github.com/turingchain2020/turingchain@v1.1.21/common/vrf/secp256k1/secp256k1_test.go (about) 1 // Copyright Turing Corp. 2018 All Rights Reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Copyright 2016 Google Inc. All Rights Reserved. 6 // 7 // Licensed under the Apache License, Version 2.0 (the "License"); 8 // you may not use this file except in compliance with the License. 9 // You may obtain a copy of the License at 10 // 11 // http://www.apache.org/licenses/LICENSE-2.0 12 // 13 // Unless required by applicable law or agreed to in writing, software 14 // distributed under the License is distributed on an "AS IS" BASIS, 15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 // See the License for the specific language governing permissions and 17 // limitations under the License. 18 19 package secp256k1 20 21 import ( 22 "bytes" 23 "crypto/rand" 24 "math" 25 "testing" 26 ) 27 28 func TestH1(t *testing.T) { 29 for i := 0; i < 10000; i++ { 30 m := make([]byte, 100) 31 if _, err := rand.Read(m); err != nil { 32 t.Fatalf("Failed generating random message: %v", err) 33 } 34 x, y := H1(m) 35 if x == nil { 36 t.Errorf("H1(%v)=%v, want curve point", m, x) 37 } 38 if got := curve.IsOnCurve(x, y); !got { 39 t.Errorf("H1(%v)=[%v, %v], is not on curve", m, x, y) 40 } 41 } 42 } 43 44 func TestH2(t *testing.T) { 45 l := 32 46 for i := 0; i < 10000; i++ { 47 m := make([]byte, 100) 48 if _, err := rand.Read(m); err != nil { 49 t.Fatalf("Failed generating random message: %v", err) 50 } 51 x := H2(m) 52 if got := len(x.Bytes()); got < 1 || got > l { 53 t.Errorf("len(h2(%v)) = %v, want: 1 <= %v <= %v", m, got, got, l) 54 } 55 } 56 } 57 58 func TestVRF(t *testing.T) { 59 k, pk := GenerateKey() 60 61 m1 := []byte("data1") 62 m2 := []byte("data2") 63 m3 := []byte("data2") 64 index1, proof1 := k.Evaluate(m1) 65 index2, proof2 := k.Evaluate(m2) 66 index3, proof3 := k.Evaluate(m3) 67 for _, tc := range []struct { 68 m []byte 69 index [32]byte 70 proof []byte 71 err error 72 }{ 73 {m1, index1, proof1, nil}, 74 {m2, index2, proof2, nil}, 75 {m3, index3, proof3, nil}, 76 {m3, index3, proof2, nil}, 77 {m3, index3, proof1, ErrInvalidVRF}, 78 } { 79 index, err := pk.ProofToHash(tc.m, tc.proof) 80 if got, want := err, tc.err; got != want { 81 t.Errorf("ProofToHash(%s, %x): %v, want %v", tc.m, tc.proof, got, want) 82 } 83 if err != nil { 84 continue 85 } 86 if got, want := index, tc.index; got != want { 87 t.Errorf("ProofToInex(%s, %x): %x, want %x", tc.m, tc.proof, got, want) 88 } 89 } 90 } 91 func TestRightTruncateProof(t *testing.T) { 92 k, pk := GenerateKey() 93 94 data := []byte("data") 95 _, proof := k.Evaluate(data) 96 proofLen := len(proof) 97 for i := 0; i < proofLen; i++ { 98 proof = proof[:len(proof)-1] 99 if _, err := pk.ProofToHash(data, proof); err == nil { 100 t.Errorf("Verify unexpectedly succeeded after truncating %v bytes from the end of proof", i) 101 } 102 } 103 } 104 105 func TestLeftTruncateProof(t *testing.T) { 106 k, pk := GenerateKey() 107 108 data := []byte("data") 109 _, proof := k.Evaluate(data) 110 proofLen := len(proof) 111 for i := 0; i < proofLen; i++ { 112 proof = proof[1:] 113 if _, err := pk.ProofToHash(data, proof); err == nil { 114 t.Errorf("Verify unexpectedly succeeded after truncating %v bytes from the beginning of proof", i) 115 } 116 } 117 } 118 119 func TestBitFlip(t *testing.T) { 120 k, pk := GenerateKey() 121 122 data := []byte("data") 123 _, proof := k.Evaluate(data) 124 for i := 0; i < len(proof)*8; i++ { 125 // Flip bit in position i. 126 if _, err := pk.ProofToHash(data, flipBit(proof, i)); err == nil { 127 t.Errorf("Verify unexpectedly succeeded after flipping bit %v of vrf", i) 128 } 129 } 130 } 131 132 func flipBit(a []byte, pos int) []byte { 133 index := int(math.Floor(float64(pos) / 8)) 134 b := a[index] 135 b ^= (1 << uint(math.Mod(float64(pos), 8.0))) 136 137 var buf bytes.Buffer 138 buf.Write(a[:index]) 139 buf.Write([]byte{b}) 140 buf.Write(a[index+1:]) 141 return buf.Bytes() 142 }