github.com/Bytom/bytom@v1.1.2-0.20210127130405-ae40204c0b09/crypto/ed25519/chainkd/expanded_key_test.go

github.com/Bytom/bytom@v1.1.2-0.20210127130405-ae40204c0b09/crypto/ed25519/chainkd/expanded_key_test.go (about)

     1  package chainkd
     2  
     3  import (
     4  	"bytes"
     5  	"crypto"
     6  	"testing"
     7  
     8  	"github.com/bytom/bytom/crypto/ed25519"
     9  )
    10  
    11  // Testing basic InnerSign+Verify and the invariants:
    12  // 1) Expand(PrivateKey).Sign() == PrivateKey.Sign()
    13  // 2) InnerSign(Expand(PrivateKey)) == Sign(PrivateKey)
    14  
    15  type zeroReader struct{}
    16  
    17  func (zeroReader) Read(buf []byte) (int, error) {
    18  	for i := range buf {
    19  		buf[i] = 0
    20  	}
    21  	return len(buf), nil
    22  }
    23  
    24  func TestInnerSignVerify(t *testing.T) {
    25  	var zero zeroReader
    26  	public, private, _ := ed25519.GenerateKey(zero)
    27  	expprivate := expandEd25519PrivateKey(private)
    28  
    29  	message := []byte("test message")
    30  	sig := Ed25519InnerSign(expprivate, message)
    31  	if !ed25519.Verify(public, message, sig) {
    32  		t.Errorf("valid signature rejected")
    33  	}
    34  
    35  	wrongMessage := []byte("wrong message")
    36  	if ed25519.Verify(public, wrongMessage, sig) {
    37  		t.Errorf("signature of different message accepted")
    38  	}
    39  }
    40  
    41  func TestExpandedKeySignerInterfaceInvariant(t *testing.T) {
    42  	var zero zeroReader
    43  	public, private, _ := ed25519.GenerateKey(zero)
    44  	expprivate := expandEd25519PrivateKey(private)
    45  
    46  	signer1 := crypto.Signer(private)
    47  	signer2 := crypto.Signer(expprivate)
    48  
    49  	publicInterface1 := signer1.Public()
    50  	publicInterface2 := signer2.Public()
    51  	public1, ok := publicInterface1.(ed25519.PublicKey)
    52  	if !ok {
    53  		t.Fatalf("expected PublicKey from Public() but got %T", publicInterface1)
    54  	}
    55  	public2, ok := publicInterface2.(ed25519.PublicKey)
    56  	if !ok {
    57  		t.Fatalf("expected PublicKey from Public() but got %T", publicInterface2)
    58  	}
    59  
    60  	if !bytes.Equal(public, public1) {
    61  		t.Errorf("public keys do not match: original:%x vs Public():%x", public, public1)
    62  	}
    63  	if !bytes.Equal(public, public2) {
    64  		t.Errorf("public keys do not match: original:%x vs Public():%x", public, public2)
    65  	}
    66  
    67  	message := []byte("message")
    68  	var noHash crypto.Hash
    69  	signature1, err := signer1.Sign(zero, message, noHash)
    70  	if err != nil {
    71  		t.Fatalf("error from Sign(): %s", err)
    72  	}
    73  	signature2, err := signer2.Sign(zero, message, noHash)
    74  	if err != nil {
    75  		t.Fatalf("error from Sign(): %s", err)
    76  	}
    77  	if !bytes.Equal(signature1[:], signature2[:]) {
    78  		t.Errorf(".Sign() should return identical signatures for Signer(privkey) and Signer(Expand(privkey))")
    79  	}
    80  	if !ed25519.Verify(public, message, signature1) {
    81  		t.Errorf("Verify failed on signature from Sign()")
    82  	}
    83  }
    84  
    85  func TestInnerSignInvariant(t *testing.T) {
    86  	var zero zeroReader
    87  	_, private, _ := ed25519.GenerateKey(zero)
    88  	expprivate := expandEd25519PrivateKey(private)
    89  
    90  	message := []byte("test message")
    91  	sig1 := ed25519.Sign(private, message)
    92  	sig2 := Ed25519InnerSign(expprivate, message)
    93  
    94  	if !bytes.Equal(sig1[:], sig2[:]) {
    95  		t.Errorf("InnerSign(Expand(privkey)) must return the same as Sign(privkey)")
    96  	}
    97  }