mirror of
https://source.quilibrium.com/quilibrium/ceremonyclient.git
synced 2025-01-24 06:36:13 +00:00
375 lines
8.9 KiB
Go
375 lines
8.9 KiB
Go
|
//
|
|||
|
// Copyright Coinbase, Inc. All Rights Reserved.
|
|||
|
//
|
|||
|
// SPDX-License-Identifier: Apache-2.0
|
|||
|
//
|
|||
|
|
|||
|
package core
|
|||
|
|
|||
|
import (
|
|||
|
"bytes"
|
|||
|
"encoding/json"
|
|||
|
"testing"
|
|||
|
|
|||
|
"github.com/stretchr/testify/require"
|
|||
|
)
|
|||
|
|
|||
|
// An entry into our test table
|
|||
|
type entry struct {
|
|||
|
// Input
|
|||
|
msg []byte
|
|||
|
|
|||
|
// Result (actual, not expected)
|
|||
|
commit Commitment
|
|||
|
decommit *Witness
|
|||
|
err error
|
|||
|
}
|
|||
|
|
|||
|
// Test inputs and placeholders for results that will be filled in
|
|||
|
// during init()
|
|||
|
var testResults = []entry{
|
|||
|
{[]byte("This is a test message"), nil, nil, nil},
|
|||
|
{[]byte("short msg"), nil, nil, nil},
|
|||
|
{[]byte("This input field is intentionally longer than the SHA256 block size to ensure that the entire message is processed"),
|
|||
|
nil, nil, nil},
|
|||
|
{[]byte{0xFB, 0x1A, 0x18, 0x47, 0x39, 0x3C, 0x9F, 0x45, 0x5F, 0x29, 0x4C, 0x51, 0x42, 0x30, 0xA6, 0xB9},
|
|||
|
nil, nil, nil},
|
|||
|
// msg = \epsilon (empty string)
|
|||
|
{[]byte{}, nil, nil, nil},
|
|||
|
// msg == nil
|
|||
|
{nil, nil, nil, nil},
|
|||
|
}
|
|||
|
|
|||
|
// Run our inputs through commit and record the outputs
|
|||
|
func init() {
|
|||
|
for i := range testResults {
|
|||
|
entry := &testResults[i]
|
|||
|
entry.commit, entry.decommit, entry.err = Commit(entry.msg)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Computing commitments should never produce errors
|
|||
|
func TestCommitWithoutErrors(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
if entry.err != nil {
|
|||
|
t.Errorf("received Commit(%v): %v", entry.msg, entry.err)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Commitments should be 256b == 64B in length
|
|||
|
func TestCommitmentsAreExpectedLength(t *testing.T) {
|
|||
|
const expLen = 256 / 8
|
|||
|
for _, entry := range testResults {
|
|||
|
if len(entry.commit) != expLen {
|
|||
|
t.Errorf("commitment is not expected length: %v != %v", len(entry.commit), expLen)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Decommit cannot be nil
|
|||
|
func TestCommmitProducesDecommit(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
if entry.decommit == nil {
|
|||
|
t.Errorf("decommit cannot be nil: Commit(%v)", entry.msg)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Decommit value should contain the same message
|
|||
|
func TestCommmitProducesDecommitWithSameMessage(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
if !bytes.Equal(entry.msg, entry.decommit.Msg) {
|
|||
|
t.Errorf("decommit.msg != msg: %v != %v", entry.msg, entry.decommit.Msg)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Commitments should be unique
|
|||
|
func TestCommmitProducesDistinctCommitments(t *testing.T) {
|
|||
|
seen := make(map[[Size]byte]bool)
|
|||
|
|
|||
|
// Check the pre-computed commitments for uniquness
|
|||
|
for _, entry := range testResults {
|
|||
|
|
|||
|
// Slices cannot be used as hash keys, so we need to copy into
|
|||
|
// an array. Oh, go-lang.
|
|||
|
var cee [Size]byte
|
|||
|
copy(cee[:], entry.commit)
|
|||
|
|
|||
|
// Ensure each commit is unique
|
|||
|
if seen[cee] {
|
|||
|
t.Errorf("duplicate commit found: %v", cee)
|
|||
|
}
|
|||
|
seen[cee] = true
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Commitments should be unique even for the same message since the nonce is
|
|||
|
// randomly selected
|
|||
|
func TestCommmitDistinctCommitments(t *testing.T) {
|
|||
|
seen := make(map[[Size]byte]bool)
|
|||
|
msg := []byte("black lives matter")
|
|||
|
const iterations = 1000
|
|||
|
|
|||
|
// Check the pre-computed commitments for uniquness
|
|||
|
for i := 0; i < iterations; i++ {
|
|||
|
// Compute a commitment
|
|||
|
c, _, err := Commit(msg)
|
|||
|
if err != nil {
|
|||
|
t.Error(err)
|
|||
|
}
|
|||
|
|
|||
|
// Slices cannot be used as hash keys, so copy into an array
|
|||
|
var cee [Size]byte
|
|||
|
copy(cee[:], []byte(c))
|
|||
|
|
|||
|
// Ensure each commit is unique
|
|||
|
if seen[cee] {
|
|||
|
t.Errorf("duplicate commit found: %v", cee)
|
|||
|
}
|
|||
|
seen[cee] = true
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Nonces must be 256b = 64B
|
|||
|
func TestCommmitNonceIsExpectedLength(t *testing.T) {
|
|||
|
const expLen = 256 / 8
|
|||
|
|
|||
|
// Check the pre-computed nonces
|
|||
|
for _, entry := range testResults {
|
|||
|
if len(entry.decommit.r) != expLen {
|
|||
|
t.Errorf("nonce is not expected length: %v != %v", len(entry.decommit.r), expLen)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Randomly selected nonces will be unique with overwhelming probability
|
|||
|
func TestCommmitProducesDistinctNonces(t *testing.T) {
|
|||
|
seen := make(map[[Size]byte]bool)
|
|||
|
msg := []byte("black lives matter")
|
|||
|
const iterations = 1000
|
|||
|
|
|||
|
// Check the pre-computed commitments for uniquness
|
|||
|
for i := 0; i < iterations; i++ {
|
|||
|
// Compute a commitment
|
|||
|
_, dee, err := Commit(msg)
|
|||
|
if err != nil {
|
|||
|
t.Error(err)
|
|||
|
}
|
|||
|
|
|||
|
// Ensure each nonce is unique
|
|||
|
if seen[dee.r] {
|
|||
|
t.Errorf("duplicate nonce found: %v", dee.r)
|
|||
|
}
|
|||
|
seen[dee.r] = true
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
func TestOpenOnValidCommitments(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
|
|||
|
// Open each commitment
|
|||
|
ok, err := Open(entry.commit, *entry.decommit)
|
|||
|
|
|||
|
// There should be no error
|
|||
|
if err != nil {
|
|||
|
t.Error(err)
|
|||
|
}
|
|||
|
|
|||
|
// The commitments should verify
|
|||
|
if !ok {
|
|||
|
t.Errorf("commitment failed to open: %v", entry.msg)
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
func TestOpenOnModifiedNonce(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
dʹ := copyWitness(entry.decommit)
|
|||
|
|
|||
|
// Modify the nonce
|
|||
|
dʹ.r[0] ^= 0x40
|
|||
|
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(entry.commit, *dʹ)
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
func TestOpenOnZeroPrefixNonce(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
dʹ := copyWitness(entry.decommit)
|
|||
|
|
|||
|
// Modify the nonce
|
|||
|
dʹ.r[0] = 0x00
|
|||
|
dʹ.r[1] = 0x00
|
|||
|
dʹ.r[2] = 0x00
|
|||
|
dʹ.r[3] = 0x00
|
|||
|
dʹ.r[4] = 0x00
|
|||
|
dʹ.r[5] = 0x00
|
|||
|
dʹ.r[6] = 0x00
|
|||
|
dʹ.r[7] = 0x00
|
|||
|
dʹ.r[8] = 0x00
|
|||
|
dʹ.r[9] = 0x00
|
|||
|
dʹ.r[10] = 0x00
|
|||
|
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(entry.commit, *dʹ)
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Makes a deep copy of a Witness
|
|||
|
func copyWitness(d *Witness) *Witness {
|
|||
|
msg := make([]byte, len(d.Msg))
|
|||
|
var r [Size]byte
|
|||
|
|
|||
|
copy(msg, d.Msg)
|
|||
|
copy(r[:], d.r[:])
|
|||
|
return &Witness{msg, r}
|
|||
|
}
|
|||
|
|
|||
|
// Asserts that err != nil, and ok == false.
|
|||
|
func assertFailedOpen(t *testing.T, ok bool, err error) {
|
|||
|
// There should be no error
|
|||
|
if err != nil {
|
|||
|
t.Error(err)
|
|||
|
}
|
|||
|
|
|||
|
// But the commitments should fail
|
|||
|
if ok {
|
|||
|
t.Error("commitment was verified but was expected to fail")
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// An unrelated message should fail on open
|
|||
|
func TestOpenOnNewMessage(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
dʹ := copyWitness(entry.decommit)
|
|||
|
|
|||
|
// Use a distinct message
|
|||
|
dʹ.Msg = []byte("no one expects the spanish inquisition")
|
|||
|
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(entry.commit, *dʹ)
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// An appended message should fail on open
|
|||
|
func TestOpenOnAppendedMessage(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
dʹ := copyWitness(entry.decommit)
|
|||
|
|
|||
|
// Modify the message
|
|||
|
dʹ.Msg = []byte("no one expects the spanish inquisition")
|
|||
|
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(entry.commit, *dʹ)
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// A modified message should fail on open
|
|||
|
func TestOpenOnModifiedMessage(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
// Skip the empty string message for this test case
|
|||
|
if len(entry.msg) == 0 {
|
|||
|
continue
|
|||
|
}
|
|||
|
|
|||
|
// Modify the message _in situ_
|
|||
|
dʹ := copyWitness(entry.decommit)
|
|||
|
dʹ.Msg[1] ^= 0x99
|
|||
|
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(entry.commit, *dʹ)
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// A modified commitment should fail on open
|
|||
|
func TestOpenOnModifiedCommitment(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
// Copy and then modify the commitment
|
|||
|
cʹ := make([]byte, Size)
|
|||
|
copy(cʹ[:], entry.commit)
|
|||
|
cʹ[6] ^= 0x33
|
|||
|
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(cʹ, *entry.decommit)
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// An empty decommit should fail to open
|
|||
|
func TestOpenOnDefaultDecommitObject(t *testing.T) {
|
|||
|
for _, entry := range testResults {
|
|||
|
// Open and check for failure
|
|||
|
ok, err := Open(entry.commit, Witness{})
|
|||
|
assertFailedOpen(t, ok, err)
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// A nil commit should return an error
|
|||
|
func TestOpenOnNilCommitment(t *testing.T) {
|
|||
|
_, err := Open(nil, Witness{})
|
|||
|
assertError(t, err)
|
|||
|
}
|
|||
|
|
|||
|
// Verifies that err != nil
|
|||
|
func assertError(t *testing.T, err error) {
|
|||
|
if err == nil {
|
|||
|
t.Error("expected an error but received nil")
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Ill-formed commitment should produce an error
|
|||
|
func TestOpenOnLongCommitment(t *testing.T) {
|
|||
|
tooLong := make([]byte, Size+1)
|
|||
|
_, err := Open(tooLong, Witness{})
|
|||
|
assertError(t, err)
|
|||
|
}
|
|||
|
|
|||
|
// Ill-formed commitment should produce an error
|
|||
|
func TestOpenOnShortCommitment(t *testing.T) {
|
|||
|
tooShort := make([]byte, Size-1)
|
|||
|
_, err := Open(tooShort, Witness{})
|
|||
|
assertError(t, err)
|
|||
|
}
|
|||
|
|
|||
|
// Tests that marshal-unmarshal is the identity function
|
|||
|
func TestWitnessMarshalRoundTrip(t *testing.T) {
|
|||
|
expected := &Witness{
|
|||
|
[]byte("I'm the dude. So that's what you call me"),
|
|||
|
[Size]byte{0xAC},
|
|||
|
}
|
|||
|
|
|||
|
// Marhal and test
|
|||
|
jsonBytes, err := json.Marshal(expected)
|
|||
|
require.NoError(t, err)
|
|||
|
require.NotNil(t, jsonBytes)
|
|||
|
|
|||
|
// Unmarshal and test
|
|||
|
actual := &Witness{}
|
|||
|
require.NoError(t, json.Unmarshal(jsonBytes, actual))
|
|||
|
require.Equal(t, expected.Msg, actual.Msg)
|
|||
|
require.Equal(t, expected.r, actual.r)
|
|||
|
}
|
|||
|
|
|||
|
// Tests that marshal-unmarshal is the identity function
|
|||
|
func TestCommitmentMarshalRoundTrip(t *testing.T) {
|
|||
|
expected := Commitment([]byte("That or uh his-dudeness or duder or el duderino."))
|
|||
|
|
|||
|
// Marhal and test
|
|||
|
jsonBytes, err := json.Marshal(expected)
|
|||
|
require.NoError(t, err)
|
|||
|
require.NotNil(t, jsonBytes)
|
|||
|
|
|||
|
// Unmarshal and test
|
|||
|
actual := Commitment{}
|
|||
|
require.NoError(t, json.Unmarshal(jsonBytes, &actual))
|
|||
|
require.Equal(t, []byte(expected), []byte(actual))
|
|||
|
}
|