2022-02-15 20:28:14 +01:00
|
|
|
module main
|
|
|
|
|
|
|
|
// NB: this should be in vlib/crypto/ed25519/ed25519_test.v
|
|
|
|
// but is currently one folder below, because of a V parser/symbol registration bug.
|
|
|
|
// TODO: move this test back to vlib/crypto/ed25519/ed25519_test.v
|
|
|
|
import os
|
|
|
|
import sync.pool
|
|
|
|
import encoding.hex
|
|
|
|
import crypto.ed25519
|
|
|
|
|
|
|
|
const vexe = os.getenv('VEXE')
|
|
|
|
|
|
|
|
const vroot = os.dir(vexe)
|
|
|
|
|
|
|
|
const testdata = os.join_path(vroot, 'vlib/crypto/ed25519/testdata')
|
|
|
|
|
|
|
|
const contents = os.read_lines(os.join_path(testdata, 'sign.input')) or { panic(err) }
|
|
|
|
|
|
|
|
/*
|
|
|
|
struct ZeroReader {}
|
|
|
|
|
|
|
|
fn (z ZeroReader) read(mut buf []byte) ?int {
|
|
|
|
for i, _ in buf {
|
|
|
|
buf[i] = 0
|
|
|
|
}
|
|
|
|
return buf.len
|
|
|
|
}
|
|
|
|
*/
|
|
|
|
|
|
|
|
fn test_sign_verify() ? {
|
|
|
|
// mut zero := ZeroReader{}
|
|
|
|
public, private := ed25519.generate_key() ?
|
|
|
|
|
|
|
|
message := 'test message'.bytes()
|
|
|
|
sig := ed25519.sign(private, message) ?
|
|
|
|
res := ed25519.verify(public, message, sig) or { false }
|
|
|
|
assert res == true
|
|
|
|
|
|
|
|
wrongmessage := 'wrong message'.bytes()
|
|
|
|
res2 := ed25519.verify(public, wrongmessage, sig) ?
|
|
|
|
assert res2 == false
|
|
|
|
}
|
|
|
|
|
|
|
|
fn test_equal() ? {
|
|
|
|
public, private := ed25519.generate_key() ?
|
|
|
|
|
|
|
|
assert public.equal(public) == true
|
|
|
|
|
|
|
|
// This is not AVAILABLE
|
|
|
|
/*
|
|
|
|
if !public.Equal(crypto.Signer(private).Public()) {
|
|
|
|
t.Errorf("private.Public() is not Equal to public: %q", public)
|
|
|
|
}*/
|
|
|
|
assert private.equal(private) == true
|
|
|
|
|
|
|
|
otherpub, otherpriv := ed25519.generate_key() ?
|
|
|
|
assert public.equal(otherpub) == false
|
|
|
|
|
|
|
|
assert private.equal(otherpriv) == false
|
|
|
|
}
|
|
|
|
|
|
|
|
fn test_malleability() ? {
|
|
|
|
// https://tools.ietf.org/html/rfc8032#section-5.1.7 adds an additional test
|
|
|
|
// that s be in [0, order). This prevents someone from adding a multiple of
|
|
|
|
// order to s and obtaining a second valid signature for the same message.
|
|
|
|
msg := [byte(0x54), 0x65, 0x73, 0x74]
|
|
|
|
sig := [byte(0x7c), 0x38, 0xe0, 0x26, 0xf2, 0x9e, 0x14, 0xaa, 0xbd, 0x05, 0x9a, 0x0f, 0x2d,
|
|
|
|
0xb8, 0xb0, 0xcd, 0x78, 0x30, 0x40, 0x60, 0x9a, 0x8b, 0xe6, 0x84, 0xdb, 0x12, 0xf8, 0x2a,
|
|
|
|
0x27, 0x77, 0x4a, 0xb0, 0x67, 0x65, 0x4b, 0xce, 0x38, 0x32, 0xc2, 0xd7, 0x6f, 0x8f, 0x6f,
|
|
|
|
0x5d, 0xaf, 0xc0, 0x8d, 0x93, 0x39, 0xd4, 0xee, 0xf6, 0x76, 0x57, 0x33, 0x36, 0xa5, 0xc5,
|
|
|
|
0x1e, 0xb6, 0xf9, 0x46, 0xb3, 0x1d]
|
|
|
|
publickey := [byte(0x7d), 0x4d, 0x0e, 0x7f, 0x61, 0x53, 0xa6, 0x9b, 0x62, 0x42, 0xb5, 0x22,
|
|
|
|
0xab, 0xbe, 0xe6, 0x85, 0xfd, 0xa4, 0x42, 0x0f, 0x88, 0x34, 0xb1, 0x08, 0xc3, 0xbd, 0xae,
|
|
|
|
0x36, 0x9e, 0xf5, 0x49, 0xfa]
|
|
|
|
// verify should fail on provided bytes
|
|
|
|
res := ed25519.verify(publickey, msg, sig) or { false }
|
|
|
|
assert res == false
|
|
|
|
}
|
|
|
|
|
|
|
|
fn works_check_on_sign_input_string(item string) bool {
|
|
|
|
// this is core part of the tests sign input
|
|
|
|
parts := item.split(':') // []string
|
|
|
|
|
|
|
|
if parts.len != 5 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
// assert parts.len == 5
|
|
|
|
privbytes := hex.decode(parts[0]) or { panic(err.msg) }
|
|
|
|
pubkey := hex.decode(parts[1]) or { panic(err.msg) }
|
|
|
|
msg := hex.decode(parts[2]) or { panic(err.msg) }
|
|
|
|
mut sig := hex.decode(parts[3]) or { panic(err.msg) }
|
|
|
|
|
|
|
|
if pubkey.len != ed25519.public_key_size {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
// assert pubkey.len == public_key_size
|
|
|
|
|
|
|
|
sig = sig[..ed25519.signature_size]
|
|
|
|
mut priv := []byte{len: ed25519.private_key_size}
|
|
|
|
copy(priv[..], privbytes)
|
|
|
|
copy(priv[32..], pubkey)
|
|
|
|
|
|
|
|
sig2 := ed25519.sign(priv[..], msg) or { panic(err.msg) }
|
|
|
|
if sig != sig2[..] {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
res := ed25519.verify(pubkey, msg, sig2) or { panic(err.msg) }
|
|
|
|
// assert res == true
|
|
|
|
if !res {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
priv2 := ed25519.new_key_from_seed(priv[..32])
|
|
|
|
if ed25519.PrivateKey(priv[..]) != priv2 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
pubkey2 := priv2.public_key()
|
2022-02-16 21:56:14 +01:00
|
|
|
if ed25519.PublicKey(pubkey) != pubkey2 {
|
2022-02-15 20:28:14 +01:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
seed2 := priv2.seed()
|
|
|
|
if priv[0..32] != seed2 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
fn worker_for_string_content(p &pool.PoolProcessor, idx int, worker_id int) &SignResult {
|
|
|
|
item := p.get_item<string>(idx)
|
|
|
|
// println('worker_s worker_id: $worker_id | idx: $idx ')
|
|
|
|
res := works_check_on_sign_input_string(item)
|
|
|
|
mut sr := &SignResult{
|
|
|
|
item: item
|
|
|
|
result: res
|
|
|
|
}
|
|
|
|
return sr
|
|
|
|
}
|
|
|
|
|
|
|
|
struct SignResult {
|
|
|
|
mut:
|
|
|
|
item string
|
|
|
|
result bool
|
|
|
|
}
|
|
|
|
|
|
|
|
// This test read a lot of entries in `testdata/sign.input`
|
|
|
|
// so, maybe need a long time to finish.
|
|
|
|
// be quiet and patient
|
|
|
|
fn test_input_from_djb_ed25519_crypto_sign_input_with_syncpool() ? {
|
|
|
|
// contents := os.read_lines('testdata/sign.input') or { panic(err.msg) } //[]string
|
|
|
|
mut pool_s := pool.new_pool_processor(
|
|
|
|
callback: worker_for_string_content
|
|
|
|
maxjobs: 4
|
|
|
|
)
|
|
|
|
pool_s.work_on_items<string>(contents)
|
|
|
|
for i, x in pool_s.get_results<SignResult>() {
|
|
|
|
// println("i: $i = $x.result")
|
|
|
|
assert x.result == true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// same as above, but without sync.pool
|
|
|
|
/*
|
|
|
|
fn test_input_from_djb_ed25519_crypto_sign_input_without_syncpool() ? {
|
|
|
|
// contents := os.read_lines('testdata/sign.input') or { panic(err.msg) } //[]string
|
|
|
|
for i, item in ed25519.contents {
|
|
|
|
parts := item.split(':') // []string
|
|
|
|
// println(parts)
|
|
|
|
/*
|
|
|
|
if parts.len != 5 {
|
|
|
|
lg.fatal('not contains len 5')
|
|
|
|
}*/
|
|
|
|
assert parts.len == 5
|
|
|
|
privbytes := hex.decode(parts[0]) ?
|
|
|
|
pubkey := hex.decode(parts[1]) ?
|
|
|
|
msg := hex.decode(parts[2]) ?
|
|
|
|
mut sig := hex.decode(parts[3]) ?
|
|
|
|
assert pubkey.len == public_key_size
|
|
|
|
|
|
|
|
sig = sig[..signature_size]
|
|
|
|
mut priv := []byte{len: ed25519.private_key_size}
|
|
|
|
copy(priv[..], privbytes)
|
|
|
|
copy(priv[32..], pubkey)
|
|
|
|
|
|
|
|
sig2 := ed25519.sign(priv[..], msg) ?
|
|
|
|
assert sig == sig2[..]
|
|
|
|
|
|
|
|
res := ed25519.verify(pubkey, msg, sig2) ?
|
|
|
|
assert res == true
|
|
|
|
|
|
|
|
priv2 := new_key_from_seed(priv[..32])
|
|
|
|
assert priv[..] == priv2
|
|
|
|
|
|
|
|
pubkey2 := priv2.public_key()
|
|
|
|
assert pubkey == pubkey2
|
|
|
|
|
|
|
|
seed2 := priv2.seed()
|
|
|
|
assert priv[0..32] == seed2
|
|
|
|
}
|
|
|
|
}*/
|