Skip to content

Commit

Permalink
Use proptest rather than "TEST_SOUNDNESS"
Browse files Browse the repository at this point in the history
  • Loading branch information
LLFourn committed Jan 12, 2022
1 parent 854be2f commit 53c356b
Show file tree
Hide file tree
Showing 3 changed files with 87 additions and 79 deletions.
79 changes: 43 additions & 36 deletions schnorr_fun/src/adaptor/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -271,48 +271,55 @@ where
mod test {

use super::*;
use crate::nonce::{self, Deterministic};
use secp256kfun::TEST_SOUNDNESS;
use crate::nonce::{Deterministic, GlobalRng, Synthetic};
use rand::rngs::ThreadRng;
use secp256kfun::proptest::prelude::*;
use sha2::Sha256;
#[cfg(target_arch = "wasm32")]
use wasm_bindgen_test::wasm_bindgen_test as test;

fn test_schnorr<NG: NonceGen>(schnorr: Schnorr<sha2::Sha256, NG>) {
for _ in 0..TEST_SOUNDNESS {
let signing_keypair = schnorr.new_keypair(Scalar::random(&mut rand::thread_rng()));
let verification_key = signing_keypair.verification_key();
let decryption_key = Scalar::random(&mut rand::thread_rng());
let encryption_key = schnorr.encryption_key_for(&decryption_key);
let message = Message::<Public>::plain("test", b"give 100 coins to Bob".as_ref());

let encrypted_signature =
schnorr.encrypted_sign(&signing_keypair, &encryption_key, message);

assert!(schnorr.verify_encrypted_signature(
&signing_keypair.verification_key(),
&encryption_key,
message,
&encrypted_signature,
));
proptest! {
#[test]
fn signing_tests_deterministic(secret_key in any::<Scalar>(), decryption_key in any::<Scalar>()) {
let schnorr = Schnorr::<Sha256, Deterministic<Sha256>>::default();
test_it(schnorr, secret_key, decryption_key);
}

let decryption_key = decryption_key.mark::<Public>();
let signature =
schnorr.decrypt_signature(decryption_key.clone(), encrypted_signature.clone());
assert!(schnorr.verify(&verification_key, message, &signature));
let rec_decryption_key = schnorr
.recover_decryption_key(&encryption_key, &encrypted_signature, &signature)
.expect("recovery works");
assert_eq!(rec_decryption_key, decryption_key);
#[test]
fn signing_tests_synthetic(secret_key in any::<Scalar>(), decryption_key in any::<Scalar>()) {
let schnorr = Schnorr::<Sha256, Synthetic<Sha256, GlobalRng<ThreadRng>>>::default();
test_it(schnorr, secret_key, decryption_key);
}

}

#[test]
fn sign_plain_message() {
use rand::rngs::ThreadRng;
use sha2::Sha256;
test_schnorr(Schnorr::new(Deterministic::<Sha256>::default()));
test_schnorr(Schnorr::new(nonce::Synthetic::<
Sha256,
nonce::GlobalRng<ThreadRng>,
>::default()));
fn test_it<NG: NonceGen>(
schnorr: Schnorr<Sha256, NG>,
secret_key: Scalar,
decryption_key: Scalar,
) {
let signing_keypair = schnorr.new_keypair(secret_key);
let verification_key = signing_keypair.verification_key();
let encryption_key = schnorr.encryption_key_for(&decryption_key);
let message = Message::<Public>::plain("test", b"give 100 coins to Bob".as_ref());

let encrypted_signature =
schnorr.encrypted_sign(&signing_keypair, &encryption_key, message);

assert!(schnorr.verify_encrypted_signature(
&signing_keypair.verification_key(),
&encryption_key,
message,
&encrypted_signature,
));

let decryption_key = decryption_key.mark::<Public>();
let signature =
schnorr.decrypt_signature(decryption_key.clone(), encrypted_signature.clone());
assert!(schnorr.verify(&verification_key, message, &signature));
let rec_decryption_key = schnorr
.recover_decryption_key(&encryption_key, &encrypted_signature, &signature)
.expect("recovery works");
assert_eq!(rec_decryption_key, decryption_key);
}
}
2 changes: 1 addition & 1 deletion schnorr_fun/src/keypair.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ use secp256kfun::{marker::*, Point, Scalar, XOnly};
/// ```
///
/// [`Schnorr`]: crate::Schnorr
#[derive(Clone, Debug)]
#[derive(Clone, Debug, PartialEq)]
pub struct KeyPair {
pub(crate) sk: Scalar,
pub(crate) pk: XOnly,
Expand Down
85 changes: 43 additions & 42 deletions schnorr_fun/src/schnorr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -260,15 +260,45 @@ pub mod test {
use crate::fun::nonce::Deterministic;

use super::*;
use crate::fun::TEST_SOUNDNESS;
use crate::fun::proptest::prelude::*;
#[cfg(target_arch = "wasm32")]
use wasm_bindgen_test::wasm_bindgen_test as test;

#[test]
fn anticipated_signature_on_should_correspond_to_actual_signature() {
for _ in 0..TEST_SOUNDNESS {
fn deterministic_nonces_for_different_message_kinds() {
use core::str::FromStr;
use sha2::Sha256;
let schnorr = Schnorr::<Sha256, _>::new(Deterministic::<Sha256>::default());
let x =
Scalar::from_str("18451f9e08af9530814243e202a4a977130e672079f5c14dcf15bd4dee723072")
.unwrap();
let keypair = schnorr.new_keypair(x);
assert_ne!(
schnorr.sign(&keypair, Message::<Public>::raw(b"foo")).R,
schnorr
.sign(&keypair, Message::<Public>::plain("one", b"foo"))
.R
);
assert_ne!(
schnorr
.sign(&keypair, Message::<Public>::plain("one", b"foo"))
.R,
schnorr
.sign(&keypair, Message::<Public>::plain("two", b"foo"))
.R
);

// make sure deterministic signatures don't change
assert_eq!(schnorr.sign(&keypair, Message::<Public>::raw(b"foo")), Signature::<Public>::from_str("fe9e5d0319d5d221988d6fd7fe1c4bedd2fb4465f592f1002f461503332a266977bb4a0b00c00d07072c796212cbea0957ebaaa5139143761c45d997ebe36cbe").unwrap());
assert_eq!(schnorr.sign(&keypair, Message::<Public>::plain("one", b"foo")), Signature::<Public>::from_str("2fcf6fd140bbc4048e802c62f028e24f6534e0d15d450963265b67eead774d8b4aa7638bec9d70aa60b97e86bc4a60bf43ad2ff58e981ee1bba4f45ce02ff2c0").unwrap());
}

proptest! {

#[test]
fn anticipated_signature_on_should_correspond_to_actual_signature(sk in any::<Scalar>()) {
let schnorr = crate::test_instance!();
let keypair = schnorr.new_keypair(Scalar::random(&mut rand::thread_rng()));
let keypair = schnorr.new_keypair(sk);
let msg = Message::<Public>::plain(
"test",
b"Chancellor on brink of second bailout for banks",
Expand All @@ -286,14 +316,12 @@ pub mod test {
"should anticipate the same value as actual signature"
)
}
}

#[test]
fn sign_deterministic() {
let schnorr = crate::test_instance!();
for _ in 0..TEST_SOUNDNESS {
let keypair_1 = schnorr.new_keypair(Scalar::random(&mut rand::thread_rng()));
let keypair_2 = schnorr.new_keypair(Scalar::random(&mut rand::thread_rng()));
#[test]
fn sign_deterministic(s1 in any::<Scalar>(), s2 in any::<Scalar>()) {
let schnorr = crate::test_instance!();
let keypair_1 = schnorr.new_keypair(s1);
let keypair_2 = schnorr.new_keypair(s2);
let msg_atkdwn = Message::<Public>::plain("test", b"attack at dawn");
let msg_rtrtnoon = Message::<Public>::plain("test", b"retreat at noon");
let signature_1 = schnorr.sign(&keypair_1, msg_atkdwn);
Expand All @@ -303,37 +331,10 @@ pub mod test {

assert!(schnorr.verify(&keypair_1.verification_key(), msg_atkdwn, &signature_1));
assert_eq!(signature_1, signature_2);
assert_ne!(signature_3.R, signature_1.R);
assert_ne!(signature_1.R, signature_4.R);
if keypair_1 != keypair_2 {
assert_ne!(signature_3.R, signature_1.R);
assert_ne!(signature_1.R, signature_4.R);
}
}
}

#[test]
fn deterministic_nonces_for_different_message_kinds() {
use core::str::FromStr;
use sha2::Sha256;
let schnorr = Schnorr::<Sha256, _>::new(Deterministic::<Sha256>::default());
let x =
Scalar::from_str("18451f9e08af9530814243e202a4a977130e672079f5c14dcf15bd4dee723072")
.unwrap();
let keypair = schnorr.new_keypair(x);
assert_ne!(
schnorr.sign(&keypair, Message::<Public>::raw(b"foo")).R,
schnorr
.sign(&keypair, Message::<Public>::plain("one", b"foo"))
.R
);
assert_ne!(
schnorr
.sign(&keypair, Message::<Public>::plain("one", b"foo"))
.R,
schnorr
.sign(&keypair, Message::<Public>::plain("two", b"foo"))
.R
);

// make sure deterministic signatures don't change
assert_eq!(schnorr.sign(&keypair, Message::<Public>::raw(b"foo")), Signature::<Public>::from_str("fe9e5d0319d5d221988d6fd7fe1c4bedd2fb4465f592f1002f461503332a266977bb4a0b00c00d07072c796212cbea0957ebaaa5139143761c45d997ebe36cbe").unwrap());
assert_eq!(schnorr.sign(&keypair, Message::<Public>::plain("one", b"foo")), Signature::<Public>::from_str("2fcf6fd140bbc4048e802c62f028e24f6534e0d15d450963265b67eead774d8b4aa7638bec9d70aa60b97e86bc4a60bf43ad2ff58e981ee1bba4f45ce02ff2c0").unwrap());
}
}

0 comments on commit 53c356b

Please sign in to comment.