You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

194 lines
5.0 KiB

  1. package babyjub
  2. import (
  3. "crypto/rand"
  4. "encoding/hex"
  5. "fmt"
  6. "math/big"
  7. "testing"
  8. "github.com/iden3/go-iden3-crypto/constants"
  9. "github.com/iden3/go-iden3-crypto/utils"
  10. "github.com/stretchr/testify/assert"
  11. )
  12. func genInputs() (*PrivateKey, *big.Int) {
  13. k := NewRandPrivKey()
  14. fmt.Println("k", hex.EncodeToString(k[:]))
  15. msgBuf := [32]byte{}
  16. rand.Read(msgBuf[:])
  17. msg := utils.SetBigIntFromLEBytes(new(big.Int), msgBuf[:])
  18. msg.Mod(msg, constants.Q)
  19. fmt.Println("msg", msg)
  20. return &k, msg
  21. }
  22. func TestPublicKey(t *testing.T) {
  23. var k PrivateKey
  24. for i := 0; i < 256; i++ {
  25. hex.Decode(k[:], []byte{byte(i)})
  26. }
  27. pk := k.Public()
  28. assert.True(t, pk.X.Cmp(constants.Q) == -1)
  29. assert.True(t, pk.Y.Cmp(constants.Q) == -1)
  30. }
  31. func TestSignVerifyMimc7(t *testing.T) {
  32. var k PrivateKey
  33. hex.Decode(k[:], []byte("0001020304050607080900010203040506070809000102030405060708090001"))
  34. msgBuf, err := hex.DecodeString("00010203040506070809")
  35. if err != nil {
  36. panic(err)
  37. }
  38. msg := utils.SetBigIntFromLEBytes(new(big.Int), msgBuf)
  39. pk := k.Public()
  40. assert.Equal(t,
  41. "13277427435165878497778222415993513565335242147425444199013288855685581939618",
  42. pk.X.String())
  43. assert.Equal(t,
  44. "13622229784656158136036771217484571176836296686641868549125388198837476602820",
  45. pk.Y.String())
  46. sig := k.SignMimc7(msg)
  47. assert.Equal(t,
  48. "11384336176656855268977457483345535180380036354188103142384839473266348197733",
  49. sig.R8.X.String())
  50. assert.Equal(t,
  51. "15383486972088797283337779941324724402501462225528836549661220478783371668959",
  52. sig.R8.Y.String())
  53. assert.Equal(t,
  54. "2523202440825208709475937830811065542425109372212752003460238913256192595070",
  55. sig.S.String())
  56. ok := pk.VerifyMimc7(msg, sig)
  57. assert.Equal(t, true, ok)
  58. sigBuf := sig.Compress()
  59. sig2, err := new(Signature).Decompress(sigBuf)
  60. assert.Equal(t, nil, err)
  61. assert.Equal(t, ""+
  62. "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2"+
  63. "7ed40dab29bf993c928e789d007387998901a24913d44fddb64b1f21fc149405",
  64. hex.EncodeToString(sigBuf[:]))
  65. ok = pk.VerifyMimc7(msg, sig2)
  66. assert.Equal(t, true, ok)
  67. }
  68. func TestSignVerifyPoseidon(t *testing.T) {
  69. var k PrivateKey
  70. hex.Decode(k[:], []byte("0001020304050607080900010203040506070809000102030405060708090001"))
  71. msgBuf, err := hex.DecodeString("00010203040506070809")
  72. if err != nil {
  73. panic(err)
  74. }
  75. msg := utils.SetBigIntFromLEBytes(new(big.Int), msgBuf)
  76. pk := k.Public()
  77. assert.Equal(t,
  78. "13277427435165878497778222415993513565335242147425444199013288855685581939618",
  79. pk.X.String())
  80. assert.Equal(t,
  81. "13622229784656158136036771217484571176836296686641868549125388198837476602820",
  82. pk.Y.String())
  83. sig := k.SignPoseidon(msg)
  84. assert.Equal(t,
  85. "11384336176656855268977457483345535180380036354188103142384839473266348197733",
  86. sig.R8.X.String())
  87. assert.Equal(t,
  88. "15383486972088797283337779941324724402501462225528836549661220478783371668959",
  89. sig.R8.Y.String())
  90. assert.Equal(t,
  91. "248298168863866362217836334079793350221620631973732197668910946177382043688",
  92. sig.S.String())
  93. ok := pk.VerifyPoseidon(msg, sig)
  94. assert.Equal(t, true, ok)
  95. sigBuf := sig.Compress()
  96. sig2, err := new(Signature).Decompress(sigBuf)
  97. assert.Equal(t, nil, err)
  98. assert.Equal(t, ""+
  99. "dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2"+
  100. "28506bce274aa1b3f7e7c2fd7e4fe09bff8f9aa37a42def7994e98f322888c00",
  101. hex.EncodeToString(sigBuf[:]))
  102. ok = pk.VerifyPoseidon(msg, sig2)
  103. assert.Equal(t, true, ok)
  104. }
  105. func TestCompressDecompress(t *testing.T) {
  106. var k PrivateKey
  107. hex.Decode(k[:], []byte("0001020304050607080900010203040506070809000102030405060708090001"))
  108. pk := k.Public()
  109. for i := 0; i < 64; i++ {
  110. msgBuf, err := hex.DecodeString(fmt.Sprintf("000102030405060708%02d", i))
  111. if err != nil {
  112. panic(err)
  113. }
  114. msg := utils.SetBigIntFromLEBytes(new(big.Int), msgBuf)
  115. sig := k.SignMimc7(msg)
  116. sigBuf := sig.Compress()
  117. sig2, err := new(Signature).Decompress(sigBuf)
  118. assert.Equal(t, nil, err)
  119. ok := pk.VerifyMimc7(msg, sig2)
  120. assert.Equal(t, true, ok)
  121. }
  122. }
  123. func BenchmarkBabyjubEddsa(b *testing.B) {
  124. var k PrivateKey
  125. hex.Decode(k[:], []byte("0001020304050607080900010203040506070809000102030405060708090001"))
  126. pk := k.Public()
  127. const n = 256
  128. msgBuf, err := hex.DecodeString("00010203040506070809")
  129. if err != nil {
  130. panic(err)
  131. }
  132. msg := utils.SetBigIntFromLEBytes(new(big.Int), msgBuf)
  133. var msgs [n]*big.Int
  134. for i := 0; i < n; i++ {
  135. msgs[i] = new(big.Int).Add(msg, big.NewInt(int64(i)))
  136. }
  137. var sigs [n]*Signature
  138. b.Run("SignMimc7", func(b *testing.B) {
  139. for i := 0; i < b.N; i++ {
  140. k.SignMimc7(msgs[i%n])
  141. }
  142. })
  143. for i := 0; i < n; i++ {
  144. sigs[i%n] = k.SignMimc7(msgs[i%n])
  145. }
  146. b.Run("VerifyMimc7", func(b *testing.B) {
  147. for i := 0; i < b.N; i++ {
  148. pk.VerifyMimc7(msgs[i%n], sigs[i%n])
  149. }
  150. })
  151. b.Run("SignPoseidon", func(b *testing.B) {
  152. for i := 0; i < b.N; i++ {
  153. k.SignPoseidon(msgs[i%n])
  154. }
  155. })
  156. for i := 0; i < n; i++ {
  157. sigs[i%n] = k.SignPoseidon(msgs[i%n])
  158. }
  159. b.Run("VerifyPoseidon", func(b *testing.B) {
  160. for i := 0; i < b.N; i++ {
  161. pk.VerifyPoseidon(msgs[i%n], sigs[i%n])
  162. }
  163. })
  164. }