github.com/consensys/gnark-crypto@v0.14.0/ecc/stark-curve/ecdsa/ecdsa_test.go (about) 1 // Copyright 2020 Consensys Software Inc. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // Code generated by consensys/gnark-crypto DO NOT EDIT 16 17 package ecdsa 18 19 import ( 20 "crypto/rand" 21 "crypto/sha256" 22 "github.com/consensys/gnark-crypto/ecc/stark-curve/fr" 23 "math/big" 24 "testing" 25 26 "github.com/leanovate/gopter" 27 "github.com/leanovate/gopter/prop" 28 ) 29 30 func TestECDSA(t *testing.T) { 31 32 t.Parallel() 33 parameters := gopter.DefaultTestParameters() 34 properties := gopter.NewProperties(parameters) 35 36 properties.Property("[STARK-CURVE] test the signing and verification", prop.ForAll( 37 func() bool { 38 39 privKey, _ := GenerateKey(rand.Reader) 40 publicKey := privKey.PublicKey 41 42 msg := []byte("testing ECDSA") 43 hFunc := sha256.New() 44 sig, _ := privKey.Sign(msg, hFunc) 45 flag, _ := publicKey.Verify(sig, msg, hFunc) 46 47 return flag 48 }, 49 )) 50 51 properties.Property("[STARK-CURVE] test the signing and verification (pre-hashed)", prop.ForAll( 52 func() bool { 53 54 privKey, _ := GenerateKey(rand.Reader) 55 publicKey := privKey.PublicKey 56 57 msg := []byte("testing ECDSA") 58 sig, _ := privKey.Sign(msg, nil) 59 flag, _ := publicKey.Verify(sig, msg, nil) 60 61 return flag 62 }, 63 )) 64 65 properties.TestingRun(t, gopter.ConsoleReporter(false)) 66 } 67 func TestRecoverPublicKey(t *testing.T) { 68 t.Parallel() 69 parameters := gopter.DefaultTestParameters() 70 properties := gopter.NewProperties(parameters) 71 properties.Property("[STARK-CURVE] test public key recover", prop.ForAll( 72 func() bool { 73 sk, err := GenerateKey(rand.Reader) 74 if err != nil { 75 return false 76 } 77 pk := sk.PublicKey 78 msg := []byte("test") 79 v, r, s, err := sk.SignForRecover(msg, nil) 80 if err != nil { 81 return false 82 } 83 var recovered PublicKey 84 if err = recovered.RecoverFrom(msg, v, r, s); err != nil { 85 return false 86 } 87 return pk.Equal(&recovered) 88 }, 89 )) 90 properties.TestingRun(t, gopter.ConsoleReporter(false)) 91 } 92 93 func TestNonMalleability(t *testing.T) { 94 95 // buffer too big 96 t.Run("buffer_overflow", func(t *testing.T) { 97 bsig := make([]byte, 2*sizeFr+1) 98 var sig Signature 99 _, err := sig.SetBytes(bsig) 100 if err != errWrongSize { 101 t.Fatal("should raise wrong size error") 102 } 103 }) 104 105 // R overflows p_mod 106 t.Run("R_overflow", func(t *testing.T) { 107 bsig := make([]byte, 2*sizeFr) 108 r := big.NewInt(1) 109 frMod := fr.Modulus() 110 r.Add(r, frMod) 111 buf := r.Bytes() 112 copy(bsig, buf[:]) 113 114 var sig Signature 115 _, err := sig.SetBytes(bsig) 116 if err != errRBiggerThanRMod { 117 t.Fatal("should raise error r >= r_mod") 118 } 119 }) 120 121 // S overflows p_mod 122 t.Run("S_overflow", func(t *testing.T) { 123 bsig := make([]byte, 2*sizeFr) 124 r := big.NewInt(1) 125 frMod := fr.Modulus() 126 r.Add(r, frMod) 127 buf := r.Bytes() 128 copy(bsig[sizeFr:], buf[:]) 129 big.NewInt(1).FillBytes(bsig[:sizeFr]) 130 131 var sig Signature 132 _, err := sig.SetBytes(bsig) 133 if err != errSBiggerThanRMod { 134 t.Fatal("should raise error s >= r_mod") 135 } 136 }) 137 138 } 139 140 func TestNoZeros(t *testing.T) { 141 t.Run("R=0", func(t *testing.T) { 142 // R is 0 143 var sig Signature 144 big.NewInt(0).FillBytes(sig.R[:]) 145 big.NewInt(1).FillBytes(sig.S[:]) 146 bts := sig.Bytes() 147 var newSig Signature 148 _, err := newSig.SetBytes(bts) 149 if err != errZero { 150 t.Fatal("expected error for zero R") 151 } 152 }) 153 t.Run("S=0", func(t *testing.T) { 154 // S is 0 155 var sig Signature 156 big.NewInt(1).FillBytes(sig.R[:]) 157 big.NewInt(0).FillBytes(sig.S[:]) 158 bts := sig.Bytes() 159 var newSig Signature 160 _, err := newSig.SetBytes(bts) 161 if err != errZero { 162 t.Fatal("expected error for zero S") 163 } 164 }) 165 } 166 167 // ------------------------------------------------------------ 168 // benches 169 170 func BenchmarkSignECDSA(b *testing.B) { 171 172 privKey, _ := GenerateKey(rand.Reader) 173 174 msg := []byte("benchmarking ECDSA sign()") 175 b.ResetTimer() 176 for i := 0; i < b.N; i++ { 177 privKey.Sign(msg, nil) 178 } 179 } 180 181 func BenchmarkVerifyECDSA(b *testing.B) { 182 183 privKey, _ := GenerateKey(rand.Reader) 184 msg := []byte("benchmarking ECDSA sign()") 185 sig, _ := privKey.Sign(msg, nil) 186 187 b.ResetTimer() 188 for i := 0; i < b.N; i++ { 189 privKey.PublicKey.Verify(sig, msg, nil) 190 } 191 } 192 func BenchmarkRecoverPublicKey(b *testing.B) { 193 sk, err := GenerateKey(rand.Reader) 194 if err != nil { 195 b.Fatal(err) 196 } 197 msg := []byte("bench") 198 v, r, s, err := sk.SignForRecover(msg, sha256.New()) 199 if err != nil { 200 b.Fatal(err) 201 } 202 for i := 0; i < b.N; i++ { 203 var recovered PublicKey 204 if err = recovered.RecoverFrom(msg, v, r, s); err != nil { 205 b.Fatal(err) 206 } 207 } 208 }