1 files changed, 39 insertions, 0 deletions
diff --git a/src/gnunet/crypto/gns_edkey_test.go b/src/gnunet/crypto/gns_edkey_test.go
index b5ba700..145bfab 100644
--- a/src/gnunet/crypto/gns_edkey_test.go
+++ b/src/gnunet/crypto/gns_edkey_test.go
@@ -22,7 +22,11 @@ import (
        "bytes"
        "encoding/hex"
        "gnunet/enums"
+        "gnunet/util"
        "testing"
+        "github.com/bfix/gospel/crypto/ed25519"
+        "github.com/bfix/gospel/math"
 )
 func TestEdKeyCreate(t *testing.T) {
@@ -58,3 +62,38 @@ func TestDeriveEDKEY(t *testing.T) {
                t.Fatal("derive mismatch")
        }
 }
+// test 'DerivedSign' from LSD0001, 5.1.2. EDKEY
+func TestDerivedSign(t *testing.T) {
+        for i := 0; i < 20; i++ {
+                // generate clamped private scalar and keys (EdDSA)
+                a := util.NewRndArray(32)
+                a[31] &= 248
+                a[0] &= 127
+                a[0] |= 64
+                d := math.NewIntFromBytes(a)
+                zp := ed25519.NewPrivateKeyFromD(d)
+                zk := zp.Public()
+                // calculate blinding factor
+                h := math.NewIntRnd(ed25519N)
+                // derive keys
+                dzp := zp.Mult(h)
+                dzk := zk.Mult(h)
+                if !dzk.Q.Equals(dzp.Public().Q) {
+                        t.Fatal("derive")
+                }
+                // per draft:
+                a1 := d.Rsh(3)
+                a2 := h.Mul(a1).Mod(ed25519N)
+                dd := a2.Lsh(3)
+                dzp2 := ed25519.NewPrivateKeyFromD(dd)
+                dzk2 := dzp2.Public()
+                if !dzk.Q.Equals(dzk2.Q) {
+                        t.Fatal("mismatch")
+                }
+        }
+}

diff --git a/src/gnunet/crypto/gns_edkey_test.go b/src/gnunet/crypto/gns_edkey_test.go index b5ba700..145bfab 100644 --- a/src/gnunet/crypto/gns_edkey_test.go +++ b/src/gnunet/crypto/gns_edkey_test.go
@@ -22,7 +22,11 @@ import (
22	"bytes"	22	"bytes"
23	"encoding/hex"	23	"encoding/hex"
24	"gnunet/enums"	24	"gnunet/enums"
		25	"gnunet/util"
25	"testing"	26	"testing"
		27
		28	"github.com/bfix/gospel/crypto/ed25519"
		29	"github.com/bfix/gospel/math"
26	)	30	)
27		31
28	func TestEdKeyCreate(t *testing.T) {	32	func TestEdKeyCreate(t *testing.T) {
@@ -58,3 +62,38 @@ func TestDeriveEDKEY(t *testing.T) {
58	t.Fatal("derive mismatch")	62	t.Fatal("derive mismatch")
59	}	63	}
60	}	64	}
		65
		66	// test 'DerivedSign' from LSD0001, 5.1.2. EDKEY
		67	func TestDerivedSign(t *testing.T) {
		68
		69	for i := 0; i < 20; i++ {
		70	// generate clamped private scalar and keys (EdDSA)
		71	a := util.NewRndArray(32)
		72	a[31] &= 248
		73	a[0] &= 127
		74	a[0] \|= 64
		75	d := math.NewIntFromBytes(a)
		76	zp := ed25519.NewPrivateKeyFromD(d)
		77	zk := zp.Public()
		78
		79	// calculate blinding factor
		80	h := math.NewIntRnd(ed25519N)
		81
		82	// derive keys
		83	dzp := zp.Mult(h)
		84	dzk := zk.Mult(h)
		85	if !dzk.Q.Equals(dzp.Public().Q) {
		86	t.Fatal("derive")
		87	}
		88
		89	// per draft:
		90	a1 := d.Rsh(3)
		91	a2 := h.Mul(a1).Mod(ed25519N)
		92	dd := a2.Lsh(3)
		93	dzp2 := ed25519.NewPrivateKeyFromD(dd)
		94	dzk2 := dzp2.Public()
		95	if !dzk.Q.Equals(dzk2.Q) {
		96	t.Fatal("mismatch")
		97	}
		98	}
		99	}