commit
3f47cfac5f
|
@ -0,0 +1,9 @@
|
|||
.PHONY: docs
|
||||
REPO:=github.com/tendermint/go-crypto
|
||||
|
||||
docs:
|
||||
@go get github.com/davecheney/godoc2md
|
||||
godoc2md $(REPO) > README.md
|
||||
|
||||
test:
|
||||
go test ./...
|
|
@ -1,25 +1,20 @@
|
|||
package crypto
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestSimpleArmor(t *testing.T) {
|
||||
blockType := "MINT TEST"
|
||||
data := []byte("somedata")
|
||||
armorStr := EncodeArmor(blockType, nil, data)
|
||||
t.Log("Got armor: ", armorStr)
|
||||
|
||||
// Decode armorStr and test for equivalence.
|
||||
blockType2, _, data2, err := DecodeArmor(armorStr)
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
if blockType != blockType2 {
|
||||
t.Errorf("Expected block type %v but got %v", blockType, blockType2)
|
||||
}
|
||||
if !bytes.Equal(data, data2) {
|
||||
t.Errorf("Expected data %X but got %X", data2, data)
|
||||
}
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.Equal(t, blockType, blockType2)
|
||||
assert.Equal(t, data, data2)
|
||||
}
|
||||
|
|
|
@ -0,0 +1,112 @@
|
|||
package crypto
|
||||
|
||||
import (
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
data "github.com/tendermint/go-data"
|
||||
)
|
||||
|
||||
type byter interface {
|
||||
Bytes() []byte
|
||||
}
|
||||
|
||||
// go to wire encoding and back
|
||||
func checkWire(t *testing.T, in byter, reader interface{}, typ byte) {
|
||||
// test to and from binary
|
||||
bin, err := data.ToWire(in)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.Equal(t, typ, bin[0])
|
||||
// make sure this is compatible with current (Bytes()) encoding
|
||||
assert.Equal(t, in.Bytes(), bin)
|
||||
|
||||
err = data.FromWire(bin, reader)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
}
|
||||
|
||||
// go to json encoding and back
|
||||
func checkJSON(t *testing.T, in interface{}, reader interface{}, typ string) {
|
||||
// test to and from binary
|
||||
js, err := data.ToJSON(in)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
styp := `"` + typ + `"`
|
||||
assert.True(t, strings.Contains(string(js), styp))
|
||||
|
||||
err = data.FromJSON(js, reader)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
|
||||
// also check text format
|
||||
text, err := data.ToText(in)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
parts := strings.Split(text, ":")
|
||||
require.Equal(t, 2, len(parts))
|
||||
// make sure the first part is the typ string
|
||||
assert.Equal(t, typ, parts[0])
|
||||
// and the data is also present in the json
|
||||
assert.True(t, strings.Contains(string(js), parts[1]))
|
||||
}
|
||||
|
||||
func TestKeyEncodings(t *testing.T) {
|
||||
cases := []struct {
|
||||
privKey PrivKeyS
|
||||
keyType byte
|
||||
keyName string
|
||||
}{
|
||||
{
|
||||
privKey: PrivKeyS{GenPrivKeyEd25519()},
|
||||
keyType: TypeEd25519,
|
||||
keyName: NameEd25519,
|
||||
},
|
||||
{
|
||||
privKey: PrivKeyS{GenPrivKeySecp256k1()},
|
||||
keyType: TypeSecp256k1,
|
||||
keyName: NameSecp256k1,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tc := range cases {
|
||||
// check (de/en)codings of private key
|
||||
priv2 := PrivKeyS{}
|
||||
checkWire(t, tc.privKey, &priv2, tc.keyType)
|
||||
assert.EqualValues(t, tc.privKey, priv2)
|
||||
priv3 := PrivKeyS{}
|
||||
checkJSON(t, tc.privKey, &priv3, tc.keyName)
|
||||
assert.EqualValues(t, tc.privKey, priv3)
|
||||
|
||||
// check (de/en)codings of public key
|
||||
pubKey := PubKeyS{tc.privKey.PubKey()}
|
||||
pub2 := PubKeyS{}
|
||||
checkWire(t, pubKey, &pub2, tc.keyType)
|
||||
assert.EqualValues(t, pubKey, pub2)
|
||||
pub3 := PubKeyS{}
|
||||
checkJSON(t, pubKey, &pub3, tc.keyName)
|
||||
assert.EqualValues(t, pubKey, pub3)
|
||||
}
|
||||
}
|
||||
|
||||
func toFromJSON(t *testing.T, in interface{}, recvr interface{}) {
|
||||
js, err := data.ToJSON(in)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
err = data.FromJSON(js, recvr)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
}
|
||||
|
||||
func TestNilEncodings(t *testing.T) {
|
||||
// make sure sigs are okay with nil
|
||||
a, b := SignatureS{}, SignatureS{}
|
||||
toFromJSON(t, a, &b)
|
||||
assert.EqualValues(t, a, b)
|
||||
|
||||
// make sure sigs are okay with nil
|
||||
c, d := PubKeyS{}, PubKeyS{}
|
||||
toFromJSON(t, c, &d)
|
||||
assert.EqualValues(t, c, d)
|
||||
|
||||
// make sure sigs are okay with nil
|
||||
e, f := PrivKeyS{}, PrivKeyS{}
|
||||
toFromJSON(t, e, &f)
|
||||
assert.EqualValues(t, e, f)
|
||||
|
||||
}
|
66
priv_key.go
66
priv_key.go
|
@ -7,6 +7,7 @@ import (
|
|||
"github.com/tendermint/ed25519"
|
||||
"github.com/tendermint/ed25519/extra25519"
|
||||
. "github.com/tendermint/go-common"
|
||||
data "github.com/tendermint/go-data"
|
||||
"github.com/tendermint/go-wire"
|
||||
)
|
||||
|
||||
|
@ -18,18 +19,43 @@ type PrivKey interface {
|
|||
Equals(PrivKey) bool
|
||||
}
|
||||
|
||||
// Types of PrivKey implementations
|
||||
// Types of implementations
|
||||
const (
|
||||
PrivKeyTypeEd25519 = byte(0x01)
|
||||
PrivKeyTypeSecp256k1 = byte(0x02)
|
||||
TypeEd25519 = byte(0x01)
|
||||
TypeSecp256k1 = byte(0x02)
|
||||
NameEd25519 = "ed25519"
|
||||
NameSecp256k1 = "secp256k1"
|
||||
)
|
||||
|
||||
// for wire.readReflect
|
||||
var _ = wire.RegisterInterface(
|
||||
struct{ PrivKey }{},
|
||||
wire.ConcreteType{PrivKeyEd25519{}, PrivKeyTypeEd25519},
|
||||
wire.ConcreteType{PrivKeySecp256k1{}, PrivKeyTypeSecp256k1},
|
||||
)
|
||||
var privKeyMapper data.Mapper
|
||||
|
||||
// register both private key types with go-data (and thus go-wire)
|
||||
func init() {
|
||||
privKeyMapper = data.NewMapper(PrivKeyS{}).
|
||||
RegisterInterface(PrivKeyEd25519{}, NameEd25519, TypeEd25519).
|
||||
RegisterInterface(PrivKeySecp256k1{}, NameSecp256k1, TypeSecp256k1)
|
||||
}
|
||||
|
||||
// PrivKeyS add json serialization to PrivKey
|
||||
type PrivKeyS struct {
|
||||
PrivKey
|
||||
}
|
||||
|
||||
func (p PrivKeyS) MarshalJSON() ([]byte, error) {
|
||||
return privKeyMapper.ToJSON(p.PrivKey)
|
||||
}
|
||||
|
||||
func (p *PrivKeyS) UnmarshalJSON(data []byte) (err error) {
|
||||
parsed, err := privKeyMapper.FromJSON(data)
|
||||
if err == nil && parsed != nil {
|
||||
p.PrivKey = parsed.(PrivKey)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (p PrivKeyS) Empty() bool {
|
||||
return p.PrivKey == nil
|
||||
}
|
||||
|
||||
func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error) {
|
||||
err = wire.ReadBinaryBytes(privKeyBytes, &privKey)
|
||||
|
@ -64,6 +90,17 @@ func (privKey PrivKeyEd25519) Equals(other PrivKey) bool {
|
|||
}
|
||||
}
|
||||
|
||||
func (p PrivKeyEd25519) MarshalJSON() ([]byte, error) {
|
||||
return data.Encoder.Marshal(p[:])
|
||||
}
|
||||
|
||||
func (p *PrivKeyEd25519) UnmarshalJSON(enc []byte) error {
|
||||
var ref []byte
|
||||
err := data.Encoder.Unmarshal(&ref, enc)
|
||||
copy(p[:], ref)
|
||||
return err
|
||||
}
|
||||
|
||||
func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte {
|
||||
keyCurve25519 := new([32]byte)
|
||||
privKeyBytes := [64]byte(privKey)
|
||||
|
@ -136,6 +173,17 @@ func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool {
|
|||
}
|
||||
}
|
||||
|
||||
func (p PrivKeySecp256k1) MarshalJSON() ([]byte, error) {
|
||||
return data.Encoder.Marshal(p[:])
|
||||
}
|
||||
|
||||
func (p *PrivKeySecp256k1) UnmarshalJSON(enc []byte) error {
|
||||
var ref []byte
|
||||
err := data.Encoder.Unmarshal(&ref, enc)
|
||||
copy(p[:], ref)
|
||||
return err
|
||||
}
|
||||
|
||||
func (privKey PrivKeySecp256k1) String() string {
|
||||
return Fmt("PrivKeySecp256k1{*****}")
|
||||
}
|
||||
|
|
83
pub_key.go
83
pub_key.go
|
@ -7,6 +7,7 @@ import (
|
|||
"github.com/tendermint/ed25519"
|
||||
"github.com/tendermint/ed25519/extra25519"
|
||||
. "github.com/tendermint/go-common"
|
||||
data "github.com/tendermint/go-data"
|
||||
"github.com/tendermint/go-wire"
|
||||
"golang.org/x/crypto/ripemd160"
|
||||
)
|
||||
|
@ -20,18 +21,35 @@ type PubKey interface {
|
|||
Equals(PubKey) bool
|
||||
}
|
||||
|
||||
// Types of PubKey implementations
|
||||
const (
|
||||
PubKeyTypeEd25519 = byte(0x01)
|
||||
PubKeyTypeSecp256k1 = byte(0x02)
|
||||
)
|
||||
var pubKeyMapper data.Mapper
|
||||
|
||||
// for wire.readReflect
|
||||
var _ = wire.RegisterInterface(
|
||||
struct{ PubKey }{},
|
||||
wire.ConcreteType{PubKeyEd25519{}, PubKeyTypeEd25519},
|
||||
wire.ConcreteType{PubKeySecp256k1{}, PubKeyTypeSecp256k1},
|
||||
)
|
||||
// register both public key types with go-data (and thus go-wire)
|
||||
func init() {
|
||||
pubKeyMapper = data.NewMapper(PubKeyS{}).
|
||||
RegisterInterface(PubKeyEd25519{}, NameEd25519, TypeEd25519).
|
||||
RegisterInterface(PubKeySecp256k1{}, NameSecp256k1, TypeSecp256k1)
|
||||
}
|
||||
|
||||
// PubKeyS add json serialization to PubKey
|
||||
type PubKeyS struct {
|
||||
PubKey
|
||||
}
|
||||
|
||||
func (p PubKeyS) MarshalJSON() ([]byte, error) {
|
||||
return pubKeyMapper.ToJSON(p.PubKey)
|
||||
}
|
||||
|
||||
func (p *PubKeyS) UnmarshalJSON(data []byte) (err error) {
|
||||
parsed, err := pubKeyMapper.FromJSON(data)
|
||||
if err == nil && parsed != nil {
|
||||
p.PubKey = parsed.(PubKey)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (p PubKeyS) Empty() bool {
|
||||
return p.PubKey == nil
|
||||
}
|
||||
|
||||
func PubKeyFromBytes(pubKeyBytes []byte) (pubKey PubKey, err error) {
|
||||
err = wire.ReadBinaryBytes(pubKeyBytes, &pubKey)
|
||||
|
@ -50,7 +68,7 @@ func (pubKey PubKeyEd25519) Address() []byte {
|
|||
PanicCrisis(*err)
|
||||
}
|
||||
// append type byte
|
||||
encodedPubkey := append([]byte{PubKeyTypeEd25519}, w.Bytes()...)
|
||||
encodedPubkey := append([]byte{TypeEd25519}, w.Bytes()...)
|
||||
hasher := ripemd160.New()
|
||||
hasher.Write(encodedPubkey) // does not error
|
||||
return hasher.Sum(nil)
|
||||
|
@ -61,6 +79,11 @@ func (pubKey PubKeyEd25519) Bytes() []byte {
|
|||
}
|
||||
|
||||
func (pubKey PubKeyEd25519) VerifyBytes(msg []byte, sig_ Signature) bool {
|
||||
// unwrap if needed
|
||||
if wrap, ok := sig_.(SignatureS); ok {
|
||||
sig_ = wrap.Signature
|
||||
}
|
||||
// make sure we use the same algorithm to sign
|
||||
sig, ok := sig_.(SignatureEd25519)
|
||||
if !ok {
|
||||
return false
|
||||
|
@ -70,6 +93,17 @@ func (pubKey PubKeyEd25519) VerifyBytes(msg []byte, sig_ Signature) bool {
|
|||
return ed25519.Verify(&pubKeyBytes, msg, &sigBytes)
|
||||
}
|
||||
|
||||
func (p PubKeyEd25519) MarshalJSON() ([]byte, error) {
|
||||
return data.Encoder.Marshal(p[:])
|
||||
}
|
||||
|
||||
func (p *PubKeyEd25519) UnmarshalJSON(enc []byte) error {
|
||||
var ref []byte
|
||||
err := data.Encoder.Unmarshal(&ref, enc)
|
||||
copy(p[:], ref)
|
||||
return err
|
||||
}
|
||||
|
||||
// For use with golang/crypto/nacl/box
|
||||
// If error, returns nil.
|
||||
func (pubKey PubKeyEd25519) ToCurve25519() *[32]byte {
|
||||
|
@ -111,7 +145,7 @@ func (pubKey PubKeySecp256k1) Address() []byte {
|
|||
PanicCrisis(*err)
|
||||
}
|
||||
// append type byte
|
||||
encodedPubkey := append([]byte{PubKeyTypeSecp256k1}, w.Bytes()...)
|
||||
encodedPubkey := append([]byte{TypeSecp256k1}, w.Bytes()...)
|
||||
hasher := ripemd160.New()
|
||||
hasher.Write(encodedPubkey) // does not error
|
||||
return hasher.Sum(nil)
|
||||
|
@ -122,14 +156,20 @@ func (pubKey PubKeySecp256k1) Bytes() []byte {
|
|||
}
|
||||
|
||||
func (pubKey PubKeySecp256k1) VerifyBytes(msg []byte, sig_ Signature) bool {
|
||||
pub__, err := secp256k1.ParsePubKey(append([]byte{0x04}, pubKey[:]...), secp256k1.S256())
|
||||
if err != nil {
|
||||
return false
|
||||
// unwrap if needed
|
||||
if wrap, ok := sig_.(SignatureS); ok {
|
||||
sig_ = wrap.Signature
|
||||
}
|
||||
// and assert same algorithm to sign and verify
|
||||
sig, ok := sig_.(SignatureSecp256k1)
|
||||
if !ok {
|
||||
return false
|
||||
}
|
||||
|
||||
pub__, err := secp256k1.ParsePubKey(append([]byte{0x04}, pubKey[:]...), secp256k1.S256())
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
sig__, err := secp256k1.ParseDERSignature(sig[:], secp256k1.S256())
|
||||
if err != nil {
|
||||
return false
|
||||
|
@ -137,6 +177,17 @@ func (pubKey PubKeySecp256k1) VerifyBytes(msg []byte, sig_ Signature) bool {
|
|||
return sig__.Verify(Sha256(msg), pub__)
|
||||
}
|
||||
|
||||
func (p PubKeySecp256k1) MarshalJSON() ([]byte, error) {
|
||||
return data.Encoder.Marshal(p[:])
|
||||
}
|
||||
|
||||
func (p *PubKeySecp256k1) UnmarshalJSON(enc []byte) error {
|
||||
var ref []byte
|
||||
err := data.Encoder.Unmarshal(&ref, enc)
|
||||
copy(p[:], ref)
|
||||
return err
|
||||
}
|
||||
|
||||
func (pubKey PubKeySecp256k1) String() string {
|
||||
return Fmt("PubKeySecp256k1{%X}", pubKey[:])
|
||||
}
|
||||
|
|
58
signature.go
58
signature.go
|
@ -5,6 +5,7 @@ import (
|
|||
"fmt"
|
||||
|
||||
. "github.com/tendermint/go-common"
|
||||
data "github.com/tendermint/go-data"
|
||||
"github.com/tendermint/go-wire"
|
||||
)
|
||||
|
||||
|
@ -16,18 +17,35 @@ type Signature interface {
|
|||
Equals(Signature) bool
|
||||
}
|
||||
|
||||
// Types of Signature implementations
|
||||
const (
|
||||
SignatureTypeEd25519 = byte(0x01)
|
||||
SignatureTypeSecp256k1 = byte(0x02)
|
||||
)
|
||||
var sigMapper data.Mapper
|
||||
|
||||
// for wire.readReflect
|
||||
var _ = wire.RegisterInterface(
|
||||
struct{ Signature }{},
|
||||
wire.ConcreteType{SignatureEd25519{}, SignatureTypeEd25519},
|
||||
wire.ConcreteType{SignatureSecp256k1{}, SignatureTypeSecp256k1},
|
||||
)
|
||||
// register both public key types with go-data (and thus go-wire)
|
||||
func init() {
|
||||
sigMapper = data.NewMapper(SignatureS{}).
|
||||
RegisterInterface(SignatureEd25519{}, NameEd25519, TypeEd25519).
|
||||
RegisterInterface(SignatureSecp256k1{}, NameSecp256k1, TypeSecp256k1)
|
||||
}
|
||||
|
||||
// SignatureS add json serialization to Signature
|
||||
type SignatureS struct {
|
||||
Signature
|
||||
}
|
||||
|
||||
func (p SignatureS) MarshalJSON() ([]byte, error) {
|
||||
return sigMapper.ToJSON(p.Signature)
|
||||
}
|
||||
|
||||
func (p *SignatureS) UnmarshalJSON(data []byte) (err error) {
|
||||
parsed, err := sigMapper.FromJSON(data)
|
||||
if err == nil && parsed != nil {
|
||||
p.Signature = parsed.(Signature)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
func (p SignatureS) Empty() bool {
|
||||
return p.Signature == nil
|
||||
}
|
||||
|
||||
func SignatureFromBytes(sigBytes []byte) (sig Signature, err error) {
|
||||
err = wire.ReadBinaryBytes(sigBytes, &sig)
|
||||
|
@ -55,6 +73,17 @@ func (sig SignatureEd25519) Equals(other Signature) bool {
|
|||
}
|
||||
}
|
||||
|
||||
func (p SignatureEd25519) MarshalJSON() ([]byte, error) {
|
||||
return data.Encoder.Marshal(p[:])
|
||||
}
|
||||
|
||||
func (p *SignatureEd25519) UnmarshalJSON(enc []byte) error {
|
||||
var ref []byte
|
||||
err := data.Encoder.Unmarshal(&ref, enc)
|
||||
copy(p[:], ref)
|
||||
return err
|
||||
}
|
||||
|
||||
//-------------------------------------
|
||||
|
||||
// Implements Signature
|
||||
|
@ -75,3 +104,10 @@ func (sig SignatureSecp256k1) Equals(other Signature) bool {
|
|||
return false
|
||||
}
|
||||
}
|
||||
func (p SignatureSecp256k1) MarshalJSON() ([]byte, error) {
|
||||
return data.Encoder.Marshal(p)
|
||||
}
|
||||
|
||||
func (p *SignatureSecp256k1) UnmarshalJSON(enc []byte) error {
|
||||
return data.Encoder.Unmarshal((*[]byte)(p), enc)
|
||||
}
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
package crypto
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/tendermint/ed25519"
|
||||
"github.com/tendermint/go-wire"
|
||||
data "github.com/tendermint/go-data"
|
||||
)
|
||||
|
||||
func TestSignAndValidateEd25519(t *testing.T) {
|
||||
|
@ -15,109 +17,93 @@ func TestSignAndValidateEd25519(t *testing.T) {
|
|||
|
||||
msg := CRandBytes(128)
|
||||
sig := privKey.Sign(msg)
|
||||
t.Logf("msg: %X, sig: %X", msg, sig)
|
||||
|
||||
// Test the signature
|
||||
if !pubKey.VerifyBytes(msg, sig) {
|
||||
t.Errorf("Account message signature verification failed")
|
||||
}
|
||||
assert.True(t, pubKey.VerifyBytes(msg, sig))
|
||||
|
||||
// Mutate the signature, just one bit.
|
||||
sigEd := sig.(SignatureEd25519)
|
||||
sigEd[0] ^= byte(0x01)
|
||||
sig = Signature(sigEd)
|
||||
|
||||
if pubKey.VerifyBytes(msg, sig) {
|
||||
t.Errorf("Account message signature verification should have failed but passed instead")
|
||||
}
|
||||
assert.False(t, pubKey.VerifyBytes(msg, sig))
|
||||
}
|
||||
|
||||
func TestSignAndValidateSecp256k1(t *testing.T) {
|
||||
|
||||
privKey := GenPrivKeySecp256k1()
|
||||
pubKey := privKey.PubKey()
|
||||
|
||||
msg := CRandBytes(128)
|
||||
sig := privKey.Sign(msg)
|
||||
t.Logf("msg: %X, sig: %X", msg, sig)
|
||||
|
||||
// Test the signature
|
||||
if !pubKey.VerifyBytes(msg, sig) {
|
||||
t.Errorf("Account message signature verification failed")
|
||||
}
|
||||
assert.True(t, pubKey.VerifyBytes(msg, sig))
|
||||
|
||||
// Mutate the signature, just one bit.
|
||||
sigEd := sig.(SignatureSecp256k1)
|
||||
sigEd[0] ^= byte(0x01)
|
||||
sig = Signature(sigEd)
|
||||
|
||||
if pubKey.VerifyBytes(msg, sig) {
|
||||
t.Errorf("Account message signature verification should have failed but passed instead")
|
||||
}
|
||||
assert.False(t, pubKey.VerifyBytes(msg, sig))
|
||||
}
|
||||
|
||||
func TestBinaryDecodeEd25519(t *testing.T) {
|
||||
|
||||
privKey := GenPrivKeyEd25519()
|
||||
pubKey := privKey.PubKey()
|
||||
|
||||
msg := CRandBytes(128)
|
||||
sig := privKey.Sign(msg)
|
||||
t.Logf("msg: %X, sig: %X", msg, sig)
|
||||
|
||||
buf, n, err := new(bytes.Buffer), new(int), new(error)
|
||||
wire.WriteBinary(struct{ Signature }{sig}, buf, n, err)
|
||||
if *err != nil {
|
||||
t.Fatalf("Failed to write Signature: %v", err)
|
||||
func TestSignatureEncodings(t *testing.T) {
|
||||
cases := []struct {
|
||||
privKey PrivKeyS
|
||||
sigSize int
|
||||
sigType byte
|
||||
sigName string
|
||||
}{
|
||||
{
|
||||
privKey: PrivKeyS{GenPrivKeyEd25519()},
|
||||
sigSize: ed25519.SignatureSize,
|
||||
sigType: TypeEd25519,
|
||||
sigName: NameEd25519,
|
||||
},
|
||||
{
|
||||
privKey: PrivKeyS{GenPrivKeySecp256k1()},
|
||||
sigSize: 0, // unknown
|
||||
sigType: TypeSecp256k1,
|
||||
sigName: NameSecp256k1,
|
||||
},
|
||||
}
|
||||
|
||||
if len(buf.Bytes()) != ed25519.SignatureSize+1 {
|
||||
// 1 byte TypeByte, 64 bytes signature bytes
|
||||
t.Fatalf("Unexpected signature write size: %v", len(buf.Bytes()))
|
||||
}
|
||||
if buf.Bytes()[0] != SignatureTypeEd25519 {
|
||||
t.Fatalf("Unexpected signature type byte")
|
||||
}
|
||||
for _, tc := range cases {
|
||||
// note we embed them from the beginning....
|
||||
pubKey := PubKeyS{tc.privKey.PubKey()}
|
||||
|
||||
sigStruct := struct{ Signature }{}
|
||||
sig2 := wire.ReadBinary(sigStruct, buf, 0, n, err)
|
||||
if *err != nil {
|
||||
t.Fatalf("Failed to read Signature: %v", err)
|
||||
}
|
||||
msg := CRandBytes(128)
|
||||
sig := SignatureS{tc.privKey.Sign(msg)}
|
||||
|
||||
// Test the signature
|
||||
if !pubKey.VerifyBytes(msg, sig2.(struct{ Signature }).Signature.(SignatureEd25519)) {
|
||||
t.Errorf("Account message signature verification failed")
|
||||
}
|
||||
}
|
||||
|
||||
func TestBinaryDecodeSecp256k1(t *testing.T) {
|
||||
|
||||
privKey := GenPrivKeySecp256k1()
|
||||
pubKey := privKey.PubKey()
|
||||
|
||||
msg := CRandBytes(128)
|
||||
sig := privKey.Sign(msg)
|
||||
t.Logf("msg: %X, sig: %X", msg, sig)
|
||||
|
||||
buf, n, err := new(bytes.Buffer), new(int), new(error)
|
||||
wire.WriteBinary(struct{ Signature }{sig}, buf, n, err)
|
||||
if *err != nil {
|
||||
t.Fatalf("Failed to write Signature: %v", err)
|
||||
}
|
||||
|
||||
if buf.Bytes()[0] != SignatureTypeSecp256k1 {
|
||||
t.Fatalf("Unexpected signature type byte")
|
||||
}
|
||||
|
||||
sigStruct := struct{ Signature }{}
|
||||
sig2 := wire.ReadBinary(sigStruct, buf, 0, n, err)
|
||||
if *err != nil {
|
||||
t.Fatalf("Failed to read Signature: %v", err)
|
||||
}
|
||||
|
||||
// Test the signature
|
||||
if !pubKey.VerifyBytes(msg, sig2.(struct{ Signature }).Signature.(SignatureSecp256k1)) {
|
||||
t.Errorf("Account message signature verification failed")
|
||||
// store as wire
|
||||
bin, err := data.ToWire(sig)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
if tc.sigSize != 0 {
|
||||
assert.Equal(t, tc.sigSize+1, len(bin))
|
||||
}
|
||||
assert.Equal(t, tc.sigType, bin[0])
|
||||
|
||||
// and back
|
||||
sig2 := SignatureS{}
|
||||
err = data.FromWire(bin, &sig2)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.EqualValues(t, sig, sig2)
|
||||
assert.True(t, pubKey.VerifyBytes(msg, sig2))
|
||||
|
||||
// store as json
|
||||
js, err := data.ToJSON(sig)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.True(t, strings.Contains(string(js), tc.sigName))
|
||||
|
||||
// and back
|
||||
sig3 := SignatureS{}
|
||||
err = data.FromJSON(js, &sig3)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.EqualValues(t, sig, sig3)
|
||||
assert.True(t, pubKey.VerifyBytes(msg, sig3))
|
||||
|
||||
// and make sure we can textify it
|
||||
text, err := data.ToText(sig)
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.True(t, strings.HasPrefix(text, tc.sigName))
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,9 +1,11 @@
|
|||
package crypto
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
|
@ -14,16 +16,10 @@ func TestSimple(t *testing.T) {
|
|||
plaintext := []byte("sometext")
|
||||
secret := []byte("somesecretoflengththirtytwo===32")
|
||||
ciphertext := EncryptSymmetric(plaintext, secret)
|
||||
|
||||
plaintext2, err := DecryptSymmetric(ciphertext, secret)
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
|
||||
if !bytes.Equal(plaintext, plaintext2) {
|
||||
t.Errorf("Decrypted plaintext was %X, expected %X", plaintext2, plaintext)
|
||||
}
|
||||
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.Equal(t, plaintext, plaintext2)
|
||||
}
|
||||
|
||||
func TestSimpleWithKDF(t *testing.T) {
|
||||
|
@ -39,14 +35,8 @@ func TestSimpleWithKDF(t *testing.T) {
|
|||
secret = Sha256(secret)
|
||||
|
||||
ciphertext := EncryptSymmetric(plaintext, secret)
|
||||
|
||||
plaintext2, err := DecryptSymmetric(ciphertext, secret)
|
||||
if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
|
||||
if !bytes.Equal(plaintext, plaintext2) {
|
||||
t.Errorf("Decrypted plaintext was %X, expected %X", plaintext2, plaintext)
|
||||
}
|
||||
|
||||
require.Nil(t, err, "%+v", err)
|
||||
assert.Equal(t, plaintext, plaintext2)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue