Beispiel #1
0
def test_batch_validation() -> None:

    ec = CURVES["secp256k1"]

    hsize = hf().digest_size
    hlen = hsize * 8

    ms = []
    Qs = []
    sigs = []
    ms.append(secrets.randbits(hlen).to_bytes(hsize, "big"))
    q = 1 + secrets.randbelow(ec.n - 1)
    # bytes version
    Qs.append(mult(q, ec.G, ec)[0])
    sigs.append(ssa._sign(ms[0], q, None, ec, hf))
    # test with only 1 sig
    ssa._batch_verify(ms, Qs, sigs, ec, hf)
    for _ in range(3):
        m = secrets.randbits(hlen).to_bytes(hsize, "big")
        ms.append(m)
        q = 1 + secrets.randbelow(ec.n - 1)
        # Point version
        Qs.append(mult(q, ec.G, ec)[0])
        sigs.append(ssa._sign(m, q, None, ec, hf))
    ssa._batch_verify(ms, Qs, sigs, ec, hf)
    assert ssa.batch_verify(ms, Qs, sigs, ec, hf)

    ms.append(ms[0])
    sigs.append(sigs[1])
    Qs.append(Qs[0])
    assert not ssa.batch_verify(ms, Qs, sigs, ec, hf)
    err_msg = "signature verification precondition failed"
    with pytest.raises(ValueError, match=err_msg):
        ssa._batch_verify(ms, Qs, sigs, ec, hf)
    sigs[-1] = sigs[0]  # valid again

    ms[-1] = ms[0][:-1]
    err_msg = "invalid size: 31 bytes instead of 32"
    with pytest.raises(ValueError, match=err_msg):
        ssa._batch_verify(ms, Qs, sigs, ec, hf)
    ms[-1] = ms[0]  # valid again

    ms.append(ms[0])  # add extra message
    err_msg = "mismatch between number of pubkeys "
    with pytest.raises(ValueError, match=err_msg):
        ssa._batch_verify(ms, Qs, sigs, ec, hf)
    ms.pop()  # valid again

    sigs.append(sigs[0])  # add extra sig
    err_msg = "mismatch between number of pubkeys "
    with pytest.raises(ValueError, match=err_msg):
        ssa._batch_verify(ms, Qs, sigs, ec, hf)
    sigs.pop()  # valid again

    err_msg = "field prime is not equal to 3 mod 4: "
    with pytest.raises(ValueError, match=err_msg):
        ssa._batch_verify(ms, Qs, sigs, CURVES["secp224k1"], hf)
Beispiel #2
0
    def test_batch_validation(self):
        hsize = hf().digest_size
        hlen = hsize * 8

        ms = []
        Qs = []
        sigs = []
        ms.append(secrets.randbits(hlen).to_bytes(hsize, 'big'))
        q = 1 + secrets.randbelow(ec.n - 1)
        # bytes version
        Qs.append(mult(q, ec.G, ec)[0].to_bytes(ec.psize, 'big'))
        sigs.append(ssa.sign(ms[0], q, None, ec, hf))
        # test with only 1 sig
        ssa._batch_verify(ms, Qs, sigs, ec, hf)
        for _ in range(3):
            mhd = secrets.randbits(hlen).to_bytes(hsize, 'big')
            ms.append(mhd)
            q = 1 + secrets.randbelow(ec.n - 1)
            # Point version
            Qs.append(mult(q, ec.G, ec))
            sigs.append(ssa.sign(mhd, q, None, ec, hf))
        ssa._batch_verify(ms, Qs, sigs, ec, hf)
        self.assertTrue(ssa.batch_verify(ms, Qs, sigs, ec, hf))

        # invalid sig
        ms.append(ms[0])
        sigs.append(sigs[1])
        Qs.append(Qs[0])
        self.assertFalse(ssa.batch_verify(ms, Qs, sigs, ec, hf))
        self.assertRaises(AssertionError, ssa._batch_verify, ms, Qs, sigs, ec,
                          hf)
        # ssa._batch_verify(ms, Qs, sigs, ec, hf)
        sigs[-1] = sigs[0]  # valid again

        # Invalid size: 31 bytes instead of 32
        ms[-1] = ms[0][:-1]
        self.assertRaises(ValueError, ssa._batch_verify, ms, Qs, sigs, ec, hf)
        # ssa._batch_verify(ms, Qs, sigs, ec, hf)
        ms[-1] = ms[0]  # valid again

        # mismatch between number of pubkeys (5) and number of messages (6)
        ms.append(ms[0])  # add extra message
        self.assertRaises(ValueError, ssa._batch_verify, ms, Qs, sigs, ec, hf)
        # ssa._batch_verify(ms, Qs, sigs, ec, hf)
        ms.pop()  # valid again

        # mismatch between number of pubkeys (5) and number of signatures (6)
        sigs.append(sigs[0])  # add extra sig
        self.assertRaises(ValueError, ssa._batch_verify, ms, Qs, sigs, ec, hf)
        # ssa._batch_verify(ms, Qs, sigs, ec, hf)
        sigs.pop()  # valid again

        # field prime p is not equal to 3 (mod 4)
        self.assertRaises(ValueError, ssa._batch_verify, ms, Qs, sigs,
                          secp224k1, hf)
Beispiel #3
0
    def test_batch_validation(self):
        ec = secp256k1
        hf = sha256
        m = []
        sig = []
        Q = []

        hsize = hf().digest_size
        hlen = hsize * 8
        m.append(random.getrandbits(hlen).to_bytes(hsize, byteorder='big'))
        q = (1 + random.getrandbits(ec.nlen)) % ec.n
        sig.append(ssa.sign(m[0], q, None, ec, hf))
        Q.append(mult(q, ec.G, ec))
        # test with only 1 sig
        self.assertTrue(ssa.batch_verify(m, Q, sig, ec, hf))
        for i in range(1, 4):
            m.append(random.getrandbits(hlen).to_bytes(hsize, byteorder='big'))
            q = (1 + random.getrandbits(ec.nlen)) % ec.n
            sig.append(ssa.sign(m[i], q, None, ec, hf))
            Q.append(mult(q, ec.G, ec))
        self.assertTrue(ssa.batch_verify(m, Q, sig, ec, hf))

        # invalid sig
        m.append(m[0])
        sig.append(sig[1])
        Q.append(Q[0])
        self.assertFalse(ssa.batch_verify(m, Q, sig, ec, hf))
        #ssa._batch_verify(m, Q, sig, ec, hf)
        sig[-1] = sig[0]  # valid again

        # invalid 31 bytes message
        m[-1] = m[0][:-1]
        self.assertFalse(ssa.batch_verify(m, Q, sig, ec, hf))
        #ssa._batch_verify(m, Q, sig, ec, hf)
        m[-1] = m[0]  # valid again

        # mismatch between number of pubkeys and number of messages
        m.append(m[0])  # add extra message
        self.assertRaises(ValueError, ssa._batch_verify, m, Q, sig, ec, hf)
        #ssa._batch_verify(m, Q, sig, ec, hf)
        m.pop()  # valid again

        # mismatch between number of pubkeys and number of signatures
        sig.append(sig[0])  # add extra sig
        self.assertRaises(ValueError, ssa._batch_verify, m, Q, sig, ec, hf)
        #ssa._batch_verify(m, Q, sig, ec, hf)
        sig.pop()  # valid again

        # curve prime p must be equal to 3 (mod 4)
        ec = secp224k1
        self.assertRaises(ValueError, ssa._batch_verify, m, Q, sig, ec, hf)
Beispiel #4
0
    def test_batch_validation(self):
        ec = secp256k1
        m = []
        sig = []
        Q = []

        hsize = hf().digest_size
        hlen = hsize * 8
        for i in range(10):
            m.append(random.getrandbits(hlen).to_bytes(hsize, 'big'))
            q = random.getrandbits(ec.nlen) % ec.n
            sig.append(ssa.sign(ec, hf, m[i], q))
            Q.append(mult(ec, q, ec.G))
        self.assertTrue(ssa.batch_verify(ec, hf, m, Q, sig))

        m.append(m[0])
        sig.append(sig[1])  # invalid
        Q.append(Q[0])
        self.assertFalse(ssa.batch_verify(ec, hf, m, Q, sig))

        sig[-1] = sig[0]  # valid
        m[-1] = m[0][:-1]  # invalid 31 bytes message
        self.assertFalse(ssa.batch_verify(ec, hf, m, Q, sig))
Beispiel #5
0
def test_batch_validation() -> None:

    ms: List[String] = []
    Qs: List[int] = []
    sigs: List[ssa.SSASig] = []
    err_msg = "no signatures provided"
    with pytest.raises(BTClibValueError, match=err_msg):
        ssa.assert_batch_as_valid(ms, Qs, sigs)
    assert not ssa.batch_verify(ms, Qs, sigs)

    # valid size for String input to sign, not for Octets input to _sign
    msg_size = 16
    ms.append(secrets.token_bytes(msg_size))
    q, Q = ssa.gen_keys()
    Qs.append(Q)
    sigs.append(ssa.sign(ms[0], q))
    # test with only 1 sig
    ssa.assert_batch_as_valid(ms, Qs, sigs)
    assert ssa.batch_verify(ms, Qs, sigs)
    for _ in range(3):
        m = secrets.token_bytes(msg_size)
        ms.append(m)
        q, Q = ssa.gen_keys()
        Qs.append(Q)
        sigs.append(ssa.sign(m, q))
    ssa.assert_batch_as_valid(ms, Qs, sigs)
    assert ssa.batch_verify(ms, Qs, sigs)

    ms.append(ms[0])
    sigs.append(sigs[1])
    Qs.append(Qs[0])
    err_msg = "signature verification failed"
    with pytest.raises(BTClibRuntimeError, match=err_msg):
        ssa.assert_batch_as_valid(ms, Qs, sigs)
    assert not ssa.batch_verify(ms, Qs, sigs)
    sigs[-1] = sigs[0]  # valid again

    ms.append(ms[0])  # add extra message
    err_msg = "mismatch between number of pubkeys "
    with pytest.raises(BTClibValueError, match=err_msg):
        ssa.assert_batch_as_valid(ms, Qs, sigs)
    assert not ssa.batch_verify(ms, Qs, sigs)
    ms.pop()  # valid again

    sigs.append(sigs[0])  # add extra sig
    err_msg = "mismatch between number of pubkeys "
    with pytest.raises(BTClibValueError, match=err_msg):
        ssa.assert_batch_as_valid(ms, Qs, sigs)
    assert not ssa.batch_verify(ms, Qs, sigs)
    sigs.pop()  # valid again

    ms = [reduce_to_hlen(m, hf) for m in ms]
    ms[0] = ms[0][:-1]
    err_msg = "invalid size: 31 bytes instead of 32"
    with pytest.raises(BTClibValueError, match=err_msg):
        ssa._assert_batch_as_valid(ms, Qs, sigs)
    assert not ssa._batch_verify(ms, Qs, sigs)
Beispiel #6
0
ec = secp256k1
hf = sha256
hsize = hf().digest_size
hlen = hsize * 8

# n = 1 loops forever and does not really test batch verify
n_sig = [2, 4, 8, 16, 32, 64, 128]
m = []
sig = []
Q = []
for j in range(max(n_sig)):
    m.append(random.getrandbits(hlen).to_bytes(hsize, 'big'))
    q = random.getrandbits(ec.nlen) % ec.n
    sig.append(sign(ec, hf, m[j], q))
    Q.append(mult(ec, q, ec.G))

for n in n_sig:

    # no batch
    start = time.time()
    for j in range(n):
        assert verify(ec, hf, m[j], Q[j], sig[j])
    elapsed1 = time.time() - start

    # batch
    start = time.time()
    assert batch_verify(ec, hf, m[:n], Q[:n], sig[:n])
    elapsed2 = time.time() - start

    print(n, elapsed2 / elapsed1)
Beispiel #7
0
random.seed(42)

hsize = hf().digest_size
hlen = hsize * 8

# n = 1 loops forever and does not really test batch verify
n_sig = [2, 4, 8, 16, 32, 64, 128]
m = []
sig = []
Q = []
for j in range(max(n_sig)):
    m.append(random.getrandbits(hlen).to_bytes(hsize, 'big'))
    q = random.getrandbits(ec.nlen) % ec.n
    sig.append(sign(m[j], q))
    Q.append(mult(q, ec.G))

for n in n_sig:

    # no batch
    start = time.time()
    for j in range(n):
        assert verify(m[j], Q[j], sig[j])
    elapsed1 = time.time() - start

    # batch
    start = time.time()
    assert batch_verify(m[:n], Q[:n], sig[:n])
    elapsed2 = time.time() - start

    print(n, elapsed2 / elapsed1)