github.com/bytom/bytom@v1.1.2-0.20221014091027-bbcba3df6075/crypto/ed25519/chainkd/expanded_key_test.go

github.com/bytom/bytom@v1.1.2-0.20221014091027-bbcba3df6075/crypto/ed25519/chainkd/expanded_key_test.go (about)

     1  package chainkd
     2  
     3  import (
     4  	"bytes"
     5  	"crypto"
     6  	"crypto/ed25519"
     7  	"testing"
     8  )
     9  
    10  // Testing basic InnerSign+Verify and the invariants:
    11  // 1) Expand(PrivateKey).Sign() == PrivateKey.Sign()
    12  // 2) InnerSign(Expand(PrivateKey)) == Sign(PrivateKey)
    13  
    14  type zeroReader struct{}
    15  
    16  func (zeroReader) Read(buf []byte) (int, error) {
    17  	for i := range buf {
    18  		buf[i] = 0
    19  	}
    20  	return len(buf), nil
    21  }
    22  
    23  func TestInnerSignVerify(t *testing.T) {
    24  	var zero zeroReader
    25  	public, private, _ := ed25519.GenerateKey(zero)
    26  	expprivate := expandEd25519PrivateKey(private)
    27  
    28  	message := []byte("test message")
    29  	sig := Ed25519InnerSign(expprivate, message)
    30  	if !ed25519.Verify(public, message, sig) {
    31  		t.Errorf("valid signature rejected")
    32  	}
    33  
    34  	wrongMessage := []byte("wrong message")
    35  	if ed25519.Verify(public, wrongMessage, sig) {
    36  		t.Errorf("signature of different message accepted")
    37  	}
    38  }
    39  
    40  func TestExpandedKeySignerInterfaceInvariant(t *testing.T) {
    41  	var zero zeroReader
    42  	public, private, _ := ed25519.GenerateKey(zero)
    43  	expprivate := expandEd25519PrivateKey(private)
    44  
    45  	signer1 := crypto.Signer(private)
    46  	signer2 := crypto.Signer(expprivate)
    47  
    48  	publicInterface1 := signer1.Public()
    49  	publicInterface2 := signer2.Public()
    50  	public1, ok := publicInterface1.(ed25519.PublicKey)
    51  	if !ok {
    52  		t.Fatalf("expected PublicKey from Public() but got %T", publicInterface1)
    53  	}
    54  	public2, ok := publicInterface2.(ed25519.PublicKey)
    55  	if !ok {
    56  		t.Fatalf("expected PublicKey from Public() but got %T", publicInterface2)
    57  	}
    58  
    59  	if !bytes.Equal(public, public1) {
    60  		t.Errorf("public keys do not match: original:%x vs Public():%x", public, public1)
    61  	}
    62  	if !bytes.Equal(public, public2) {
    63  		t.Errorf("public keys do not match: original:%x vs Public():%x", public, public2)
    64  	}
    65  
    66  	message := []byte("message")
    67  	var noHash crypto.Hash
    68  	signature1, err := signer1.Sign(zero, message, noHash)
    69  	if err != nil {
    70  		t.Fatalf("error from Sign(): %s", err)
    71  	}
    72  	signature2, err := signer2.Sign(zero, message, noHash)
    73  	if err != nil {
    74  		t.Fatalf("error from Sign(): %s", err)
    75  	}
    76  	if !bytes.Equal(signature1[:], signature2[:]) {
    77  		t.Errorf(".Sign() should return identical signatures for Signer(privkey) and Signer(Expand(privkey))")
    78  	}
    79  	if !ed25519.Verify(public, message, signature1) {
    80  		t.Errorf("Verify failed on signature from Sign()")
    81  	}
    82  }
    83  
    84  func TestInnerSignInvariant(t *testing.T) {
    85  	var zero zeroReader
    86  	_, private, _ := ed25519.GenerateKey(zero)
    87  	expprivate := expandEd25519PrivateKey(private)
    88  
    89  	message := []byte("test message")
    90  	sig1 := ed25519.Sign(private, message)
    91  	sig2 := Ed25519InnerSign(expprivate, message)
    92  
    93  	if !bytes.Equal(sig1[:], sig2[:]) {
    94  		t.Errorf("InnerSign(Expand(privkey)) must return the same as Sign(privkey)")
    95  	}
    96  }