Add test vectors for transparent OVKs

Co-authored-by: Daira Hopwood <daira@jacaranda.org>

pyproject.toml

@@ -34,6 +34,7 @@ f4jumble = "zcash_test_vectors.f4jumble:main"
 zip_0143 = "zcash_test_vectors.zip_0143:main"
 zip_0243 = "zcash_test_vectors.zip_0243:main"
 zip_0244 = "zcash_test_vectors.zip_0244:main"
+zip_0316 = "zcash_test_vectors.transparent.zip_0316:main"
 
 # Sapling test vectors
 sapling_generators = "zcash_test_vectors.sapling.generators:main"

zcash_test_vectors/transparent/zip_0316.py

@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+import sys; assert sys.version_info[0] >= 3, "Python 3 required."
+
+from ..output import render_args, render_tv
+from ..rand import Rand
+from ..sapling.key_components import prf_expand
+
+
+def derive_ovks(chaincode, pk):
+    assert len(pk) == 33 and pk[0] in (0x02, 0x03)
+    I_ovk = prf_expand(chaincode, b'\xD0' + pk)
+    ovk_external = I_ovk[:32]
+    ovk_internal = I_ovk[32:]
+    return (ovk_external, ovk_internal)
+
+
+def main():
+    args = render_args()
+
+    from random import Random
+    rng = Random(0xabad533d)
+    def randbytes(l):
+        ret = []
+        while len(ret) < l:
+            ret.append(rng.randrange(0, 256))
+        return bytes(ret)
+    rand = Rand(randbytes)
+
+    test_vectors = []
+    for i in range(10):
+        chaincode = rand.b(32)
+        pk = bytes([0x02 + rand.bool()]) + rand.b(32)
+        (external_ovk, internal_ovk) = derive_ovks(chaincode, pk)
+        test_vectors.append({
+            'c' : chaincode,
+            'pk': pk,
+            'external_ovk': external_ovk,
+            'internal_ovk': internal_ovk,
+        })
+
+    render_tv(
+        args,
+        'zip_0316',
+        (
+            ('c',            '[u8; 32]'),
+            ('pk',           '[u8; 33]'),
+            ('external_ovk', '[u8; 32]'),
+            ('internal_ovk', '[u8; 32]'),
+        ),
+        test_vectors,
+    )
+
+if __file__ == '__main__':
+    main()