def test_privkey_creation(self): s = b("all the entropy in the entire world, compressed into one line") def not_much_entropy(numbytes): return s[:numbytes] priv1 = SigningKey.generate() self.assertEqual(priv1.baselen, NIST192p.baselen) priv1 = SigningKey.generate(curve=NIST224p) self.assertEqual(priv1.baselen, NIST224p.baselen) priv1 = SigningKey.generate(entropy=not_much_entropy) self.assertEqual(priv1.baselen, NIST192p.baselen) priv2 = SigningKey.generate(entropy=not_much_entropy) self.assertEqual(priv2.baselen, NIST192p.baselen) self.assertTruePrivkeysEqual(priv1, priv2) priv1 = SigningKey.from_secret_exponent(secexp=3) self.assertEqual(priv1.baselen, NIST192p.baselen) priv2 = SigningKey.from_secret_exponent(secexp=3) self.assertTruePrivkeysEqual(priv1, priv2) priv1 = SigningKey.from_secret_exponent(secexp=4, curve=NIST224p) self.assertEqual(priv1.baselen, NIST224p.baselen)
def test_privkey_creation(self): s = "all the entropy in the entire world, compressed into one line" def not_much_entropy(numbytes): return s[:numbytes] priv1 = SigningKey.generate() self.failUnlessEqual(priv1.baselen, NIST192p.baselen) priv1 = SigningKey.generate(curve=NIST224p) self.failUnlessEqual(priv1.baselen, NIST224p.baselen) priv1 = SigningKey.generate(entropy=not_much_entropy) self.failUnlessEqual(priv1.baselen, NIST192p.baselen) priv2 = SigningKey.generate(entropy=not_much_entropy) self.failUnlessEqual(priv2.baselen, NIST192p.baselen) self.failUnlessPrivkeysEqual(priv1, priv2) priv1 = SigningKey.from_secret_exponent(secexp=3) self.failUnlessEqual(priv1.baselen, NIST192p.baselen) priv2 = SigningKey.from_secret_exponent(secexp=3) self.failUnlessPrivkeysEqual(priv1, priv2) priv1 = SigningKey.from_secret_exponent(secexp=4, curve=NIST224p) self.failUnlessEqual(priv1.baselen, NIST224p.baselen)
def test_serialize(self): seed = "secret" curve = NIST192p secexp1 = util.randrange_from_seed__trytryagain(seed, curve.order) secexp2 = util.randrange_from_seed__trytryagain(seed, curve.order) self.failUnlessEqual(secexp1, secexp2) priv1 = SigningKey.from_secret_exponent(secexp1, curve) priv2 = SigningKey.from_secret_exponent(secexp2, curve) self.failUnlessEqual(hexlify(priv1.to_string()), hexlify(priv2.to_string())) self.failUnlessEqual(priv1.to_pem(), priv2.to_pem()) pub1 = priv1.get_verifying_key() pub2 = priv2.get_verifying_key() data = "data" sig1 = priv1.sign(data) sig2 = priv2.sign(data) self.failUnless(pub1.verify(sig1, data)) self.failUnless(pub2.verify(sig1, data)) self.failUnless(pub1.verify(sig2, data)) self.failUnless(pub2.verify(sig2, data)) self.failUnlessEqual(hexlify(pub1.to_string()), hexlify(pub2.to_string()))
def test_serialize(self): seed = b("secret") curve = NIST192p secexp1 = util.randrange_from_seed__trytryagain(seed, curve.order) secexp2 = util.randrange_from_seed__trytryagain(seed, curve.order) self.assertEqual(secexp1, secexp2) priv1 = SigningKey.from_secret_exponent(secexp1, curve) priv2 = SigningKey.from_secret_exponent(secexp2, curve) self.assertEqual(hexlify(priv1.to_string()), hexlify(priv2.to_string())) self.assertEqual(priv1.to_pem(), priv2.to_pem()) pub1 = priv1.get_verifying_key() pub2 = priv2.get_verifying_key() data = b("data") sig1 = priv1.sign(data) sig2 = priv2.sign(data) self.assertTrue(pub1.verify(sig1, data)) self.assertTrue(pub2.verify(sig1, data)) self.assertTrue(pub1.verify(sig2, data)) self.assertTrue(pub2.verify(sig2, data)) self.assertEqual(hexlify(pub1.to_string()), hexlify(pub2.to_string()))
def test_deterministic_signatures(curve, privateKey, msg, expectedK, expectedR=None, expectedS=None, expectedDER=None, hashfunc=sha256, ensure_low_s_according_to_bip62=True): msg = msg.encode('utf-8') privateKey = int(privateKey, 16) signing_key = SigningKey.from_secret_exponent(privateKey, curve) (k, der) = signing_key.sign_deterministic( msg, hashfunc=hashfunc, sigencode=sigencode_der, ensure_low_s_according_to_bip62=ensure_low_s_according_to_bip62) kHex = format(k, 'x') assert kHex == expectedK, "Deterministic K mismatch, expected {}, but got {}".format( expectedK, kHex) r, s = sigdecode_der(der, curve.order) rHex = format(r, 'x') sHex = format(s, 'x') derHex = binascii.hexlify(der).decode("utf-8") # print("k: {}, expected: {}".format(kHex, expectedK)) # print("r: {}".format(rHex, expectedR)) # print("s: {}".format(sHex, expectedS)) # print("der: {}".format(derHex, expectedDER)) if expectedDER != None: assert derHex == expectedDER, "Signature mismatch, expected {}, but got {}".format( expectedDER, derHex) if expectedR != None: assert rHex == expectedR, "Signature R mismatch, expected {}, but got {}".format( expectedR, rHex) if expectedS != None: assert sHex == expectedS, "Signature S mismatch, expected {}, but got {}".format( expectedS, SHex)
def test_deterministic(self): data = b("blahblah") secexp = int("9d0219792467d7d37b4d43298a7d0c05", 16) priv = SigningKey.from_secret_exponent(secexp, SECP256k1, sha256) pub = priv.get_verifying_key() k = rfc6979.generate_k(SECP256k1.generator.order(), secexp, sha256, sha256(data).digest()) sig1 = priv.sign(data, k=k) self.assertTrue(pub.verify(sig1, data)) sig2 = priv.sign(data, k=k) self.assertTrue(pub.verify(sig2, data)) sig3 = priv.sign_deterministic(data, sha256) self.assertTrue(pub.verify(sig3, data)) self.assertEqual(sig1, sig2) self.assertEqual(sig1, sig3)