Merge pull request #1232 from nspcc-dev/fix/verifytest

crypto: fix failing Secp256r1 test
This commit is contained in:
Roman Khimov 2020-07-26 09:09:55 +03:00 committed by GitHub
commit 5983e6bd55
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 56 additions and 8 deletions

View file

@ -97,16 +97,26 @@ func TestCHECKMULTISIGGood(t *testing.T) {
t.Run("12_9", func(t *testing.T) { testCHECKMULTISIGGood(t, 12, []int{0, 1, 4, 5, 6, 7, 8, 9}) }) t.Run("12_9", func(t *testing.T) { testCHECKMULTISIGGood(t, 12, []int{0, 1, 4, 5, 6, 7, 8, 9}) })
} }
func testCHECKMULTISIGBad(t *testing.T, n int, ik, is []int) { func testCHECKMULTISIGBad(t *testing.T, isErr bool, n int, ik, is []int) {
v := initCHECKMULTISIGVM(t, n, ik, is) v := initCHECKMULTISIGVM(t, n, ik, is)
if isErr {
require.Error(t, v.Run())
return
}
require.NoError(t, v.Run()) require.NoError(t, v.Run())
assert.Equal(t, 1, v.Estack().Len()) assert.Equal(t, 1, v.Estack().Len())
assert.False(t, v.Estack().Pop().Bool()) assert.False(t, v.Estack().Pop().Bool())
} }
func TestCHECKMULTISIGBad(t *testing.T) { func TestCHECKMULTISIGBad(t *testing.T) {
t.Run("1_1 wrong signature", func(t *testing.T) { testCHECKMULTISIGBad(t, 2, []int{0}, []int{1}) }) t.Run("1_1 wrong signature", func(t *testing.T) { testCHECKMULTISIGBad(t, false, 2, []int{0}, []int{1}) })
t.Run("3_2 wrong order", func(t *testing.T) { testCHECKMULTISIGBad(t, 3, []int{0, 2}, []int{2, 0}) }) t.Run("3_2 wrong order", func(t *testing.T) { testCHECKMULTISIGBad(t, false, 3, []int{0, 2}, []int{2, 0}) })
t.Run("3_2 duplicate sig", func(t *testing.T) { testCHECKMULTISIGBad(t, 3, nil, []int{0, 0}) }) t.Run("3_2 duplicate sig", func(t *testing.T) { testCHECKMULTISIGBad(t, false, 3, nil, []int{0, 0}) })
t.Run("1_2 too many signatures", func(t *testing.T) { testCHECKMULTISIGBad(t, true, 2, []int{0}, []int{0, 1}) })
t.Run("gas limit exceeded", func(t *testing.T) {
v := initCHECKMULTISIGVM(t, 1, []int{0}, []int{0})
v.GasLimit = ECDSAVerifyPrice - 1
require.Error(t, v.Run())
})
} }

View file

@ -210,9 +210,15 @@ func TestECDSAVerify(t *testing.T) {
t.Run("invalid public key", func(t *testing.T) { t.Run("invalid public key", func(t *testing.T) {
sign := priv.Sign(msg) sign := priv.Sign(msg)
pub := priv.PublicKey().Bytes() pub := priv.PublicKey().Bytes()
pub = pub[10:] pub[0] = 0xFF // invalid prefix
runCase(t, true, false, sign, pub, msg) runCase(t, true, false, sign, pub, msg)
}) })
t.Run("invalid message", func(t *testing.T) {
sign := priv.Sign(msg)
runCase(t, false, false, sign, priv.PublicKey().Bytes(),
stackitem.NewArray([]stackitem.Item{stackitem.NewByteArray(msg)}))
})
} }
func TestRuntimeEncode(t *testing.T) { func TestRuntimeEncode(t *testing.T) {

View file

@ -136,8 +136,11 @@ func (p *PrivateKey) Sign(data []byte) []byte {
) )
r, s := rfc6979.SignECDSA(privateKey, digest[:], sha256.New) r, s := rfc6979.SignECDSA(privateKey, digest[:], sha256.New)
return getSignatureSlice(privateKey.Curve, r, s)
}
params := privateKey.Curve.Params() func getSignatureSlice(curve elliptic.Curve, r, s *big.Int) []byte {
params := curve.Params()
curveOrderByteSize := params.P.BitLen() / 8 curveOrderByteSize := params.P.BitLen() / 8
rBytes, sBytes := r.Bytes(), s.Bytes() rBytes, sBytes := r.Bytes(), s.Bytes()
signature := make([]byte, curveOrderByteSize*2) signature := make([]byte, curveOrderByteSize*2)

View file

@ -2,6 +2,7 @@ package keys
import ( import (
"crypto/ecdsa" "crypto/ecdsa"
"math/big"
"testing" "testing"
"github.com/btcsuite/btcd/btcec" "github.com/btcsuite/btcd/btcec"
@ -10,6 +11,34 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
func TestIssue1223(t *testing.T) {
var d, x, y big.Int
d.SetString("75066030006596498716801752450216843918658392116070031536027203512060270094427", 10)
x.SetString("56810139335762307690884151098712528235297095596167964448512639328424930082240", 10)
y.SetString("108055740278314806025442297642651169427004858252141003070998851291610422839293", 10)
privateKey := &btcec.PrivateKey{
PublicKey: ecdsa.PublicKey{
Curve: btcec.S256(),
X: &x,
Y: &y,
},
D: &d,
}
pubKey := PublicKey(ecdsa.PublicKey{
Curve: btcec.S256(),
X: privateKey.X,
Y: privateKey.Y,
})
hashedData := hash.Sha256([]byte("sample"))
signature, err := privateKey.Sign(hashedData.BytesBE())
require.NoError(t, err)
signedData := getSignatureSlice(privateKey.Curve, signature.R, signature.S)
require.True(t, pubKey.Verify(signedData, hashedData.BytesBE()))
}
func TestPubKeyVerify(t *testing.T) { func TestPubKeyVerify(t *testing.T) {
var data = []byte("sample") var data = []byte("sample")
hashedData := hash.Sha256(data) hashedData := hash.Sha256(data)
@ -32,7 +61,7 @@ func TestPubKeyVerify(t *testing.T) {
assert.Nil(t, err) assert.Nil(t, err)
signature, err := privateKey.Sign(hashedData.BytesBE()) signature, err := privateKey.Sign(hashedData.BytesBE())
require.NoError(t, err) require.NoError(t, err)
signedData := append(signature.R.Bytes(), signature.S.Bytes()...) signedData := getSignatureSlice(privateKey.Curve, signature.R, signature.S)
pubKey := PublicKey(ecdsa.PublicKey{ pubKey := PublicKey(ecdsa.PublicKey{
Curve: btcec.S256(), Curve: btcec.S256(),
X: privateKey.X, X: privateKey.X,
@ -66,7 +95,7 @@ func TestWrongPubKey(t *testing.T) {
assert.Nil(t, err) assert.Nil(t, err)
signature, err := privateKey.Sign(hashedData.BytesBE()) signature, err := privateKey.Sign(hashedData.BytesBE())
assert.Nil(t, err) assert.Nil(t, err)
signedData := append(signature.R.Bytes(), signature.S.Bytes()...) signedData := getSignatureSlice(privateKey.Curve, signature.R, signature.S)
secondPrivKey, err := btcec.NewPrivateKey(btcec.S256()) secondPrivKey, err := btcec.NewPrivateKey(btcec.S256())
assert.Nil(t, err) assert.Nil(t, err)