Peerplays_Blockchain/peerplays-fc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Replace secp256k1-zkp with secp256k1

Browse source
This commit is contained in:
serkixenos 2022-06-30 17:43:56 +00:00
parent e7369949be
commit 2e5f550ddb
11 changed files with 83 additions and 586 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitmodules vendored
View file

@ -4,3 +4,6 @@
[submodule "vendor/editline"]
path = vendor/editline
url = https://github.com/troglobit/editline.git
[submodule "vendor/secp256k1"]
path = vendor/secp256k1
url = https://github.com/libbitcoin/secp256k1.git

30
CMakeLists.txt
View file

@ -54,10 +54,10 @@ ELSE( ECC_IMPL STREQUAL openssl )
ENDIF( ECC_IMPL STREQUAL mixed )
ENDIF( ECC_IMPL STREQUAL openssl )
# Configure secp256k1-zkp
# Configure secp256k1
if ( MSVC )
# autoconf won't work here, hard code the defines
set( SECP256K1_DIR "${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp" )
set( SECP256K1_DIR "${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1" )
file( GLOB SECP256K1_SOURCES "${SECP256K1_DIR}/src/secp256k1.c" )
add_library( secp256k1 ${SECP256K1_SOURCES} )
@ -75,26 +75,26 @@ else ( MSVC )
include(ExternalProject)
if ( MINGW )
ExternalProject_Add( project_secp256k1
PREFIX ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1-zkp
SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp
CONFIGURE_COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp/configure --prefix=${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1-zkp --with-bignum=no --host=x86_64-w64-mingw32
PREFIX ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1
SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1
CONFIGURE_COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1/configure --prefix=${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1 --with-bignum=no --host=x86_64-w64-mingw32 --enable-module-recovery
BUILD_COMMAND make
INSTALL_COMMAND true
BUILD_BYPRODUCTS ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1-zkp/src/project_secp256k1-build/.libs/libsecp256k1.a
BUILD_BYPRODUCTS ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1/src/project_secp256k1-build/.libs/libsecp256k1.a
)
else ( MINGW )
ExternalProject_Add( project_secp256k1
PREFIX ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1-zkp
SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp
CONFIGURE_COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp/configure --prefix=${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1-zkp --with-bignum=no
PREFIX ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1
SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1
CONFIGURE_COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1/configure --prefix=${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1 --with-bignum=no --enable-module-recovery
BUILD_COMMAND make
INSTALL_COMMAND true
BUILD_BYPRODUCTS ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1-zkp/src/project_secp256k1-build/.libs/libsecp256k1.a
BUILD_BYPRODUCTS ${CMAKE_CURRENT_BINARY_DIR}/vendor/secp256k1/src/project_secp256k1-build/.libs/libsecp256k1.a
)
endif ( MINGW )
ExternalProject_Add_Step(project_secp256k1 autogen
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp
COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp/autogen.sh
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1
COMMAND ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1/autogen.sh
DEPENDERS configure
)
@ -102,11 +102,11 @@ else ( MSVC )
add_library(secp256k1 STATIC IMPORTED)
set_property(TARGET secp256k1 PROPERTY IMPORTED_LOCATION ${binary_dir}/.libs/libsecp256k1${CMAKE_STATIC_LIBRARY_SUFFIX})
set_property(TARGET secp256k1 PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp/include)
set_property(TARGET secp256k1 PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1/include)
add_dependencies(secp256k1 project_secp256k1)
install( FILES ${binary_dir}/.libs/libsecp256k1${CMAKE_STATIC_LIBRARY_SUFFIX} DESTINATION lib/cryptonomex )
endif ( MSVC )
# End configure secp256k1-zkp
# End configure secp256k1
# Configure editline
if ( MSVC )
@ -400,7 +400,7 @@ target_include_directories(fc
${CMAKE_CURRENT_SOURCE_DIR}/vendor/websocketpp
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1-zkp
${CMAKE_CURRENT_SOURCE_DIR}/vendor/secp256k1
)
#target_link_libraries( fc PUBLIC ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${ZLIB_LIBRARIES} ${BZIP2_LIBRARIES} ${PLATFORM_SPECIFIC_LIBS} ${RPCRT4} ${CMAKE_DL_LIBS} ${rt_library} ${ECC_LIB} )

27
include/fc/crypto/elliptic.hpp
View file

@ -202,33 +202,6 @@ namespace fc {
uint64_t max_value;
};
commitment_type blind( const blind_factor_type& blind, uint64_t value );
blind_factor_type blind_sum( const std::vector<blind_factor_type>& blinds, uint32_t non_neg );
/** verifies taht commnits + neg_commits + excess == 0 */
bool verify_sum( const std::vector<commitment_type>& commits, const std::vector<commitment_type>& neg_commits, int64_t excess );
bool verify_range( uint64_t& min_val, uint64_t& max_val, const commitment_type& commit, const range_proof_type& proof );
range_proof_type range_proof_sign( uint64_t min_value,
const commitment_type& commit,
const blind_factor_type& commit_blind,
const blind_factor_type& nonce,
int8_t base10_exp,
uint8_t min_bits,
uint64_t actual_value
);
bool verify_range_proof_rewind( blind_factor_type& blind_out,
uint64_t& value_out,
string& message_out,
const blind_factor_type& nonce,
uint64_t& min_val,
uint64_t& max_val,
commitment_type commit,
const range_proof_type& proof );
range_proof_info range_get_info( const range_proof_type& proof );
} // namespace ecc
void to_variant( const ecc::private_key& var, variant& vo, uint32_t max_depth );
void from_variant( const variant& var, ecc::private_key& vo, uint32_t max_depth );

2
src/crypto/_elliptic_impl_priv.hpp
View file

@ -8,7 +8,7 @@
namespace fc { namespace ecc { namespace detail {
const secp256k1_context_t* _get_context();
const secp256k1_context* _get_context();
void _init_lib();
class private_key_impl

21
src/crypto/elliptic_impl_priv.cpp
View file

@ -1,6 +1,7 @@
#include <fc/fwd_impl.hpp>
#include <secp256k1.h>
#include <secp256k1_recovery.h>
#include "_elliptic_impl_priv.hpp"
@ -71,29 +72,35 @@ namespace fc { namespace ecc {
{
FC_ASSERT( my->_key != empty_priv );
public_key_data pub;
unsigned int pk_len;
FC_ASSERT( secp256k1_ec_pubkey_create( detail::_get_context(), (unsigned char*) pub.begin(), (int*) &pk_len, (unsigned char*) my->_key.data(), 1 ) );
secp256k1_pubkey pub_key;
FC_ASSERT( secp256k1_ec_pubkey_create( detail::_get_context(), &pub_key, (const unsigned char*) my->_key.data() ) );
size_t pk_len = pub.size();
FC_ASSERT( secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char *) pub.data, (size_t*) &pk_len, &pub_key, SECP256K1_EC_COMPRESSED ) );
FC_ASSERT( pk_len == pub.size() );
return public_key(pub);
}
static int extended_nonce_function( unsigned char *nonce32, const unsigned char *msg32,
const unsigned char *key32, unsigned int attempt,
const void *data ) {
const unsigned char *key32, const unsigned char *algo16,
void *data, unsigned int ) {
unsigned int* extra = (unsigned int*) data;
(*extra)++;
return secp256k1_nonce_function_default( nonce32, msg32, key32, *extra, nullptr );
return secp256k1_nonce_function_default( nonce32, msg32, key32, algo16, nullptr, *extra );
}
compact_signature private_key::sign_compact( const fc::sha256& digest, bool require_canonical )const
{
FC_ASSERT( my->_key != empty_priv );
compact_signature result;
int recid;
int recid = 0;
unsigned int counter = 0;
do
{
FC_ASSERT( secp256k1_ecdsa_sign_compact( detail::_get_context(), (unsigned char*) digest.data(), (unsigned char*) result.begin() + 1, (unsigned char*) my->_key.data(), extended_nonce_function, &counter, &recid ));
secp256k1_ecdsa_recoverable_signature sig;
FC_ASSERT( secp256k1_ecdsa_sign_recoverable( detail::_get_context(), &sig, (const unsigned char*) digest.data(), (const unsigned char*) my->_key.data(), extended_nonce_function, &counter ));
FC_ASSERT( secp256k1_ecdsa_recoverable_signature_serialize_compact( detail::_get_context(), (unsigned char*) result.begin() + 1, &recid, &sig));
} while( require_canonical && !public_key::is_canonical( result ) );
result.begin()[0] = 27 + 4 + recid;
return result;

6
src/crypto/elliptic_mixed.cpp
View file

@ -16,13 +16,13 @@
namespace fc { namespace ecc {
namespace detail
{
const secp256k1_context_t* _get_context() {
static secp256k1_context_t* ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN);
const secp256k1_context* _get_context() {
static secp256k1_context* ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN);
return ctx;
}
void _init_lib() {
static const secp256k1_context_t* ctx = _get_context();
static const secp256k1_context* ctx = _get_context();
static int init_o = init_openssl();
}
}

155
src/crypto/elliptic_secp256k1.cpp
View file

@ -11,6 +11,7 @@
#include <assert.h>
#include <secp256k1.h>
#include <secp256k1_recovery.h>
#if _WIN32
# include <malloc.h>
@ -23,13 +24,13 @@
namespace fc { namespace ecc {
namespace detail
{
const secp256k1_context_t* _get_context() {
static secp256k1_context_t* ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_RANGEPROOF | SECP256K1_CONTEXT_COMMIT );
const secp256k1_context* _get_context() {
static secp256k1_context* ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN );
return ctx;
}
void _init_lib() {
static const secp256k1_context_t* ctx = _get_context();
static const secp256k1_context* ctx = _get_context();
static int init_o = init_openssl();
(void)ctx;
(void)init_o;
@ -69,7 +70,16 @@ namespace fc { namespace ecc {
FC_ASSERT( my->_key != empty_priv );
FC_ASSERT( other.my->_key != empty_pub );
public_key_data pub(other.my->_key);
FC_ASSERT( secp256k1_ec_pubkey_tweak_mul( detail::_get_context(), (unsigned char*) pub.begin(), pub.size(), (unsigned char*) my->_key.data() ) );
secp256k1_pubkey pub_key;
FC_ASSERT( secp256k1_ec_pubkey_parse( detail::_get_context(), &pub_key, (const unsigned char*) pub.data, pub.size() ) );
FC_ASSERT( secp256k1_ec_pubkey_tweak_mul( detail::_get_context(), &pub_key, (const unsigned char*) my->_key.data() ) );
size_t pk_len = pub.size();
FC_ASSERT( secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char *) pub.data, (size_t*) &pk_len, &pub_key, SECP256K1_EC_COMPRESSED ) );
FC_ASSERT( pk_len == pub.size() );
return fc::sha512::hash( pub.begin() + 1, pub.size() - 1 );
}
@ -104,7 +114,16 @@ namespace fc { namespace ecc {
FC_ASSERT( my->_key != empty_pub );
public_key_data new_key;
memcpy( new_key.begin(), my->_key.begin(), new_key.size() );
FC_ASSERT( secp256k1_ec_pubkey_tweak_add( detail::_get_context(), (unsigned char*) new_key.begin(), new_key.size(), (unsigned char*) digest.data() ) );
secp256k1_pubkey pub_key;
FC_ASSERT( secp256k1_ec_pubkey_parse( detail::_get_context(), &pub_key, (const unsigned char*) new_key.data, new_key.size() ) );
FC_ASSERT( secp256k1_ec_pubkey_tweak_add( detail::_get_context(), &pub_key, (unsigned char*) digest.data() ) );
size_t pk_len = new_key.size();
FC_ASSERT( secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char *) new_key.data, (size_t*) &pk_len, &pub_key, SECP256K1_EC_COMPRESSED ) );
FC_ASSERT( pk_len == new_key.size() );
return public_key( new_key );
}
@ -124,9 +143,10 @@ namespace fc { namespace ecc {
{
FC_ASSERT( my->_key != empty_pub );
public_key_point_data dat;
unsigned int pk_len = my->_key.size();
memcpy( dat.begin(), my->_key.begin(), pk_len );
FC_ASSERT( secp256k1_ec_pubkey_decompress( detail::_get_context(), (unsigned char *) dat.begin(), (int*) &pk_len ) );
secp256k1_pubkey pubkey;
FC_ASSERT( secp256k1_ec_pubkey_parse( detail::_get_context(), &pubkey, (const unsigned char *) my->_key.data, my->_key.size() ) );
size_t pk_len = dat.size();
FC_ASSERT( secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char *) dat.begin(), (size_t*) &pk_len, &pubkey, SECP256K1_EC_UNCOMPRESSED ) );
FC_ASSERT( pk_len == dat.size() );
return dat;
}
@ -163,8 +183,14 @@ namespace fc { namespace ecc {
FC_ASSERT( is_canonical( c ), "signature is not canonical" );
}
unsigned int pk_len;
FC_ASSERT( secp256k1_ecdsa_recover_compact( detail::_get_context(), (unsigned char*) digest.data(), (unsigned char*) c.begin() + 1, (unsigned char*) my->_key.begin(), (int*) &pk_len, 1, (*c.begin() - 27) & 3 ) );
secp256k1_ecdsa_recoverable_signature sig;
FC_ASSERT( secp256k1_ecdsa_recoverable_signature_parse_compact( detail::_get_context(), &sig, (const unsigned char*) c.begin() + 1, (*c.begin() - 27) & 3 ) );
secp256k1_pubkey pubkey;
FC_ASSERT( secp256k1_ecdsa_recover( detail::_get_context(), &pubkey, &sig, (const unsigned char*) digest.data() ) );
size_t pk_len = my->_key.size();
FC_ASSERT( secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char *) my->_key.data, (size_t*) &pk_len, &pubkey, SECP256K1_EC_COMPRESSED ) );
FC_ASSERT( pk_len == my->_key.size() );
}
@ -180,7 +206,16 @@ namespace fc { namespace ecc {
fc::sha512 l = mac.digest( c.data(), c.data_size(), data.begin(), data.size() );
fc::sha256 left = detail::_left(l);
FC_ASSERT( left < detail::get_curve_order() );
FC_ASSERT( secp256k1_ec_pubkey_tweak_add( detail::_get_context(), (unsigned char*) key.begin(), key.size(), (unsigned char*) left.data() ) > 0 );
secp256k1_pubkey pub_key;
FC_ASSERT( secp256k1_ec_pubkey_parse( detail::_get_context(), &pub_key, (const unsigned char*) key.data, key.size() ) );
FC_ASSERT( secp256k1_ec_pubkey_tweak_add( detail::_get_context(), &pub_key, (unsigned char*) left.data() ) );
size_t pk_len = key.size();
FC_ASSERT( secp256k1_ec_pubkey_serialize( detail::_get_context(), (unsigned char *) key.data, (size_t*) &pk_len, &pub_key, SECP256K1_EC_COMPRESSED ) );
FC_ASSERT( pk_len == key.size() );
// FIXME: check validity - if left + key == infinity then invalid
extended_public_key result( key, detail::_right(l), i, fingerprint(), depth + 1 );
return result;
@ -201,102 +236,4 @@ namespace fc { namespace ecc {
return result;
}
commitment_type blind( const blind_factor_type& blind, uint64_t value )
{
commitment_type result;
FC_ASSERT( secp256k1_pedersen_commit( detail::_get_context(), (unsigned char*)&result, (unsigned char*)&blind, value ) );
return result;
}
blind_factor_type blind_sum( const std::vector<blind_factor_type>& blinds_in, uint32_t non_neg )
{
blind_factor_type result;
std::vector<const unsigned char*> blinds(blinds_in.size());
for( uint32_t i = 0; i < blinds_in.size(); ++i ) blinds[i] = (const unsigned char*)&blinds_in[i];
FC_ASSERT( secp256k1_pedersen_blind_sum( detail::_get_context(), (unsigned char*)&result, blinds.data(), blinds_in.size(), non_neg ) );
return result;
}
/** verifies taht commnits + neg_commits + excess == 0 */
bool verify_sum( const std::vector<commitment_type>& commits_in, const std::vector<commitment_type>& neg_commits_in, int64_t excess )
{
std::vector<const unsigned char*> commits(commits_in.size());
for( uint32_t i = 0; i < commits_in.size(); ++i ) commits[i] = (const unsigned char*)&commits_in[i];
std::vector<const unsigned char*> neg_commits(neg_commits_in.size());
for( uint32_t i = 0; i < neg_commits_in.size(); ++i ) neg_commits[i] = (const unsigned char*)&neg_commits_in[i];
return secp256k1_pedersen_verify_tally( detail::_get_context(), commits.data(), commits.size(), neg_commits.data(), neg_commits.size(), excess );
}
bool verify_range( uint64_t& min_val, uint64_t& max_val, const commitment_type& commit, const std::vector<char>& proof )
{
return secp256k1_rangeproof_verify( detail::_get_context(), &min_val, &max_val, (const unsigned char*)&commit, (const unsigned char*)proof.data(), proof.size() );
}
std::vector<char> range_proof_sign( uint64_t min_value,
const commitment_type& commit,
const blind_factor_type& commit_blind,
const blind_factor_type& nonce,
int8_t base10_exp,
uint8_t min_bits,
uint64_t actual_value
)
{
int proof_len = 5134;
std::vector<char> proof(proof_len);
FC_ASSERT( secp256k1_rangeproof_sign( detail::_get_context(),
(unsigned char*)proof.data(),
&proof_len, min_value,
(const unsigned char*)&commit,
(const unsigned char*)&commit_blind,
(const unsigned char*)&nonce,
base10_exp, min_bits, actual_value ) );
proof.resize(proof_len);
return proof;
}
bool verify_range_proof_rewind( blind_factor_type& blind_out,
uint64_t& value_out,
string& message_out,
const blind_factor_type& nonce,
uint64_t& min_val,
uint64_t& max_val,
commitment_type commit,
const std::vector<char>& proof )
{
char msg[4096];
int mlen = 0;
FC_ASSERT( secp256k1_rangeproof_rewind( detail::_get_context(),
(unsigned char*)&blind_out,
&value_out,
(unsigned char*)msg,
&mlen,
(const unsigned char*)&nonce,
&min_val,
&max_val,
(const unsigned char*)&commit,
(const unsigned char*)proof.data(),
proof.size() ) );
message_out = std::string( msg, mlen );
return true;
}
range_proof_info range_get_info( const std::vector<char>& proof )
{
range_proof_info result;
FC_ASSERT( secp256k1_rangeproof_info( detail::_get_context(),
(int*)&result.exp,
(int*)&result.mantissa,
(uint64_t*)&result.min_value,
(uint64_t*)&result.max_value,
(const unsigned char*)proof.data(),
(int)proof.size() ) );
return result;
}
} }

6
tests/CMakeLists.txt
View file

@ -5,11 +5,6 @@ target_link_libraries( bip_lock fc )
add_executable( api api.cpp )
target_link_libraries( api fc )
if( ECC_IMPL STREQUAL secp256k1 )
add_executable( blind all_tests.cpp crypto/blind.cpp )
target_link_libraries( blind fc )
endif()
add_executable( task_cancel_test all_tests.cpp thread/task_cancel.cpp )
target_link_libraries( task_cancel_test fc )
@ -41,7 +36,6 @@ add_executable( all_tests all_tests.cpp
crypto/aes_test.cpp
crypto/base_n_tests.cpp
crypto/bigint_test.cpp
crypto/blind.cpp
crypto/blowfish_test.cpp
crypto/dh_test.cpp
crypto/sha_tests.cpp

305
tests/blinding_test.cpp
View file

@ -1,305 +0,0 @@
#define BOOST_TEST_MODULE BlindingTest
#include <boost/test/unit_test.hpp>
#include <fc/array.hpp>
#include <fc/crypto/base58.hpp>
#include <fc/crypto/hex.hpp>
#include <fc/crypto/elliptic.hpp>
#include <fc/crypto/openssl.hpp>
#include <fc/exception/exception.hpp>
// See https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Test_Vectors
static fc::string TEST1_SEED = "000102030405060708090a0b0c0d0e0f";
static fc::string TEST1_M_PUB = "xpub661MyMwAqRbcFtXgS5sYJABqqG9YLmC4Q1Rdap9gSE8NqtwybGhePY2gZ29ESFjqJoCu1Rupje8YtGqsefD265TMg7usUDFdp6W1EGMcet8";
static fc::string TEST1_M_PRIV = "xprv9s21ZrQH143K3QTDL4LXw2F7HEK3wJUD2nW2nRk4stbPy6cq3jPPqjiChkVvvNKmPGJxWUtg6LnF5kejMRNNU3TGtRBeJgk33yuGBxrMPHi";
static fc::string TEST1_M_0H_PUB = "xpub68Gmy5EdvgibQVfPdqkBBCHxA5htiqg55crXYuXoQRKfDBFA1WEjWgP6LHhwBZeNK1VTsfTFUHCdrfp1bgwQ9xv5ski8PX9rL2dZXvgGDnw";
static fc::string TEST1_M_0H_PRIV = "xprv9uHRZZhk6KAJC1avXpDAp4MDc3sQKNxDiPvvkX8Br5ngLNv1TxvUxt4cV1rGL5hj6KCesnDYUhd7oWgT11eZG7XnxHrnYeSvkzY7d2bhkJ7";
static fc::string TEST1_M_0H_1_PUB = "xpub6ASuArnXKPbfEwhqN6e3mwBcDTgzisQN1wXN9BJcM47sSikHjJf3UFHKkNAWbWMiGj7Wf5uMash7SyYq527Hqck2AxYysAA7xmALppuCkwQ";
static fc::string TEST1_M_0H_1_PRIV = "xprv9wTYmMFdV23N2TdNG573QoEsfRrWKQgWeibmLntzniatZvR9BmLnvSxqu53Kw1UmYPxLgboyZQaXwTCg8MSY3H2EU4pWcQDnRnrVA1xe8fs";
static fc::string TEST1_M_0H_1_2H_PUB = "xpub6D4BDPcP2GT577Vvch3R8wDkScZWzQzMMUm3PWbmWvVJrZwQY4VUNgqFJPMM3No2dFDFGTsxxpG5uJh7n7epu4trkrX7x7DogT5Uv6fcLW5";
static fc::string TEST1_M_0H_1_2H_PRIV = "xprv9z4pot5VBttmtdRTWfWQmoH1taj2axGVzFqSb8C9xaxKymcFzXBDptWmT7FwuEzG3ryjH4ktypQSAewRiNMjANTtpgP4mLTj34bhnZX7UiM";
static fc::string TEST1_M_0H_1_2H_2_PUB = "xpub6FHa3pjLCk84BayeJxFW2SP4XRrFd1JYnxeLeU8EqN3vDfZmbqBqaGJAyiLjTAwm6ZLRQUMv1ZACTj37sR62cfN7fe5JnJ7dh8zL4fiyLHV";
static fc::string TEST1_M_0H_1_2H_2_PRIV = "xprvA2JDeKCSNNZky6uBCviVfJSKyQ1mDYahRjijr5idH2WwLsEd4Hsb2Tyh8RfQMuPh7f7RtyzTtdrbdqqsunu5Mm3wDvUAKRHSC34sJ7in334";
static fc::string TEST1_M_0H_1_2H_2_1g_PUB = "xpub6H1LXWLaKsWFhvm6RVpEL9P4KfRZSW7abD2ttkWP3SSQvnyA8FSVqNTEcYFgJS2UaFcxupHiYkro49S8yGasTvXEYBVPamhGW6cFJodrTHy";
static fc::string TEST1_M_0H_1_2H_2_1g_PRIV = "xprvA41z7zogVVwxVSgdKUHDy1SKmdb533PjDz7J6N6mV6uS3ze1ai8FHa8kmHScGpWmj4WggLyQjgPie1rFSruoUihUZREPSL39UNdE3BBDu76";
static fc::string TEST2_SEED = "fffcf9f6f3f0edeae7e4e1dedbd8d5d2cfccc9c6c3c0bdbab7b4b1aeaba8a5a29f9c999693908d8a8784817e7b7875726f6c696663605d5a5754514e4b484542";
static fc::string TEST2_M_PUB = "xpub661MyMwAqRbcFW31YEwpkMuc5THy2PSt5bDMsktWQcFF8syAmRUapSCGu8ED9W6oDMSgv6Zz8idoc4a6mr8BDzTJY47LJhkJ8UB7WEGuduB";
static fc::string TEST2_M_PRIV = "xprv9s21ZrQH143K31xYSDQpPDxsXRTUcvj2iNHm5NUtrGiGG5e2DtALGdso3pGz6ssrdK4PFmM8NSpSBHNqPqm55Qn3LqFtT2emdEXVYsCzC2U";
static fc::string TEST2_M_0_PUB = "xpub69H7F5d8KSRgmmdJg2KhpAK8SR3DjMwAdkxj3ZuxV27CprR9LgpeyGmXUbC6wb7ERfvrnKZjXoUmmDznezpbZb7ap6r1D3tgFxHmwMkQTPH";
static fc::string TEST2_M_0_PRIV = "xprv9vHkqa6EV4sPZHYqZznhT2NPtPCjKuDKGY38FBWLvgaDx45zo9WQRUT3dKYnjwih2yJD9mkrocEZXo1ex8G81dwSM1fwqWpWkeS3v86pgKt";
static fc::string TEST2_M_0_m1_PUB = "xpub6ASAVgeehLbnwdqV6UKMHVzgqAG8Gr6riv3Fxxpj8ksbH9ebxaEyBLZ85ySDhKiLDBrQSARLq1uNRts8RuJiHjaDMBU4Zn9h8LZNnBC5y4a";
static fc::string TEST2_M_0_m1_PRIV = "xprv9wSp6B7kry3Vj9m1zSnLvN3xH8RdsPP1Mh7fAaR7aRLcQMKTR2vidYEeEg2mUCTAwCd6vnxVrcjfy2kRgVsFawNzmjuHc2YmYRmagcEPdU9";
static fc::string TEST2_M_0_m1_1_PUB = "xpub6DF8uhdarytz3FWdA8TvFSvvAh8dP3283MY7p2V4SeE2wyWmG5mg5EwVvmdMVCQcoNJxGoWaU9DCWh89LojfZ537wTfunKau47EL2dhHKon";
static fc::string TEST2_M_0_m1_1_PRIV = "xprv9zFnWC6h2cLgpmSA46vutJzBcfJ8yaJGg8cX1e5StJh45BBciYTRXSd25UEPVuesF9yog62tGAQtHjXajPPdbRCHuWS6T8XA2ECKADdw4Ef";
static fc::string TEST2_M_0_m1_1_m2_PUB = "xpub6ERApfZwUNrhLCkDtcHTcxd75RbzS1ed54G1LkBUHQVHQKqhMkhgbmJbZRkrgZw4koxb5JaHWkY4ALHY2grBGRjaDMzQLcgJvLJuZZvRcEL";
static fc::string TEST2_M_0_m1_1_m2_PRIV = "xprvA1RpRA33e1JQ7ifknakTFpgNXPmW2YvmhqLQYMmrj4xJXXWYpDPS3xz7iAxn8L39njGVyuoseXzU6rcxFLJ8HFsTjSyQbLYnMpCqE2VbFWc";
static fc::string TEST2_M_0_m1_1_m2_2_PUB = "xpub6FnCn6nSzZAw5Tw7cgR9bi15UV96gLZhjDstkXXxvCLsUXBGXPdSnLFbdpq8p9HmGsApME5hQTZ3emM2rnY5agb9rXpVGyy3bdW6EEgAtqt";
static fc::string TEST2_M_0_m1_1_m2_2_PRIV = "xprvA2nrNbFZABcdryreWet9Ea4LvTJcGsqrMzxHx98MMrotbir7yrKCEXw7nadnHM8Dq38EGfSh6dqA9QWTyefMLEcBYJUuekgW4BYPJcr9E7j";
static fc::string BLIND_K_X = "08be5c5076f8cbd1283cf98e74bff873032b9bc79a0769962bf3900f33c2df6e";
static fc::string BLIND_T_X = "80deff382af8a8e4a5f297588e44d5bf858f30a524f74b13efcefeb54f4b3f47";
static fc::string BLINDED_HASH = "7196e80cdafdfdfb7496323ad24bf47dda8447febd7426e444facc04940c7309";
static fc::string BLIND_SIG = "40d6a477d849cc860df8ad159481f2ffc5b4dc3131b86a799d7d10460824dd53";
static fc::string UNBLINDED = "700092a72a05e33509f9b068aa1d7c5336d8b5692b4157da199d7ec1e10fd7c0";
/*
BOOST_AUTO_TEST_CASE(test_extended_keys_1)
{
char seed[16];
fc::from_hex( TEST1_SEED, seed, sizeof(seed) );
fc::ecc::extended_private_key master = fc::ecc::extended_private_key::generate_master( seed, sizeof(seed) );
BOOST_CHECK_EQUAL( master.str(), TEST1_M_PRIV );
BOOST_CHECK_EQUAL( master.get_extended_public_key().str(), TEST1_M_PUB );
BOOST_CHECK_EQUAL( fc::ecc::extended_private_key::from_base58(TEST1_M_PRIV).str(), TEST1_M_PRIV );
BOOST_CHECK_EQUAL( fc::ecc::extended_public_key::from_base58(TEST1_M_PUB).str(), TEST1_M_PUB );
BOOST_CHECK_EQUAL( fc::ecc::extended_private_key::from_base58(TEST1_M_0H_PRIV).str(), TEST1_M_0H_PRIV );
BOOST_CHECK_EQUAL( fc::ecc::extended_public_key::from_base58(TEST1_M_0H_PUB).str(), TEST1_M_0H_PUB );
fc::ecc::extended_private_key m_0 = master.derive_child(0x80000000);
BOOST_CHECK_EQUAL( m_0.str(), TEST1_M_0H_PRIV );
BOOST_CHECK_EQUAL( m_0.get_extended_public_key().str(), TEST1_M_0H_PUB );
fc::ecc::extended_private_key m_0_1 = m_0.derive_child(1);
BOOST_CHECK_EQUAL( m_0_1.str(), TEST1_M_0H_1_PRIV );
BOOST_CHECK_EQUAL( m_0_1.get_extended_public_key().str(), TEST1_M_0H_1_PUB );
BOOST_CHECK_EQUAL( m_0.get_extended_public_key().derive_child(1).str(), TEST1_M_0H_1_PUB );
fc::ecc::extended_private_key m_0_1_2 = m_0_1.derive_child(0x80000002);
BOOST_CHECK_EQUAL( m_0_1_2.str(), TEST1_M_0H_1_2H_PRIV );
BOOST_CHECK_EQUAL( m_0_1_2.get_extended_public_key().str(), TEST1_M_0H_1_2H_PUB );
fc::ecc::extended_private_key m_0_1_2_2 = m_0_1_2.derive_child(2);
BOOST_CHECK_EQUAL( m_0_1_2_2.str(), TEST1_M_0H_1_2H_2_PRIV );
BOOST_CHECK_EQUAL( m_0_1_2_2.get_extended_public_key().str(), TEST1_M_0H_1_2H_2_PUB );
BOOST_CHECK_EQUAL( m_0_1_2.get_extended_public_key().derive_child(2).str(), TEST1_M_0H_1_2H_2_PUB );
fc::ecc::extended_private_key m_0_1_2_2_1g = m_0_1_2_2.derive_child(1000000000);
BOOST_CHECK_EQUAL( m_0_1_2_2_1g.str(), TEST1_M_0H_1_2H_2_1g_PRIV );
BOOST_CHECK_EQUAL( m_0_1_2_2_1g.get_extended_public_key().str(), TEST1_M_0H_1_2H_2_1g_PUB );
BOOST_CHECK_EQUAL( m_0_1_2_2.get_extended_public_key().derive_child(1000000000).str(), TEST1_M_0H_1_2H_2_1g_PUB );
}
BOOST_AUTO_TEST_CASE(test_extended_keys_2)
{
char seed[64];
fc::from_hex( TEST2_SEED, seed, sizeof(seed) );
fc::ecc::extended_private_key master = fc::ecc::extended_private_key::generate_master( seed, sizeof(seed) );
BOOST_CHECK_EQUAL( master.str(), TEST2_M_PRIV );
BOOST_CHECK_EQUAL( master.get_extended_public_key().str(), TEST2_M_PUB );
fc::ecc::extended_private_key m_0 = master.derive_child(0);
BOOST_CHECK_EQUAL( m_0.str(), TEST2_M_0_PRIV );
BOOST_CHECK_EQUAL( m_0.get_extended_public_key().str(), TEST2_M_0_PUB );
BOOST_CHECK_EQUAL( master.get_extended_public_key().derive_child(0).str(), TEST2_M_0_PUB );
fc::ecc::extended_private_key m_0_m1 = m_0.derive_child(-1);
BOOST_CHECK_EQUAL( m_0_m1.str(), TEST2_M_0_m1_PRIV );
BOOST_CHECK_EQUAL( m_0_m1.get_extended_public_key().str(), TEST2_M_0_m1_PUB );
fc::ecc::extended_private_key m_0_m1_1 = m_0_m1.derive_child(1);
BOOST_CHECK_EQUAL( m_0_m1_1.str(), TEST2_M_0_m1_1_PRIV );
BOOST_CHECK_EQUAL( m_0_m1_1.get_extended_public_key().str(), TEST2_M_0_m1_1_PUB );
BOOST_CHECK_EQUAL( m_0_m1.get_extended_public_key().derive_child(1).str(), TEST2_M_0_m1_1_PUB );
fc::ecc::extended_private_key m_0_m1_1_m2 = m_0_m1_1.derive_child(-2);
BOOST_CHECK_EQUAL( m_0_m1_1_m2.str(), TEST2_M_0_m1_1_m2_PRIV );
BOOST_CHECK_EQUAL( m_0_m1_1_m2.get_extended_public_key().str(), TEST2_M_0_m1_1_m2_PUB );
fc::ecc::extended_private_key m_0_m1_1_m2_2 = m_0_m1_1_m2.derive_child(2);
BOOST_CHECK_EQUAL( m_0_m1_1_m2_2.str(), TEST2_M_0_m1_1_m2_2_PRIV );
BOOST_CHECK_EQUAL( m_0_m1_1_m2_2.get_extended_public_key().str(), TEST2_M_0_m1_1_m2_2_PUB );
BOOST_CHECK_EQUAL( m_0_m1_1_m2.get_extended_public_key().derive_child(2).str(), TEST2_M_0_m1_1_m2_2_PUB );
}
//static void print(const unsigned char* data, int len) {
// for (int i = 0; i < len; i++) {
// printf("%02x", *data++);
// }
//}
BOOST_AUTO_TEST_CASE(test_blinding_1)
{
char buffer[7] = "test_";
fc::ecc::extended_private_key alice = fc::ecc::extended_private_key::generate_master( "master" );
fc::ecc::extended_private_key bob = fc::ecc::extended_private_key::generate_master( "puppet" );
for ( int i = 0; i < 30; i++ )
{
buffer[5] = '0' + i;
fc::ecc::extended_public_key bob_pub = bob.get_extended_public_key();
fc::sha256 hash = fc::sha256::hash( buffer, sizeof(buffer) );
fc::ecc::public_key t = alice.blind_public_key( bob_pub, i );
fc::ecc::blinded_hash blinded = alice.blind_hash( hash, i );
fc::ecc::blind_signature blind_sig = bob.blind_sign( blinded, i );
try {
fc::ecc::compact_signature sig = alice.unblind_signature( bob_pub, blind_sig, hash, i );
fc::ecc::public_key validate( sig, hash );
// printf("Validated: "); print((unsigned char*) validate.serialize().begin(), 33);
// printf("\nT: "); print((unsigned char*) t.serialize().begin(), 33); printf("\n");
BOOST_CHECK( validate.serialize() == t.serialize() );
} catch (const fc::exception& e) {
printf( "Test %d: %s\n", i, e.to_string().c_str() );
}
alice = alice.derive_child( i );
bob = bob.derive_child( i | 0x80000000 );
}
}
BOOST_AUTO_TEST_CASE(test_blinding_2)
{
char message[7] = "test_0";
fc::ecc::extended_private_key alice = fc::ecc::extended_private_key::generate_master( "master" );
fc::ecc::extended_private_key bob = fc::ecc::extended_private_key::generate_master( "puppet" );
fc::ecc::extended_public_key bob_pub = bob.get_extended_public_key();
fc::sha256 hash = fc::sha256::hash( message, sizeof(message) );
fc::ecc::public_key t = alice.blind_public_key( bob_pub, 0 );
fc::ecc::public_key_data pub = t.serialize();
char buffer[32];
fc::from_hex( BLIND_T_X, buffer, sizeof(buffer) );
BOOST_CHECK( !memcmp( pub.begin() + 1, buffer, sizeof(buffer) ) );
fc::ecc::blinded_hash blinded = alice.blind_hash( hash, 0 );
fc::from_hex( BLINDED_HASH, buffer, sizeof(buffer) );
BOOST_CHECK( !memcmp( blinded.data(), buffer, sizeof(buffer) ) );
fc::ecc::blind_signature blind_sig = bob.blind_sign( blinded, 0 );
fc::from_hex( BLIND_SIG, buffer, sizeof(buffer) );
BOOST_CHECK( !memcmp( blind_sig.data(), buffer, sizeof(buffer) ) );
fc::ecc::compact_signature sig = alice.unblind_signature( bob_pub, blind_sig, hash, 0 );
fc::from_hex( BLIND_K_X, buffer, sizeof(buffer) );
BOOST_CHECK( !memcmp( sig.begin() + 1, buffer, sizeof(buffer) ) );
fc::from_hex( UNBLINDED, buffer, sizeof(buffer) );
BOOST_CHECK( !memcmp( sig.begin() + 33, buffer, sizeof(buffer) ) );
}
static void to_bignum(const char* data32, fc::ssl_bignum& out) {
unsigned char dummy[33]; dummy[0] = 0;
memcpy(dummy, data32, 32);
BN_bin2bn((unsigned char*) data32, 32, out);
}
//static void print(const fc::sha256 hash) {
// print((unsigned char*) hash.data(), hash.data_size());
//}
//
//static void print(const BIGNUM* bn) {
// unsigned char buffer[64];
// int len = BN_num_bytes(bn);
// if (len > sizeof(buffer)) {
// printf("BN too long - %d bytes?!", len);
// return;
// }
// BN_bn2bin(bn, buffer);
// print(buffer, len);
//}
//
//static void print(const fc::ec_group& curve, const fc::ec_point& p, fc::bn_ctx& ctx) {
// fc::ssl_bignum x;
// fc::ssl_bignum y;
// EC_POINT_get_affine_coordinates_GFp(curve, p, x, y, ctx);
// printf("(");
// print(x);
// printf(", ");
// print(y);
// printf(")");
//}
namespace fc {
SSL_TYPE(ec_key, EC_KEY, EC_KEY_free)
}
BOOST_AUTO_TEST_CASE(openssl_blinding)
{
// Needed this "test" for producing data for debugging my libsecp256k1 implementation
char buffer[7] = "test_0";
fc::ecc::extended_private_key alice = fc::ecc::extended_private_key::generate_master( "master" );
fc::ecc::extended_private_key bob = fc::ecc::extended_private_key::generate_master( "puppet" );
fc::ec_group curve(EC_GROUP_new_by_curve_name(NID_secp256k1));
fc::bn_ctx ctx(BN_CTX_new());
fc::ssl_bignum n;
EC_GROUP_get_order(curve, n, ctx);
fc::ssl_bignum n_half;
BN_rshift1(n_half, n);
fc::ssl_bignum zero; BN_zero(zero);
fc::sha256 hash_ = fc::sha256::hash( buffer, sizeof(buffer) );
fc::ssl_bignum hash; to_bignum(hash_.data(), hash);
fc::ssl_bignum a; to_bignum(alice.derive_hardened_child(0).get_secret().data(), a);
fc::ssl_bignum b; to_bignum(alice.derive_hardened_child(1).get_secret().data(), b);
fc::ssl_bignum c; to_bignum(alice.derive_hardened_child(2).get_secret().data(), c);
fc::ssl_bignum d; to_bignum(alice.derive_hardened_child(3).get_secret().data(), d);
fc::ec_point P(EC_POINT_new(curve));
fc::ecc::public_key_data Pd = bob.get_extended_public_key().derive_child(0).serialize();
fc::ssl_bignum Px; to_bignum(Pd.begin() + 1, Px);
EC_POINT_set_compressed_coordinates_GFp(curve, P, Px, (*Pd.begin()) & 1, ctx);
fc::ec_point Q(EC_POINT_new(curve));
fc::ecc::public_key_data Qd = bob.get_extended_public_key().derive_child(1).serialize();
fc::ssl_bignum Qx; to_bignum(Qd.begin() + 1, Qx);
EC_POINT_set_compressed_coordinates_GFp(curve, Q, Qx, (*Qd.begin()) & 1, ctx);
// Alice computes K = (c·a)^-1·P and public key T = (a·Kx)^-1·(b·G + Q + d·c^-1·P).
fc::ec_point K(EC_POINT_new(curve));
fc::ssl_bignum tmp;
BN_mod_mul(tmp, a, c, n, ctx);
BN_mod_inverse(tmp, tmp, n, ctx);
EC_POINT_mul(curve, K, zero, P, tmp, ctx);
fc::ec_point T(EC_POINT_new(curve));
BN_mod_inverse(tmp, c, n, ctx);
BN_mod_mul(tmp, d, tmp, n, ctx);
EC_POINT_mul(curve, T, b, P, tmp, ctx);
EC_POINT_add(curve, T, T, Q, ctx);
fc::ssl_bignum Kx;
fc::ssl_bignum Ky;
EC_POINT_get_affine_coordinates_GFp(curve, K, Kx, Ky, ctx);
BN_mod_mul(tmp, a, Kx, n, ctx);
BN_mod_inverse(tmp, tmp, n, ctx);
EC_POINT_mul(curve, T, zero, T, tmp, ctx);
fc::ssl_bignum blinded;
BN_mod_mul(blinded, a, hash, n, ctx);
BN_mod_add(blinded, blinded, b, n, ctx);
fc::ssl_bignum p; to_bignum(bob.derive_normal_child(0).get_secret().data(), p);
fc::ssl_bignum q; to_bignum(bob.derive_normal_child(1).get_secret().data(), q);
BN_mod_inverse(p, p, n, ctx);
BN_mod_mul(q, q, p, n, ctx);
fc::ssl_bignum blind_sig;
BN_mod_mul(blind_sig, p, blinded, n, ctx);
BN_mod_add(blind_sig, blind_sig, q, n, ctx);
fc::ecdsa_sig sig(ECDSA_SIG_new());
BN_copy(sig->r, Kx);
BN_mod_mul(sig->s, c, blind_sig, n, ctx);
BN_mod_add(sig->s, sig->s, d, n, ctx);
if (BN_cmp(sig->s, n_half) > 0) {
BN_sub(sig->s, n, sig->s);
}
fc::ec_key verify(EC_KEY_new());
EC_KEY_set_public_key(verify, T);
BOOST_CHECK( ECDSA_do_verify( (unsigned char*) hash_.data(), hash_.data_size(), sig, verify ) );
// printf("a: "); print(a);
// printf("\nb: "); print(b);
// printf("\nc: "); print(c);
// printf("\nd: "); print(d);
// printf("\nP: "); print(curve, P, ctx);
// printf("\nQ: "); print(curve, Q, ctx);
// printf("\nK: "); print(curve, K, ctx);
// printf("\nT: "); print(curve, T, ctx);
// printf("\np: "); print(p);
// printf("\nq: "); print(q);
// printf("\nhash: "); print(hash_);
// printf("\nblinded: "); print(blinded);
// printf("\nblind_sig: "); print(blind_sig);
// printf("\nunblinded: "); print(sig->s);
// printf("\n");
}
*/

113
tests/crypto/blind.cpp
View file

@ -1,113 +0,0 @@
#include <boost/test/unit_test.hpp>
#include <fc/crypto/elliptic.hpp>
#include <fc/log/logger.hpp>
#include <fc/io/raw.hpp>
#include <fc/variant.hpp>
#include <fc/reflect/variant.hpp>
BOOST_AUTO_TEST_SUITE(fc_crypto)
BOOST_AUTO_TEST_CASE(blind_test)
{
try {
auto InB1 = fc::sha256::hash("InB1");
auto InB2 = fc::sha256::hash("InB2");
auto OutB1 = fc::sha256::hash("OutB1");
auto InC1 = fc::ecc::blind(InB1,25);
auto InC2 = fc::ecc::blind(InB2,75);
auto OutC1 = fc::ecc::blind(OutB1,40);
auto OutB2 = fc::ecc::blind_sum( {InB1,InB2,OutB1}, 2 );
auto OutC2 = fc::ecc::blind( OutB2, 60 );
/*
FC_ASSERT( fc::ecc::verify_sum( {},{InC1,InC2}, 100 ) );
FC_ASSERT( fc::ecc::verify_sum( {InC1,InC2}, {}, -100 ) );
*/
//FC_ASSERT( fc::ecc::verify_sum( {InC1,InC2}, {OutC1}, -60 ) );
BOOST_CHECK( fc::ecc::verify_sum( {InC1,InC2}, {OutC1,OutC2}, 0 ) );
auto nonce = fc::sha256::hash("nonce");
auto proof = fc::ecc::range_proof_sign( 0, OutC1, OutB1, nonce, 0, 0, 40 );
// wdump( (proof.size()));
auto result = fc::ecc::range_get_info( proof );
// wdump((result));
BOOST_CHECK( result.max_value >= 60 );
BOOST_CHECK( result.min_value >= 0 );
auto B1 = fc::sha256::hash("B1");
auto B2 = fc::sha256::hash("B2");
auto b3 = fc::sha256::hash("b3");
auto B4 = fc::sha256::hash("B4");
auto C1 = fc::ecc::blind( B1, 1 );
auto C2 = fc::ecc::blind( B2, 2 );
/*auto c3 = */fc::ecc::blind( b3, 3 );
/*auto C4 = */fc::ecc::blind( B4, -1 );
auto B3 = fc::ecc::blind_sum( {B1,B2}, 2 );
auto C3 = fc::ecc::blind( B3, 3 );
auto B2m1 = fc::ecc::blind_sum( {B2,B1}, 1 );
/*auto C2m1 = */fc::ecc::blind( B2m1, 1 );
BOOST_CHECK( fc::ecc::verify_sum( {C1,C2}, {C3}, 0 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C1,C2}, {C3}, 0 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C3}, {C1,C2}, 0 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C3}, {C1,C2}, 0 ) );
{
auto B1 = fc::sha256::hash("B1");
/*auto B2 = */fc::sha256::hash("B2");
/*auto B3 = */fc::sha256::hash("B3");
/*auto B4 = */fc::sha256::hash("B4");
//secp256k1_scalar_get_b32((unsigned char*)&B1, (const secp256k1_scalar_t*)&B2);
//B1 = fc::variant("b2e5da56ef9f2a34d3e22fd12634bc99261e95c87b9960bf94ed3d27b30").as<fc::sha256>();
auto C1 = fc::ecc::blind( B1, INT64_MAX );
auto C2 = fc::ecc::blind( B1, 0 );
auto C3 = fc::ecc::blind( B1, 1 );
/*auto C4 = */fc::ecc::blind( B1, 2 );
BOOST_CHECK( fc::ecc::verify_sum( {C2}, {C3}, -1 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C1}, {C1}, 0 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C2}, {C2}, 0 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C3}, {C2}, 1 ) );
BOOST_CHECK( fc::ecc::verify_sum( {C1}, {C2}, INT64_MAX ) );
BOOST_CHECK( fc::ecc::verify_sum( {C1}, {C2}, INT64_MAX ) );
BOOST_CHECK( fc::ecc::verify_sum( {C2}, {C1}, -INT64_MAX ) );
}
{
auto Out1 = fc::sha256::hash("B1");
auto Out2 = fc::sha256::hash("B2");
auto OutC1 = fc::ecc::blind( Out1, 250 );
auto OutC2 = fc::ecc::blind( Out2, 750 );
auto InBlind = fc::ecc::blind_sum( {Out1,Out2}, 2 );
auto InC = fc::ecc::blind( InBlind, 1000 );
auto In0 = fc::ecc::blind( InBlind, 0 );
BOOST_CHECK( fc::ecc::verify_sum( {InC}, {OutC1,OutC2}, 0 ) );
BOOST_CHECK( fc::ecc::verify_sum( {InC}, {In0}, 1000 ) );
}
}
catch ( const fc::exception& e )
{
edump((e.to_detail_string()));
}
}
BOOST_AUTO_TEST_SUITE_END()

1
vendor/secp256k1 vendored Submodule

@ -0,0 +1 @@
Subproject commit 1c3616f9f6f8ec4cd88eaccbae08b8cbb04ea326