ctime_tests.c - csecp256k1 - Haskell FFI bindings to bitcoin-core/secp256k1 (docs.ppad.tech/csecp256k1).

ctime_tests.c (7652B)
      1 /***********************************************************************
      2  * Copyright (c) 2020 Gregory Maxwell                                  *
      3  * Distributed under the MIT software license, see the accompanying    *
      4  * file COPYING or https://www.opensource.org/licenses/mit-license.php.*
      5  ***********************************************************************/
      6 
      7 #include <stdio.h>
      8 
      9 #include "../include/secp256k1.h"
     10 #include "assumptions.h"
     11 #include "checkmem.h"
     12 
     13 #if !SECP256K1_CHECKMEM_ENABLED
     14 #  error "This tool cannot be compiled without memory-checking interface (valgrind or msan)"
     15 #endif
     16 
     17 #ifdef ENABLE_MODULE_ECDH
     18 # include "../include/haskellsecp256k1_v0_1_0_ecdh.h"
     19 #endif
     20 
     21 #ifdef ENABLE_MODULE_RECOVERY
     22 # include "../include/haskellsecp256k1_v0_1_0_recovery.h"
     23 #endif
     24 
     25 #ifdef ENABLE_MODULE_EXTRAKEYS
     26 # include "../include/haskellsecp256k1_v0_1_0_extrakeys.h"
     27 #endif
     28 
     29 #ifdef ENABLE_MODULE_SCHNORRSIG
     30 #include "../include/secp256k1_schnorrsig.h"
     31 #endif
     32 
     33 #ifdef ENABLE_MODULE_ELLSWIFT
     34 #include "../include/secp256k1_ellswift.h"
     35 #endif
     36 
     37 static void run_tests(haskellsecp256k1_v0_1_0_context *ctx, unsigned char *key);
     38 
     39 int main(void) {
     40     haskellsecp256k1_v0_1_0_context* ctx;
     41     unsigned char key[32];
     42     int ret, i;
     43 
     44     if (!SECP256K1_CHECKMEM_RUNNING()) {
     45         fprintf(stderr, "This test can only usefully be run inside valgrind because it was not compiled under msan.\n");
     46         fprintf(stderr, "Usage: libtool --mode=execute valgrind ./ctime_tests\n");
     47         return 1;
     48     }
     49     ctx = haskellsecp256k1_v0_1_0_context_create(SECP256K1_CONTEXT_DECLASSIFY);
     50     /** In theory, testing with a single secret input should be sufficient:
     51      *  If control flow depended on secrets the tool would generate an error.
     52      */
     53     for (i = 0; i < 32; i++) {
     54         key[i] = i + 65;
     55     }
     56 
     57     run_tests(ctx, key);
     58 
     59     /* Test context randomisation. Do this last because it leaves the context
     60      * tainted. */
     61     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
     62     ret = haskellsecp256k1_v0_1_0_context_randomize(ctx, key);
     63     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
     64     CHECK(ret);
     65 
     66     haskellsecp256k1_v0_1_0_context_destroy(ctx);
     67     return 0;
     68 }
     69 
     70 static void run_tests(haskellsecp256k1_v0_1_0_context *ctx, unsigned char *key) {
     71     haskellsecp256k1_v0_1_0_ecdsa_signature signature;
     72     haskellsecp256k1_v0_1_0_pubkey pubkey;
     73     size_t siglen = 74;
     74     size_t outputlen = 33;
     75     int i;
     76     int ret;
     77     unsigned char msg[32];
     78     unsigned char sig[74];
     79     unsigned char spubkey[33];
     80 #ifdef ENABLE_MODULE_RECOVERY
     81     haskellsecp256k1_v0_1_0_ecdsa_recoverable_signature recoverable_signature;
     82     int recid;
     83 #endif
     84 #ifdef ENABLE_MODULE_EXTRAKEYS
     85     haskellsecp256k1_v0_1_0_keypair keypair;
     86 #endif
     87 #ifdef ENABLE_MODULE_ELLSWIFT
     88     unsigned char ellswift[64];
     89     static const unsigned char prefix[64] = {'t', 'e', 's', 't'};
     90 #endif
     91 
     92     for (i = 0; i < 32; i++) {
     93         msg[i] = i + 1;
     94     }
     95 
     96     /* Test keygen. */
     97     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
     98     ret = haskellsecp256k1_v0_1_0_ec_pubkey_create(ctx, &pubkey, key);
     99     SECP256K1_CHECKMEM_DEFINE(&pubkey, sizeof(haskellsecp256k1_v0_1_0_pubkey));
    100     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    101     CHECK(ret);
    102     CHECK(haskellsecp256k1_v0_1_0_ec_pubkey_serialize(ctx, spubkey, &outputlen, &pubkey, SECP256K1_EC_COMPRESSED) == 1);
    103 
    104     /* Test signing. */
    105     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    106     ret = haskellsecp256k1_v0_1_0_ecdsa_sign(ctx, &signature, msg, key, NULL, NULL);
    107     SECP256K1_CHECKMEM_DEFINE(&signature, sizeof(haskellsecp256k1_v0_1_0_ecdsa_signature));
    108     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    109     CHECK(ret);
    110     CHECK(haskellsecp256k1_v0_1_0_ecdsa_signature_serialize_der(ctx, sig, &siglen, &signature));
    111 
    112 #ifdef ENABLE_MODULE_ECDH
    113     /* Test ECDH. */
    114     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    115     ret = haskellsecp256k1_v0_1_0_ecdh(ctx, msg, &pubkey, key, NULL, NULL);
    116     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    117     CHECK(ret == 1);
    118 #endif
    119 
    120 #ifdef ENABLE_MODULE_RECOVERY
    121     /* Test signing a recoverable signature. */
    122     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    123     ret = haskellsecp256k1_v0_1_0_ecdsa_sign_recoverable(ctx, &recoverable_signature, msg, key, NULL, NULL);
    124     SECP256K1_CHECKMEM_DEFINE(&recoverable_signature, sizeof(recoverable_signature));
    125     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    126     CHECK(ret);
    127     CHECK(haskellsecp256k1_v0_1_0_ecdsa_recoverable_signature_serialize_compact(ctx, sig, &recid, &recoverable_signature));
    128     CHECK(recid >= 0 && recid <= 3);
    129 #endif
    130 
    131     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    132     ret = haskellsecp256k1_v0_1_0_ec_seckey_verify(ctx, key);
    133     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    134     CHECK(ret == 1);
    135 
    136     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    137     ret = haskellsecp256k1_v0_1_0_ec_seckey_negate(ctx, key);
    138     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    139     CHECK(ret == 1);
    140 
    141     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    142     SECP256K1_CHECKMEM_UNDEFINE(msg, 32);
    143     ret = haskellsecp256k1_v0_1_0_ec_seckey_tweak_add(ctx, key, msg);
    144     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    145     CHECK(ret == 1);
    146 
    147     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    148     SECP256K1_CHECKMEM_UNDEFINE(msg, 32);
    149     ret = haskellsecp256k1_v0_1_0_ec_seckey_tweak_mul(ctx, key, msg);
    150     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    151     CHECK(ret == 1);
    152 
    153     /* Test keypair_create and keypair_xonly_tweak_add. */
    154 #ifdef ENABLE_MODULE_EXTRAKEYS
    155     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    156     ret = haskellsecp256k1_v0_1_0_keypair_create(ctx, &keypair, key);
    157     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    158     CHECK(ret == 1);
    159 
    160     /* The tweak is not treated as a secret in keypair_tweak_add */
    161     SECP256K1_CHECKMEM_DEFINE(msg, 32);
    162     ret = haskellsecp256k1_v0_1_0_keypair_xonly_tweak_add(ctx, &keypair, msg);
    163     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    164     CHECK(ret == 1);
    165 
    166     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    167     SECP256K1_CHECKMEM_UNDEFINE(&keypair, sizeof(keypair));
    168     ret = haskellsecp256k1_v0_1_0_keypair_sec(ctx, key, &keypair);
    169     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    170     CHECK(ret == 1);
    171 #endif
    172 
    173 #ifdef ENABLE_MODULE_SCHNORRSIG
    174     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    175     ret = haskellsecp256k1_v0_1_0_keypair_create(ctx, &keypair, key);
    176     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    177     CHECK(ret == 1);
    178     ret = haskellsecp256k1_v0_1_0_schnorrsig_sign32(ctx, sig, msg, &keypair, NULL);
    179     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    180     CHECK(ret == 1);
    181 #endif
    182 
    183 #ifdef ENABLE_MODULE_ELLSWIFT
    184     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    185     ret = haskellsecp256k1_v0_1_0_ellswift_create(ctx, ellswift, key, NULL);
    186     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    187     CHECK(ret == 1);
    188 
    189     SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    190     ret = haskellsecp256k1_v0_1_0_ellswift_create(ctx, ellswift, key, ellswift);
    191     SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    192     CHECK(ret == 1);
    193 
    194     for (i = 0; i < 2; i++) {
    195         SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    196         SECP256K1_CHECKMEM_DEFINE(&ellswift, sizeof(ellswift));
    197         ret = haskellsecp256k1_v0_1_0_ellswift_xdh(ctx, msg, ellswift, ellswift, key, i, haskellsecp256k1_v0_1_0_ellswift_xdh_hash_function_bip324, NULL);
    198         SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    199         CHECK(ret == 1);
    200 
    201         SECP256K1_CHECKMEM_UNDEFINE(key, 32);
    202         SECP256K1_CHECKMEM_DEFINE(&ellswift, sizeof(ellswift));
    203         ret = haskellsecp256k1_v0_1_0_ellswift_xdh(ctx, msg, ellswift, ellswift, key, i, haskellsecp256k1_v0_1_0_ellswift_xdh_hash_function_prefix, (void *)prefix);
    204         SECP256K1_CHECKMEM_DEFINE(&ret, sizeof(ret));
    205         CHECK(ret == 1);
    206     }
    207 
    208 #endif
    209 }
	csecp256k1 Haskell FFI bindings to bitcoin-core/secp256k1 (docs.ppad.tech/csecp256k1).
	git clone git://git.ppad.tech/csecp256k1.git
	Log \| Files \| Refs \| README \| LICENSE