diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-02-09 09:41:55 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-02-09 09:56:11 +0100 |
| commit | 5ace56b96850dafc157839e6fb3795103f1bfc71 (patch) | |
| tree | 05c793f9db10efb83971101bed1477b146e50b1a /src/util | |
| parent | fab89196f0a3a14b8d1e3de593958b78f6d58775 (diff) | |
| download | gnunet-5ace56b96850dafc157839e6fb3795103f1bfc71.tar.gz gnunet-5ace56b96850dafc157839e6fb3795103f1bfc71.zip | |
-clean up test a bit
Diffstat (limited to 'src/util')
| -rw-r--r-- | src/util/test_crypto_cs.c | 283 |
1 files changed, 159 insertions, 124 deletions
diff --git a/src/util/test_crypto_cs.c b/src/util/test_crypto_cs.c index d3406516e..f7ac10982 100644 --- a/src/util/test_crypto_cs.c +++ b/src/util/test_crypto_cs.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* | 1 | /* |
| 2 | This file is part of GNUnet | 2 | This file is part of GNUnet |
| 3 | Copyright (C) 2014,2015 GNUnet e.V. | 3 | Copyright (C) 2021,2022 GNUnet e.V. |
| 4 | 4 | ||
| 5 | GNUnet is free software: you can redistribute it and/or modify it | 5 | GNUnet is free software: you can redistribute it and/or modify it |
| 6 | under the terms of the GNU Affero General Public License as published | 6 | under the terms of the GNU Affero General Public License as published |
| @@ -30,148 +30,166 @@ | |||
| 30 | 30 | ||
| 31 | #define ITER 25 | 31 | #define ITER 25 |
| 32 | 32 | ||
| 33 | void | 33 | static void |
| 34 | test_create_priv (struct GNUNET_CRYPTO_CsPrivateKey *priv) | 34 | test_create_priv (struct GNUNET_CRYPTO_CsPrivateKey *priv) |
| 35 | { | 35 | { |
| 36 | /* TEST 1 | 36 | /* TEST 1 |
| 37 | * Check that privkey is set | 37 | * Check that privkey is set |
| 38 | */ | 38 | */ |
| 39 | struct GNUNET_CRYPTO_CsPrivateKey other_priv; | 39 | struct GNUNET_CRYPTO_CsPrivateKey other_priv; |
| 40 | memcpy (&other_priv.scalar, &priv->scalar, sizeof(other_priv.scalar)); | ||
| 41 | 40 | ||
| 41 | other_priv = *priv; | ||
| 42 | GNUNET_CRYPTO_cs_private_key_generate (priv); | 42 | GNUNET_CRYPTO_cs_private_key_generate (priv); |
| 43 | 43 | GNUNET_assert (0 != | |
| 44 | GNUNET_assert (0 != memcmp (&other_priv.scalar, | 44 | GNUNET_memcmp (&other_priv.scalar, |
| 45 | &priv->scalar, | 45 | &priv->scalar)); |
| 46 | sizeof(other_priv.scalar))); | ||
| 47 | } | 46 | } |
| 48 | 47 | ||
| 49 | 48 | ||
| 50 | void | 49 | static void |
| 51 | test_generate_pub (const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 50 | test_generate_pub (const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
| 52 | struct GNUNET_CRYPTO_CsPublicKey *pub) | 51 | struct GNUNET_CRYPTO_CsPublicKey *pub) |
| 53 | { | 52 | { |
| 54 | /* TEST 1 | 53 | /* TEST 1 |
| 55 | * Check that pubkey is set | 54 | * Check that pubkey is set |
| 56 | */ | 55 | */ |
| 57 | struct GNUNET_CRYPTO_CsPublicKey other_pub; | 56 | struct GNUNET_CRYPTO_CsPublicKey other_pub; |
| 58 | memcpy (&other_pub.point, &pub->point, sizeof(other_pub.point)); | ||
| 59 | |||
| 60 | GNUNET_CRYPTO_cs_private_key_get_public (priv, pub); | ||
| 61 | 57 | ||
| 62 | GNUNET_assert (0 != memcmp (&other_pub.point, | 58 | other_pub = *pub; |
| 63 | &pub->point, | 59 | GNUNET_CRYPTO_cs_private_key_get_public (priv, |
| 64 | sizeof(other_pub.point))); | 60 | pub); |
| 61 | GNUNET_assert (0 != | ||
| 62 | GNUNET_memcmp (&other_pub.point, | ||
| 63 | &pub->point)); | ||
| 65 | 64 | ||
| 66 | /* TEST 2 | 65 | /* TEST 2 |
| 67 | * Check that pubkey is a valid point | 66 | * Check that pubkey is a valid point |
| 68 | */ | 67 | */ |
| 69 | GNUNET_assert (1 == crypto_core_ed25519_is_valid_point (pub->point.y)); | 68 | GNUNET_assert (1 == |
| 69 | crypto_core_ed25519_is_valid_point (pub->point.y)); | ||
| 70 | 70 | ||
| 71 | /* TEST 3 | 71 | /* TEST 3 |
| 72 | * Check if function gives the same result for the same output | 72 | * Check if function gives the same result for the same output |
| 73 | */ | 73 | */ |
| 74 | memcpy (&other_pub.point, &pub->point, sizeof(other_pub.point)); | 74 | other_pub = *pub; |
| 75 | 75 | for (unsigned int i = 0; i<ITER; i++) | |
| 76 | for (int i = 0; i<ITER; i++) { | 76 | { |
| 77 | GNUNET_CRYPTO_cs_private_key_get_public (priv, pub); | 77 | GNUNET_CRYPTO_cs_private_key_get_public (priv, |
| 78 | GNUNET_assert (0 == memcmp (&other_pub.point, | 78 | pub); |
| 79 | &pub->point, | 79 | GNUNET_assert (0 == |
| 80 | sizeof(other_pub.point))); | 80 | GNUNET_memcmp (&other_pub.point, |
| 81 | &pub->point)); | ||
| 81 | } | 82 | } |
| 82 | } | 83 | } |
| 83 | 84 | ||
| 84 | 85 | ||
| 85 | void | 86 | static void |
| 86 | test_derive_rsecret (const struct GNUNET_CRYPTO_CsNonce *nonce, | 87 | test_derive_rsecret (const struct GNUNET_CRYPTO_CsNonce *nonce, |
| 87 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 88 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
| 88 | struct GNUNET_CRYPTO_CsRSecret r[2]) | 89 | struct GNUNET_CRYPTO_CsRSecret r[2]) |
| 89 | { | 90 | { |
| 90 | /* TEST 1 | 91 | /* TEST 1 |
| 91 | * Check that r are set | 92 | * Check that r are set |
| 92 | */ | 93 | */ |
| 93 | struct GNUNET_CRYPTO_CsPrivateKey other_r[2]; | 94 | struct GNUNET_CRYPTO_CsPrivateKey other_r[2]; |
| 94 | memcpy (&other_r[0], &r[0], sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); | ||
| 95 | 95 | ||
| 96 | GNUNET_CRYPTO_cs_r_derive (nonce, priv, r); | 96 | memcpy (other_r, |
| 97 | 97 | r, | |
| 98 | GNUNET_assert (0 != memcmp (&other_r[0], | 98 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); |
| 99 | &r[0], | 99 | GNUNET_CRYPTO_cs_r_derive (nonce, |
| 100 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | 100 | priv, |
| 101 | r); | ||
| 102 | GNUNET_assert (0 != | ||
| 103 | memcmp (&other_r[0], | ||
| 104 | &r[0], | ||
| 105 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | ||
| 101 | 106 | ||
| 102 | /* TEST 2 | 107 | /* TEST 2 |
| 103 | * Check if function gives the same result for the same input. | 108 | * Check if function gives the same result for the same input. |
| 104 | * This test ensures that the derivation is deterministic. | 109 | * This test ensures that the derivation is deterministic. |
| 105 | */ | 110 | */ |
| 106 | memcpy (&other_r[0], &r[0], sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); | 111 | memcpy (other_r, |
| 107 | for (int i = 0; i<ITER; i++) { | 112 | r, |
| 108 | GNUNET_CRYPTO_cs_r_derive (nonce, priv, r); | 113 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2); |
| 109 | GNUNET_assert (0 == memcmp (&other_r[0], | 114 | for (unsigned int i = 0; i<ITER; i++) |
| 110 | &r[0], | 115 | { |
| 111 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | 116 | GNUNET_CRYPTO_cs_r_derive (nonce, |
| 117 | priv, | ||
| 118 | r); | ||
| 119 | GNUNET_assert (0 == | ||
| 120 | memcmp (other_r, | ||
| 121 | r, | ||
| 122 | sizeof(struct GNUNET_CRYPTO_CsPrivateKey) * 2)); | ||
| 112 | } | 123 | } |
| 113 | } | 124 | } |
| 114 | 125 | ||
| 115 | 126 | ||
| 116 | void | 127 | static void |
| 117 | test_generate_rpublic (const struct GNUNET_CRYPTO_CsRSecret *r_priv, | 128 | test_generate_rpublic (const struct GNUNET_CRYPTO_CsRSecret *r_priv, |
| 118 | struct GNUNET_CRYPTO_CsRPublic *r_pub) | 129 | struct GNUNET_CRYPTO_CsRPublic *r_pub) |
| 119 | { | 130 | { |
| 120 | /* TEST 1 | 131 | /* TEST 1 |
| 121 | * Check that r_pub is set | 132 | * Check that r_pub is set |
| 122 | */ | 133 | */ |
| 123 | struct GNUNET_CRYPTO_CsRPublic other_r_pub; | 134 | struct GNUNET_CRYPTO_CsRPublic other_r_pub; |
| 124 | memcpy (&other_r_pub.point, &r_pub->point, sizeof(other_r_pub.point)); | ||
| 125 | |||
| 126 | GNUNET_CRYPTO_cs_r_get_public (r_priv, r_pub); | ||
| 127 | |||
| 128 | GNUNET_assert (0 != memcmp (&other_r_pub.point, | ||
| 129 | &r_pub->point, | ||
| 130 | sizeof(other_r_pub.point))); | ||
| 131 | 135 | ||
| 136 | other_r_pub = *r_pub; | ||
| 137 | GNUNET_CRYPTO_cs_r_get_public (r_priv, | ||
| 138 | r_pub); | ||
| 139 | GNUNET_assert (0 != | ||
| 140 | GNUNET_memcmp (&other_r_pub.point, | ||
| 141 | &r_pub->point)); | ||
| 132 | /* TEST 2 | 142 | /* TEST 2 |
| 133 | * Check that r_pub is a valid point | 143 | * Check that r_pub is a valid point |
| 134 | */ | 144 | */ |
| 135 | GNUNET_assert (1 == crypto_core_ed25519_is_valid_point (r_pub->point.y)); | 145 | GNUNET_assert (1 == |
| 146 | crypto_core_ed25519_is_valid_point (r_pub->point.y)); | ||
| 136 | 147 | ||
| 137 | /* TEST 3 | 148 | /* TEST 3 |
| 138 | * Check if function gives the same result for the same output | 149 | * Check if function gives the same result for the same output |
| 139 | */ | 150 | */ |
| 140 | memcpy (&other_r_pub.point, &r_pub->point, sizeof(other_r_pub.point)); | 151 | other_r_pub.point = r_pub->point; |
| 141 | for (int i = 0; i<ITER; i++) { | 152 | for (int i = 0; i<ITER; i++) |
| 142 | GNUNET_CRYPTO_cs_r_get_public (r_priv, r_pub); | 153 | { |
| 143 | GNUNET_assert (0 == memcmp (&other_r_pub.point, | 154 | GNUNET_CRYPTO_cs_r_get_public (r_priv, |
| 144 | &r_pub->point, | 155 | r_pub); |
| 145 | sizeof(other_r_pub.point))); | 156 | GNUNET_assert (0 == |
| 157 | GNUNET_memcmp (&other_r_pub.point, | ||
| 158 | &r_pub->point)); | ||
| 146 | } | 159 | } |
| 147 | } | 160 | } |
| 148 | 161 | ||
| 149 | 162 | ||
| 150 | void | 163 | static void |
| 151 | test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed, | 164 | test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed, |
| 152 | struct GNUNET_CRYPTO_CsBlindingSecret bs[2]) | 165 | struct GNUNET_CRYPTO_CsBlindingSecret bs[2]) |
| 153 | { | 166 | { |
| 154 | /* TEST 1 | 167 | /* TEST 1 |
| 155 | * Check that blinding secrets are set | 168 | * Check that blinding secrets are set |
| 156 | */ | 169 | */ |
| 157 | struct GNUNET_CRYPTO_CsBlindingSecret other_bs[2]; | 170 | struct GNUNET_CRYPTO_CsBlindingSecret other_bs[2]; |
| 158 | memcpy (&other_bs[0], &bs[0], sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) | 171 | |
| 159 | * 2); | 172 | memcpy (other_bs, |
| 173 | bs, | ||
| 174 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) * 2); | ||
| 160 | 175 | ||
| 161 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); | 176 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); |
| 162 | 177 | ||
| 163 | GNUNET_assert (0 != memcmp (&other_bs[0], | 178 | GNUNET_assert (0 != |
| 164 | &bs[0], | 179 | memcmp (other_bs, |
| 165 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) | 180 | bs, |
| 166 | * 2)); | 181 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) |
| 182 | * 2)); | ||
| 167 | 183 | ||
| 168 | /* TEST 2 | 184 | /* TEST 2 |
| 169 | * Check if function gives the same result for the same input. | 185 | * Check if function gives the same result for the same input. |
| 170 | * This test ensures that the derivation is deterministic. | 186 | * This test ensures that the derivation is deterministic. |
| 171 | */ | 187 | */ |
| 172 | memcpy (&other_bs[0], &bs[0], sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) | 188 | memcpy (other_bs, |
| 173 | * 2); | 189 | bs, |
| 174 | for (int i = 0; i<ITER; i++) { | 190 | sizeof(struct GNUNET_CRYPTO_CsBlindingSecret) * 2); |
| 191 | for (unsigned int i = 0; i<ITER; i++) | ||
| 192 | { | ||
| 175 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); | 193 | GNUNET_CRYPTO_cs_blinding_secrets_derive (blind_seed, bs); |
| 176 | GNUNET_assert (0 == memcmp (&other_bs[0], | 194 | GNUNET_assert (0 == memcmp (&other_bs[0], |
| 177 | &bs[0], | 195 | &bs[0], |
| @@ -181,19 +199,20 @@ test_derive_blindingsecrets (const struct GNUNET_CRYPTO_CsNonce *blind_seed, | |||
| 181 | } | 199 | } |
| 182 | 200 | ||
| 183 | 201 | ||
| 184 | void | 202 | static void |
| 185 | test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | 203 | test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], |
| 186 | const struct GNUNET_CRYPTO_CsRPublic r_pub[2], | 204 | const struct GNUNET_CRYPTO_CsRPublic r_pub[2], |
| 187 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 205 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
| 188 | const void *msg, | 206 | const void *msg, |
| 189 | size_t msg_len, | 207 | size_t msg_len, |
| 190 | struct GNUNET_CRYPTO_CsC blinded_cs[2], | 208 | struct GNUNET_CRYPTO_CsC blinded_cs[2], |
| 191 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]) | 209 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pub[2]) |
| 192 | { | 210 | { |
| 193 | /* TEST 1 | 211 | /* TEST 1 |
| 194 | * Check that the blinded c's and blinded r's | 212 | * Check that the blinded c's and blinded r's |
| 195 | */ | 213 | */ |
| 196 | struct GNUNET_CRYPTO_CsC other_blinded_c[2]; | 214 | struct GNUNET_CRYPTO_CsC other_blinded_c[2]; |
| 215 | |||
| 197 | memcpy (&other_blinded_c[0], | 216 | memcpy (&other_blinded_c[0], |
| 198 | &blinded_cs[0], | 217 | &blinded_cs[0], |
| 199 | sizeof(struct GNUNET_CRYPTO_CsC) * 2); | 218 | sizeof(struct GNUNET_CRYPTO_CsC) * 2); |
| @@ -222,7 +241,8 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
| 222 | * Check if R' - aG -bX = R for b = 0 | 241 | * Check if R' - aG -bX = R for b = 0 |
| 223 | * This test does the opposite operations and checks wether the equation is still correct. | 242 | * This test does the opposite operations and checks wether the equation is still correct. |
| 224 | */ | 243 | */ |
| 225 | for (unsigned int b = 0; b <= 1; b++) { | 244 | for (unsigned int b = 0; b <= 1; b++) |
| 245 | { | ||
| 226 | struct GNUNET_CRYPTO_Cs25519Point aG; | 246 | struct GNUNET_CRYPTO_Cs25519Point aG; |
| 227 | struct GNUNET_CRYPTO_Cs25519Point bX; | 247 | struct GNUNET_CRYPTO_Cs25519Point bX; |
| 228 | struct GNUNET_CRYPTO_Cs25519Point r_min_aG; | 248 | struct GNUNET_CRYPTO_Cs25519Point r_min_aG; |
| @@ -252,7 +272,6 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
| 252 | } | 272 | } |
| 253 | 273 | ||
| 254 | 274 | ||
| 255 | |||
| 256 | /* TEST 3 | 275 | /* TEST 3 |
| 257 | * Check that the blinded r_pubs' are valid points | 276 | * Check that the blinded r_pubs' are valid points |
| 258 | */ | 277 | */ |
| @@ -271,7 +290,8 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
| 271 | &blinded_r_pub[0], | 290 | &blinded_r_pub[0], |
| 272 | sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2); | 291 | sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2); |
| 273 | 292 | ||
| 274 | for (int i = 0; i<ITER; i++) { | 293 | for (unsigned int i = 0; i<ITER; i++) |
| 294 | { | ||
| 275 | GNUNET_CRYPTO_cs_calc_blinded_c (bs, | 295 | GNUNET_CRYPTO_cs_calc_blinded_c (bs, |
| 276 | r_pub, | 296 | r_pub, |
| 277 | pub, | 297 | pub, |
| @@ -289,13 +309,13 @@ test_calc_blindedc (const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], | |||
| 289 | } | 309 | } |
| 290 | 310 | ||
| 291 | 311 | ||
| 292 | void | 312 | static void |
| 293 | test_blind_sign (unsigned int *b, | 313 | test_blind_sign (unsigned int *b, |
| 294 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, | 314 | const struct GNUNET_CRYPTO_CsPrivateKey *priv, |
| 295 | const struct GNUNET_CRYPTO_CsRSecret r[2], | 315 | const struct GNUNET_CRYPTO_CsRSecret r[2], |
| 296 | const struct GNUNET_CRYPTO_CsC c[2], | 316 | const struct GNUNET_CRYPTO_CsC c[2], |
| 297 | const struct GNUNET_CRYPTO_CsNonce *nonce, | 317 | const struct GNUNET_CRYPTO_CsNonce *nonce, |
| 298 | struct GNUNET_CRYPTO_CsBlindS *blinded_s) | 318 | struct GNUNET_CRYPTO_CsBlindS *blinded_s) |
| 299 | { | 319 | { |
| 300 | /* TEST 1 | 320 | /* TEST 1 |
| 301 | * Check that blinded_s is set | 321 | * Check that blinded_s is set |
| @@ -336,8 +356,10 @@ test_blind_sign (unsigned int *b, | |||
| 336 | * Check if function gives the same result for the same input. | 356 | * Check if function gives the same result for the same input. |
| 337 | */ | 357 | */ |
| 338 | memcpy (&other_blinded_s, blinded_s, sizeof(struct GNUNET_CRYPTO_CsBlindS)); | 358 | memcpy (&other_blinded_s, blinded_s, sizeof(struct GNUNET_CRYPTO_CsBlindS)); |
| 339 | unsigned int other_b; | 359 | for (unsigned int i = 0; i<ITER; i++) |
| 340 | for (int i = 0; i<ITER; i++) { | 360 | { |
| 361 | unsigned int other_b; | ||
| 362 | |||
| 341 | other_b = GNUNET_CRYPTO_cs_sign_derive (priv, r, c, nonce, blinded_s); | 363 | other_b = GNUNET_CRYPTO_cs_sign_derive (priv, r, c, nonce, blinded_s); |
| 342 | 364 | ||
| 343 | GNUNET_assert (other_b == *b); | 365 | GNUNET_assert (other_b == *b); |
| @@ -348,10 +370,10 @@ test_blind_sign (unsigned int *b, | |||
| 348 | } | 370 | } |
| 349 | 371 | ||
| 350 | 372 | ||
| 351 | void | 373 | static void |
| 352 | test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | 374 | test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, |
| 353 | const struct GNUNET_CRYPTO_CsBlindingSecret *bs, | 375 | const struct GNUNET_CRYPTO_CsBlindingSecret *bs, |
| 354 | struct GNUNET_CRYPTO_CsS *signature_scalar) | 376 | struct GNUNET_CRYPTO_CsS *signature_scalar) |
| 355 | { | 377 | { |
| 356 | /* TEST 1 | 378 | /* TEST 1 |
| 357 | * Check that signature_scalar is set | 379 | * Check that signature_scalar is set |
| @@ -387,7 +409,8 @@ test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | |||
| 387 | memcpy (&other_signature_scalar, signature_scalar, | 409 | memcpy (&other_signature_scalar, signature_scalar, |
| 388 | sizeof(struct GNUNET_CRYPTO_CsS)); | 410 | sizeof(struct GNUNET_CRYPTO_CsS)); |
| 389 | 411 | ||
| 390 | for (int i = 0; i<ITER; i++) { | 412 | for (unsigned int i = 0; i<ITER; i++) |
| 413 | { | ||
| 391 | GNUNET_CRYPTO_cs_unblind (blinded_signature_scalar, bs, signature_scalar); | 414 | GNUNET_CRYPTO_cs_unblind (blinded_signature_scalar, bs, signature_scalar); |
| 392 | GNUNET_assert (0 == memcmp (&other_signature_scalar, | 415 | GNUNET_assert (0 == memcmp (&other_signature_scalar, |
| 393 | signature_scalar, | 416 | signature_scalar, |
| @@ -396,10 +419,10 @@ test_unblinds (const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, | |||
| 396 | } | 419 | } |
| 397 | 420 | ||
| 398 | 421 | ||
| 399 | void | 422 | static void |
| 400 | test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | 423 | test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig, |
| 401 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 424 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
| 402 | const struct GNUNET_CRYPTO_CsC *c) | 425 | const struct GNUNET_CRYPTO_CsC *c) |
| 403 | { | 426 | { |
| 404 | /* TEST 1 | 427 | /* TEST 1 |
| 405 | * Test verifies the blinded signature sG == Rb + cbX | 428 | * Test verifies the blinded signature sG == Rb + cbX |
| @@ -425,28 +448,30 @@ test_blind_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | |||
| 425 | } | 448 | } |
| 426 | 449 | ||
| 427 | 450 | ||
| 428 | void | 451 | static void |
| 429 | test_verify (const struct GNUNET_CRYPTO_CsSignature *sig, | 452 | test_verify (const struct GNUNET_CRYPTO_CsSignature *sig, |
| 430 | const struct GNUNET_CRYPTO_CsPublicKey *pub, | 453 | const struct GNUNET_CRYPTO_CsPublicKey *pub, |
| 431 | const void *msg, | 454 | const void *msg, |
| 432 | size_t msg_len) | 455 | size_t msg_len) |
| 433 | { | 456 | { |
| 434 | /* TEST 1 | 457 | /* TEST 1 |
| 435 | * Test simple verification | 458 | * Test simple verification |
| 436 | */ | 459 | */ |
| 437 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_cs_verify (sig, | 460 | GNUNET_assert (GNUNET_YES == |
| 438 | pub, | 461 | GNUNET_CRYPTO_cs_verify (sig, |
| 439 | msg, | 462 | pub, |
| 440 | msg_len)); | 463 | msg, |
| 464 | msg_len)); | ||
| 441 | /* TEST 2 | 465 | /* TEST 2 |
| 442 | * Test verification of "wrong" message | 466 | * Test verification of "wrong" message |
| 443 | */ | 467 | */ |
| 444 | char other_msg[] = "test massege"; | 468 | char other_msg[] = "test massege"; |
| 445 | size_t other_msg_len = strlen ("test massege"); | 469 | size_t other_msg_len = strlen ("test massege"); |
| 446 | GNUNET_assert (GNUNET_SYSERR == GNUNET_CRYPTO_cs_verify (sig, | 470 | GNUNET_assert (GNUNET_SYSERR == |
| 447 | pub, | 471 | GNUNET_CRYPTO_cs_verify (sig, |
| 448 | other_msg, | 472 | pub, |
| 449 | other_msg_len)); | 473 | other_msg, |
| 474 | other_msg_len)); | ||
| 450 | } | 475 | } |
| 451 | 476 | ||
| 452 | 477 | ||
| @@ -468,16 +493,15 @@ main (int argc, | |||
| 468 | 493 | ||
| 469 | // derive nonce | 494 | // derive nonce |
| 470 | struct GNUNET_CRYPTO_CsNonce nonce; | 495 | struct GNUNET_CRYPTO_CsNonce nonce; |
| 471 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_hkdf (nonce.nonce, | 496 | GNUNET_assert (GNUNET_YES == |
| 472 | sizeof(nonce.nonce), | 497 | GNUNET_CRYPTO_kdf (nonce.nonce, |
| 473 | GCRY_MD_SHA512, | 498 | sizeof(nonce.nonce), |
| 474 | GCRY_MD_SHA256, | 499 | "nonce", |
| 475 | "nonce", | 500 | strlen ("nonce"), |
| 476 | strlen ("nonce"), | 501 | "nonce_secret", |
| 477 | "nonce_secret", | 502 | strlen ("nonce_secret"), |
| 478 | strlen ("nonce_secret"), | 503 | NULL, |
| 479 | NULL, | 504 | 0)); |
| 480 | 0)); | ||
| 481 | 505 | ||
| 482 | // generate r, R | 506 | // generate r, R |
| 483 | struct GNUNET_CRYPTO_CsRSecret r_secrets[2]; | 507 | struct GNUNET_CRYPTO_CsRSecret r_secrets[2]; |
| @@ -498,34 +522,45 @@ main (int argc, | |||
| 498 | struct GNUNET_CRYPTO_CsC blinded_cs[2]; | 522 | struct GNUNET_CRYPTO_CsC blinded_cs[2]; |
| 499 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pubs[2]; | 523 | struct GNUNET_CRYPTO_CsRPublic blinded_r_pubs[2]; |
| 500 | test_calc_blindedc (blindingsecrets, | 524 | test_calc_blindedc (blindingsecrets, |
| 501 | r_publics, | 525 | r_publics, |
| 502 | &pub, | 526 | &pub, |
| 503 | message, | 527 | message, |
| 504 | message_len, | 528 | message_len, |
| 505 | blinded_cs, | 529 | blinded_cs, |
| 506 | blinded_r_pubs); | 530 | blinded_r_pubs); |
| 507 | 531 | ||
| 508 | // ---------- actions performed by signer | 532 | // ---------- actions performed by signer |
| 509 | // sign blinded c's and get b and s in return | 533 | // sign blinded c's and get b and s in return |
| 510 | unsigned int b; | 534 | unsigned int b; |
| 511 | struct GNUNET_CRYPTO_CsBlindS blinded_s; | 535 | struct GNUNET_CRYPTO_CsBlindS blinded_s; |
| 512 | test_blind_sign (&b, &priv, r_secrets, blinded_cs, &nonce, &blinded_s); | 536 | test_blind_sign (&b, |
| 537 | &priv, | ||
| 538 | r_secrets, | ||
| 539 | blinded_cs, | ||
| 540 | &nonce, | ||
| 541 | &blinded_s); | ||
| 513 | 542 | ||
| 514 | // verify blinded signature | 543 | // verify blinded signature |
| 515 | struct GNUNET_CRYPTO_CsSignature blinded_signature; | 544 | struct GNUNET_CRYPTO_CsSignature blinded_signature; |
| 516 | blinded_signature.r_point = r_publics[b]; | 545 | blinded_signature.r_point = r_publics[b]; |
| 517 | blinded_signature.s_scalar.scalar = blinded_s.scalar; | 546 | blinded_signature.s_scalar.scalar = blinded_s.scalar; |
| 518 | test_blind_verify (&blinded_signature, &pub, &blinded_cs[b]); | 547 | test_blind_verify (&blinded_signature, |
| 548 | &pub, | ||
| 549 | &blinded_cs[b]); | ||
| 519 | 550 | ||
| 520 | // ---------- actions performed by user | 551 | // ---------- actions performed by user |
| 521 | struct GNUNET_CRYPTO_CsS sig_scalar; | 552 | struct GNUNET_CRYPTO_CsS sig_scalar; |
| 522 | test_unblinds (&blinded_s, &blindingsecrets[b], &sig_scalar); | 553 | test_unblinds (&blinded_s, |
| 554 | &blindingsecrets[b], | ||
| 555 | &sig_scalar); | ||
| 523 | 556 | ||
| 524 | // verify unblinded signature | 557 | // verify unblinded signature |
| 525 | struct GNUNET_CRYPTO_CsSignature signature; | 558 | struct GNUNET_CRYPTO_CsSignature signature; |
| 526 | signature.r_point = blinded_r_pubs[b]; | 559 | signature.r_point = blinded_r_pubs[b]; |
| 527 | signature.s_scalar = sig_scalar; | 560 | signature.s_scalar = sig_scalar; |
| 528 | test_verify (&signature, &pub, message, message_len); | 561 | test_verify (&signature, |
| 529 | 562 | &pub, | |
| 563 | message, | ||
| 564 | message_len); | ||
| 530 | return 0; | 565 | return 0; |
| 531 | } | 566 | } |