From b4ccca8d174f491eb04611b962a9c8e40af5caf9 Mon Sep 17 00:00:00 2001
From: Kris Nuttycombe <kris@nutty.land>
Date: Tue, 1 Feb 2022 14:35:46 -0700
Subject: [PATCH] Add test vectors for transparent OVKs

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
---
 pyproject.toml                             |  1 +
 zcash_test_vectors/transparent/__init__.py |  0
 zcash_test_vectors/transparent/zip_0316.py | 54 ++++++++++++++++++++++
 3 files changed, 55 insertions(+)
 create mode 100644 zcash_test_vectors/transparent/__init__.py
 create mode 100644 zcash_test_vectors/transparent/zip_0316.py

diff --git a/pyproject.toml b/pyproject.toml
index 32f7942..f4967d7 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -34,6 +34,7 @@ f4jumble = "zcash_test_vectors.f4jumble:main"
 zip_0143 = "zcash_test_vectors.zip_0143:main"
 zip_0243 = "zcash_test_vectors.zip_0243:main"
 zip_0244 = "zcash_test_vectors.zip_0244:main"
+zip_0316 = "zcash_test_vectors.transparent.zip_0316:main"
 
 # Sapling test vectors
 sapling_generators = "zcash_test_vectors.sapling.generators:main"
diff --git a/zcash_test_vectors/transparent/__init__.py b/zcash_test_vectors/transparent/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/zcash_test_vectors/transparent/zip_0316.py b/zcash_test_vectors/transparent/zip_0316.py
new file mode 100644
index 0000000..1ac6d23
--- /dev/null
+++ b/zcash_test_vectors/transparent/zip_0316.py
@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+import sys; assert sys.version_info[0] >= 3, "Python 3 required."
+
+from ..output import render_args, render_tv
+from ..rand import Rand
+from ..sapling.key_components import prf_expand
+
+
+def derive_ovks(chaincode, pk):
+    assert len(pk) == 33 and pk[0] in (0x02, 0x03)
+    I_ovk = prf_expand(chaincode, b'\xD0' + pk)
+    ovk_external = I_ovk[:32]
+    ovk_internal = I_ovk[32:]
+    return (ovk_external, ovk_internal)
+
+
+def main():
+    args = render_args()
+
+    from random import Random
+    rng = Random(0xabad533d)
+    def randbytes(l):
+        ret = []
+        while len(ret) < l:
+            ret.append(rng.randrange(0, 256))
+        return bytes(ret)
+    rand = Rand(randbytes)
+
+    test_vectors = []
+    for i in range(10):
+        chaincode = rand.b(32)
+        pk = bytes([0x02 + rand.bool()]) + rand.b(32)
+        (external_ovk, internal_ovk) = derive_ovks(chaincode, pk)
+        test_vectors.append({
+            'c' : chaincode,
+            'pk': pk,
+            'external_ovk': external_ovk,
+            'internal_ovk': internal_ovk,
+        })
+
+    render_tv(
+        args,
+        'zip_0316',
+        (
+            ('c',            '[u8; 32]'),
+            ('pk',           '[u8; 33]'),
+            ('external_ovk', '[u8; 32]'),
+            ('internal_ovk', '[u8; 32]'),
+        ),
+        test_vectors,
+    )
+
+if __file__ == '__main__':
+    main()
\ No newline at end of file