diff --git a/src/suites/bandersnatch.rs b/src/suites/bandersnatch.rs index 5c509da..a070049 100644 --- a/src/suites/bandersnatch.rs +++ b/src/suites/bandersnatch.rs @@ -62,6 +62,9 @@ pub mod weierstrass { suite_types!(BandersnatchSha512); + #[cfg(test)] + suite_tests!(BandersnatchSha512, true); + impl Suite for BandersnatchSha512 { const SUITE_ID: u8 = CUSTOM_SUITE_ID_FLAG | 0x03; const CHALLENGE_LEN: usize = 32; @@ -111,56 +114,6 @@ pub mod weierstrass { pub type Verifier = ring::Verifier; pub type Proof = ring::Proof; } - - // sage: q = 52435875175126190479447740508185965837690552500527637822603658699938581184513 - // sage: Fq = GF(q) - // sage: MONT_A = 29978822694968839326280996386011761570173833766074948509196803838190355340952 - // sage: MONT_B = 25465760566081946422412445027709227188579564747101592991722834452325077642517 - // sage: MONT_A/Fq(3) = 9992940898322946442093665462003920523391277922024982836398934612730118446984 - // sage: Fq(1)/MONT_B = 41180284393978236561320365279764246793818536543197771097409483252169927600582 - impl MapConfig for ark_ed_on_bls12_381_bandersnatch::BandersnatchConfig { - const MONT_A_OVER_THREE: ark_ed_on_bls12_381_bandersnatch::Fq = - MontFp!("9992940898322946442093665462003920523391277922024982836398934612730118446984"); - const MONT_B_INV: ark_ed_on_bls12_381_bandersnatch::Fq = MontFp!( - "41180284393978236561320365279764246793818536543197771097409483252169927600582" - ); - } - - #[cfg(test)] - mod test { - use super::*; - - // TODO: use macro to build all tests - #[test] - fn ietf_prove_verify() { - testing::ietf_prove_verify::(); - } - - #[test] - fn prove_verify_pedersen() { - testing::pedersen_prove_verify::(); - } - - #[cfg(feature = "ring")] - #[test] - fn ring_prove_verify() { - testing::ring_prove_verify::() - } - - #[test] - fn sw_to_te_roundtrip() { - use crate::{testing, utils::ark_next}; - use ark_ed_on_bls12_381_bandersnatch::{BandersnatchConfig, SWAffine}; - - let org_point = testing::random_val::(None); - - let te_point = ark_next::map_sw_to_te::(&org_point).unwrap(); - assert!(te_point.is_on_curve()); - - let sw_point = ark_next::map_te_to_sw::(&te_point).unwrap(); - assert!(sw_point.is_on_curve()); - } - } } pub mod edwards { @@ -171,6 +124,9 @@ pub mod edwards { suite_types!(BandersnatchSha512Edwards); + #[cfg(test)] + suite_tests!(BandersnatchSha512Edwards); + impl Suite for BandersnatchSha512Edwards { const SUITE_ID: u8 = CUSTOM_SUITE_ID_FLAG | 0x04; const CHALLENGE_LEN: usize = 32; @@ -190,19 +146,34 @@ pub mod edwards { AffinePoint::new_unchecked(X, Y) }; } +} - #[cfg(test)] - mod test { - use super::*; +// sage: q = 52435875175126190479447740508185965837690552500527637822603658699938581184513 +// sage: Fq = GF(q) +// sage: MONT_A = 29978822694968839326280996386011761570173833766074948509196803838190355340952 +// sage: MONT_B = 25465760566081946422412445027709227188579564747101592991722834452325077642517 +// sage: MONT_A/Fq(3) = 9992940898322946442093665462003920523391277922024982836398934612730118446984 +// sage: Fq(1)/MONT_B = 41180284393978236561320365279764246793818536543197771097409483252169927600582 +impl MapConfig for ark_ed_on_bls12_381_bandersnatch::BandersnatchConfig { + const MONT_A_OVER_THREE: ark_ed_on_bls12_381_bandersnatch::Fq = + MontFp!("9992940898322946442093665462003920523391277922024982836398934612730118446984"); + const MONT_B_INV: ark_ed_on_bls12_381_bandersnatch::Fq = + MontFp!("41180284393978236561320365279764246793818536543197771097409483252169927600582"); +} - #[test] - fn ietf_prove_verify() { - testing::ietf_prove_verify::(); - } +#[cfg(test)] +mod tests { + use crate::{testing, utils::ark_next}; + use ark_ed_on_bls12_381_bandersnatch::{BandersnatchConfig, SWAffine}; - #[test] - fn prove_verify_pedersen() { - testing::pedersen_prove_verify::(); - } + #[test] + fn sw_to_te_roundtrip() { + let org_point = testing::random_val::(None); + + let te_point = ark_next::map_sw_to_te::(&org_point).unwrap(); + assert!(te_point.is_on_curve()); + + let sw_point = ark_next::map_te_to_sw::(&te_point).unwrap(); + assert!(sw_point.is_on_curve()); } } diff --git a/src/suites/ed25519.rs b/src/suites/ed25519.rs index b201eb5..5d54fcb 100644 --- a/src/suites/ed25519.rs +++ b/src/suites/ed25519.rs @@ -46,13 +46,17 @@ //! Section 5.4.1.1, with interpret_hash_value_as_a_point(s) = //! string_to_point(s[0]...s[31]). -use crate::*; +use crate::{pedersen::PedersenSuite, *}; +use ark_ff::MontFp; #[derive(Copy, Clone)] pub struct Ed25519Sha512; suite_types!(Ed25519Sha512); +#[cfg(test)] +suite_tests!(Ed25519Sha512); + impl Suite for Ed25519Sha512 { const SUITE_ID: u8 = CUSTOM_SUITE_ID_FLAG | 0x03; const CHALLENGE_LEN: usize = 16; @@ -60,3 +64,14 @@ impl Suite for Ed25519Sha512 { type Affine = ark_ed25519::EdwardsAffine; type Hasher = sha2::Sha512; } + +impl PedersenSuite for Ed25519Sha512 { + const BLINDING_BASE: AffinePoint = { + const X: BaseField = + MontFp!("1181072390894490040170698195029164902368238760122173135634802939739986120753"); + const Y: BaseField = MontFp!( + "16819438535150625131748701663066892288775529055803151482550035706857354997714" + ); + AffinePoint::new_unchecked(X, Y) + }; +} diff --git a/src/suites/secp256.rs b/src/suites/secp256.rs index 6553cd2..0be00b0 100644 --- a/src/suites/secp256.rs +++ b/src/suites/secp256.rs @@ -48,13 +48,17 @@ //! Section 5.4.1.1, with interpret_hash_value_as_a_point(s) = //! string_to_point(0x02 || s). -use crate::*; +use crate::{pedersen::PedersenSuite, *}; +use ark_ff::MontFp; #[derive(Copy, Clone)] pub struct P256Sha256Tai; suite_types!(P256Sha256Tai); +#[cfg(test)] +suite_tests!(P256Sha256Tai); + impl Suite for P256Sha256Tai { const SUITE_ID: u8 = 0x01; const CHALLENGE_LEN: usize = 16; @@ -100,13 +104,25 @@ impl Suite for P256Sha256Tai { } } +impl PedersenSuite for P256Sha256Tai { + const BLINDING_BASE: AffinePoint = { + const X: BaseField = MontFp!( + "14043613715035732602742871684475452461130505690937359323850445130419175222977" + ); + const Y: BaseField = MontFp!( + "56943419272466863994763824717057516408187649339843987947344693936486947084336" + ); + AffinePoint::new_unchecked(X, Y) + }; +} + #[cfg(test)] -mod tests { +mod test_vectors { use super::*; use crate::ietf::testing::*; #[test] - fn secp256_rfc_9381_test_vector_10() { + fn rfc_9381_10() { let v = TestVector { flags: TEST_FLAG_SKIP_PROOF_CHECK, sk: "c9afa9d845ba75166b5c215767b1d6934e50c3db36e89b127b8a622b120f6721", @@ -126,7 +142,7 @@ mod tests { } #[test] - fn secp256_rfc_9381_test_vector_11() { + fn rfc_9381_11() { let v = TestVector { flags: 0, sk: "c9afa9d845ba75166b5c215767b1d6934e50c3db36e89b127b8a622b120f6721", @@ -143,7 +159,7 @@ mod tests { } #[test] - fn secp256_rfc_9381_test_vector_12() { + fn rfc_9381_12() { let v = TestVector { flags: 0, sk: "2ca1411a41b17b24cc8c3b089cfd033f1920202a6c0de8abb97df1498d50d2c8", diff --git a/src/testing.rs b/src/testing.rs index 4427fce..9e5ab82 100644 --- a/src/testing.rs +++ b/src/testing.rs @@ -1,3 +1,4 @@ +#![allow(unused)] #[cfg(not(feature = "std"))] use ark_std::{vec, vec::Vec}; @@ -23,14 +24,12 @@ pub(crate) mod suite { suite_types!(TestSuite); } -#[allow(unused)] pub fn random_vec(n: usize, rng: Option<&mut dyn RngCore>) -> Vec { let mut local_rng = ark_std::test_rng(); let rng = rng.unwrap_or(&mut local_rng); (0..n).map(|_| T::rand(rng)).collect() } -#[allow(unused)] pub fn random_val(rng: Option<&mut dyn RngCore>) -> T { let mut local_rng = ark_std::test_rng(); let rng = rng.unwrap_or(&mut local_rng); @@ -45,15 +44,7 @@ pub fn ietf_prove_verify() { let input = Input::from(random_val(None)); let output = secret.output(input); - let mut buf = Vec::new(); - public.serialize_compressed(&mut buf).unwrap(); - println!("{}", buf.len()); - let proof = secret.prove(input, output, b"foo"); - let mut buf = Vec::new(); - proof.serialize_compressed(&mut buf).unwrap(); - println!("{}", buf.len()); - let result = public.verify(input, output, b"foo", &proof); assert!(result.is_ok()); } @@ -66,14 +57,6 @@ pub fn pedersen_prove_verify() { let output = secret.output(input); let (proof, blinding) = secret.prove(input, output, b"foo"); - let mut buf = Vec::new(); - secret.public().serialize_compressed(&mut buf).unwrap(); - println!("{}", buf.len()); - - let mut buf = Vec::new(); - proof.serialize_compressed(&mut buf).unwrap(); - println!("{}", buf.len()); - let result = Public::verify(input, output, b"foo", &proof); assert!(result.is_ok()); @@ -118,3 +101,34 @@ where let result = Public::verify(input, output, b"foo", &proof, &verifier); assert!(result.is_ok()); } + +#[macro_export] +macro_rules! suite_tests { + ($suite:ident, $build_ring:ident) => { + suite_tests!($suite); + ring_suite_tests!($build_ring); + }; + ($suite:ident) => { + #[test] + fn ietf_prove_verify() { + $crate::testing::ietf_prove_verify::<$suite>(); + } + + #[test] + fn pedersen_prove_verify() { + $crate::testing::pedersen_prove_verify::<$suite>(); + } + }; +} + +#[macro_export] +macro_rules! ring_suite_tests { + (true) => { + #[cfg(feature = "ring")] + #[test] + fn ring_prove_verify() { + $crate::testing::ring_prove_verify::() + } + }; + (false) => {}; +}