def test_verify_multiple_aggregate_signatures(SKs, messages):
signature_set = [(bls.Aggregate([bls.Sign(sk, msg) for sk in SKs]),
bls._AggregatePKs([bls.SkToPk(sk) for sk in SKs]), msg)
for msg in messages]
assert bls.VerifyMultipleAggregateSignatures(signature_set)
bad_signature_set = [(aggsig, aggkey, msg + b'\xbadd')
for aggsig, aggkey, msg in signature_set]
assert not bls.VerifyMultipleAggregateSignatures(bad_signature_set)
def case02_verify():
for i, privkey in enumerate(PRIVKEYS):
for message in MESSAGES:
# Valid signature
signature = bls.Sign(privkey, message)
pubkey = bls.SkToPk(privkey)
assert milagro_bls.SkToPk(to_bytes(privkey)) == pubkey
assert milagro_bls.Sign(to_bytes(privkey), message) == signature
identifier = f'{encode_hex(pubkey)}_{encode_hex(message)}'
assert bls.Verify(pubkey, message, signature)
assert milagro_bls.Verify(pubkey, message, signature)
yield f'verify_valid_case_{(hash(bytes(identifier, "utf-8"))[:8]).hex()}', {
'input': {
'pubkey': encode_hex(pubkey),
'message': encode_hex(message),
'signature': encode_hex(signature),
},
'output': True,
}
# Invalid signatures -- wrong pubkey
wrong_pubkey = bls.SkToPk(PRIVKEYS[(i + 1) % len(PRIVKEYS)])
identifier = f'{encode_hex(wrong_pubkey)}_{encode_hex(message)}'
assert not bls.Verify(wrong_pubkey, message, signature)
assert not milagro_bls.Verify(wrong_pubkey, message, signature)
yield f'verify_wrong_pubkey_case_{(hash(bytes(identifier, "utf-8"))[:8]).hex()}', {
'input': {
'pubkey': encode_hex(wrong_pubkey),
'message': encode_hex(message),
'signature': encode_hex(signature),
},
'output': False,
}
# Invalid signature -- tampered with signature
tampered_signature = signature[:-4] + b'\xFF\xFF\xFF\xFF'
identifier = f'{encode_hex(pubkey)}_{encode_hex(message)}'
assert not bls.Verify(pubkey, message, tampered_signature)
assert not milagro_bls.Verify(pubkey, message, tampered_signature)
yield f'verify_tampered_signature_case_{(hash(bytes(identifier, "utf-8"))[:8]).hex()}', {
'input': {
'pubkey': encode_hex(pubkey),
'message': encode_hex(message),
'signature': encode_hex(tampered_signature),
},
'output': False,
}
# Invalid pubkey and signature with the point at infinity
assert not bls.Verify(Z1_PUBKEY, SAMPLE_MESSAGE, Z2_SIGNATURE)
assert not milagro_bls.Verify(Z1_PUBKEY, SAMPLE_MESSAGE, Z2_SIGNATURE)
yield f'verify_infinity_pubkey_and_infinity_signature', {
'input': {
'pubkey': encode_hex(Z1_PUBKEY),
'message': encode_hex(SAMPLE_MESSAGE),
'signature': encode_hex(Z2_SIGNATURE),
},
'output': False,
}
def test_fast_aggregate_verify(SKs, message):
PKs = [bls.SkToPk(sk) for sk in SKs]
signatures = [bls.Sign(sk, message) for sk in SKs]
aggregate_signature = bls.Aggregate(signatures)
assert bls.FastAggregateVerify(PKs, message, aggregate_signature)
def test_sign_verify(privkey_int):
privkey = to_bytes(privkey_int)
msg = str(privkey).encode('utf-8')
pub = bls.SkToPk(privkey)
sig = bls.Sign(privkey, msg)
assert bls.Verify(pub, msg, sig)
def test_aggregate_verify(SKs, messages, success):
PKs = [bls.SkToPk(SK) for SK in SKs]
messages = [msg.to_bytes(32, "big") for msg in messages]
signatures = [bls.Sign(SK, msg) for SK, msg in zip(SKs, messages)]
aggregate_signature = bls.Aggregate(signatures)
assert bls.AggregateVerify(PKs, messages, aggregate_signature) == success
def pubkeys(privkeys):
return [bls.SkToPk(key) for key in privkeys]