diff --git a/dcrec/secp256k1/bench_test.go b/dcrec/secp256k1/bench_test.go index 1ddb60af31..fe71d5faa4 100644 --- a/dcrec/secp256k1/bench_test.go +++ b/dcrec/secp256k1/bench_test.go @@ -1,5 +1,5 @@ -// Copyright 2013-2014 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers +// Copyright 2013-2016 The btcsuite developers +// Copyright (c) 2015-2017 The Decred developers // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. @@ -21,7 +21,7 @@ func BenchmarkAddJacobian(b *testing.B) { curve := S256() b.StartTimer() for i := 0; i < b.N; i++ { - curve.TstAddJacobian(x1, y1, z1, x2, y2, z2, x3, y3, z3) + curve.AddJacobian(x1, y1, z1, x2, y2, z2, x3, y3, z3) } } @@ -40,7 +40,7 @@ func BenchmarkAddJacobianNotZOne(b *testing.B) { curve := S256() b.StartTimer() for i := 0; i < b.N; i++ { - curve.TstAddJacobian(x1, y1, z1, x2, y2, z2, x3, y3, z3) + curve.AddJacobian(x1, y1, z1, x2, y2, z2, x3, y3, z3) } } diff --git a/dcrec/secp256k1/btcec_test.go b/dcrec/secp256k1/btcec_test.go index d71ae56ad5..74ea84787b 100644 --- a/dcrec/secp256k1/btcec_test.go +++ b/dcrec/secp256k1/btcec_test.go @@ -1,11 +1,11 @@ // Copyright 2011 The Go Authors. All rights reserved. -// Copyright (c) 2015-2016 The Decred developers +// Copyright (c) 2015-2017 The Decred developers // Copyright 2011 ThePiachu. All rights reserved. -// Copyright 2013-2014 The btcsuite developers +// Copyright 2013-2016 The btcsuite developers // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. -package secp256k1_test +package secp256k1 import ( "crypto/rand" @@ -14,10 +14,25 @@ import ( "fmt" "math/big" "testing" - - "github.com/decred/dcrd/dcrec/secp256k1" ) +// isJacobianOnS256Curve returns boolean if the point (x,y,z) is on the +// secp256k1 curve. +func isJacobianOnS256Curve(x, y, z *FieldVal) bool { + // Elliptic curve equation for secp256k1 is: y^2 = x^3 + 7 + // In Jacobian coordinates, Y = y/z^3 and X = x/z^2 + // Thus: + // (y/z^3)^2 = (x/z^2)^3 + 7 + // y^2/z^6 = x^3/z^6 + 7 + // y^2 = x^3 + 7*z^6 + var y2, z2, x3, result FieldVal + y2.SquareVal(y).Normalize() + z2.SquareVal(z) + x3.SquareVal(x).Mul(x) + result.SquareVal(&z2).Mul(&z2).MulInt(7).Add(&x3).Normalize() + return y2.Equals(&result) +} + // TestAddJacobian tests addition of points projected in Jacobian coordinates. func TestAddJacobian(t *testing.T) { tests := []struct { @@ -212,37 +227,37 @@ func TestAddJacobian(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { // Convert hex to field values. - x1 := secp256k1.NewFieldVal().SetHex(test.x1) - y1 := secp256k1.NewFieldVal().SetHex(test.y1) - z1 := secp256k1.NewFieldVal().SetHex(test.z1) - x2 := secp256k1.NewFieldVal().SetHex(test.x2) - y2 := secp256k1.NewFieldVal().SetHex(test.y2) - z2 := secp256k1.NewFieldVal().SetHex(test.z2) - x3 := secp256k1.NewFieldVal().SetHex(test.x3) - y3 := secp256k1.NewFieldVal().SetHex(test.y3) - z3 := secp256k1.NewFieldVal().SetHex(test.z3) + x1 := new(FieldVal).SetHex(test.x1) + y1 := new(FieldVal).SetHex(test.y1) + z1 := new(FieldVal).SetHex(test.z1) + x2 := new(FieldVal).SetHex(test.x2) + y2 := new(FieldVal).SetHex(test.y2) + z2 := new(FieldVal).SetHex(test.z2) + x3 := new(FieldVal).SetHex(test.x3) + y3 := new(FieldVal).SetHex(test.y3) + z3 := new(FieldVal).SetHex(test.z3) // Ensure the test data is using points that are actually on // the curve (or the point at infinity). - if !z1.IsZero() && !secp256k1.S256().TstIsJacobianOnCurve(x1, y1, z1) { + if !z1.IsZero() && !isJacobianOnS256Curve(x1, y1, z1) { t.Errorf("#%d first point is not on the curve -- "+ "invalid test data", i) continue } - if !z2.IsZero() && !secp256k1.S256().TstIsJacobianOnCurve(x2, y2, z2) { + if !z2.IsZero() && !isJacobianOnS256Curve(x2, y2, z2) { t.Errorf("#%d second point is not on the curve -- "+ "invalid test data", i) continue } - if !z3.IsZero() && !secp256k1.S256().TstIsJacobianOnCurve(x3, y3, z3) { + if !z3.IsZero() && !isJacobianOnS256Curve(x3, y3, z3) { t.Errorf("#%d expected point is not on the curve -- "+ "invalid test data", i) continue } // Add the two points. - rx, ry, rz := secp256k1.NewFieldVal(), secp256k1.NewFieldVal(), secp256k1.NewFieldVal() - secp256k1.S256().TstAddJacobian(x1, y1, z1, x2, y2, z2, rx, ry, rz) + rx, ry, rz := new(FieldVal), new(FieldVal), new(FieldVal) + S256().AddJacobian(x1, y1, z1, x2, y2, z2, rx, ry, rz) // Ensure result matches expected. if !rx.Equals(x3) || !ry.Equals(y3) || !rz.Equals(z3) { @@ -321,24 +336,24 @@ func TestAddAffine(t *testing.T) { // Ensure the test data is using points that are actually on // the curve (or the point at infinity). - if !(x1.Sign() == 0 && y1.Sign() == 0) && !secp256k1.S256().IsOnCurve(x1, y1) { + if !(x1.Sign() == 0 && y1.Sign() == 0) && !S256().IsOnCurve(x1, y1) { t.Errorf("#%d first point is not on the curve -- "+ "invalid test data", i) continue } - if !(x2.Sign() == 0 && y2.Sign() == 0) && !secp256k1.S256().IsOnCurve(x2, y2) { + if !(x2.Sign() == 0 && y2.Sign() == 0) && !S256().IsOnCurve(x2, y2) { t.Errorf("#%d second point is not on the curve -- "+ "invalid test data", i) continue } - if !(x3.Sign() == 0 && y3.Sign() == 0) && !secp256k1.S256().IsOnCurve(x3, y3) { + if !(x3.Sign() == 0 && y3.Sign() == 0) && !S256().IsOnCurve(x3, y3) { t.Errorf("#%d expected point is not on the curve -- "+ "invalid test data", i) continue } // Add the two points. - rx, ry := secp256k1.S256().Add(x1, y1, x2, y2) + rx, ry := S256().Add(x1, y1, x2, y2) // Ensure result matches expected. if rx.Cmp(x3) != 00 || ry.Cmp(y3) != 0 { @@ -388,29 +403,29 @@ func TestDoubleJacobian(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { // Convert hex to field values. - x1 := secp256k1.NewFieldVal().SetHex(test.x1) - y1 := secp256k1.NewFieldVal().SetHex(test.y1) - z1 := secp256k1.NewFieldVal().SetHex(test.z1) - x3 := secp256k1.NewFieldVal().SetHex(test.x3) - y3 := secp256k1.NewFieldVal().SetHex(test.y3) - z3 := secp256k1.NewFieldVal().SetHex(test.z3) + x1 := new(FieldVal).SetHex(test.x1) + y1 := new(FieldVal).SetHex(test.y1) + z1 := new(FieldVal).SetHex(test.z1) + x3 := new(FieldVal).SetHex(test.x3) + y3 := new(FieldVal).SetHex(test.y3) + z3 := new(FieldVal).SetHex(test.z3) // Ensure the test data is using points that are actually on // the curve (or the point at infinity). - if !z1.IsZero() && !secp256k1.S256().TstIsJacobianOnCurve(x1, y1, z1) { + if !z1.IsZero() && !isJacobianOnS256Curve(x1, y1, z1) { t.Errorf("#%d first point is not on the curve -- "+ "invalid test data", i) continue } - if !z3.IsZero() && !secp256k1.S256().TstIsJacobianOnCurve(x3, y3, z3) { + if !z3.IsZero() && !isJacobianOnS256Curve(x3, y3, z3) { t.Errorf("#%d expected point is not on the curve -- "+ "invalid test data", i) continue } // Double the point. - rx, ry, rz := secp256k1.NewFieldVal(), secp256k1.NewFieldVal(), secp256k1.NewFieldVal() - secp256k1.S256().TstDoubleJacobian(x1, y1, z1, rx, ry, rz) + rx, ry, rz := new(FieldVal), new(FieldVal), new(FieldVal) + S256().doubleJacobian(x1, y1, z1, rx, ry, rz) // Ensure result matches expected. if !rx.Equals(x3) || !ry.Equals(y3) || !rz.Equals(z3) { @@ -472,19 +487,19 @@ func TestDoubleAffine(t *testing.T) { // Ensure the test data is using points that are actually on // the curve (or the point at infinity). - if !(x1.Sign() == 0 && y1.Sign() == 0) && !secp256k1.S256().IsOnCurve(x1, y1) { + if !(x1.Sign() == 0 && y1.Sign() == 0) && !S256().IsOnCurve(x1, y1) { t.Errorf("#%d first point is not on the curve -- "+ "invalid test data", i) continue } - if !(x3.Sign() == 0 && y3.Sign() == 0) && !secp256k1.S256().IsOnCurve(x3, y3) { + if !(x3.Sign() == 0 && y3.Sign() == 0) && !S256().IsOnCurve(x3, y3) { t.Errorf("#%d expected point is not on the curve -- "+ "invalid test data", i) continue } // Double the point. - rx, ry := secp256k1.S256().Double(x1, y1) + rx, ry := S256().Double(x1, y1) // Ensure result matches expected. if rx.Cmp(x3) != 00 || ry.Cmp(y3) != 0 { @@ -496,7 +511,7 @@ func TestDoubleAffine(t *testing.T) { } func TestOnCurve(t *testing.T) { - s256 := secp256k1.S256() + s256 := S256() if !s256.IsOnCurve(s256.Params().Gx, s256.Params().Gy) { t.Errorf("FAIL S256") } @@ -538,7 +553,7 @@ var s256BaseMultTests = []baseMultTest{ //TODO: test different curves as well? func TestBaseMult(t *testing.T) { - s256 := secp256k1.S256() + s256 := S256() for i, e := range s256BaseMultTests { k, ok := new(big.Int).SetString(e.k, 16) if !ok { @@ -555,7 +570,7 @@ func TestBaseMult(t *testing.T) { } func TestBaseMultVerify(t *testing.T) { - s256 := secp256k1.S256() + s256 := S256() for bytes := 1; bytes < 40; bytes++ { for i := 0; i < 30; i++ { data := make([]byte, bytes) @@ -583,7 +598,7 @@ func TestScalarMult(t *testing.T) { // Use another random exponent on the new point. // We use BaseMult to verify by multiplying the previous exponent // and the new random exponent together (mod N) - s256 := secp256k1.S256() + s256 := S256() x, y := s256.Gx, s256.Gy exponent := big.NewInt(1) for i := 0; i < 1024; i++ { @@ -604,8 +619,8 @@ func TestScalarMult(t *testing.T) { } // Test this curve's usage with the ecdsa package. -func testKeyGeneration(t *testing.T, c *secp256k1.KoblitzCurve, tag string) { - priv, err := secp256k1.GeneratePrivateKey(c) +func testKeyGeneration(t *testing.T, c *KoblitzCurve, tag string) { + priv, err := GeneratePrivateKey(c) if err != nil { t.Errorf("%s: error: %s", tag, err) return @@ -616,13 +631,13 @@ func testKeyGeneration(t *testing.T, c *secp256k1.KoblitzCurve, tag string) { } func TestKeyGeneration(t *testing.T) { - testKeyGeneration(t, secp256k1.S256(), "S256") + testKeyGeneration(t, S256(), "S256") } -func testSignAndVerify(t *testing.T, c *secp256k1.KoblitzCurve, tag string) { - priv, _ := secp256k1.GeneratePrivateKey(c) +func testSignAndVerify(t *testing.T, c *KoblitzCurve, tag string) { + priv, _ := GeneratePrivateKey(c) pubx, puby := priv.Public() - pub := secp256k1.NewPublicKey(c, pubx, puby) + pub := NewPublicKey(c, pubx, puby) hashed := []byte("testing") sig, err := priv.Sign(hashed) @@ -642,7 +657,7 @@ func testSignAndVerify(t *testing.T, c *secp256k1.KoblitzCurve, tag string) { } func TestSignAndVerify(t *testing.T) { - testSignAndVerify(t, secp256k1.S256(), "S256") + testSignAndVerify(t, S256(), "S256") } func TestNAF(t *testing.T) { @@ -656,7 +671,7 @@ func TestNAF(t *testing.T) { t.Fatalf("failed to read random data at %d", i) break } - nafPos, nafNeg := secp256k1.NAF(data) + nafPos, nafNeg := NAF(data) want := new(big.Int).SetBytes(data) got := big.NewInt(0) // Check that the NAF representation comes up with the right number @@ -680,14 +695,6 @@ func TestNAF(t *testing.T) { } } -func fromHex(s string) *big.Int { - r, ok := new(big.Int).SetString(s, 16) - if !ok { - panic("bad hex") - } - return r -} - // These test vectors were taken from // http://csrc.nist.gov/groups/STM/cavp/documents/dss/ecdsatestvectors.zip var testVectors = []struct { @@ -828,8 +835,8 @@ func TestVectors(t *testing.T) { sha := sha1.New() for i, test := range testVectors { - pub := secp256k1.PublicKey{ - Curve: secp256k1.S256(), + pub := PublicKey{ + Curve: S256(), X: fromHex(test.Qx), Y: fromHex(test.Qy), } @@ -837,10 +844,9 @@ func TestVectors(t *testing.T) { sha.Reset() sha.Write(msg) hashed := sha.Sum(nil) - sig := secp256k1.Signature{R: fromHex(test.r), S: fromHex(test.s)} - if fuck := sig.Verify(hashed, &pub); fuck != test.ok { - //t.Errorf("%d: bad result %v %v", i, pub, hashed) - t.Errorf("%d: bad result %v instead of %v", i, fuck, + sig := Signature{R: fromHex(test.r), S: fromHex(test.s)} + if verified := sig.Verify(hashed, &pub); verified != test.ok { + t.Errorf("%d: bad result %v instead of %v", i, verified, test.ok) } if testing.Short() { diff --git a/dcrec/secp256k1/ciphering_test.go b/dcrec/secp256k1/ciphering_test.go index 232e0e7fe1..7f17339eb1 100644 --- a/dcrec/secp256k1/ciphering_test.go +++ b/dcrec/secp256k1/ciphering_test.go @@ -1,38 +1,35 @@ -// Copyright (c) 2015 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers +// Copyright (c) 2015-2016 The btcsuite developers +// Copyright (c) 2015-2017 The Decred developers // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. -package secp256k1_test +package secp256k1 import ( "bytes" "encoding/hex" "testing" - - "github.com/decred/dcrd/dcrec/secp256k1" ) func TestGenerateSharedSecret(t *testing.T) { - c := secp256k1.S256() - privKey1, err := secp256k1.GeneratePrivateKey(secp256k1.S256()) + c := S256() + privKey1, err := GeneratePrivateKey(c) if err != nil { t.Errorf("private key generation error: %s", err) return } - privKey2, err := secp256k1.GeneratePrivateKey(secp256k1.S256()) + privKey2, err := GeneratePrivateKey(c) if err != nil { t.Errorf("private key generation error: %s", err) return } pk1x, pk1y := privKey1.Public() - pk1 := secp256k1.NewPublicKey(c, pk1x, pk1y) + pk1 := NewPublicKey(c, pk1x, pk1y) pk2x, pk2y := privKey2.Public() - pk2 := secp256k1.NewPublicKey(c, pk2x, pk2y) - secret1 := secp256k1.GenerateSharedSecret(privKey1, pk2) - secret2 := secp256k1.GenerateSharedSecret(privKey2, pk1) - + pk2 := NewPublicKey(c, pk2x, pk2y) + secret1 := GenerateSharedSecret(privKey1, pk2) + secret2 := GenerateSharedSecret(privKey2, pk1) if !bytes.Equal(secret1, secret2) { t.Errorf("ECDH failed, secrets mismatch - first: %x, second: %x", secret1, secret2) @@ -41,8 +38,8 @@ func TestGenerateSharedSecret(t *testing.T) { // Test 1: Encryption and decryption func TestCipheringBasic(t *testing.T) { - c := secp256k1.S256() - privkey, err := secp256k1.GeneratePrivateKey(secp256k1.S256()) + c := S256() + privkey, err := GeneratePrivateKey(c) if err != nil { t.Fatal("failed to generate private key") } @@ -50,13 +47,13 @@ func TestCipheringBasic(t *testing.T) { in := []byte("Hey there dude. How are you doing? This is a test.") pk1x, pk1y := privkey.Public() - pk1 := secp256k1.NewPublicKey(c, pk1x, pk1y) - out, err := secp256k1.Encrypt(pk1, in) + pk1 := NewPublicKey(c, pk1x, pk1y) + out, err := Encrypt(pk1, in) if err != nil { t.Fatal("failed to encrypt:", err) } - dec, err := secp256k1.Decrypt(privkey, out) + dec, err := Decrypt(privkey, out) if err != nil { t.Fatal("failed to decrypt:", err) } @@ -70,7 +67,7 @@ func TestCipheringBasic(t *testing.T) { func TestCiphering(t *testing.T) { pb, _ := hex.DecodeString("fe38240982f313ae5afb3e904fb8215fb11af1200592b" + "fca26c96c4738e4bf8f") - privkey, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), pb) + privkey, _ := PrivKeyFromBytes(S256(), pb) in := []byte("This is just a test.") out, _ := hex.DecodeString("b0d66e5adaa5ed4e2f0ca68e17b8f2fc02ca002009e3" + @@ -79,7 +76,7 @@ func TestCiphering(t *testing.T) { "9b0ba77cf14348fcff80fee10e11981f1b4be372d93923e9178972f69937ec850ed" + "6c3f11ff572ddd5b2bedf9f9c0b327c54da02a28fcdce1f8369ffec") - dec, err := secp256k1.Decrypt(privkey, out) + dec, err := Decrypt(privkey, out) if err != nil { t.Fatal("failed to decrypt:", err) } @@ -90,7 +87,7 @@ func TestCiphering(t *testing.T) { } func TestCipheringErrors(t *testing.T) { - privkey, err := secp256k1.GeneratePrivateKey(secp256k1.S256()) + privkey, err := GeneratePrivateKey(S256()) if err != nil { t.Fatal("failed to generate private key") } @@ -163,7 +160,7 @@ func TestCipheringErrors(t *testing.T) { } for i, test := range tests1 { - _, err = secp256k1.Decrypt(privkey, test.ciphertext) + _, err = Decrypt(privkey, test.ciphertext) if err == nil { t.Errorf("Decrypt #%d did not get error", i) } @@ -177,7 +174,7 @@ func TestCipheringErrors(t *testing.T) { {bytes.Repeat([]byte{0x07}, 15)}, } for i, test := range tests2 { - _, err = secp256k1.TstRemovePKCSPadding(test.in) + _, err = removePKCSPadding(test.in) if err == nil { t.Errorf("removePKCSPadding #%d did not get error", i) } diff --git a/dcrec/secp256k1/field_test.go b/dcrec/secp256k1/field_test.go index 76c1721ed4..1b732c2f66 100644 --- a/dcrec/secp256k1/field_test.go +++ b/dcrec/secp256k1/field_test.go @@ -1,16 +1,14 @@ -// Copyright (c) 2013-2014 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers -// Copyright (c) 2013-2014 Dave Collins +// Copyright (c) 2013-2016 The btcsuite developers +// Copyright (c) 2015-2017 The Decred developers +// Copyright (c) 2013-2017 Dave Collins // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. -package secp256k1_test +package secp256k1 import ( "reflect" "testing" - - "github.com/decred/dcrd/dcrec/secp256k1" ) // TestSetInt ensures that setting a field value to various native integers @@ -31,11 +29,10 @@ func TestSetInt(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetInt(test.in) - result := f.TstRawInts() - if !reflect.DeepEqual(result, test.raw) { + f := new(FieldVal).SetInt(test.in) + if !reflect.DeepEqual(f.n, test.raw) { t.Errorf("fieldVal.Set #%d wrong result\ngot: %v\n"+ - "want: %v", i, result, test.raw) + "want: %v", i, f.n, test.raw) continue } } @@ -43,9 +40,9 @@ func TestSetInt(t *testing.T) { // TestZero ensures that zeroing a field value zero works as expected. func TestZero(t *testing.T) { - f := secp256k1.NewFieldVal().SetInt(2) + f := new(FieldVal).SetInt(2) f.Zero() - for idx, rawInt := range f.TstRawInts() { + for idx, rawInt := range f.n { if rawInt != 0 { t.Errorf("internal field integer at index #%d is not "+ "zero - got %d", idx, rawInt) @@ -55,22 +52,22 @@ func TestZero(t *testing.T) { // TestIsZero ensures that checking if a field IsZero works as expected. func TestIsZero(t *testing.T) { - f := secp256k1.NewFieldVal() + f := new(FieldVal) if !f.IsZero() { t.Errorf("new field value is not zero - got %v (rawints %x)", f, - f.TstRawInts()) + f.n) } f.SetInt(1) if f.IsZero() { t.Errorf("field claims it's zero when it's not - got %v "+ - "(raw rawints %x)", f, f.TstRawInts()) + "(raw rawints %x)", f, f.n) } f.Zero() if !f.IsZero() { t.Errorf("field claims it's not zero when it is - got %v "+ - "(raw rawints %x)", f, f.TstRawInts()) + "(raw rawints %x)", f, f.n) } } @@ -148,7 +145,7 @@ func TestStringer(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in) + f := new(FieldVal).SetHex(test.in) result := f.String() if result != test.expected { t.Errorf("fieldVal.String #%d wrong result\ngot: %v\n"+ @@ -243,11 +240,14 @@ func TestNormalize(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().TstSetRawInts(test.raw).Normalize() - result := f.TstRawInts() - if !reflect.DeepEqual(result, test.normalized) { + f := new(FieldVal) + for rawIntIdx := 0; rawIntIdx < len(test.raw); rawIntIdx++ { + f.n[rawIntIdx] = test.raw[rawIntIdx] + } + f.Normalize() + if !reflect.DeepEqual(f.n, test.normalized) { t.Errorf("fieldVal.Set #%d wrong normalized result\n"+ - "got: %x\nwant: %x", i, result, test.normalized) + "got: %x\nwant: %x", i, f.n, test.normalized) continue } } @@ -272,7 +272,7 @@ func TestIsOdd(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in) + f := new(FieldVal).SetHex(test.in) result := f.IsOdd() if result != test.expected { t.Errorf("fieldVal.IsOdd #%d wrong result\n"+ @@ -305,8 +305,8 @@ func TestEquals(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in1).Normalize() - f2 := secp256k1.NewFieldVal().SetHex(test.in2).Normalize() + f := new(FieldVal).SetHex(test.in1).Normalize() + f2 := new(FieldVal).SetHex(test.in2).Normalize() result := f.Equals(f2) if result != test.expected { t.Errorf("fieldVal.Equals #%d wrong result\n"+ @@ -353,8 +353,8 @@ func TestNegate(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.Negate(1).Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.Negate #%d wrong result\n"+ @@ -404,8 +404,8 @@ func TestAddInt(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in1).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in1).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.AddInt(test.in2).Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.AddInt #%d wrong result\n"+ @@ -455,9 +455,9 @@ func TestAdd(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in1).Normalize() - f2 := secp256k1.NewFieldVal().SetHex(test.in2).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in1).Normalize() + f2 := new(FieldVal).SetHex(test.in2).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.Add(f2).Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.Add #%d wrong result\n"+ @@ -507,9 +507,9 @@ func TestAdd2(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in1).Normalize() - f2 := secp256k1.NewFieldVal().SetHex(test.in2).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in1).Normalize() + f2 := new(FieldVal).SetHex(test.in2).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.Add2(f, f2).Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.Add2 #%d wrong result\n"+ @@ -572,8 +572,8 @@ func TestMulInt(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in1).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in1).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.MulInt(test.in2).Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.MulInt #%d wrong result\n"+ @@ -633,9 +633,9 @@ func TestMul(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in1).Normalize() - f2 := secp256k1.NewFieldVal().SetHex(test.in2).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in1).Normalize() + f2 := new(FieldVal).SetHex(test.in2).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.Mul(f2).Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.Mul #%d wrong result\n"+ @@ -680,8 +680,8 @@ func TestSquare(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.Square().Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.Square #%d wrong result\n"+ @@ -733,8 +733,8 @@ func TestInverse(t *testing.T) { t.Logf("Running %d tests", len(tests)) for i, test := range tests { - f := secp256k1.NewFieldVal().SetHex(test.in).Normalize() - expected := secp256k1.NewFieldVal().SetHex(test.expected).Normalize() + f := new(FieldVal).SetHex(test.in).Normalize() + expected := new(FieldVal).SetHex(test.expected).Normalize() result := f.Inverse().Normalize() if !result.Equals(expected) { t.Errorf("fieldVal.Inverse #%d wrong result\n"+ diff --git a/dcrec/secp256k1/internal_test.go b/dcrec/secp256k1/internal_test.go deleted file mode 100644 index 031ecaa720..0000000000 --- a/dcrec/secp256k1/internal_test.go +++ /dev/null @@ -1,83 +0,0 @@ -// Copyright (c) 2013-2014 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers -// Use of this source code is governed by an ISC -// license that can be found in the LICENSE file. - -package secp256k1 - -import ( - "math/big" -) - -const ( - TstPubkeyUncompressed = pubkeyUncompressed - TstPubkeyCompressed = pubkeyCompressed - TstPubkeyHybrid = pubkeyHybrid -) - -// TstRawInts allows the test package to get the integers from the internal -// field representation for ensuring correctness. It is only available during -// the tests. -func (f *FieldVal) TstRawInts() [10]uint32 { - return f.n -} - -// TstSetRawInts allows the test package to directly set the integers used by -// the internal field representation. It is only available during the tests. -func (f *FieldVal) TstSetRawInts(raw [10]uint32) *FieldVal { - for i := 0; i < len(raw); i++ { - f.n[i] = raw[i] - } - return f -} - -// TstFieldJacobianToBigAffine makes the internal FieldJacobianToBigAffine -// function available to the test package. -func (curve *KoblitzCurve) TstFieldJacobianToBigAffine(x, y, z *FieldVal) (*big.Int, *big.Int) { - return curve.FieldJacobianToBigAffine(x, y, z) -} - -// TstIsJacobianOnCurve returns boolean if the point (x,y,z) is on the curve. -func (curve *KoblitzCurve) TstIsJacobianOnCurve(x, y, z *FieldVal) bool { - // Elliptic curve equation for secp256k1 is: y^2 = x^3 + 7 - // In Jacobian coordinates, Y = y/z^3 and X = x/z^2 - // Thus: - // (y/z^3)^2 = (x/z^2)^3 + 7 - // y^2/z^6 = x^3/z^6 + 7 - // y^2 = x^3 + 7*z^6 - var y2, z2, x3, result FieldVal - y2.SquareVal(y).Normalize() - z2.SquareVal(z) - x3.SquareVal(x).Mul(x) - result.SquareVal(&z2).Mul(&z2).MulInt(7).Add(&x3).Normalize() - return y2.Equals(&result) -} - -// TstAddJacobian makes the internal addJacobian function available to the test -// package. -func (curve *KoblitzCurve) TstAddJacobian(x1, y1, z1, x2, y2, z2, x3, y3, z3 *FieldVal) { - curve.AddJacobian(x1, y1, z1, x2, y2, z2, x3, y3, z3) -} - -// TstDoubleJacobian makes the internal doubleJacobian function available to the test -// package. -func (curve *KoblitzCurve) TstDoubleJacobian(x1, y1, z1, x3, y3, z3 *FieldVal) { - curve.doubleJacobian(x1, y1, z1, x3, y3, z3) -} - -// NewFieldVal returns a new field value set to 0. This is only available to -// the test package. -func NewFieldVal() *FieldVal { - return new(FieldVal) -} - -// TstNonceRFC6979 makes the nonceRFC6979 function available to the test package. -func TstNonceRFC6979(privkey *big.Int, hash []byte) *big.Int { - return NonceRFC6979(privkey, hash, nil, nil) -} - -// TstRemovePKCSPadding makes the internal removePKCSPadding function available -// to the test package. -func TstRemovePKCSPadding(src []byte) ([]byte, error) { - return removePKCSPadding(src) -} diff --git a/dcrec/secp256k1/privkey_test.go b/dcrec/secp256k1/privkey_test.go index 4183b1f0a0..5e8856ab70 100644 --- a/dcrec/secp256k1/privkey_test.go +++ b/dcrec/secp256k1/privkey_test.go @@ -1,15 +1,13 @@ -// Copyright (c) 2013-2014 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers +// Copyright (c) 2013-2016 The btcsuite developers +// Copyright (c) 2015-2017 The Decred developers // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. -package secp256k1_test +package secp256k1 import ( "bytes" "testing" - - "github.com/decred/dcrd/dcrec/secp256k1" ) func TestPrivKeys(t *testing.T) { @@ -29,10 +27,9 @@ func TestPrivKeys(t *testing.T) { } for _, test := range tests { - priv, pub := secp256k1.PrivKeyFromBytes(secp256k1.S256(), test.key) + priv, pub := PrivKeyFromBytes(S256(), test.key) - _, err := secp256k1.ParsePubKey( - pub.SerializeUncompressed(), secp256k1.S256()) + _, err := ParsePubKey(pub.SerializeUncompressed(), S256()) if err != nil { t.Errorf("%s privkey: %v", test.name, err) continue diff --git a/dcrec/secp256k1/pubkey_test.go b/dcrec/secp256k1/pubkey_test.go index 3f9d20e7b6..99b902ee47 100644 --- a/dcrec/secp256k1/pubkey_test.go +++ b/dcrec/secp256k1/pubkey_test.go @@ -1,16 +1,15 @@ -// Copyright (c) 2013-2014 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers +// Copyright (c) 2013-2016 The btcsuite developers +// Copyright (c) 2015-2017 The Decred developers // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. -package secp256k1_test +package secp256k1 import ( "bytes" "testing" "github.com/davecgh/go-spew/spew" - "github.com/decred/dcrd/dcrec/secp256k1" ) type pubKeyTest struct { @@ -35,7 +34,7 @@ var pubKeyTests = []pubKeyTest{ 0xb4, 0x12, 0xa3, }, isValid: true, - format: secp256k1.TstPubkeyUncompressed, + format: pubkeyUncompressed, }, { name: "uncompressed x changed", @@ -88,7 +87,7 @@ var pubKeyTests = []pubKeyTest{ 0xb4, 0x12, 0xa3, }, isValid: true, - format: secp256k1.TstPubkeyHybrid, + format: pubkeyHybrid, }, { name: "uncompressed as hybrid wrong", @@ -112,7 +111,7 @@ var pubKeyTests = []pubKeyTest{ 0xa9, 0xa1, 0xf4, 0x80, 0x9d, 0x3b, 0x4d, }, isValid: true, - format: secp256k1.TstPubkeyCompressed, + format: pubkeyCompressed, }, // from tx fdeb8e72524e8dab0da507ddbaf5f88fe4a933eb10a66bc4745bb0aa11ea393c { @@ -123,7 +122,7 @@ var pubKeyTests = []pubKeyTest{ 0x7f, 0x5b, 0x2a, 0x4b, 0x7d, 0x44, 0x8e, }, isValid: true, - format: secp256k1.TstPubkeyCompressed, + format: pubkeyCompressed, }, { name: "compressed claims uncompressed (ybit = 0)", @@ -211,14 +210,14 @@ var pubKeyTests = []pubKeyTest{ 0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, }, - format: secp256k1.TstPubkeyHybrid, + format: pubkeyHybrid, isValid: true, }, } func TestPubKeys(t *testing.T) { for _, test := range pubKeyTests { - pk, err := secp256k1.ParsePubKey(test.key, secp256k1.S256()) + pk, err := ParsePubKey(test.key, S256()) if err != nil { if test.isValid { t.Errorf("%s pubkey failed when shouldn't %v", @@ -233,12 +232,12 @@ func TestPubKeys(t *testing.T) { } var pkStr []byte switch test.format { - case secp256k1.TstPubkeyUncompressed: - pkStr = (*secp256k1.PublicKey)(pk).SerializeUncompressed() - case secp256k1.TstPubkeyCompressed: - pkStr = (*secp256k1.PublicKey)(pk).SerializeCompressed() - case secp256k1.TstPubkeyHybrid: - pkStr = (*secp256k1.PublicKey)(pk).SerializeHybrid() + case pubkeyUncompressed: + pkStr = (*PublicKey)(pk).SerializeUncompressed() + case pubkeyCompressed: + pkStr = (*PublicKey)(pk).SerializeCompressed() + case pubkeyHybrid: + pkStr = (*PublicKey)(pk).SerializeHybrid() } if !bytes.Equal(test.key, pkStr) { t.Errorf("%s pubkey: serialized keys do not match.", @@ -250,25 +249,25 @@ func TestPubKeys(t *testing.T) { } func TestPublicKeyIsEqual(t *testing.T) { - pubKey1, err := secp256k1.ParsePubKey( + pubKey1, err := ParsePubKey( []byte{0x03, 0x26, 0x89, 0xc7, 0xc2, 0xda, 0xb1, 0x33, 0x09, 0xfb, 0x14, 0x3e, 0x0e, 0x8f, 0xe3, 0x96, 0x34, 0x25, 0x21, 0x88, 0x7e, 0x97, 0x66, 0x90, 0xb6, 0xb4, 0x7f, 0x5b, 0x2a, 0x4b, 0x7d, 0x44, 0x8e, }, - secp256k1.S256(), + S256(), ) if err != nil { t.Fatalf("failed to parse raw bytes for pubKey1: %v", err) } - pubKey2, err := secp256k1.ParsePubKey( + pubKey2, err := ParsePubKey( []byte{0x02, 0xce, 0x0b, 0x14, 0xfb, 0x84, 0x2b, 0x1b, 0xa5, 0x49, 0xfd, 0xd6, 0x75, 0xc9, 0x80, 0x75, 0xf1, 0x2e, 0x9c, 0x51, 0x0f, 0x8e, 0xf5, 0x2b, 0xd0, 0x21, 0xa9, 0xa1, 0xf4, 0x80, 0x9d, 0x3b, 0x4d, }, - secp256k1.S256(), + S256(), ) if err != nil { t.Fatalf("failed to parse raw bytes for pubKey2: %v", err) diff --git a/dcrec/secp256k1/signature_test.go b/dcrec/secp256k1/signature_test.go index 5a68abc5ca..cdf75251c6 100644 --- a/dcrec/secp256k1/signature_test.go +++ b/dcrec/secp256k1/signature_test.go @@ -1,9 +1,9 @@ -// Copyright (c) 2013-2014 The btcsuite developers -// Copyright (c) 2015-2016 The Decred developers +// Copyright (c) 2013-2016 The btcsuite developers +// Copyright (c) 2015-2017 The Decred developers // Use of this source code is governed by an ISC // license that can be found in the LICENSE file. -package secp256k1_test +package secp256k1 import ( "bytes" @@ -13,8 +13,6 @@ import ( "fmt" "math/big" "testing" - - "github.com/decred/dcrd/dcrec/secp256k1" ) type signatureTest struct { @@ -333,9 +331,9 @@ func TestSignatures(t *testing.T) { for _, test := range signatureTests { var err error if test.der { - _, err = secp256k1.ParseDERSignature(test.sig, secp256k1.S256()) + _, err = ParseDERSignature(test.sig, S256()) } else { - _, err = secp256k1.ParseSignature(test.sig, secp256k1.S256()) + _, err = ParseSignature(test.sig, S256()) } if err != nil { if test.isValid { @@ -357,14 +355,14 @@ func TestSignatures(t *testing.T) { func TestSignatureSerialize(t *testing.T) { tests := []struct { name string - ecsig *secp256k1.Signature + ecsig *Signature expected []byte }{ // signature from decred blockchain tx // 0437cd7f8525ceed2324359c2d0ba26006d92d85 { "valid 1 - r and s most significant bits are zero", - &secp256k1.Signature{ + &Signature{ R: fromHex("4e45e16932b8af514961a1d3a1a25fdf3f4f7732e9d624c6c61548ab5fb8cd41"), S: fromHex("181522ec8eca07de4860a4acdd12909d831cc56cbbac4622082221a8768d1d09"), }, @@ -384,7 +382,7 @@ func TestSignatureSerialize(t *testing.T) { // cb00f8a0573b18faa8c4f467b049f5d202bf1101d9ef2633bc611be70376a4b4 { "valid 2 - r most significant bit is one", - &secp256k1.Signature{ + &Signature{ R: fromHex("0082235e21a2300022738dabb8e1bbd9d19cfb1e7ab8c30a23b0afbb8d178abcf3"), S: fromHex("24bf68e256c534ddfaf966bf908deb944305596f7bdcc38d69acad7f9c868724"), }, @@ -404,9 +402,9 @@ func TestSignatureSerialize(t *testing.T) { // fda204502a3345e08afd6af27377c052e77f1fefeaeb31bdd45f1e1237ca5470 { "valid 3 - s most significant bit is one", - &secp256k1.Signature{ + &Signature{ R: fromHex("1cadddc2838598fee7dc35a12b340c6bde8b389f7bfd19a1252a17c4b5ed2d71"), - S: new(big.Int).Add(fromHex("00c1a251bbecb14b058a8bd77f65de87e51c47e95904f4c0e9d52eddc21c1415ac"), secp256k1.S256().N), + S: new(big.Int).Add(fromHex("00c1a251bbecb14b058a8bd77f65de87e51c47e95904f4c0e9d52eddc21c1415ac"), S256().N), }, []byte{ 0x30, 0x45, 0x02, 0x20, 0x1c, 0xad, 0xdd, 0xc2, @@ -422,7 +420,7 @@ func TestSignatureSerialize(t *testing.T) { }, { "zero signature", - &secp256k1.Signature{ + &Signature{ R: big.NewInt(0), S: big.NewInt(0), }, @@ -440,19 +438,19 @@ func TestSignatureSerialize(t *testing.T) { } } -func testSignCompact(t *testing.T, tag string, curve *secp256k1.KoblitzCurve, +func testSignCompact(t *testing.T, tag string, curve *KoblitzCurve, data []byte, isCompressed bool) { - tmp, _ := secp256k1.GeneratePrivateKey(curve) - priv := (*secp256k1.PrivateKey)(tmp) + tmp, _ := GeneratePrivateKey(curve) + priv := (*PrivateKey)(tmp) hashed := []byte("testing") - sig, err := secp256k1.SignCompact(curve, priv, hashed, isCompressed) + sig, err := SignCompact(curve, priv, hashed, isCompressed) if err != nil { t.Errorf("%s: error signing: %s", tag, err) return } - pk, wasCompressed, err := secp256k1.RecoverCompact(curve, sig, hashed) + pk, wasCompressed, err := RecoverCompact(curve, sig, hashed) if err != nil { t.Errorf("%s: error recovering: %s", tag, err) return @@ -476,7 +474,7 @@ func testSignCompact(t *testing.T, tag string, curve *secp256k1.KoblitzCurve, sig[0] += 4 } - pk, wasCompressed, err = secp256k1.RecoverCompact(curve, sig, hashed) + pk, wasCompressed, err = RecoverCompact(curve, sig, hashed) if err != nil { t.Errorf("%s: error recovering (2): %s", tag, err) return @@ -504,7 +502,7 @@ func TestSignCompact(t *testing.T) { continue } compressed := i%2 != 0 - testSignCompact(t, name, secp256k1.S256(), data, compressed) + testSignCompact(t, name, S256(), data, compressed) } } @@ -559,11 +557,11 @@ func TestRFC6979(t *testing.T) { } for i, test := range tests { - privKey, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), decodeHex(test.key)) + privKey, _ := PrivKeyFromBytes(S256(), decodeHex(test.key)) hash := sha256.Sum256([]byte(test.msg)) // Ensure deterministically generated nonce is the expected value. - gotNonce := secp256k1.TstNonceRFC6979(privKey.D, hash[:]).Bytes() + gotNonce := NonceRFC6979(privKey.D, hash[:], nil, nil).Bytes() wantNonce := decodeHex(test.nonce) if !bytes.Equal(gotNonce, wantNonce) { t.Errorf("NonceRFC6979 #%d (%s): Nonce is incorrect: "+ @@ -591,11 +589,11 @@ func TestRFC6979(t *testing.T) { } func TestSignatureIsEqual(t *testing.T) { - sig1 := &secp256k1.Signature{ + sig1 := &Signature{ R: fromHex("0082235e21a2300022738dabb8e1bbd9d19cfb1e7ab8c30a23b0afbb8d178abcf3"), S: fromHex("24bf68e256c534ddfaf966bf908deb944305596f7bdcc38d69acad7f9c868724"), } - sig2 := &secp256k1.Signature{ + sig2 := &Signature{ R: fromHex("4e45e16932b8af514961a1d3a1a25fdf3f4f7732e9d624c6c61548ab5fb8cd41"), S: fromHex("181522ec8eca07de4860a4acdd12909d831cc56cbbac4622082221a8768d1d09"), }