nitowa
/
RJSVM
關注 1
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 提交
1 分支
目錄樹: 270c41a3dc
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 '270c41a3dc'
${ noResults }
RJSVM/node_modules/tiny-secp256k1/scripts/privates.cpp

privates.cpp 5.1KB
歷史記錄 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138 
  1. #include <iostream>

  2. #include <vector>

  3. #include "shared.hpp"

  4. 

  5. struct IP { uint8_t_32 a = {}; bool e = false; std::string desc = ""; };

  6. struct PA { uint8_t_32 a; uint8_t_32 b; uint8_t_32 e = Null<uint8_t_32>(); std::string except = ""; std::string desc = ""; };

  7. 

  8. void generate (std::ostream& o) {

  9. 	///////////////////////////////// isPrivate

  10. 

  11. 	// edge cases (verify)

  12. 	//   from https://github.com/bitcoin-core/secp256k1/blob/6ad5cdb42a1a8257289a0423d644dcbdeab0f83c/src/tests.c

  13. 	std::vector<IP> ip = {

  14. 		{ ZERO, false, "== 0" }, // #L3145

  15. 		{ ONE, true, "== 1" }, // #L3153

  16. 		{ GROUP_ORDER_LESS_1, true, "== G - 1" }, // #L3171

  17. 		{ GROUP_ORDER, false, "== G" }, // #L3115

  18. 		{ GROUP_ORDER_OVER_1, false, "> G" }, // #L3162

  19. 		{ UINT256_MAX, false, "2^256 - 1" }, // #L3131

  20. 	};

  21. 

  22. 	// fuzz

  23. 	for (size_t i = 0; i < 1000; ++i) {

  24. 		ip.push_back({ randomPrivate(), true });

  25. 	}

  26. 	for (size_t i = 0; i < 1000; ++i) {

  27. 		const auto key = randomScalarHigh();

  28. 		const auto verified = secp256k1_ec_seckey_verify(ctx, key.data());

  29. 

  30. 		ip.push_back({ key, verified });

  31. 	}

  32. 

  33. 	///////////////////////////////// privateAdd

  34. 	std::vector<PA> pa;

  35. 

  36. 	// visually inspected

  37. 	//   covers https://github.com/bitcoin-core/secp256k1/blob/6ad5cdb42a1a8257289a0423d644dcbdeab0f83c/src/tests.c

  38. 	pa.push_back({ ONE, ZERO, ONE, "", "1 + 0 == 1" });

  39. 	for (size_t i = 1; i < 5; ++i) pa.push_back({ ONE, scalarFromUInt32(i), scalarFromUInt32(1 + i) });

  40. 	for (size_t i = 1; i < 5; ++i) pa.push_back({ scalarFromUInt32(i), TWO, scalarFromUInt32(i + 2) });

  41. 

  42. 	pa.push_back({ ONE, GROUP_ORDER_LESS_1, Null<uint8_t_32>(), "", "1 + -1 == 0" });

  43. 	pa.push_back({ ONE, GROUP_ORDER_LESS_2, GROUP_ORDER_LESS_1, "", "1 + -2 == -1" });

  44. 	pa.push_back({ ONE, GROUP_ORDER_LESS_3, GROUP_ORDER_LESS_2, "", "1 + -3 == -2" });

  45. 	pa.push_back({ GROUP_ORDER_LESS_1, GROUP_ORDER_LESS_1, GROUP_ORDER_LESS_2 });

  46. 	pa.push_back({ GROUP_ORDER_LESS_2, GROUP_ORDER_LESS_1, GROUP_ORDER_LESS_3 });

  47. 	pa.push_back({ GROUP_ORDER_LESS_3, ONE, GROUP_ORDER_LESS_2 });

  48. 	pa.push_back({ GROUP_ORDER_LESS_3, TWO, GROUP_ORDER_LESS_1, "", "-3 + 2 == -1" });

  49. 	pa.push_back({ GROUP_ORDER_LESS_3, THREE, Null<uint8_t_32>(), "", "-3 + 3 == 0" });

  50. 

  51. 	// fuzz

  52. 	for (size_t i = 0; i < 10000; ++i) {

  53. 		const auto paPush = [&](const auto k, const auto t) {

  54. 			bool ok = true;

  55. 			const auto expected = _privAdd(k, t, ok);

  56. 			if (ok) pa.push_back({ k, t, expected });

  57. 			else pa.push_back({ k, t, Null<uint8_t_32>() });

  58. 		};

  59. 

  60. 		paPush(randomPrivate(), randomPrivate());

  61. 		paPush(randomPrivateHigh(), randomPrivateLow());

  62. 		paPush(randomPrivateLow(), randomPrivateHigh());

  63. 	}

  64. 

  65. 	std::vector<PA> paf;

  66. 	for (const auto x : BAD_PRIVATES) paf.push_back({ x.a, ONE, {}, THROW_BAD_PRIVATE, x.desc });

  67. 	for (const auto x : BAD_TWEAKS) paf.push_back({ ONE, x.a, {}, THROW_BAD_TWEAK, x.desc });

  68. 

  69. 	///////////////////////////////// privateSub

  70. 	std::vector<PA> ps;

  71. 

  72. 	// visually inspected

  73. 	//   covers https://github.com/bitcoin-core/secp256k1/blob/6ad5cdb42a1a8257289a0423d644dcbdeab0f83c/src/tests.c

  74. 	ps.push_back({ ONE, ZERO, ONE, "", "1 - 0 == 1" });

  75. 	for (size_t i = 2; i < 7; ++i) ps.push_back({ scalarFromUInt32(i), ONE, scalarFromUInt32(i - 1) });

  76. 	for (size_t i = 1; i < 10; ++i) ps.push_back({ scalarFromUInt32(10), scalarFromUInt32(i), scalarFromUInt32(10 - i) });

  77. 

  78. 	ps.push_back({ ONE, ONE, Null<uint8_t_32>(), "", "1 - 1 == 0" });

  79. 	ps.push_back({ THREE, THREE, Null<uint8_t_32>(), "", "3 - 3 == 0" });

  80. 	ps.push_back({ GROUP_ORDER_LESS_1, ONE, GROUP_ORDER_LESS_2 });

  81. 	ps.push_back({ GROUP_ORDER_LESS_2, ONE, GROUP_ORDER_LESS_3 });

  82. 	ps.push_back({ GROUP_ORDER_LESS_1, GROUP_ORDER_LESS_2, ONE });

  83. 	ps.push_back({ GROUP_ORDER_LESS_2, GROUP_ORDER_LESS_3, ONE });

  84. 

  85. 	// fuzz

  86. 	for (size_t i = 0; i < 1000; ++i) {

  87. 		const auto psPush = [&](const auto k, const auto t) {

  88. 			bool ok = true;

  89. 			const auto expected = _privSub(k, t, ok);

  90. 			if (ok) ps.push_back({ k, t, expected });

  91. 			else ps.push_back({ k, t, Null<uint8_t_32>() });

  92. 		};

  93. 

  94. 		psPush(randomPrivate(), randomPrivate());

  95. 		psPush(randomPrivateHigh(), randomPrivateLow());

  96. 		psPush(randomPrivateLow(), randomPrivateHigh());

  97. 	}

  98. 

  99. 	std::vector<PA> psf;

  100. 	for (const auto x : BAD_PRIVATES) psf.push_back({ x.a, ONE, {}, THROW_BAD_PRIVATE, x.desc });

  101. 	for (const auto x : BAD_TWEAKS) psf.push_back({ ONE, x.a, {}, THROW_BAD_TWEAK, x.desc });

  102. 

  103. 	// dump JSON

  104. 	const auto jPA = [](auto x) {

  105. 		return jsonifyO({

  106. 			x.desc.empty() ? "" : jsonp("description", jsonify(x.desc)),

  107. 			jsonp("d", jsonify(x.a)),

  108. 			jsonp("tweak", jsonify(x.b)),

  109. 			x.except.empty() ? jsonp("expected", isNull(x.e) ? "null" : jsonify(x.e)) : "",

  110. 			x.except.empty() ? "" : jsonp("exception", jsonify(x.except))

  111. 		});

  112. 	};

  113. 

  114. 	o << jsonifyO({

  115. 		jsonp("valid", jsonifyO({

  116. 			jsonp("isPrivate", jsonifyA(ip, [](auto x) {

  117. 				return jsonifyO({

  118. 					x.desc.empty() ? "" : jsonp("description", jsonify(x.desc)),

  119. 					jsonp("d", jsonify(x.a)),

  120. 					jsonp("expected", jsonify(x.e))

  121. 				});

  122. 			})),

  123. 			jsonp("privateAdd", jsonifyA(pa, jPA)),

  124. 			jsonp("privateSub", jsonifyA(ps, jPA))

  125. 		})),

  126. 		jsonp("invalid", jsonifyO({

  127. 			jsonp("privateAdd", jsonifyA(paf, jPA)),

  128. 			jsonp("privateSub", jsonifyA(psf, jPA))

  129. 		}))

  130. 	});

  131. }

  132. 

  133. int main () {

  134. 	_ec_init();

  135. 	generate(std::cout);

  136. 

  137. 	return 0;

  138. }