You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

238 lines
4.6 KiB

  1. package secp256k1
  2. import (
  3. "bytes"
  4. "fmt"
  5. "log"
  6. "testing"
  7. "github.com/tendermint/tendermint/vm/randentropy"
  8. )
  9. const TESTS = 10000 // how many tests
  10. const SigSize = 65 //64+1
  11. func Test_Secp256_00(t *testing.T) {
  12. var nonce []byte = randentropy.GetEntropyCSPRNG(32) //going to get bitcoins stolen!
  13. if len(nonce) != 32 {
  14. t.Fatal()
  15. }
  16. }
  17. //tests for Malleability
  18. //highest bit of S must be 0; 32nd byte
  19. func CompactSigTest(sig []byte) {
  20. var b int = int(sig[32])
  21. if b < 0 {
  22. log.Panic()
  23. }
  24. if ((b >> 7) == 1) != ((b & 0x80) == 0x80) {
  25. log.Panic("b= %v b2= %v \n", b, b>>7)
  26. }
  27. if (b & 0x80) == 0x80 {
  28. log.Panic("b= %v b2= %v \n", b, b&0x80)
  29. }
  30. }
  31. //test pubkey/private generation
  32. func Test_Secp256_01(t *testing.T) {
  33. pubkey, seckey := GenerateKeyPair()
  34. if err := VerifySeckeyValidity(seckey); err != nil {
  35. t.Fatal()
  36. }
  37. if err := VerifyPubkeyValidity(pubkey); err != nil {
  38. t.Fatal()
  39. }
  40. }
  41. //test size of messages
  42. func Test_Secp256_02s(t *testing.T) {
  43. pubkey, seckey := GenerateKeyPair()
  44. msg := randentropy.GetEntropyCSPRNG(32)
  45. sig, _ := Sign(msg, seckey)
  46. CompactSigTest(sig)
  47. if sig == nil {
  48. t.Fatal("Signature nil")
  49. }
  50. if len(pubkey) != 65 {
  51. t.Fail()
  52. }
  53. if len(seckey) != 32 {
  54. t.Fail()
  55. }
  56. if len(sig) != 64+1 {
  57. t.Fail()
  58. }
  59. if int(sig[64]) > 4 {
  60. t.Fail()
  61. } //should be 0 to 4
  62. }
  63. //test signing message
  64. func Test_Secp256_02(t *testing.T) {
  65. pubkey1, seckey := GenerateKeyPair()
  66. msg := randentropy.GetEntropyCSPRNG(32)
  67. sig, _ := Sign(msg, seckey)
  68. if sig == nil {
  69. t.Fatal("Signature nil")
  70. }
  71. pubkey2, _ := RecoverPubkey(msg, sig)
  72. if pubkey2 == nil {
  73. t.Fatal("Recovered pubkey invalid")
  74. }
  75. if bytes.Equal(pubkey1, pubkey2) == false {
  76. t.Fatal("Recovered pubkey does not match")
  77. }
  78. err := VerifySignature(msg, sig, pubkey1)
  79. if err != nil {
  80. t.Fatal("Signature invalid")
  81. }
  82. }
  83. //test pubkey recovery
  84. func Test_Secp256_02a(t *testing.T) {
  85. pubkey1, seckey1 := GenerateKeyPair()
  86. msg := randentropy.GetEntropyCSPRNG(32)
  87. sig, _ := Sign(msg, seckey1)
  88. if sig == nil {
  89. t.Fatal("Signature nil")
  90. }
  91. err := VerifySignature(msg, sig, pubkey1)
  92. if err != nil {
  93. t.Fatal("Signature invalid")
  94. }
  95. pubkey2, _ := RecoverPubkey(msg, sig)
  96. if len(pubkey1) != len(pubkey2) {
  97. t.Fatal()
  98. }
  99. for i, _ := range pubkey1 {
  100. if pubkey1[i] != pubkey2[i] {
  101. t.Fatal()
  102. }
  103. }
  104. if bytes.Equal(pubkey1, pubkey2) == false {
  105. t.Fatal()
  106. }
  107. }
  108. //test random messages for the same pub/private key
  109. func Test_Secp256_03(t *testing.T) {
  110. _, seckey := GenerateKeyPair()
  111. for i := 0; i < TESTS; i++ {
  112. msg := randentropy.GetEntropyCSPRNG(32)
  113. sig, _ := Sign(msg, seckey)
  114. CompactSigTest(sig)
  115. sig[len(sig)-1] %= 4
  116. pubkey2, _ := RecoverPubkey(msg, sig)
  117. if pubkey2 == nil {
  118. t.Fail()
  119. }
  120. }
  121. }
  122. //test random messages for different pub/private keys
  123. func Test_Secp256_04(t *testing.T) {
  124. for i := 0; i < TESTS; i++ {
  125. pubkey1, seckey := GenerateKeyPair()
  126. msg := randentropy.GetEntropyCSPRNG(32)
  127. sig, _ := Sign(msg, seckey)
  128. CompactSigTest(sig)
  129. if sig[len(sig)-1] >= 4 {
  130. t.Fail()
  131. }
  132. pubkey2, _ := RecoverPubkey(msg, sig)
  133. if pubkey2 == nil {
  134. t.Fail()
  135. }
  136. if bytes.Equal(pubkey1, pubkey2) == false {
  137. t.Fail()
  138. }
  139. }
  140. }
  141. //test random signatures against fixed messages; should fail
  142. //crashes:
  143. // -SIPA look at this
  144. func randSig() []byte {
  145. sig := randentropy.GetEntropyCSPRNG(65)
  146. sig[32] &= 0x70
  147. sig[64] %= 4
  148. return sig
  149. }
  150. func Test_Secp256_06a_alt0(t *testing.T) {
  151. pubkey1, seckey := GenerateKeyPair()
  152. msg := randentropy.GetEntropyCSPRNG(32)
  153. sig, _ := Sign(msg, seckey)
  154. if sig == nil {
  155. t.Fail()
  156. }
  157. if len(sig) != 65 {
  158. t.Fail()
  159. }
  160. for i := 0; i < TESTS; i++ {
  161. sig = randSig()
  162. pubkey2, _ := RecoverPubkey(msg, sig)
  163. if bytes.Equal(pubkey1, pubkey2) == true {
  164. t.Fail()
  165. }
  166. if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil {
  167. t.Fail()
  168. }
  169. if VerifySignature(msg, sig, pubkey1) == nil {
  170. t.Fail()
  171. }
  172. }
  173. }
  174. //test random messages against valid signature: should fail
  175. func Test_Secp256_06b(t *testing.T) {
  176. pubkey1, seckey := GenerateKeyPair()
  177. msg := randentropy.GetEntropyCSPRNG(32)
  178. sig, _ := Sign(msg, seckey)
  179. fail_count := 0
  180. for i := 0; i < TESTS; i++ {
  181. msg = randentropy.GetEntropyCSPRNG(32)
  182. pubkey2, _ := RecoverPubkey(msg, sig)
  183. if bytes.Equal(pubkey1, pubkey2) == true {
  184. t.Fail()
  185. }
  186. if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil {
  187. t.Fail()
  188. }
  189. if VerifySignature(msg, sig, pubkey1) == nil {
  190. t.Fail()
  191. }
  192. }
  193. if fail_count != 0 {
  194. fmt.Printf("ERROR: Accepted signature for %v of %v random messages\n", fail_count, TESTS)
  195. }
  196. }
  197. func TestInvalidKey(t *testing.T) {
  198. p1 := make([]byte, 32)
  199. err := VerifySeckeyValidity(p1)
  200. if err == nil {
  201. t.Errorf("pvk %x varify sec key should have returned error", p1)
  202. }
  203. }