum_ab, this->fq_b, this->fq_result));
1888 THROW_ON_EPIDERR(
1889 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1890 EXPECT_EQ(this->fq_a_str, fq_r_str);
1891 }
1892
TEST_F(FfElementTest,FfSubSucceedsGivenTwoElementsFq2)1893 TEST_F(FfElementTest, FfSubSucceedsGivenTwoElementsFq2) {
1894 FfElementObj a(&this->fq2, &this->bn_a_str, sizeof(this->bn_a_str));
1895 FfElementObj b(&this->fq2, &this->bn_b_str, sizeof(this->bn_b_str));
1896 FfElementObj sum_ab(&this->fq2, this->fq2_sum_ab_str);
1897 FfElementObj r(&this->fq2);
1898
1899 EXPECT_EQ(kEpidNoErr, FfSub(this->fq2, sum_ab, b, r));
1900 EXPECT_EQ(a, r);
1901 }
TEST_F(FfElementTest,FfSubSucceedsGivenTwoElementsFq6)1902 TEST_F(FfElementTest, FfSubSucceedsGivenTwoElementsFq6) {
1903 FfElementObj a(&this->fq6, &this->bn_a_str, sizeof(this->bn_a_str));
1904 FfElementObj b(&this->fq6, &this->bn_b_str, sizeof(this->bn_b_str));
1905 FfElementObj sum_ab(&this->fq6, this->fq6_sum_ab_str);
1906 FfElementObj r(&this->fq6);
1907
1908 EXPECT_EQ(kEpidNoErr, FfSub(this->fq6, sum_ab, b, r));
1909 EXPECT_EQ(a, r);
1910 }
TEST_F(FfElementTest,FfSubSucceedsGivenTwoElementsFq12)1911 TEST_F(FfElementTest, FfSubSucceedsGivenTwoElementsFq12) {
1912 FfElementObj a(&this->fq12, &this->bn_a_str, sizeof(this->bn_a_str));
1913 FfElementObj b(&this->fq12, &this->bn_b_str, sizeof(this->bn_b_str));
1914 FfElementObj sum_ab(&this->fq12, this->fq12_sum_ab_str);
1915 FfElementObj r(&this->fq12);
1916
1917 EXPECT_EQ(kEpidNoErr, FfSub(this->fq12, sum_ab, b, r));
1918 EXPECT_EQ(a, r);
1919 }
1920
1921 ////////////////////////////////////////////////
1922 // FfAdd
TEST_F(FfElementTest,FfAddFailsGivenArgumentsMismatch)1923 TEST_F(FfElementTest, FfAddFailsGivenArgumentsMismatch) {
1924 EXPECT_EQ(kEpidBadArgErr,
1925 FfAdd(this->fq12, this->fq_a, this->fq_b, this->fq_result));
1926 EXPECT_EQ(kEpidBadArgErr,
1927 FfAdd(this->fq, this->fq12_g, this->fq_b, this->fq_result));
1928 EXPECT_EQ(kEpidBadArgErr,
1929 FfAdd(this->fq, this->fq_a, this->fq12_h, this->fq_result));
1930 EXPECT_EQ(kEpidBadArgErr,
1931 FfAdd(this->fq, this->fq_a, this->fq_b, this->fq12_result));
1932 }
1933
TEST_F(FfElementTest,FfAddFailsGivenNullPtr)1934 TEST_F(FfElementTest, FfAddFailsGivenNullPtr) {
1935 EXPECT_EQ(kEpidBadArgErr,
1936 FfAdd(nullptr, this->fq_a, this->fq_b, this->fq_result));
1937 EXPECT_EQ(kEpidBadArgErr,
1938 FfAdd(this->fq, nullptr, this->fq_b, this->fq_result));
1939 EXPECT_EQ(kEpidBadArgErr,
1940 FfAdd(this->fq, this->fq_a, nullptr, this->fq_result));
1941 EXPECT_EQ(kEpidBadArgErr, FfAdd(this->fq, this->fq_a, this->fq_b, nullptr));
1942 }
1943
TEST_F(FfElementTest,FfAddSucceedsGivenElementZero)1944 TEST_F(FfElementTest, FfAddSucceedsGivenElementZero) {
1945 FqElemStr fq_r_str = {0x0};
1946
1947 // additive identity
1948 EXPECT_EQ(kEpidNoErr,
1949 FfAdd(this->fq, this->fq_a, this->fq_0, this->fq_result));
1950 THROW_ON_EPIDERR(
1951 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1952 EXPECT_EQ(this->fq_a_str, fq_r_str);
1953
1954 EXPECT_EQ(kEpidNoErr,
1955 FfAdd(this->fq, this->fq_0, this->fq_b, this->fq_result));
1956 THROW_ON_EPIDERR(
1957 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1958 EXPECT_EQ(this->fq_b_str, fq_r_str);
1959
1960 EXPECT_EQ(kEpidNoErr,
1961 FfAdd(this->fq, this->fq_0, this->fq_0, this->fq_result));
1962 THROW_ON_EPIDERR(
1963 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1964 EXPECT_EQ(this->fq_0_str, fq_r_str);
1965 }
1966
TEST_F(FfElementTest,FfAddSucceedsGivenTwoElements)1967 TEST_F(FfElementTest, FfAddSucceedsGivenTwoElements) {
1968 FqElemStr fq_r_str = {0x0};
1969
1970 EXPECT_EQ(kEpidNoErr,
1971 FfAdd(this->fq, this->fq_a, this->fq_b, this->fq_result));
1972 THROW_ON_EPIDERR(
1973 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
1974 EXPECT_EQ(this->fq_sum_ab_str, fq_r_str);
1975 }
1976
TEST_F(FfElementTest,FfAddSucceedsGivenTwoElementsFq2)1977 TEST_F(FfElementTest, FfAddSucceedsGivenTwoElementsFq2) {
1978 FfElementObj a(&this->fq2, &this->bn_a_str, sizeof(this->bn_a_str));
1979 FfElementObj b(&this->fq2, &this->bn_b_str, sizeof(this->bn_b_str));
1980 FfElementObj r(&this->fq2);
1981
1982 EXPECT_EQ(kEpidNoErr, FfAdd(this->fq2, a, b, r));
1983 EXPECT_EQ(FfElementObj(&this->fq2, this->fq2_sum_ab_str), r);
1984 }
TEST_F(FfElementTest,FfAddSucceedsGivenTwoElementsFq6)1985 TEST_F(FfElementTest, FfAddSucceedsGivenTwoElementsFq6) {
1986 FfElementObj a(&this->fq6, &this->bn_a_str, sizeof(this->bn_a_str));
1987 FfElementObj b(&this->fq6, &this->bn_b_str, sizeof(this->bn_b_str));
1988 FfElementObj r(&this->fq6);
1989
1990 EXPECT_EQ(kEpidNoErr, FfAdd(this->fq6, a, b, r));
1991 EXPECT_EQ(FfElementObj(&this->fq6, this->fq6_sum_ab_str), r);
1992 }
TEST_F(FfElementTest,FfAddSucceedsGivenTwoElementsFq12)1993 TEST_F(FfElementTest, FfAddSucceedsGivenTwoElementsFq12) {
1994 FfElementObj a(&this->fq12, &this->bn_a_str, sizeof(this->bn_a_str));
1995 FfElementObj b(&this->fq12, &this->bn_b_str, sizeof(this->bn_b_str));
1996 FfElementObj r(&this->fq12);
1997
1998 EXPECT_EQ(kEpidNoErr, FfAdd(this->fq12, a, b, r));
1999 EXPECT_EQ(FfElementObj(&this->fq12, this->fq12_sum_ab_str), r);
2000 }
2001
2002 ////////////////////////////////////////////////
2003 // FfInv
2004
TEST_F(FfElementTest,FfInvFailsGivenNullPointer)2005 TEST_F(FfElementTest, FfInvFailsGivenNullPointer) {
2006 EXPECT_EQ(kEpidBadArgErr, FfInv(nullptr, (this->fq_a), this->fq_result));
2007 EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, nullptr, this->fq_result));
2008 EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, this->fq_a, nullptr));
2009 }
2010
TEST_F(FfElementTest,FfInvFailsGivenArgumentsMismatch)2011 TEST_F(FfElementTest, FfInvFailsGivenArgumentsMismatch) {
2012 EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq12, this->fq_a, this->fq_result));
2013 EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, this->fq12_g, this->fq_result));
2014 EXPECT_EQ(kEpidBadArgErr, FfInv(this->fq, this->fq_a, this->fq12_result));
2015 }
2016
TEST_F(FfElementTest,FfInvFailsGivenElementZero)2017 TEST_F(FfElementTest, FfInvFailsGivenElementZero) {
2018 EXPECT_EQ(kEpidDivByZeroErr, FfInv(this->fq, this->fq_0, this->fq_result));
2019 }
2020
TEST_F(FfElementTest,FfInvSucceedsGivenElementOne)2021 TEST_F(FfElementTest, FfInvSucceedsGivenElementOne) {
2022 FqElemStr fq_r_str;
2023
2024 EXPECT_EQ(kEpidNoErr, FfInv(this->fq, this->fq_1, this->fq_result));
2025 THROW_ON_EPIDERR(
2026 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2027 EXPECT_EQ(this->fq_1_str, fq_r_str);
2028 }
2029
TEST_F(FfElementTest,FfInvSucceedsGivenAnElement)2030 TEST_F(FfElementTest, FfInvSucceedsGivenAnElement) {
2031 FqElemStr fq_r_str;
2032
2033 EXPECT_EQ(kEpidNoErr, FfInv(this->fq, this->fq_a, this->fq_result));
2034 THROW_ON_EPIDERR(
2035 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2036 EXPECT_EQ(this->fq_inv_a_str, fq_r_str);
2037 }
2038
2039 ////////////////////////////////////////////////
2040 // FfExp
2041
TEST_F(FfElementTest,FfExpFailsGivenNullPointer)2042 TEST_F(FfElementTest, FfExpFailsGivenNullPointer) {
2043 EXPECT_EQ(kEpidBadArgErr,
2044 FfExp(nullptr, this->fq_a, this->bn_a, this->fq_result));
2045 EXPECT_EQ(kEpidBadArgErr,
2046 FfExp(this->fq, nullptr, this->bn_a, this->fq_result));
2047 EXPECT_EQ(kEpidBadArgErr,
2048 FfExp(this->fq, this->fq_a, nullptr, this->fq_result));
2049 EXPECT_EQ(kEpidBadArgErr, FfExp(this->fq, this->fq_a, this->bn_a, nullptr));
2050 }
2051
TEST_F(FfElementTest,FfExpFailsGivenArgumentsMismatch)2052 TEST_F(FfElementTest, FfExpFailsGivenArgumentsMismatch) {
2053 EXPECT_EQ(kEpidBadArgErr,
2054 FfExp(this->fq12, this->fq_a, this->bn_0, this->fq_result));
2055 EXPECT_EQ(kEpidBadArgErr,
2056 FfExp(this->fq, this->fq12_g, this->bn_0, this->fq_result));
2057 EXPECT_EQ(kEpidBadArgErr,
2058 FfExp(this->fq, this->fq_a, this->bn_0, this->fq12_result));
2059 }
2060
TEST_F(FfElementTest,FfExpSucceedsGivenElementZero)2061 TEST_F(FfElementTest, FfExpSucceedsGivenElementZero) {
2062 FqElemStr fq_r_str;
2063
2064 EXPECT_EQ(kEpidNoErr,
2065 FfExp(this->fq, this->fq_0, this->bn_a, this->fq_result));
2066 THROW_ON_EPIDERR(
2067 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2068 EXPECT_EQ(this->fq_0_str, fq_r_str);
2069 }
2070
TEST_F(FfElementTest,FfExpSucceedsGivenExponentZero)2071 TEST_F(FfElementTest, FfExpSucceedsGivenExponentZero) {
2072 FqElemStr fq_r_str;
2073
2074 EXPECT_EQ(kEpidNoErr,
2075 FfExp(this->fq, this->fq_a, this->bn_0, this->fq_result));
2076 THROW_ON_EPIDERR(
2077 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2078 EXPECT_EQ(this->fq_1_str, fq_r_str);
2079 }
2080
TEST_F(FfElementTest,FfExpSucceedsGivenElementOne)2081 TEST_F(FfElementTest, FfExpSucceedsGivenElementOne) {
2082 FqElemStr fq_r_str;
2083
2084 EXPECT_EQ(kEpidNoErr,
2085 FfExp(this->fq, this->fq_1, this->bn_a, this->fq_result));
2086 THROW_ON_EPIDERR(
2087 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2088 EXPECT_EQ(this->fq_1_str, fq_r_str);
2089 }
2090
TEST_F(FfElementTest,FfExpSucceedsGivenExponentOne)2091 TEST_F(FfElementTest, FfExpSucceedsGivenExponentOne) {
2092 FqElemStr fq_r_str;
2093
2094 EXPECT_EQ(kEpidNoErr,
2095 FfExp(this->fq, this->fq_a, this->bn_1, this->fq_result));
2096 THROW_ON_EPIDERR(
2097 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2098 EXPECT_EQ(this->fq_a_str, fq_r_str);
2099 }
2100
TEST_F(FfElementTest,FfExpSucceedsGivenAnElement)2101 TEST_F(FfElementTest, FfExpSucceedsGivenAnElement) {
2102 FqElemStr fq_r_str;
2103
2104 EXPECT_EQ(kEpidNoErr,
2105 FfExp(this->fq, this->fq_a, this->bn_a, this->fq_result));
2106 THROW_ON_EPIDERR(
2107 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2108 EXPECT_EQ(this->fq_exp_ab_str, fq_r_str);
2109
2110 Fq12ElemStr fq12_r_str;
2111
2112 BigNumObj bn_pm1(sizeof(this->fp_pm1_str), this->fp_pm1_str);
2113
2114 EXPECT_EQ(kEpidNoErr,
2115 FfExp(this->fq12, this->fq12_k, bn_pm1, this->fq12_result));
2116 THROW_ON_EPIDERR(WriteFfElement(this->fq12, this->fq12_result, &fq12_r_str,
2117 sizeof(fq12_r_str)));
2118 EXPECT_EQ(this->fq12_mul_gb_str, fq12_r_str);
2119 }
2120
2121 ////////////////////////////////////////////////
2122 // FfHash
2123
TEST_F(FfElementTest,FfHashFailsGivenArgumentsMismatch)2124 TEST_F(FfElementTest, FfHashFailsGivenArgumentsMismatch) {
2125 EXPECT_EQ(kEpidBadArgErr,
2126 FfHash(this->fq12, this->sha_msg, sizeof(this->sha_msg), kSha256,
2127 this->fq_result));
2128 EXPECT_EQ(kEpidBadArgErr,
2129 FfHash(this->fq, this->sha_msg, sizeof(this->sha_msg), kSha256,
2130 this->fq12_result));
2131 }
2132
TEST_F(FfElementTest,FfHashFailsGivenNullPointer)2133 TEST_F(FfElementTest, FfHashFailsGivenNullPointer) {
2134 uint8_t const msg[] = {0};
2135 EXPECT_EQ(kEpidBadArgErr,
2136 FfHash(nullptr, msg, sizeof(msg), kSha256, this->fq_result));
2137 EXPECT_EQ(kEpidBadArgErr,
2138 FfHash(this->fq, nullptr, sizeof(msg), kSha256, this->fq_result));
2139 EXPECT_EQ(kEpidBadArgErr,
2140 FfHash(this->fq, msg, sizeof(msg), kSha256, nullptr));
2141 }
2142
TEST_F(FfElementTest,FfHashFailsGivenUnsupportedHashAlg)2143 TEST_F(FfElementTest, FfHashFailsGivenUnsupportedHashAlg) {
2144 uint8_t const msg[] = {0};
2145 EXPECT_EQ(kEpidHashAlgorithmNotSupported,
2146 FfHash(this->fq, msg, sizeof(msg), kSha3_256, this->fq_result));
2147 EXPECT_EQ(kEpidHashAlgorithmNotSupported,
2148 FfHash(this->fq, msg, sizeof(msg), kSha3_384, this->fq_result));
2149 EXPECT_EQ(kEpidHashAlgorithmNotSupported,
2150 FfHash(this->fq, msg, sizeof(msg), kSha3_512, this->fq_result));
2151 }
2152
TEST_F(FfElementTest,FfHashFailsGivenIncorrectMsgLen)2153 TEST_F(FfElementTest, FfHashFailsGivenIncorrectMsgLen) {
2154 uint8_t const msg[] = {0};
2155 size_t len_greater_int_max = (size_t)INT_MAX + 1;
2156 EXPECT_EQ(kEpidBadArgErr, FfHash(this->fq, msg, 0, kSha256, this->fq_result));
2157 EXPECT_EQ(kEpidBadArgErr,
2158 FfHash(this->fq, msg, std::numeric_limits<size_t>::max(), kSha256,
2159 this->fq_result));
2160 EXPECT_EQ(kEpidBadArgErr, FfHash(this->fq, msg, len_greater_int_max, kSha256,
2161 this->fq_result));
2162 }
2163
TEST_F(FfElementTest,FfHashWorksGivenSHA256HashAlg)2164 TEST_F(FfElementTest, FfHashWorksGivenSHA256HashAlg) {
2165 FqElemStr fq_r_str;
2166 EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha256,
2167 this->fq_result));
2168 THROW_ON_EPIDERR(
2169 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2170 EXPECT_EQ(this->fq_abc_sha256_str, fq_r_str)
2171 << "FfHash: Hash element does not match to reference value";
2172 }
2173
TEST_F(FfElementTest,FfHashWorksGivenSHA384HashAlg)2174 TEST_F(FfElementTest, FfHashWorksGivenSHA384HashAlg) {
2175 FqElemStr fq_r_str;
2176 EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha384,
2177 this->fq_result));
2178 THROW_ON_EPIDERR(
2179 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2180 EXPECT_EQ(this->fq_abc_sha384_str, fq_r_str)
2181 << "FfHash: Hash element does not match to reference value";
2182 }
2183
TEST_F(FfElementTest,FfHashWorksGivenSHA512HashAlg)2184 TEST_F(FfElementTest, FfHashWorksGivenSHA512HashAlg) {
2185 FqElemStr fq_r_str;
2186 EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha512,
2187 this->fq_result));
2188 THROW_ON_EPIDERR(
2189 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2190 EXPECT_EQ(this->fq_abc_sha512_str, fq_r_str)
2191 << "FfHash: Hash element does not match to reference value";
2192 }
TEST_F(FfElementTest,FfHashWorksGivenSHA512256HashAlg)2193 TEST_F(FfElementTest, FfHashWorksGivenSHA512256HashAlg) {
2194 FqElemStr fq_r_str;
2195 EXPECT_EQ(kEpidNoErr, FfHash(this->fq, sha_msg, sizeof(sha_msg), kSha512_256,
2196 this->fq_result));
2197 THROW_ON_EPIDERR(
2198 WriteFfElement(this->fq, this->fq_result, &fq_r_str, sizeof(fq_r_str)));
2199 EXPECT_EQ(this->fq_abc_sha512256_str, fq_r_str)
2200 << "FfHash: Hash element does not match to reference value";
2201 }
2202 ////////////////////////////////////////////////
2203 // FfMultiExp
2204
TEST_F(FfElementTest,FfMultiExpFailsGivenArgumentsMismatch)2205 TEST_F(FfElementTest, FfMultiExpFailsGivenArgumentsMismatch) {
2206 FfElement const* p[] = {this->fq_a, this->fq_b};
2207 FfElement const* p12[] = {this->fq12_g, this->fq12_h};
2208 BigNumStr const* b[] = {&this->bn_0_str, &this->bn_0_str};
2209 EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq12, p, b, 2, this->fq_result));
2210 EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p12, b, 2, this->fq_result));
2211 EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p, b, 2, this->fq12_result));
2212 }
2213
TEST_F(FfElementTest,FfMultiExpFailsGivenNullPointer)2214 TEST_F(FfElementTest, FfMultiExpFailsGivenNullPointer) {
2215 FfElement const* p[] = {this->fq_a, this->fq_b};
2216 FfElement const* p_withnull[] = {nullptr, this->fq_b};
2217 BigNumStr const* b[] = {&fq_multi_exp_exp_2[0], &this->fq_multi_exp_exp_2[1]};
2218 BigNumStr const* b_withnull[] = {nullptr, &this->fq_multi_exp_exp_2[1]};
2219 size_t m = 2;
2220 EXPECT_EQ(kEpidBadArgErr, FfMultiExp(nullptr, p, b, m, this->fq_result));
2221 EXPECT_EQ(kEpidBadArgErr,
2222 FfMultiExp(this->fq, nullptr, b, m, this->fq_result));
2223 EXPECT_EQ(kEpidBadArgErr,
2224 FfMultiExp(this->fq, p, nullptr, m, this->fq_result));
2225 EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p, b, m, nullptr));
2226 EXPECT_EQ(kEpidBadArgErr,
2227 FfMultiExp(this->fq, p_withnull, b, m, this->fq_result));
2228 EXPECT_EQ(kEpidBadArgErr,
2229 FfMultiExp(this->fq, p, b_withnull, m, this->fq_result));
2230 }
2231
TEST_F(FfElementTest,FfMultiExpFailsGivenIncorrectMLen)2232 TEST_F(FfElementTest, FfMultiExpFailsGivenIncorrectMLen) {
2233 FfElement const* p[] = {this->fq_a, this->fq_b};
2234 BigNumStr const* b[] = {&this->fq_multi_exp_exp_2[0],
2235 &this->fq_multi_exp_exp_2[1]};
2236 size_t len_greater_int_max = (size_t)INT_MAX + 1;
2237 EXPECT_EQ(kEpidBadArgErr, FfMultiExp(this->fq, p, b, 0, this->fq_result));
2238 EXPECT_EQ(kEpidBadArgErr,
2239 FfMultiExp(this->fq, p, b, std::numeric_limits<size_t>::max(),
2240 this->fq_result));
2241 EXPECT_EQ(kEpidBadArgErr,
2242 FfMultiExp(this->fq, p, b, len_greater_int_max, this->fq_result));
2243 }
2244
TEST_F(FfElementTest,FfMultiExpWorksGivenOneExponent)2245 TEST_F(FfElementTest, FfMultiExpWorksGivenOneExponent) {
2246 FfElementObj r(&this->fq);
2247 FfElementObj fq_exp[1];
2248 FfElement const* p[1];
2249 BigNumStr const* b[1];
2250 int m = 0;
2251 // prepare data for test
2252 for (m = 0; m < 1; m++) {
2253 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_1[m]);
2254 // initialize data for test
2255 p[m] = fq_exp[m];
2256 b[m] = &this->fq_multi_exp_exp_1[m];
2257 }
2258 // do test
2259 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 1, r));
2260 // verify calculation is correct
2261 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_1), r)
2262 << "FfMultiExp: Finite field element does not match with reference value";
2263 }
2264
TEST_F(FfElementTest,FfMultiExpWorksGivenTwoExponents)2265 TEST_F(FfElementTest, FfMultiExpWorksGivenTwoExponents) {
2266 FfElementObj r(&this->fq);
2267 FfElementObj fq_exp[2];
2268 FfElement const* p[2];
2269 BigNumStr const* b[2];
2270 int m = 0;
2271 // prepare data for test
2272 for (m = 0; m < 2; m++) {
2273 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_2[m]);
2274 // initialize data for test
2275 p[m] = fq_exp[m];
2276 b[m] = &this->fq_multi_exp_exp_2[m];
2277 }
2278 // do test
2279 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 2, r));
2280 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_2), r)
2281 << "FfMultiExp: Finite field element does not match with reference value";
2282 }
2283
TEST_F(FfElementTest,FfMultiExpWorksGivenThreeExponents)2284 TEST_F(FfElementTest, FfMultiExpWorksGivenThreeExponents) {
2285 FfElementObj r(&this->fq);
2286 FfElementObj fq_exp[3];
2287 FfElement const* p[3];
2288 BigNumStr const* b[3];
2289 int m = 0;
2290 // prepare data for test
2291 for (m = 0; m < 3; m++) {
2292 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_3[m]);
2293 // initialize data for test
2294 p[m] = fq_exp[m];
2295 b[m] = &this->fq_multi_exp_exp_3[m];
2296 }
2297 // do test
2298 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 3, r));
2299 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_3), r)
2300 << "FfMultiExp: Finite field element does not match with reference value";
2301 }
2302
TEST_F(FfElementTest,FfMultiExpWorksGivenFourExponents)2303 TEST_F(FfElementTest, FfMultiExpWorksGivenFourExponents) {
2304 FfElementObj r(&this->fq);
2305 FfElementObj fq_exp[4];
2306 FfElement const* p[4];
2307 BigNumStr const* b[4];
2308 int m = 0;
2309 // prepare data for test
2310 for (m = 0; m < 4; m++) {
2311 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_4[m]);
2312 // initialize data for test
2313 p[m] = fq_exp[m];
2314 b[m] = &this->fq_multi_exp_exp_4[m];
2315 }
2316 // do test
2317 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 4, r));
2318 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_4), r)
2319 << "FfMultiExp: Finite field element does not match with reference value";
2320 }
2321
TEST_F(FfElementTest,FfMultiExpWorksGivenFourFq12Exponents)2322 TEST_F(FfElementTest, FfMultiExpWorksGivenFourFq12Exponents) {
2323 FfElementObj r12(&this->fq12);
2324 FfElementObj fq12_exp[4];
2325 FfElement const* p[4];
2326 BigNumStr const* b[4];
2327 int m = 0;
2328 // prepare data for test
2329 for (m = 0; m < 4; m++) {
2330 fq12_exp[m] = FfElementObj(&this->fq12, this->fq12_multi_exp_base_4[m]);
2331 // initialize data for test
2332 p[m] = fq12_exp[m];
2333 b[m] = &this->fq12_multi_exp_exp_4[m];
2334 }
2335 // do test
2336 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq12, p, b, 4, r12));
2337 EXPECT_EQ(FfElementObj(&this->fq12, this->fq12_multi_exp_res_4), r12)
2338 << "FfMultiExp: Finite field element does not match with reference value";
2339 }
2340
TEST_F(FfElementTest,FfMultiExpWorksGivenFiveExponents)2341 TEST_F(FfElementTest, FfMultiExpWorksGivenFiveExponents) {
2342 FfElementObj r(&this->fq);
2343 FfElementObj fq_exp[5];
2344 FfElement const* p[5];
2345 BigNumStr const* b[5];
2346 int m = 0;
2347 // prepare data for test
2348 for (m = 0; m < 5; m++) {
2349 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_5[m]);
2350 // initialize data for test
2351 p[m] = fq_exp[m];
2352 b[m] = &this->fq_multi_exp_exp_5[m];
2353 }
2354 // do test
2355 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 5, r));
2356 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_5), r)
2357 << "FfMultiExp: Finite field element does not match with reference value";
2358 }
2359
TEST_F(FfElementTest,FfMultiExpWorksGivenSixExponents)2360 TEST_F(FfElementTest, FfMultiExpWorksGivenSixExponents) {
2361 FfElementObj r(&this->fq);
2362 FfElementObj fq_exp[6];
2363 FfElement const* p[6];
2364 BigNumStr const* b[6];
2365 int m = 0;
2366 // prepare data for test
2367 for (m = 0; m < 6; m++) {
2368 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_6[m]);
2369 // initialize data for test
2370 p[m] = fq_exp[m];
2371 b[m] = &this->fq_multi_exp_exp_6[m];
2372 }
2373 // do test
2374 EXPECT_EQ(kEpidNoErr, FfMultiExp(this->fq, p, b, 6, r));
2375 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_6), r)
2376 << "FfMultiExp: Finite field element does not match with reference value";
2377 }
2378
2379 ///////////////////////////////////////////////////////////////////////
2380 // FfMultiExpBn
2381
TEST_F(FfElementTest,FfMultiExpBnFailsGivenArgumentsMismatch)2382 TEST_F(FfElementTest, FfMultiExpBnFailsGivenArgumentsMismatch) {
2383 FfElement const* p[] = {this->fq_a, this->fq_b};
2384 FfElement const* p12[] = {this->fq12_g, this->fq12_h};
2385 BigNum const* b[] = {bn_0, bn_0};
2386 EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq12, p, b, 2, this->fq_result));
2387 EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p12, b, 2, this->fq_result));
2388 EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p, b, 2, this->fq12_result));
2389 }
2390
TEST_F(FfElementTest,FfMultiExpBnFailsGivenNullPointer)2391 TEST_F(FfElementTest, FfMultiExpBnFailsGivenNullPointer) {
2392 FfElement const* p[] = {this->fq_a, this->fq_b};
2393 FfElement const* p_withnull[] = {nullptr, this->fq_b};
2394 BigNumObj bn_exp_0(this->fq_multi_exp_exp_2[0]);
2395 BigNumObj bn_exp_1(this->fq_multi_exp_exp_2[1]);
2396 BigNum const* b[] = {bn_exp_0, bn_exp_1};
2397 BigNum const* b_withnull[] = {nullptr, bn_exp_1};
2398 size_t m = 2;
2399 EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(nullptr, p, b, m, this->fq_result));
2400 EXPECT_EQ(kEpidBadArgErr,
2401 FfMultiExpBn(this->fq, nullptr, b, m, this->fq_result));
2402 EXPECT_EQ(kEpidBadArgErr,
2403 FfMultiExpBn(this->fq, p, nullptr, m, this->fq_result));
2404 EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p, b, m, nullptr));
2405 EXPECT_EQ(kEpidBadArgErr,
2406 FfMultiExpBn(this->fq, p_withnull, b, m, this->fq_result));
2407 EXPECT_EQ(kEpidBadArgErr,
2408 FfMultiExpBn(this->fq, p, b_withnull, m, this->fq_result));
2409 }
2410
TEST_F(FfElementTest,FfMultiExpBnFailsGivenIncorrectMLen)2411 TEST_F(FfElementTest, FfMultiExpBnFailsGivenIncorrectMLen) {
2412 FfElement const* p[] = {this->fq_a, this->fq_b};
2413 BigNumObj bn_exp_0(this->fq_multi_exp_exp_2[0]);
2414 BigNumObj bn_exp_1(this->fq_multi_exp_exp_2[1]);
2415 BigNum const* b[] = {bn_exp_0, bn_exp_1};
2416 size_t len_greater_int_max = (size_t)INT_MAX + 1;
2417 EXPECT_EQ(kEpidBadArgErr, FfMultiExpBn(this->fq, p, b, 0, this->fq_result));
2418 EXPECT_EQ(kEpidBadArgErr,
2419 FfMultiExpBn(this->fq, p, b, std::numeric_limits<size_t>::max(),
2420 this->fq_result));
2421 EXPECT_EQ(kEpidBadArgErr,
2422 FfMultiExpBn(this->fq, p, b, len_greater_int_max, this->fq_result));
2423 }
2424
TEST_F(FfElementTest,FfMultiExpBnWorksGivenOneExponent)2425 TEST_F(FfElementTest, FfMultiExpBnWorksGivenOneExponent) {
2426 const int items = 1;
2427 FfElementObj r(&this->fq);
2428 FfElementObj fq_base[1];
2429 BigNumObj bn_exp[1];
2430 FfElement const* p[1];
2431 BigNum const* b[1];
2432 int m = 0;
2433 // prepare data for test
2434 for (m = 0; m < items; m++) {
2435 fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_1[m]);
2436 bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_1[m]);
2437 // initialize data for test
2438 p[m] = fq_base[m];
2439 b[m] = bn_exp[m];
2440 }
2441 // do test
2442 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
2443 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_1), r)
2444 << "FfMultiExpBn: Finite field element does not "
2445 "match with reference value";
2446 }
2447
TEST_F(FfElementTest,FfMultiExpBnWorksGivenTwoExponents)2448 TEST_F(FfElementTest, FfMultiExpBnWorksGivenTwoExponents) {
2449 const int items = 2;
2450 FfElementObj r(&this->fq);
2451 FfElementObj fq_base[2];
2452 BigNumObj bn_exp[2];
2453 FfElement const* p[2];
2454 BigNum const* b[2];
2455 int m = 0;
2456 // prepare data for test
2457 for (m = 0; m < items; m++) {
2458 fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_2[m]);
2459 bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_2[m]);
2460 // initialize data for test
2461 p[m] = fq_base[m];
2462 b[m] = bn_exp[m];
2463 }
2464 // do test
2465 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
2466 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_2), r)
2467 << "FfMultiExpBn: Finite field element does not "
2468 "match with reference value";
2469 }
TEST_F(FfElementTest,FfMultiExpBnWorksGivenThreeExponents)2470 TEST_F(FfElementTest, FfMultiExpBnWorksGivenThreeExponents) {
2471 const int items = 3;
2472 FfElementObj r(&this->fq);
2473 FfElementObj fq_base[3];
2474 BigNumObj bn_exp[3];
2475 FfElement const* p[3];
2476 BigNum const* b[3];
2477 int m = 0;
2478 // prepare data for test
2479 for (m = 0; m < items; m++) {
2480 fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_3[m]);
2481 bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_3[m]);
2482 // initialize data for test
2483 p[m] = fq_base[m];
2484 b[m] = bn_exp[m];
2485 }
2486 // do test
2487 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
2488 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_3), r)
2489 << "FfMultiExpBn: Finite field element does not "
2490 "match with reference value";
2491 }
2492
TEST_F(FfElementTest,FfMultiExpBnWorksGivenFourExponents)2493 TEST_F(FfElementTest, FfMultiExpBnWorksGivenFourExponents) {
2494 const int items = 4;
2495 FfElementObj r(&this->fq);
2496 FfElementObj fq_base[4];
2497 BigNumObj bn_exp[4];
2498 FfElement const* p[4];
2499 BigNum const* b[4];
2500 int m = 0;
2501 // prepare data for test
2502 for (m = 0; m < items; m++) {
2503 fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_4[m]);
2504 bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_4[m]);
2505 // initialize data for test
2506 p[m] = fq_base[m];
2507 b[m] = bn_exp[m];
2508 }
2509 // do test
2510 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
2511 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_4), r)
2512 << "FfMultiExpBn: Finite field element does not "
2513 "match with reference value";
2514 }
2515
TEST_F(FfElementTest,DISABLED_FfMultiExpBnWorksGivenFourFq12Exponents)2516 TEST_F(FfElementTest, DISABLED_FfMultiExpBnWorksGivenFourFq12Exponents) {
2517 const int items = 4;
2518 FfElementObj fq12_r(&this->fq12);
2519 FfElementObj fq12_base[4];
2520 BigNumObj fq12_bn_exp[4];
2521 FfElement const* fq12_p[4];
2522 BigNum const* fq12_b[4];
2523 int m = 0;
2524 // prepare data for test
2525 for (m = 0; m < items; m++) {
2526 fq12_base[m] = FfElementObj(&this->fq12, this->fq12_multi_exp_base_4[m]);
2527 fq12_bn_exp[m] = BigNumObj(this->fq12_multi_exp_exp_4[m]);
2528 // initialize data for test
2529 fq12_p[m] = fq12_base[m];
2530 fq12_b[m] = fq12_bn_exp[m];
2531 }
2532 // do test
2533 EXPECT_EQ(kEpidNoErr,
2534 FfMultiExpBn(this->fq12, fq12_p, fq12_b, items, fq12_r));
2535 EXPECT_EQ(FfElementObj(&this->fq12, this->fq_multi_exp_res_4), fq12_r)
2536 << "FfMultiExpBn: Finite field element does not "
2537 "match with reference value";
2538 }
2539
TEST_F(FfElementTest,FfMultiExpBnWorksGivenFiveExponents)2540 TEST_F(FfElementTest, FfMultiExpBnWorksGivenFiveExponents) {
2541 const int items = 5;
2542 FfElementObj r(&this->fq);
2543 FfElementObj fq_base[5];
2544 BigNumObj bn_exp[5];
2545 FfElement const* p[5];
2546 BigNum const* b[5];
2547 int m = 0;
2548 // prepare data for test
2549 for (m = 0; m < items; m++) {
2550 fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_5[m]);
2551 bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_5[m]);
2552 // initialize data for test
2553 p[m] = fq_base[m];
2554 b[m] = bn_exp[m];
2555 }
2556 // do test
2557 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
2558 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_5), r)
2559 << "FfSscmMultiExp: Finite field element does not "
2560 "match with reference value";
2561 }
2562
TEST_F(FfElementTest,FfMultiExpBnWorksGivenSixExponents)2563 TEST_F(FfElementTest, FfMultiExpBnWorksGivenSixExponents) {
2564 const int items = 6;
2565 FfElementObj r(&this->fq);
2566 FfElementObj fq_base[6];
2567 BigNumObj bn_exp[6];
2568 FfElement const* p[6];
2569 BigNum const* b[6];
2570 int m = 0;
2571 // prepare data for test
2572 for (m = 0; m < items; m++) {
2573 fq_base[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_6[m]);
2574 bn_exp[m] = BigNumObj(this->fq_multi_exp_exp_6[m]);
2575 // initialize data for test
2576 p[m] = fq_base[m];
2577 b[m] = bn_exp[m];
2578 }
2579 // do test
2580 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->fq, p, b, items, r));
2581 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_6), r)
2582 << "FfSscmMultiExp: Finite field element does not "
2583 "match with reference value";
2584 }
2585
TEST_F(FfElementTest,FfMultiExpBnWorksOverEpid11GT)2586 TEST_F(FfElementTest, FfMultiExpBnWorksOverEpid11GT) {
2587 const int items = 3;
2588 FfElementObj r(&this->epid11_GT);
2589 FfElementObj ff_base[3];
2590 BigNumObj bn_exp[3];
2591 FfElement const* p[3];
2592 BigNum const* b[3];
2593 int m = 0;
2594 // prepare data for test
2595 for (m = 0; m < items; m++) {
2596 ff_base[m] =
2597 FfElementObj(&this->epid11_GT, this->epid11_GT_multi_exp_base_3[m]);
2598 bn_exp[m] = BigNumObj(this->epid11_GT_multi_exp_exp_3[m]);
2599 // initialize data for test
2600 p[m] = ff_base[m];
2601 b[m] = bn_exp[m];
2602 }
2603 // do test
2604 EXPECT_EQ(kEpidNoErr, FfMultiExpBn(this->epid11_GT, p, b, items, r));
2605 EXPECT_EQ(FfElementObj(&this->epid11_GT, this->epid11_GT_multi_exp_res_3), r)
2606 << "FfSscmMultiExp: Finite field element does not "
2607 "match with reference value";
2608 }
2609
2610 ///////////////////////////////////////////////////////////////////////
2611 // FfSscmMultiExp
2612
TEST_F(FfElementTest,SscmFfMultiExpFailsGivenArgumentsMismatch)2613 TEST_F(FfElementTest, SscmFfMultiExpFailsGivenArgumentsMismatch) {
2614 FfElement const* p[] = {this->fq_a, this->fq_b};
2615 FfElement const* p12[] = {this->fq12_g, this->fq12_h};
2616 BigNumStr const* b[] = {&this->bn_0_str, &this->bn_0_str};
2617 EXPECT_EQ(kEpidBadArgErr,
2618 FfSscmMultiExp(this->fq12, p, b, 2, this->fq_result));
2619 EXPECT_EQ(kEpidBadArgErr,
2620 FfSscmMultiExp(this->fq, p12, b, 2, this->fq_result));
2621 EXPECT_EQ(kEpidBadArgErr,
2622 FfSscmMultiExp(this->fq, p, b, 2, this->fq12_result));
2623 }
2624
TEST_F(FfElementTest,SscmFfMultiExpFailsGivenNullPointer)2625 TEST_F(FfElementTest, SscmFfMultiExpFailsGivenNullPointer) {
2626 FfElement const* p[] = {this->fq_a, this->fq_b};
2627 FfElement const* p_withnull[] = {nullptr, this->fq_b};
2628 BigNumStr const* b[] = {&this->fq_multi_exp_exp_2[0],
2629 &this->fq_multi_exp_exp_2[1]};
2630 BigNumStr const* b_withnull[] = {nullptr, &this->fq_multi_exp_exp_2[1]};
2631 size_t m = 2;
2632 EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(nullptr, p, b, m, this->fq_result));
2633 EXPECT_EQ(kEpidBadArgErr,
2634 FfSscmMultiExp(this->fq, nullptr, b, m, this->fq_result));
2635 EXPECT_EQ(kEpidBadArgErr,
2636 FfSscmMultiExp(this->fq, p, nullptr, m, this->fq_result));
2637 EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(this->fq, p, b, m, nullptr));
2638 EXPECT_EQ(kEpidBadArgErr,
2639 FfSscmMultiExp(this->fq, p_withnull, b, m, this->fq_result));
2640 EXPECT_EQ(kEpidBadArgErr,
2641 FfSscmMultiExp(this->fq, p, b_withnull, m, this->fq_result));
2642 }
2643
TEST_F(FfElementTest,SscmFfMultiExpFailsGivenIncorrectMLen)2644 TEST_F(FfElementTest, SscmFfMultiExpFailsGivenIncorrectMLen) {
2645 FfElement const* p[] = {this->fq_a, this->fq_b};
2646 BigNumStr const* b[] = {&this->fq_multi_exp_exp_2[0],
2647 &this->fq_multi_exp_exp_2[1]};
2648 size_t len_greater_int_max = (size_t)INT_MAX + 1;
2649 EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(this->fq, p, b, 0, this->fq_result));
2650 EXPECT_EQ(kEpidBadArgErr,
2651 FfSscmMultiExp(this->fq, p, b, std::numeric_limits<size_t>::max(),
2652 this->fq_result));
2653 EXPECT_EQ(kEpidBadArgErr, FfSscmMultiExp(this->fq, p, b, len_greater_int_max,
2654 this->fq_result));
2655 }
2656
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenOneExponent)2657 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenOneExponent) {
2658 FfElementObj r(&this->fq);
2659 FfElementObj fq_exp[1];
2660 FfElement const* p[1];
2661 BigNumStr const* b[1];
2662 int m = 0;
2663 // prepare data for test
2664 for (m = 0; m < 1; m++) {
2665 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_1[m]);
2666 // initialize data for test
2667 p[m] = fq_exp[m];
2668 b[m] = &this->fq_multi_exp_exp_1[m];
2669 }
2670 // do test
2671 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 1, r));
2672 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_1), r)
2673 << "FfSscmMultiExp: Finite field element does not "
2674 "match with reference value";
2675 }
2676
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenTwoExponents)2677 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenTwoExponents) {
2678 FfElementObj r(&this->fq);
2679 FfElementObj fq_exp[2];
2680 FfElement const* p[2];
2681 BigNumStr const* b[2];
2682 int m = 0;
2683 // prepare data for test
2684 for (m = 0; m < 2; m++) {
2685 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_2[m]);
2686 // initialize data for test
2687 p[m] = fq_exp[m];
2688 b[m] = &this->fq_multi_exp_exp_2[m];
2689 }
2690 // do test
2691 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 2, r));
2692 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_2), r)
2693 << "FfSscmMultiExp: Finite field element does not "
2694 "match with reference value";
2695 }
2696
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenThreeExponents)2697 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenThreeExponents) {
2698 FfElementObj r(&this->fq);
2699 FfElementObj fq_exp[3];
2700 FfElement const* p[3];
2701 BigNumStr const* b[3];
2702 int m = 0;
2703 // prepare data for test
2704 for (m = 0; m < 3; m++) {
2705 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_3[m]);
2706 // initialize data for test
2707 p[m] = fq_exp[m];
2708 b[m] = &this->fq_multi_exp_exp_3[m];
2709 }
2710 // do test
2711 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 3, r));
2712 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_3), r)
2713 << "FfSscmMultiExp: Finite field element does not "
2714 "match with reference value";
2715 }
2716
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenFourExponents)2717 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenFourExponents) {
2718 FfElementObj r(&this->fq);
2719 FfElementObj fq_exp[4];
2720 FfElement const* p[4];
2721 BigNumStr const* b[4];
2722 int m = 0;
2723 // prepare data for test
2724 for (m = 0; m < 4; m++) {
2725 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_4[m]);
2726 // initialize data for test
2727 p[m] = fq_exp[m];
2728 b[m] = &this->fq_multi_exp_exp_4[m];
2729 }
2730 // do test
2731 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 4, r));
2732 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_4), r)
2733 << "FfSscmMultiExp: Finite field element does not "
2734 "match with reference value";
2735 }
2736
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenFourFq12Exponents)2737 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenFourFq12Exponents) {
2738 FfElementObj r12(&this->fq12);
2739 FfElementObj fq12_exp[4];
2740 FfElement const* p[4];
2741 BigNumStr const* b[4];
2742 int m = 0;
2743 // prepare data for test
2744 for (m = 0; m < 4; m++) {
2745 fq12_exp[m] = FfElementObj(&this->fq12, this->fq12_multi_exp_base_4[m]);
2746 // initialize data for test
2747 p[m] = fq12_exp[m];
2748 b[m] = &this->fq12_multi_exp_exp_4[m];
2749 }
2750 // do test
2751 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq12, p, b, 4, r12));
2752 EXPECT_EQ(FfElementObj(&this->fq12, this->fq12_multi_exp_res_4), r12)
2753 << "FfSscmMultiExp: Finite field element does not match with reference "
2754 "value";
2755 }
2756
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenFiveExponents)2757 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenFiveExponents) {
2758 FfElementObj r(&this->fq);
2759 FfElementObj fq_exp[5];
2760 FfElement const* p[5];
2761 BigNumStr const* b[5];
2762 int m = 0;
2763 // prepare data for test
2764 for (m = 0; m < 5; m++) {
2765 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_5[m]);
2766 // initialize data for test
2767 p[m] = fq_exp[m];
2768 b[m] = &this->fq_multi_exp_exp_5[m];
2769 }
2770 // do test
2771 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 5, r));
2772 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_5), r)
2773 << "FfSscmMultiExp: Finite field element does not "
2774 "match with reference value";
2775 }
2776
TEST_F(FfElementTest,SscmFfMultiExpWorksGivenSixExponents)2777 TEST_F(FfElementTest, SscmFfMultiExpWorksGivenSixExponents) {
2778 FfElementObj r(&this->fq);
2779 FfElementObj fq_exp[6];
2780 FfElement const* p[6];
2781 BigNumStr const* b[6];
2782 int m = 0;
2783 // prepare data for test
2784 for (m = 0; m < 6; m++) {
2785 fq_exp[m] = FfElementObj(&this->fq, this->fq_multi_exp_base_6[m]);
2786 // initialize data for test
2787 p[m] = fq_exp[m];
2788 b[m] = &this->fq_multi_exp_exp_6[m];
2789 }
2790 // do test
2791 EXPECT_EQ(kEpidNoErr, FfSscmMultiExp(this->fq, p, b, 6, r));
2792 EXPECT_EQ(FfElementObj(&this->fq, this->fq_multi_exp_res_6), r)
2793 << "FfSscmMultiExp: Finite field element does not "
2794 "match with reference value";
2795 }
2796 ////////////////////////////////////////////////
2797 // FfGetRandom
2798
TEST_F(FfElementTest,FfGetRandomFailsGivenArgumentsMismatch)2799 TEST_F(FfElementTest, FfGetRandomFailsGivenArgumentsMismatch) {
2800 Prng my_prng;
2801 EXPECT_EQ(kEpidBadArgErr,
2802 FfGetRandom(this->fq12, &this->bn_1_str, &Prng::Generate, &my_prng,
2803 this->fq_result));
2804 EXPECT_EQ(kEpidBadArgErr,
2805 FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate, &my_prng,
2806 this->fq12_result));
2807 }
2808
TEST_F(FfElementTest,FfGetRandomFailsGivenNullPtr)2809 TEST_F(FfElementTest, FfGetRandomFailsGivenNullPtr) {
2810 Prng my_prng;
2811 FfElementObj r(&this->fq);
2812 EXPECT_EQ(kEpidBadArgErr, FfGetRandom(nullptr, &this->bn_1_str,
2813 &Prng::Generate, &my_prng, r));
2814 EXPECT_EQ(kEpidBadArgErr,
2815 FfGetRandom(this->fq, nullptr, &Prng::Generate, &my_prng, r));
2816 EXPECT_EQ(kEpidBadArgErr,
2817 FfGetRandom(this->fq, &this->bn_1_str, nullptr, &my_prng, r));
2818 EXPECT_EQ(kEpidBadArgErr, FfGetRandom(this->fq, &this->bn_1_str,
2819 &Prng::Generate, &my_prng, nullptr));
2820 }
TEST_F(FfElementTest,FfGetRandomSucceedsGivenFq2)2821 TEST_F(FfElementTest, FfGetRandomSucceedsGivenFq2) {
2822 Prng my_prng;
2823 FfElementObj r(&this->fq2);
2824 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq2, &this->bn_1_str, &Prng::Generate,
2825 &my_prng, r));
2826 }
TEST_F(FfElementTest,FfGetRandomSucceedsGivenFq6)2827 TEST_F(FfElementTest, FfGetRandomSucceedsGivenFq6) {
2828 Prng my_prng;
2829 FfElementObj r(&this->fq6);
2830 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq6, &this->bn_1_str, &Prng::Generate,
2831 &my_prng, r));
2832 }
TEST_F(FfElementTest,FfGetRandomSucceedsGivenFq12)2833 TEST_F(FfElementTest, FfGetRandomSucceedsGivenFq12) {
2834 Prng my_prng;
2835 FfElementObj r(&this->fq12);
2836 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq12, &this->bn_1_str,
2837 &Prng::Generate, &my_prng, r));
2838 }
2839
TEST_F(FfElementTest,FfGetRandomSuccedsGivenLowBound)2840 TEST_F(FfElementTest, FfGetRandomSuccedsGivenLowBound) {
2841 Prng my_prng;
2842 FfElementObj r(&this->fq);
2843 FqElemStr buf;
2844 unsigned int result;
2845 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate,
2846 &my_prng, r));
2847 THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
2848 THROW_ON_EPIDERR(Cmp_OctStr256(&this->bn_1_str.data, &buf.data, &result));
2849 EXPECT_EQ(result, (unsigned int)2);
2850 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_2_str, &Prng::Generate,
2851 &my_prng, r));
2852 THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
2853 THROW_ON_EPIDERR(Cmp_OctStr256(&this->bn_2_str.data, &buf.data, &result));
2854 EXPECT_EQ(result, (unsigned int)2);
2855 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_0xffff_str,
2856 &Prng::Generate, &my_prng, r));
2857 THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
2858 THROW_ON_EPIDERR(
2859 Cmp_OctStr256(&this->bn_0xffff_str.data, &buf.data, &result));
2860 EXPECT_EQ(result, (unsigned int)2);
2861 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_0xffff_str,
2862 &Prng::Generate, &my_prng, r));
2863 THROW_ON_EPIDERR(WriteFfElement(this->fq, r, &buf, sizeof(buf)));
2864 THROW_ON_EPIDERR(
2865 Cmp_OctStr256(&this->bn_0xffff_str.data, &buf.data, &result));
2866 EXPECT_EQ(result, (unsigned int)2);
2867 }
2868
TEST_F(FfElementTest,FfGetRandomGeneratesDifferentNumbers)2869 TEST_F(FfElementTest, FfGetRandomGeneratesDifferentNumbers) {
2870 Prng my_prng;
2871 FfElementObj r1(&this->fq);
2872 FfElementObj r2(&this->fq);
2873 bool result;
2874 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate,
2875 &my_prng, r1));
2876 EXPECT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_1_str, &Prng::Generate,
2877 &my_prng, r2));
2878 THROW_ON_EPIDERR(FfIsEqual(this->fq, r1, r2, &result));
2879 EXPECT_FALSE(result);
2880 }
TEST_F(FfElementTest,FfGetRandomFailsOnMaxIterGivenLargeLowBound)2881 TEST_F(FfElementTest, FfGetRandomFailsOnMaxIterGivenLargeLowBound) {
2882 Prng my_prng;
2883 FfElementObj r(&this->fq);
2884 // FfGetRandom generates random data between [low_bound, modulus-1]
2885 // modulus in this case is Intel(R) EPID 2.0 parameter q
2886 // giving low_bound = modulus - {0x30, 0x13} should get kEpidRandMaxIterErr
2887 EXPECT_EQ(kEpidRandMaxIterErr, FfGetRandom(this->fq, &this->fq_qm0x3013_str,
2888 &Prng::Generate, &my_prng, r));
2889 }
2890
2891 ////////////////////////////////////////////////
2892 // FfSqrt
TEST_F(FfElementTest,FfSqrtFailsGivenNullPtr)2893 TEST_F(FfElementTest, FfSqrtFailsGivenNullPtr) {
2894 FfElementObj r(&this->fq);
2895 EXPECT_EQ(kEpidBadArgErr, FfSqrt(nullptr, this->fq_4, r));
2896 EXPECT_EQ(kEpidBadArgErr, FfSqrt(this->fq, nullptr, r));
2897 EXPECT_EQ(kEpidBadArgErr, FfSqrt(this->fq, this->fq_4, nullptr));
2898 }
2899
TEST_F(FfElementTest,FfSqrtWorksForOne)2900 TEST_F(FfElementTest, FfSqrtWorksForOne) {
2901 FfElementObj r(&this->fq);
2902 FfElementObj s(&this->fq);
2903 EXPECT_EQ(kEpidNoErr, FfSqrt(this->fq, this->fq_1, r));
2904 EXPECT_EQ(this->fq_1, r);
2905 }
2906
TEST_F(FfElementTest,FfSqrtFailsForTwo)2907 TEST_F(FfElementTest, FfSqrtFailsForTwo) {
2908 FfElementObj r(&this->fq);
2909 EXPECT_EQ(kEpidMathQuadraticNonResidueError, FfSqrt(this->fq, this->fq_2, r));
2910 }
2911
TEST_F(FfElementTest,FfSqrtFailsForThree)2912 TEST_F(FfElementTest, FfSqrtFailsForThree) {
2913 FfElementObj r(&this->fq);
2914 EXPECT_EQ(kEpidMathQuadraticNonResidueError, FfSqrt(this->fq, this->fq_3, r));
2915 }
2916
TEST_F(FfElementTest,FfSqrtWorksForFour)2917 TEST_F(FfElementTest, FfSqrtWorksForFour) {
2918 FfElementObj r(&this->fq);
2919 EXPECT_EQ(kEpidNoErr, FfSqrt(this->fq, this->fq_4, r));
2920 EXPECT_EQ(this->fq_qm2, r);
2921 }
2922
TEST_F(FfElementTest,FfSqrtFailsForFive)2923 TEST_F(FfElementTest, FfSqrtFailsForFive) {
2924 FfElementObj r(&this->fq);
2925 EXPECT_EQ(kEpidMathQuadraticNonResidueError, FfSqrt(this->fq, this->fq_5, r));
2926 }
2927
TEST_F(FfElementTest,FfSqrtWorksForEpid11Prime)2928 TEST_F(FfElementTest, FfSqrtWorksForEpid11Prime) {
2929 // given b_str value ensure sqrt algorithm step 7 if clause is triggered
2930 const BigNumStr b_str = {0x06, 0xc1, 0x26, 0xe8, 0xa5, 0xa5, 0x21, 0x19,
2931 0x07, 0x42, 0x49, 0x77, 0x7c, 0x5c, 0x98, 0x7f,
2932 0xd4, 0x0c, 0x42, 0xf5, 0x25, 0x2c, 0xac, 0xb9,
2933 0x7e, 0x09, 0x70, 0xf0, 0x84, 0x3b, 0x81, 0x46};
2934 FfElementObj b(&this->epid11_fq, &b_str, sizeof((b_str)));
2935
2936 FfElementObj r(&this->epid11_fq);
2937 FfElementObj s(&this->epid11_fq);
2938 FfElementObj r2(&this->epid11_fq);
2939
2940 EXPECT_EQ(kEpidNoErr, FfMul(this->epid11_fq, b, b, s));
2941 EXPECT_EQ(kEpidNoErr, FfSqrt(this->epid11_fq, s, r));
2942 EXPECT_EQ(kEpidNoErr, FfMul(this->epid11_fq, r, r, r2));
2943 EXPECT_EQ(s, r2);
2944 }
2945
TEST_F(FfElementTest,FfSqrtReturnsARoot)2946 TEST_F(FfElementTest, FfSqrtReturnsARoot) {
2947 Prng my_prng;
2948 FfElementObj r(&this->fq);
2949 FfElementObj b(&this->fq);
2950 FfElementObj s(&this->fq);
2951 FfElementObj r2(&this->fq);
2952 unsigned int i;
2953 for (i = 0; i < 1000; i++) {
2954 ASSERT_EQ(kEpidNoErr, FfGetRandom(this->fq, &this->bn_2_str,
2955 &Prng::Generate, &my_prng, b));
2956 ASSERT_EQ(kEpidNoErr, FfMul(this->fq, b, b, s));
2957 ASSERT_EQ(kEpidNoErr, FfSqrt(this->fq, s, r));
2958 ASSERT_EQ(kEpidNoErr, FfMul(this->fq, r, r, r2));
2959 ASSERT_EQ(s, r2);
2960 }
2961 }
2962
TEST_F(FfElementTest,FfSqrtReturnsARootInEpid11)2963 TEST_F(FfElementTest, FfSqrtReturnsARootInEpid11) {
2964 Prng my_prng;
2965 FfElementObj r(&this->epid11_fq);
2966 FfElementObj b(&this->epid11_fq);
2967 FfElementObj s(&this->epid11_fq);
2968 FfElementObj r2(&this->epid11_fq);
2969 unsigned int i;
2970 for (i = 0; i < 1000; i++) {
2971 ASSERT_EQ(kEpidNoErr, FfGetRandom(this->epid11_fq, &this->bn_2_str,
2972 &Prng::Generate, &my_prng, b));
2973 ASSERT_EQ(kEpidNoErr, FfMul(this->epid11_fq, b, b, s));
2974 ASSERT_EQ(kEpidNoErr, FfSqrt(this->epid11_fq, s, r));
2975 ASSERT_EQ(kEpidNoErr, FfMul(this->epid11_fq, r, r, r2));
2976 ASSERT_EQ(s, r2);
2977 }
2978 }
2979
TEST_F(FfElementTest,FfSqrtReturnsARoot224Prime)2980 TEST_F(FfElementTest, FfSqrtReturnsARoot224Prime) {
2981 const BigNumStr prime_224r1 = {
2982 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
2983 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00,
2984 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
2985 FiniteFieldObj f_q(prime_224r1);
2986
2987 Prng my_prng;
2988 FfElementObj r(&f_q);
2989 FfElementObj b(&f_q);
2990 FfElementObj s(&f_q);
2991 FfElementObj r2(&f_q);
2992 unsigned int i;
2993 for (i = 0; i < 100; i++) {
2994 EXPECT_EQ(kEpidNoErr,
2995 FfGetRandom(f_q, &this->bn_2_str, &Prng::Generate, &my_prng, b));
2996 EXPECT_EQ(kEpidNoErr, FfMul(f_q, b, b, s));
2997 EXPECT_EQ(kEpidNoErr, FfSqrt(f_q, s, r));
2998 EXPECT_EQ(kEpidNoErr, FfMul(f_q, r, r, r2));
2999 EXPECT_EQ(s, r2);
3000 }
3001 }
3002
3003 } // namespace
3004