go-ethereum/crypto/secp256k1/secp256_test.go

package secp256k1

import (
	"bytes"
	"fmt"
	"log"
	"testing"

	"github.com/ethereum/go-ethereum/crypto/randentropy"
)

const TESTS = 10000 // how many tests
const SigSize = 65  //64+1

func Test_Secp256_00(t *testing.T) {

	var nonce []byte = randentropy.GetEntropyMixed(32) //going to get bitcoins stolen!

	if len(nonce) != 32 {
		t.Fatal()
	}

}

//tests for Malleability
//highest bit of S must be 0; 32nd byte
func CompactSigTest(sig []byte) {

	var b int = int(sig[32])
	if b < 0 {
		log.Panic()
	}
	if ((b >> 7) == 1) != ((b & 0x80) == 0x80) {
		log.Panic("b= %v b2= %v \n", b, b>>7)
	}
	if (b & 0x80) == 0x80 {
		log.Panic("b= %v b2= %v \n", b, b&0x80)
	}
}

//test pubkey/private generation
func Test_Secp256_01(t *testing.T) {
	pubkey, seckey := GenerateKeyPair()
	if err := VerifySeckeyValidity(seckey); err != nil {
		t.Fatal()
	}
	if err := VerifyPubkeyValidity(pubkey); err != nil {
		t.Fatal()
	}
}

//test size of messages
func Test_Secp256_02s(t *testing.T) {
	pubkey, seckey := GenerateKeyPair()
	msg := randentropy.GetEntropyMixed(32)
	sig, _ := Sign(msg, seckey)
	CompactSigTest(sig)
	if sig == nil {
		t.Fatal("Signature nil")
	}
	if len(pubkey) != 65 {
		t.Fail()
	}
	if len(seckey) != 32 {
		t.Fail()
	}
	if len(sig) != 64+1 {
		t.Fail()
	}
	if int(sig[64]) > 4 {
		t.Fail()
	} //should be 0 to 4
}

//test signing message
func Test_Secp256_02(t *testing.T) {
	pubkey1, seckey := GenerateKeyPair()
	msg := randentropy.GetEntropyMixed(32)
	sig, _ := Sign(msg, seckey)
	if sig == nil {
		t.Fatal("Signature nil")
	}

	pubkey2, _ := RecoverPubkey(msg, sig)
	if pubkey2 == nil {
		t.Fatal("Recovered pubkey invalid")
	}
	if bytes.Equal(pubkey1, pubkey2) == false {
		t.Fatal("Recovered pubkey does not match")
	}

	err := VerifySignature(msg, sig, pubkey1)
	if err != nil {
		t.Fatal("Signature invalid")
	}
}

//test pubkey recovery
func Test_Secp256_02a(t *testing.T) {
	pubkey1, seckey1 := GenerateKeyPair()
	msg := randentropy.GetEntropyMixed(32)
	sig, _ := Sign(msg, seckey1)

	if sig == nil {
		t.Fatal("Signature nil")
	}
	err := VerifySignature(msg, sig, pubkey1)
	if err != nil {
		t.Fatal("Signature invalid")
	}

	pubkey2, _ := RecoverPubkey(msg, sig)
	if len(pubkey1) != len(pubkey2) {
		t.Fatal()
	}
	for i, _ := range pubkey1 {
		if pubkey1[i] != pubkey2[i] {
			t.Fatal()
		}
	}
	if bytes.Equal(pubkey1, pubkey2) == false {
		t.Fatal()
	}
}

//test random messages for the same pub/private key
func Test_Secp256_03(t *testing.T) {
	_, seckey := GenerateKeyPair()
	for i := 0; i < TESTS; i++ {
		msg := randentropy.GetEntropyMixed(32)
		sig, _ := Sign(msg, seckey)
		CompactSigTest(sig)

		sig[len(sig)-1] %= 4
		pubkey2, _ := RecoverPubkey(msg, sig)
		if pubkey2 == nil {
			t.Fail()
		}
	}
}

//test random messages for different pub/private keys
func Test_Secp256_04(t *testing.T) {
	for i := 0; i < TESTS; i++ {
		pubkey1, seckey := GenerateKeyPair()
		msg := randentropy.GetEntropyMixed(32)
		sig, _ := Sign(msg, seckey)
		CompactSigTest(sig)

		if sig[len(sig)-1] >= 4 {
			t.Fail()
		}
		pubkey2, _ := RecoverPubkey(msg, sig)
		if pubkey2 == nil {
			t.Fail()
		}
		if bytes.Equal(pubkey1, pubkey2) == false {
			t.Fail()
		}
	}
}

//test random signatures against fixed messages; should fail

//crashes:
//	-SIPA look at this

func randSig() []byte {
	sig := randentropy.GetEntropyMixed(65)
	sig[32] &= 0x70
	sig[64] %= 4
	return sig
}

func Test_Secp256_06a_alt0(t *testing.T) {
	pubkey1, seckey := GenerateKeyPair()
	msg := randentropy.GetEntropyMixed(32)
	sig, _ := Sign(msg, seckey)

	if sig == nil {
		t.Fail()
	}
	if len(sig) != 65 {
		t.Fail()
	}
	for i := 0; i < TESTS; i++ {
		sig = randSig()
		pubkey2, _ := RecoverPubkey(msg, sig)

		if bytes.Equal(pubkey1, pubkey2) == true {
			t.Fail()
		}

		if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil {
			t.Fail()
		}

		if VerifySignature(msg, sig, pubkey1) == nil {
			t.Fail()
		}
	}
}

//test random messages against valid signature: should fail

func Test_Secp256_06b(t *testing.T) {
	pubkey1, seckey := GenerateKeyPair()
	msg := randentropy.GetEntropyMixed(32)
	sig, _ := Sign(msg, seckey)

	fail_count := 0
	for i := 0; i < TESTS; i++ {
		msg = randentropy.GetEntropyMixed(32)
		pubkey2, _ := RecoverPubkey(msg, sig)
		if bytes.Equal(pubkey1, pubkey2) == true {
			t.Fail()
		}

		if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil {
			t.Fail()
		}

		if VerifySignature(msg, sig, pubkey1) == nil {
			t.Fail()
		}
	}
	if fail_count != 0 {
		fmt.Printf("ERROR: Accepted signature for %v of %v random messages\n", fail_count, TESTS)
	}
}

func TestInvalidKey(t *testing.T) {
	p1 := make([]byte, 32)
	err := VerifySeckeyValidity(p1)
	if err == nil {
		t.Errorf("pvk %x varify sec key should have returned error", p1)
	}
}
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`package secp256k1`

			`import (`
			`"bytes"`
			`"fmt"`
			`"log"`
			`"testing"`
Added invalid sec key test 2015-02-16 13:19:57 +01:00
			`"github.com/ethereum/go-ethereum/crypto/randentropy"`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`)`

			`const TESTS = 10000 // how many tests`
			`const SigSize = 65 //64+1`

			`func Test_Secp256_00(t *testing.T) {`

Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`var nonce []byte = randentropy.GetEntropyMixed(32) //going to get bitcoins stolen!`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00
			`if len(nonce) != 32 {`
			`t.Fatal()`
			`}`

			`}`

			`//tests for Malleability`
			`//highest bit of S must be 0; 32nd byte`
			`func CompactSigTest(sig []byte) {`

			`var b int = int(sig[32])`
			`if b < 0 {`
			`log.Panic()`
			`}`
			`if ((b >> 7) == 1) != ((b & 0x80) == 0x80) {`
			`log.Panic("b= %v b2= %v \n", b, b>>7)`
			`}`
			`if (b & 0x80) == 0x80 {`
			`log.Panic("b= %v b2= %v \n", b, b&0x80)`
			`}`
			`}`

			`//test pubkey/private generation`
			`func Test_Secp256_01(t *testing.T) {`
			`pubkey, seckey := GenerateKeyPair()`
			`if err := VerifySeckeyValidity(seckey); err != nil {`
			`t.Fatal()`
			`}`
			`if err := VerifyPubkeyValidity(pubkey); err != nil {`
			`t.Fatal()`
			`}`
			`}`

			`//test size of messages`
			`func Test_Secp256_02s(t *testing.T) {`
			`pubkey, seckey := GenerateKeyPair()`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey)`
			`CompactSigTest(sig)`
			`if sig == nil {`
			`t.Fatal("Signature nil")`
			`}`
			`if len(pubkey) != 65 {`
			`t.Fail()`
			`}`
			`if len(seckey) != 32 {`
			`t.Fail()`
			`}`
			`if len(sig) != 64+1 {`
			`t.Fail()`
			`}`
			`if int(sig[64]) > 4 {`
			`t.Fail()`
			`} //should be 0 to 4`
			`}`

			`//test signing message`
			`func Test_Secp256_02(t *testing.T) {`
			`pubkey1, seckey := GenerateKeyPair()`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey)`
			`if sig == nil {`
			`t.Fatal("Signature nil")`
			`}`

			`pubkey2, _ := RecoverPubkey(msg, sig)`
			`if pubkey2 == nil {`
			`t.Fatal("Recovered pubkey invalid")`
			`}`
			`if bytes.Equal(pubkey1, pubkey2) == false {`
			`t.Fatal("Recovered pubkey does not match")`
			`}`

			`err := VerifySignature(msg, sig, pubkey1)`
			`if err != nil {`
			`t.Fatal("Signature invalid")`
			`}`
			`}`

			`//test pubkey recovery`
			`func Test_Secp256_02a(t *testing.T) {`
			`pubkey1, seckey1 := GenerateKeyPair()`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey1)`

			`if sig == nil {`
			`t.Fatal("Signature nil")`
			`}`
			`err := VerifySignature(msg, sig, pubkey1)`
			`if err != nil {`
			`t.Fatal("Signature invalid")`
			`}`

			`pubkey2, _ := RecoverPubkey(msg, sig)`
			`if len(pubkey1) != len(pubkey2) {`
			`t.Fatal()`
			`}`
			`for i, _ := range pubkey1 {`
			`if pubkey1[i] != pubkey2[i] {`
			`t.Fatal()`
			`}`
			`}`
			`if bytes.Equal(pubkey1, pubkey2) == false {`
			`t.Fatal()`
			`}`
			`}`

			`//test random messages for the same pub/private key`
			`func Test_Secp256_03(t *testing.T) {`
			`_, seckey := GenerateKeyPair()`
			`for i := 0; i < TESTS; i++ {`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey)`
			`CompactSigTest(sig)`

			`sig[len(sig)-1] %= 4`
			`pubkey2, _ := RecoverPubkey(msg, sig)`
			`if pubkey2 == nil {`
			`t.Fail()`
			`}`
			`}`
			`}`

			`//test random messages for different pub/private keys`
			`func Test_Secp256_04(t *testing.T) {`
			`for i := 0; i < TESTS; i++ {`
			`pubkey1, seckey := GenerateKeyPair()`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey)`
			`CompactSigTest(sig)`

			`if sig[len(sig)-1] >= 4 {`
			`t.Fail()`
			`}`
			`pubkey2, _ := RecoverPubkey(msg, sig)`
			`if pubkey2 == nil {`
			`t.Fail()`
			`}`
			`if bytes.Equal(pubkey1, pubkey2) == false {`
			`t.Fail()`
			`}`
			`}`
			`}`

			`//test random signatures against fixed messages; should fail`

			`//crashes:`
			`// -SIPA look at this`

			`func randSig() []byte {`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`sig := randentropy.GetEntropyMixed(65)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig[32] &= 0x70`
			`sig[64] %= 4`
			`return sig`
			`}`

			`func Test_Secp256_06a_alt0(t *testing.T) {`
			`pubkey1, seckey := GenerateKeyPair()`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey)`

			`if sig == nil {`
			`t.Fail()`
			`}`
			`if len(sig) != 65 {`
			`t.Fail()`
			`}`
			`for i := 0; i < TESTS; i++ {`
			`sig = randSig()`
			`pubkey2, _ := RecoverPubkey(msg, sig)`

			`if bytes.Equal(pubkey1, pubkey2) == true {`
			`t.Fail()`
			`}`

			`if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil {`
			`t.Fail()`
			`}`

			`if VerifySignature(msg, sig, pubkey1) == nil {`
			`t.Fail()`
			`}`
			`}`
			`}`

			`//test random messages against valid signature: should fail`

			`func Test_Secp256_06b(t *testing.T) {`
			`pubkey1, seckey := GenerateKeyPair()`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg := randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`sig, _ := Sign(msg, seckey)`

			`fail_count := 0`
			`for i := 0; i < TESTS; i++ {`
Remove secp256_rand.go and update tests 2015-02-13 18:22:36 +01:00			`msg = randentropy.GetEntropyMixed(32)`
Moved `obscuren` secp256k1-go 2015-01-22 00:35:00 +01:00			`pubkey2, _ := RecoverPubkey(msg, sig)`
			`if bytes.Equal(pubkey1, pubkey2) == true {`
			`t.Fail()`
			`}`

			`if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil {`
			`t.Fail()`
			`}`

			`if VerifySignature(msg, sig, pubkey1) == nil {`
			`t.Fail()`
			`}`
			`}`
			`if fail_count != 0 {`
			`fmt.Printf("ERROR: Accepted signature for %v of %v random messages\n", fail_count, TESTS)`
			`}`
			`}`
Added invalid sec key test 2015-02-16 13:19:57 +01:00
			`func TestInvalidKey(t *testing.T) {`
			`p1 := make([]byte, 32)`
			`err := VerifySeckeyValidity(p1)`
			`if err == nil {`
			`t.Errorf("pvk %x varify sec key should have returned error", p1)`
			`}`
			`}`