def test_compact():
sig_compact = c_ecdsa_sign_compact(msg32, priv)
sig2_compact = lc.ecdsa_sign_compact(msg32, priv)
assert isinstance(sig_compact, bytes)
assert len(sig_compact) == 65
assert isinstance(sig2_compact[0], bytes)
assert len(sig2_compact[0]) == 64
# recover
p3 = c_ecdsa_recover_compact(msg32, sig_compact)
p4 = lc.ecdsa_recover_compact(msg32, sig2_compact)
p5 = lc.ecdsa_recover_compact(msg32, sig_compact)
# verify
assert p3 == pub
assert p4 == pub
assert p5 == pub
assert c_ecdsa_verify_compact(msg32, sig_compact, pub)
# check wrong pub
sig_compact_2 = c_ecdsa_sign_compact(msg32, 'x' * 32)
p4 = c_ecdsa_recover_compact(msg32, sig_compact_2)
assert p4 != pub
# check wrong sig
false_sig_compact = _tampered_65b(sig_compact)
assert not c_ecdsa_verify_compact(msg32, false_sig_compact, pub)
def perf(rounds=1000):
privkeys = [rand32bytes() for i in range(rounds)]
messages = [rand32bytes() for i in range(rounds)]
# test sign
signatures = []
st = time.time()
for priv, msg in zip(privkeys, messages):
s = c_ecdsa_sign_compact(msg32, priv)
signatures.append(s)
elapsed = time.time() - st
print 'cffi took: %.2fsecs / %dμs per op / %d signs per sec' % \
(elapsed, elapsed / rounds * 10**6, rounds / elapsed)
# test recover
pubs = []
st = time.time()
for sig, msg in zip(signatures, messages):
p = c_ecdsa_recover_compact(msg32, sig)
pubs.append(p)
elapsed = time.time() - st
print 'cffi took: %.2fsecs / %dμs per op / %d recovers per sec' % \
(elapsed, elapsed / rounds * 10**6, rounds / elapsed)
# check
for pub, privkey in zip(pubs, privkeys)[:100]:
assert privtopub(privkey) == pub
def sign(self, privkey):
assert not self.signature
assert isinstance(privkey, bytes) and len(privkey) == 32
h = sha3(encode_msg(self.serialize()))
self.signature = c_ecdsa_sign_compact(h, privkey)
assert len(self.signature) == 65
return self
def perf(rounds=1000):
privkeys = [rand32bytes() for i in range(rounds)]
messages = [rand32bytes() for i in range(rounds)]
# test sign
signatures = []
st = time.time()
for priv, msg in zip(privkeys, messages):
s = c_ecdsa_sign_compact(msg32, priv)
signatures.append(s)
elapsed = time.time() - st
print 'cffi took: %.2fsecs / %dμs per op / %d signs per sec' % \
(elapsed, elapsed / rounds * 10**6, rounds / elapsed)
# test recover
pubs = []
st = time.time()
for sig, msg in zip(signatures, messages):
p = c_ecdsa_recover_compact(msg32, sig)
pubs.append(p)
elapsed = time.time() - st
print 'cffi took: %.2fsecs / %dμs per op / %d recovers per sec' % \
(elapsed, elapsed / rounds * 10**6, rounds / elapsed)
# check
for pub, privkey in zip(pubs, privkeys)[:100]:
assert privtopub(privkey) == pub
def sign(self, privkey):
assert not self.signature
assert isinstance(privkey, bytes) and len(privkey) == 32
h = sha3(encode_msg(self.serialize()))
self.signature = c_ecdsa_sign_compact(h, privkey)
assert len(self.signature) == 65
return self
def test_cecrecover(rounds=100):
vrs_compact = c_ecdsa_sign_compact(msg32, priv)
st = time.time()
for i in range(rounds):
p = c_ecdsa_recover_compact(msg32, vrs_compact)
elapsed = time.time() - st
print 'cffi took: %.2fsecs / %dμs per op / %d recoveries per sec' % \
(elapsed, elapsed / rounds * 10**6, rounds / elapsed)
print 'c takes: 300μs per op / 3000 recoveries per sec' # c wraped in go, according to gustav
def test_cecrecover(rounds=100):
vrs_compact = c_ecdsa_sign_compact(msg32, priv)
st = time.time()
for i in range(rounds):
p = c_ecdsa_recover_compact(msg32, vrs_compact)
elapsed = time.time() - st
print 'cffi took: %.2fsecs / %dμs per op / %d recoveries per sec' % \
(elapsed, elapsed / rounds * 10**6, rounds / elapsed)
print 'c takes: 300μs per op / 3000 recoveries per sec' # c wraped in go, according to gustav
def test_robustness():
sig_compact = c_ecdsa_sign_compact(msg32, priv)
sig_compact2 = lc.ecdsa_sign_compact(msg32, priv)
sc = (_tampered_64b(sig_compact2[0]), sig_compact2[1])
# must not segfault
# c_ecdsa_recover_compact(msg32, _tampered_65b(sig_compact))
lc.ecdsa_recover_compact(msg32, sc)
with pytest.raises(InvalidSignatureError):
c_ecdsa_recover_compact(msg32, sig_compact[:-1] + 'x')
def test_compact():
sig_compact = c_ecdsa_sign_compact(msg32, priv)
assert isinstance(sig_compact, bytes)
assert len(sig_compact) == 65
# recover
p3 = c_ecdsa_recover_compact(msg32, sig_compact)
# verify
assert p3 == pub
assert c_ecdsa_verify_compact(msg32, sig_compact, pub)
# check wrong pub
sig_compact_2 = c_ecdsa_sign_compact(msg32, 'x' * 32)
p4 = c_ecdsa_recover_compact(msg32, sig_compact_2)
assert p4 != pub
# check wrong sig
false_sig_compact = _tampered_65b(sig_compact)
assert not c_ecdsa_verify_compact(msg32, false_sig_compact, pub)
def sign(data, private_key):
if not isinstance(private_key, bytes) or len(private_key) != 32:
raise ValueError('invalid private_key')
message_hash = sha3(data)
signature = c_ecdsa_sign_compact(message_hash, private_key)
if len(signature) != 65:
raise ValueError('invalid signature')
publickey = c_ecdsa_recover_compact(message_hash, signature)
return signature, publickey
def test_robustness():
sig_compact = c_ecdsa_sign_compact(msg32, priv)
# must not segfault
# c_ecdsa_recover_compact(msg32, _tampered_65b(sig_compact))
with pytest.raises(InvalidSignatureError):
c_ecdsa_recover_compact(msg32, sig_compact[:-1] + 'x')
