Fix moving y coord && Add tests for curve cached constants

include/ack/ec.hpp

@@ -1154,15 +1154,15 @@ namespace ack {
             // https://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-add-1998-cmo-2
             // note: faster than https://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-add-2007-bl
 
-            const bool bZ1IsOne = p.z.is_one();
-            const bool bZ2IsOne = q.z.is_one();
-            if ( bZ1IsOne && bZ2IsOne ) {
+            const bool z1_is_one = p.z.is_one();
+            const bool z2_is_one = q.z.is_one();
+            if ( z1_is_one && z2_is_one ) {
                 return add_z_1( p, q );
             }
-            else if ( bZ1IsOne ) {
+            else if ( z1_is_one ) {
                 return add_z2_1( q, p );
             }
-            else if ( bZ2IsOne ) {
+            else if ( z2_is_one ) {
                 return add_z2_1( p, q );
             }
             return add_ne( p, q );
@@ -1189,16 +1189,16 @@ namespace ack {
             // note: this algo was measured to be the most efficient of them all.
 
             const auto M = [](const auto& p) {
-                const bool bZIsOne = p.z.is_one();
+                const bool z_is_one = p.z.is_one();
                 if ( p.curve().a_is_zero ) {
                     return 3 * p.x.sqr();
                 }
                 else if ( p.curve().a_is_minus_3 ) {
-                    const auto z2 = bZIsOne ? p.z : p.z.sqr();
+                    const auto z2 = z_is_one ? p.z : p.z.sqr();
                     return 3 * ( p.x - z2 ) * ( p.x + z2 );
                 }
                 else {
-                    const auto z4 = bZIsOne ? p.z : p.z.sqr().sqr();
+                    const auto z4 = z_is_one ? p.z : p.z.sqr().sqr();
                     return 3 * p.x.sqr() + p.curve().a * z4;
                 }
             }( p );
@@ -1526,9 +1526,9 @@ namespace ack {
         const IntT       n;      // order of g
         const uint32_t   h;      // cofactor, i.e.: h = #E(Fp) / n
                                  //     #E(Fp) - number of points on the curve
-        const bool a_is_minus_3; // cached a == p - 3
-        const bool a_is_zero;    // cached a == 0
-        const IntT p_minus_n;    // cached p - n; used for checking the maximum negative point coordinate
+        const bool a_is_minus_3; // cached constant a == p - 3
+        const bool a_is_zero;    // cached constant a == 0
+        const IntT p_minus_n;    // cached constant p - n; used for checking the maximum negative point coordinate
 
         /**
          * Creates a curve from the given parameters.
@@ -1732,7 +1732,7 @@ namespace ack {
             if ( y.is_zero() ) {
                 return PointT{};
             }
-            return make_point<PointT>( std::move( x ), y );
+            return make_point<PointT>( std::move( x ), std::move( y ) );
         }
 
         /**

tests/include/ack/tests/ecdsa_brainpoolP256r1_test.hpp

@@ -28,7 +28,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( brainpoolP256r1.g.y, "547ef835c3dac4fd97f8461a14611dc9c27745132ded8e545c1d54c72f046997" )
         REQUIRE_EQUAL( brainpoolP256r1.n  , "a9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7" )
         REQUIRE_EQUAL( brainpoolP256r1.h  , 1 )
-        REQUIRE_EQUAL( brainpoolP256r1.verify(), true )
+
+        REQUIRE_EQUAL( brainpoolP256r1.a_is_minus_3, false )
+        REQUIRE_EQUAL( brainpoolP256r1.a_is_zero   , false )
+        REQUIRE_EQUAL( brainpoolP256r1.p_minus_n   , "e2027b801fc479308ff5399a8825fcd0" )
+        REQUIRE_EQUAL( brainpoolP256r1.verify()    , true )
 
         // Test vectors from Google's Wycheproof RSA signature verification tests.
         // Generated from: 'ecdsa_brainpoolP256r1_sha3_256_test.json'

tests/include/ack/tests/ecdsa_brainpoolP320r1_test.hpp

@@ -28,7 +28,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( brainpoolP320r1.g.y, "14fdd05545ec1cc8ab4093247f77275e0743ffed117182eaa9c77877aaac6ac7d35245d1692e8ee1" )
         REQUIRE_EQUAL( brainpoolP320r1.n  , "d35e472036bc4fb7e13c785ed201e065f98fcfa5b68f12a32d482ec7ee8658e98691555b44c59311" )
         REQUIRE_EQUAL( brainpoolP320r1.h  , 1 )
-        REQUIRE_EQUAL( brainpoolP320r1.verify(), true )
+
+        REQUIRE_EQUAL( brainpoolP320r1.a_is_minus_3, false )
+        REQUIRE_EQUAL( brainpoolP320r1.a_is_zero   , false )
+        REQUIRE_EQUAL( brainpoolP320r1.p_minus_n   , "14064fb4c224a8b248a0d933f7642bd56aced9b16" )
+        REQUIRE_EQUAL( brainpoolP320r1.verify()    , true )
 
         // Test vectors from Google's Wycheproof RSA signature verification tests.
         // Generated from: 'ecdsa_brainpoolP320r1_sha384_p1363_test.json'

tests/include/ack/tests/ecdsa_brainpoolP384r1_test.hpp

@@ -28,7 +28,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( brainpoolP384r1.g.y, "8abe1d7520f9c2a45cb1eb8e95cfd55262b70b29feec5864e19c054ff99129280e4646217791811142820341263c5315" )
         REQUIRE_EQUAL( brainpoolP384r1.n  , "8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565" )
         REQUIRE_EQUAL( brainpoolP384r1.h  , 1 )
-        REQUIRE_EQUAL( brainpoolP384r1.verify(), true )
+
+        REQUIRE_EQUAL( brainpoolP384r1.a_is_minus_3, false )
+        REQUIRE_EQUAL( brainpoolP384r1.a_is_zero   , false )
+        REQUIRE_EQUAL( brainpoolP384r1.p_minus_n   , "f39b6bacd3b2eb7bdd98f07a249d57614bbece10480386ee" )
+        REQUIRE_EQUAL( brainpoolP384r1.verify()    , true )
 
         // Test vectors from Google's Wycheproof RSA signature verification tests.
         // Generated from: 'ecdsa_brainpoolP384r1_sha3_384_test.json'

tests/include/ack/tests/ecdsa_brainpoolP512r1_test.hpp

@@ -28,7 +28,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( brainpoolP512r1.g.y, "7dde385d566332ecc0eabfa9cf7822fdf209f70024a57b1aa000c55b881f8111b2dcde494a5f485e5bca4bd88a2763aed1ca2b2fa8f0540678cd1e0f3ad80892" )
         REQUIRE_EQUAL( brainpoolP512r1.n  , "aadd9db8dbe9c48b3fd4e6ae33c9fc07cb308db3b3c9d20ed6639cca70330870553e5c414ca92619418661197fac10471db1d381085ddaddb58796829ca90069" )
         REQUIRE_EQUAL( brainpoolP512r1.h  , 1 )
-        REQUIRE_EQUAL( brainpoolP512r1.verify(), true )
+
+        REQUIRE_EQUAL( brainpoolP512r1.a_is_minus_3, false )
+        REQUIRE_EQUAL( brainpoolP512r1.a_is_zero   , false )
+        REQUIRE_EQUAL( brainpoolP512r1.p_minus_n   , "1280f3ebf4f1d42296d47401166f7709f0ad02bae2524eba77322c9d3bb91488a" )
+        REQUIRE_EQUAL( brainpoolP512r1.verify()    , true )
 
         // Test vectors from Google's Wycheproof RSA signature verification tests.
         // Generated from: 'ecdsa_brainpoolP512r1_sha3_512_test.json'

tests/include/ack/tests/ecdsa_secp256k1_test.hpp

@@ -26,7 +26,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( secp256k1.g.y, "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8" )
         REQUIRE_EQUAL( secp256k1.n  , "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141" )
         REQUIRE_EQUAL( secp256k1.h  , 1 )
-        REQUIRE_EQUAL( secp256k1.verify(), true )
+
+        REQUIRE_EQUAL( secp256k1.a_is_minus_3, false  )
+        REQUIRE_EQUAL( secp256k1.a_is_zero   , true )
+        REQUIRE_EQUAL( secp256k1.p_minus_n   , "14551231950b75fc4402da1722fc9baee" )
+        REQUIRE_EQUAL( secp256k1.verify()    , true )
 
         // Custom test vectors
         {

tests/include/ack/tests/ecdsa_secp256r1_test.hpp

@@ -26,7 +26,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( secp256r1.g.y, "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5" )
         REQUIRE_EQUAL( secp256r1.n  , "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551" )
         REQUIRE_EQUAL( secp256r1.h  , 1 )
-        REQUIRE_EQUAL( secp256r1.verify(), true )
+
+        REQUIRE_EQUAL( secp256r1.a_is_minus_3, true  )
+        REQUIRE_EQUAL( secp256r1.a_is_zero   , false )
+        REQUIRE_EQUAL( secp256r1.p_minus_n   , "4319055358e8617b0c46353d039cdaae" )
+        REQUIRE_EQUAL( secp256r1.verify()    , true )
 
         // Custom test vectors
         {

tests/include/ack/tests/ecdsa_secp384r1_test.hpp

@@ -28,7 +28,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( secp384r1.g.y, "3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f" )
         REQUIRE_EQUAL( secp384r1.n  , "ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973" )
         REQUIRE_EQUAL( secp384r1.h  , 1 )
-        REQUIRE_EQUAL( secp384r1.verify(), true )
+
+        REQUIRE_EQUAL( secp384r1.a_is_minus_3, true  )
+        REQUIRE_EQUAL( secp384r1.a_is_zero   , false )
+        REQUIRE_EQUAL( secp384r1.p_minus_n   , "389cb27e0bc8d21fa7e5f24cb74f58851313e696333ad68c" )
+        REQUIRE_EQUAL( secp384r1.verify()    , true )
 
         // NIST FIPS 186-4 test vectors
         // https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures

tests/include/ack/tests/ecdsa_secp521r1_test.hpp

@@ -28,7 +28,11 @@ namespace ack::tests {
         REQUIRE_EQUAL( secp521r1.g.y, "011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650" )
         REQUIRE_EQUAL( secp521r1.n  , "01fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409" )
         REQUIRE_EQUAL( secp521r1.h  , 1 )
-        REQUIRE_EQUAL( secp521r1.verify(), true )
+
+        REQUIRE_EQUAL( secp521r1.a_is_minus_3, true  )
+        REQUIRE_EQUAL( secp521r1.a_is_zero   , false )
+        REQUIRE_EQUAL( secp521r1.p_minus_n   , "5ae79787c40d069948033feb708f65a2fc44a36477663b851449048e16ec79bf6" )
+        REQUIRE_EQUAL( secp521r1.verify()    , true )
 
         // NIST FIPS 186-4 test vectors
         // https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures