func Test_Secp256_06b(t *testing.T) { pubkey1, seckey := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) fail_count := 0 for i := 0; i < TESTS; i++ { msg = randentropy.GetEntropyCSPRNG(32) pubkey2, _ := RecoverPubkey(msg, sig) if bytes.Equal(pubkey1, pubkey2) == true { t.Fail() } if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil { t.Fail() } if VerifySignature(msg, sig, pubkey1) == nil { t.Fail() } } if fail_count != 0 { fmt.Printf("ERROR: Accepted signature for %v of %v random messages\n", fail_count, TESTS) } }
func (ks keyStorePassphrase) StoreKey(key *Key, auth string) (err error) { authArray := []byte(auth) salt := randentropy.GetEntropyCSPRNG(32) derivedKey, err := scrypt.Key(authArray, salt, scryptN, scryptr, scryptp, scryptdkLen) if err != nil { return err } encryptKey := derivedKey[:16] keyBytes := FromECDSA(key.PrivateKey) iv := randentropy.GetEntropyCSPRNG(aes.BlockSize) // 16 cipherText, err := aesCTRXOR(encryptKey, keyBytes, iv) if err != nil { return err } mac := Sha3(derivedKey[16:32], cipherText) scryptParamsJSON := make(map[string]interface{}, 5) scryptParamsJSON["n"] = scryptN scryptParamsJSON["r"] = scryptr scryptParamsJSON["p"] = scryptp scryptParamsJSON["dklen"] = scryptdkLen scryptParamsJSON["salt"] = hex.EncodeToString(salt) cipherParamsJSON := cipherparamsJSON{ IV: hex.EncodeToString(iv), } cryptoStruct := cryptoJSON{ Cipher: "aes-128-ctr", CipherText: hex.EncodeToString(cipherText), CipherParams: cipherParamsJSON, KDF: "scrypt", KDFParams: scryptParamsJSON, MAC: hex.EncodeToString(mac), } encryptedKeyJSONV3 := encryptedKeyJSONV3{ hex.EncodeToString(key.Address[:]), cryptoStruct, key.Id.String(), version, } keyJSON, err := json.Marshal(encryptedKeyJSONV3) if err != nil { return err } return writeKeyFile(key.Address, ks.keysDirPath, keyJSON) }
func Sign(msg []byte, seckey []byte) ([]byte, error) { nonce := randentropy.GetEntropyCSPRNG(32) var sig []byte = make([]byte, 65) var recid C.int var msg_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&msg[0])) var sig_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&sig[0])) var seckey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&seckey[0])) var noncefp_ptr = &(*C.secp256k1_nonce_function_default) var ndata_ptr = unsafe.Pointer(&nonce[0]) if C.secp256k1_ec_seckey_verify(seckey_ptr) != C.int(1) { return nil, errors.New("Invalid secret key") } ret := C.secp256k1_ecdsa_sign_compact( msg_ptr, sig_ptr, seckey_ptr, noncefp_ptr, ndata_ptr, &recid) sig[64] = byte(int(recid)) if ret != C.int(1) { // nonce invalid, retry return Sign(msg, seckey) } return sig, nil }
func Test_Secp256_06a_alt0(t *testing.T) { pubkey1, seckey := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) if sig == nil { t.Fail() } if len(sig) != 65 { t.Fail() } for i := 0; i < TESTS; i++ { sig = randSig() pubkey2, _ := RecoverPubkey(msg, sig) if bytes.Equal(pubkey1, pubkey2) == true { t.Fail() } if pubkey2 != nil && VerifySignature(msg, sig, pubkey2) != nil { t.Fail() } if VerifySignature(msg, sig, pubkey1) == nil { t.Fail() } } }
//test pubkey recovery func Test_Secp256_02a(t *testing.T) { pubkey1, seckey1 := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey1) if sig == nil { t.Fatal("Signature nil") } err := VerifySignature(msg, sig, pubkey1) if err != nil { t.Fatal("Signature invalid") } pubkey2, _ := RecoverPubkey(msg, sig) if len(pubkey1) != len(pubkey2) { t.Fatal() } for i, _ := range pubkey1 { if pubkey1[i] != pubkey2[i] { t.Fatal() } } if bytes.Equal(pubkey1, pubkey2) == false { t.Fatal() } }
func Test_Secp256_00(t *testing.T) { var nonce []byte = randentropy.GetEntropyCSPRNG(32) //going to get bitcoins stolen! if len(nonce) != 32 { t.Fatal() } }
//test random messages for the same pub/private key func Test_Secp256_03(t *testing.T) { _, seckey := GenerateKeyPair() for i := 0; i < TESTS; i++ { msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) CompactSigTest(sig) sig[len(sig)-1] %= 4 pubkey2, _ := RecoverPubkey(msg, sig) if pubkey2 == nil { t.Fail() } } }
//test random messages for different pub/private keys func Test_Secp256_04(t *testing.T) { for i := 0; i < TESTS; i++ { pubkey1, seckey := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) CompactSigTest(sig) if sig[len(sig)-1] >= 4 { t.Fail() } pubkey2, _ := RecoverPubkey(msg, sig) if pubkey2 == nil { t.Fail() } if bytes.Equal(pubkey1, pubkey2) == false { t.Fail() } } }
func GenerateKeyPair() ([]byte, []byte) { pubkey_len := C.int(65) const seckey_len = 32 var pubkey []byte = make([]byte, pubkey_len) var seckey []byte = randentropy.GetEntropyCSPRNG(seckey_len) var pubkey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&pubkey[0])) var seckey_ptr *C.uchar = (*C.uchar)(unsafe.Pointer(&seckey[0])) ret := C.secp256k1_ec_pubkey_create( pubkey_ptr, &pubkey_len, seckey_ptr, 0) if ret != C.int(1) { return GenerateKeyPair() //invalid secret, try again } return pubkey, seckey }
//test signing message func Test_Secp256_02(t *testing.T) { pubkey1, seckey := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) if sig == nil { t.Fatal("Signature nil") } pubkey2, _ := RecoverPubkey(msg, sig) if pubkey2 == nil { t.Fatal("Recovered pubkey invalid") } if bytes.Equal(pubkey1, pubkey2) == false { t.Fatal("Recovered pubkey does not match") } err := VerifySignature(msg, sig, pubkey1) if err != nil { t.Fatal("Signature invalid") } }
//test size of messages func Test_Secp256_02s(t *testing.T) { pubkey, seckey := GenerateKeyPair() msg := randentropy.GetEntropyCSPRNG(32) sig, _ := Sign(msg, seckey) CompactSigTest(sig) if sig == nil { t.Fatal("Signature nil") } if len(pubkey) != 65 { t.Fail() } if len(seckey) != 32 { t.Fail() } if len(sig) != 64+1 { t.Fail() } if int(sig[64]) > 4 { t.Fail() } //should be 0 to 4 }
func randSig() []byte { sig := randentropy.GetEntropyCSPRNG(65) sig[32] &= 0x70 sig[64] %= 4 return sig }