1 // -*- mode: rust; -*- 2 // 3 // This file is part of ed25519-dalek. 4 // Copyright (c) 2017-2019 isis lovecruft 5 // See LICENSE for licensing information. 6 // 7 // Authors: 8 // - isis agora lovecruft <isis@patternsinthevoid.net> 9 10 //! Integration tests for ed25519-dalek. 11 12 #[cfg(all(test, feature = "serde"))] 13 extern crate bincode; 14 extern crate ed25519_dalek; 15 extern crate hex; 16 extern crate sha2; 17 extern crate rand; 18 #[cfg(all(test, feature = "serde"))] 19 extern crate serde_crate; 20 #[cfg(all(test, feature = "serde"))] 21 extern crate toml; 22 23 use ed25519_dalek::*; 24 25 use hex::FromHex; 26 27 use sha2::Sha512; 28 29 #[cfg(test)] 30 mod vectors { 31 use ed25519::signature::Signature as _; 32 33 use std::io::BufReader; 34 use std::io::BufRead; 35 use std::fs::File; 36 37 use super::*; 38 39 // TESTVECTORS is taken from sign.input.gz in agl's ed25519 Golang 40 // package. It is a selection of test cases from 41 // http://ed25519.cr.yp.to/python/sign.input 42 #[test] against_reference_implementation()43 fn against_reference_implementation() { // TestGolden 44 let mut line: String; 45 let mut lineno: usize = 0; 46 47 let f = File::open("TESTVECTORS"); 48 if f.is_err() { 49 println!("This test is only available when the code has been cloned \ 50 from the git repository, since the TESTVECTORS file is large \ 51 and is therefore not included within the distributed crate."); 52 panic!(); 53 } 54 let file = BufReader::new(f.unwrap()); 55 56 for l in file.lines() { 57 lineno += 1; 58 line = l.unwrap(); 59 60 let parts: Vec<&str> = line.split(':').collect(); 61 assert_eq!(parts.len(), 5, "wrong number of fields in line {}", lineno); 62 63 let sec_bytes: Vec<u8> = FromHex::from_hex(&parts[0]).unwrap(); 64 let pub_bytes: Vec<u8> = FromHex::from_hex(&parts[1]).unwrap(); 65 let msg_bytes: Vec<u8> = FromHex::from_hex(&parts[2]).unwrap(); 66 let sig_bytes: Vec<u8> = FromHex::from_hex(&parts[3]).unwrap(); 67 68 let secret: SecretKey = SecretKey::from_bytes(&sec_bytes[..SECRET_KEY_LENGTH]).unwrap(); 69 let public: PublicKey = PublicKey::from_bytes(&pub_bytes[..PUBLIC_KEY_LENGTH]).unwrap(); 70 let keypair: Keypair = Keypair{ secret: secret, public: public }; 71 72 // The signatures in the test vectors also include the message 73 // at the end, but we just want R and S. 74 let sig1: Signature = Signature::from_bytes(&sig_bytes[..64]).unwrap(); 75 let sig2: Signature = keypair.sign(&msg_bytes); 76 77 assert!(sig1 == sig2, "Signature bytes not equal on line {}", lineno); 78 assert!(keypair.verify(&msg_bytes, &sig2).is_ok(), 79 "Signature verification failed on line {}", lineno); 80 } 81 } 82 83 // From https://tools.ietf.org/html/rfc8032#section-7.3 84 #[test] ed25519ph_rf8032_test_vector()85 fn ed25519ph_rf8032_test_vector() { 86 let secret_key: &[u8] = b"833fe62409237b9d62ec77587520911e9a759cec1d19755b7da901b96dca3d42"; 87 let public_key: &[u8] = b"ec172b93ad5e563bf4932c70e1245034c35467ef2efd4d64ebf819683467e2bf"; 88 let message: &[u8] = b"616263"; 89 let signature: &[u8] = b"98a70222f0b8121aa9d30f813d683f809e462b469c7ff87639499bb94e6dae4131f85042463c2a355a2003d062adf5aaa10b8c61e636062aaad11c2a26083406"; 90 91 let sec_bytes: Vec<u8> = FromHex::from_hex(secret_key).unwrap(); 92 let pub_bytes: Vec<u8> = FromHex::from_hex(public_key).unwrap(); 93 let msg_bytes: Vec<u8> = FromHex::from_hex(message).unwrap(); 94 let sig_bytes: Vec<u8> = FromHex::from_hex(signature).unwrap(); 95 96 let secret: SecretKey = SecretKey::from_bytes(&sec_bytes[..SECRET_KEY_LENGTH]).unwrap(); 97 let public: PublicKey = PublicKey::from_bytes(&pub_bytes[..PUBLIC_KEY_LENGTH]).unwrap(); 98 let keypair: Keypair = Keypair{ secret: secret, public: public }; 99 let sig1: Signature = Signature::from_bytes(&sig_bytes[..]).unwrap(); 100 101 let mut prehash_for_signing: Sha512 = Sha512::default(); 102 let mut prehash_for_verifying: Sha512 = Sha512::default(); 103 104 prehash_for_signing.update(&msg_bytes[..]); 105 prehash_for_verifying.update(&msg_bytes[..]); 106 107 let sig2: Signature = keypair.sign_prehashed(prehash_for_signing, None).unwrap(); 108 109 assert!(sig1 == sig2, 110 "Original signature from test vectors doesn't equal signature produced:\ 111 \noriginal:\n{:?}\nproduced:\n{:?}", sig1, sig2); 112 assert!(keypair.verify_prehashed(prehash_for_verifying, None, &sig2).is_ok(), 113 "Could not verify ed25519ph signature!"); 114 } 115 } 116 117 #[cfg(test)] 118 mod integrations { 119 use super::*; 120 use rand::rngs::OsRng; 121 122 #[test] sign_verify()123 fn sign_verify() { // TestSignVerify 124 let keypair: Keypair; 125 let good_sig: Signature; 126 let bad_sig: Signature; 127 128 let good: &[u8] = "test message".as_bytes(); 129 let bad: &[u8] = "wrong message".as_bytes(); 130 131 let mut csprng = OsRng{}; 132 133 keypair = Keypair::generate(&mut csprng); 134 good_sig = keypair.sign(&good); 135 bad_sig = keypair.sign(&bad); 136 137 assert!(keypair.verify(&good, &good_sig).is_ok(), 138 "Verification of a valid signature failed!"); 139 assert!(keypair.verify(&good, &bad_sig).is_err(), 140 "Verification of a signature on a different message passed!"); 141 assert!(keypair.verify(&bad, &good_sig).is_err(), 142 "Verification of a signature on a different message passed!"); 143 } 144 145 #[test] ed25519ph_sign_verify()146 fn ed25519ph_sign_verify() { 147 let keypair: Keypair; 148 let good_sig: Signature; 149 let bad_sig: Signature; 150 151 let good: &[u8] = b"test message"; 152 let bad: &[u8] = b"wrong message"; 153 154 let mut csprng = OsRng{}; 155 156 // ugh… there's no `impl Copy for Sha512`… i hope we can all agree these are the same hashes 157 let mut prehashed_good1: Sha512 = Sha512::default(); 158 prehashed_good1.update(good); 159 let mut prehashed_good2: Sha512 = Sha512::default(); 160 prehashed_good2.update(good); 161 let mut prehashed_good3: Sha512 = Sha512::default(); 162 prehashed_good3.update(good); 163 164 let mut prehashed_bad1: Sha512 = Sha512::default(); 165 prehashed_bad1.update(bad); 166 let mut prehashed_bad2: Sha512 = Sha512::default(); 167 prehashed_bad2.update(bad); 168 169 let context: &[u8] = b"testing testing 1 2 3"; 170 171 keypair = Keypair::generate(&mut csprng); 172 good_sig = keypair.sign_prehashed(prehashed_good1, Some(context)).unwrap(); 173 bad_sig = keypair.sign_prehashed(prehashed_bad1, Some(context)).unwrap(); 174 175 assert!(keypair.verify_prehashed(prehashed_good2, Some(context), &good_sig).is_ok(), 176 "Verification of a valid signature failed!"); 177 assert!(keypair.verify_prehashed(prehashed_good3, Some(context), &bad_sig).is_err(), 178 "Verification of a signature on a different message passed!"); 179 assert!(keypair.verify_prehashed(prehashed_bad2, Some(context), &good_sig).is_err(), 180 "Verification of a signature on a different message passed!"); 181 } 182 183 #[cfg(feature = "batch")] 184 #[test] verify_batch_seven_signatures()185 fn verify_batch_seven_signatures() { 186 let messages: [&[u8]; 7] = [ 187 b"Watch closely everyone, I'm going to show you how to kill a god.", 188 b"I'm not a cryptographer I just encrypt a lot.", 189 b"Still not a cryptographer.", 190 b"This is a test of the tsunami alert system. This is only a test.", 191 b"Fuck dumbin' it down, spit ice, skip jewellery: Molotov cocktails on me like accessories.", 192 b"Hey, I never cared about your bucks, so if I run up with a mask on, probably got a gas can too.", 193 b"And I'm not here to fill 'er up. Nope, we came to riot, here to incite, we don't want any of your stuff.", ]; 194 let mut csprng = OsRng{}; 195 let mut keypairs: Vec<Keypair> = Vec::new(); 196 let mut signatures: Vec<Signature> = Vec::new(); 197 198 for i in 0..messages.len() { 199 let keypair: Keypair = Keypair::generate(&mut csprng); 200 signatures.push(keypair.sign(&messages[i])); 201 keypairs.push(keypair); 202 } 203 let public_keys: Vec<PublicKey> = keypairs.iter().map(|key| key.public).collect(); 204 205 let result = verify_batch(&messages, &signatures[..], &public_keys[..]); 206 207 assert!(result.is_ok()); 208 } 209 210 #[test] pubkey_from_secret_and_expanded_secret()211 fn pubkey_from_secret_and_expanded_secret() { 212 let mut csprng = OsRng{}; 213 let secret: SecretKey = SecretKey::generate(&mut csprng); 214 let expanded_secret: ExpandedSecretKey = (&secret).into(); 215 let public_from_secret: PublicKey = (&secret).into(); // XXX eww 216 let public_from_expanded_secret: PublicKey = (&expanded_secret).into(); // XXX eww 217 218 assert!(public_from_secret == public_from_expanded_secret); 219 } 220 } 221 222 #[serde(crate = "serde_crate")] 223 #[cfg(all(test, feature = "serde"))] 224 #[derive(Debug, serde_crate::Serialize, serde_crate::Deserialize)] 225 struct Demo { 226 keypair: Keypair 227 } 228 229 #[cfg(all(test, feature = "serde"))] 230 mod serialisation { 231 use super::*; 232 233 use self::bincode::{serialize, serialized_size, deserialize, Infinite}; 234 use self::toml; 235 236 use ed25519::signature::Signature as _; 237 238 static PUBLIC_KEY_BYTES: [u8; PUBLIC_KEY_LENGTH] = [ 239 130, 039, 155, 015, 062, 076, 188, 063, 240 124, 122, 026, 251, 233, 253, 225, 220, 241 014, 041, 166, 120, 108, 035, 254, 077, 242 160, 083, 172, 058, 219, 042, 086, 120, ]; 243 244 static SECRET_KEY_BYTES: [u8; SECRET_KEY_LENGTH] = [ 245 062, 070, 027, 163, 092, 182, 011, 003, 246 077, 234, 098, 004, 011, 127, 079, 228, 247 243, 187, 150, 073, 201, 137, 076, 022, 248 085, 251, 152, 002, 241, 042, 072, 054, ]; 249 250 /// Signature with the above keypair of a blank message. 251 static SIGNATURE_BYTES: [u8; SIGNATURE_LENGTH] = [ 252 010, 126, 151, 143, 157, 064, 047, 001, 253 196, 140, 179, 058, 226, 152, 018, 102, 254 160, 123, 080, 016, 210, 086, 196, 028, 255 053, 231, 012, 157, 169, 019, 158, 063, 256 045, 154, 238, 007, 053, 185, 227, 229, 257 079, 108, 213, 080, 124, 252, 084, 167, 258 216, 085, 134, 144, 129, 149, 041, 081, 259 063, 120, 126, 100, 092, 059, 050, 011, ]; 260 261 static KEYPAIR_BYTES: [u8; KEYPAIR_LENGTH] = [ 262 239, 085, 017, 235, 167, 103, 034, 062, 263 007, 010, 032, 146, 113, 039, 096, 174, 264 003, 219, 232, 166, 240, 121, 167, 013, 265 098, 238, 122, 116, 193, 114, 215, 213, 266 175, 181, 075, 166, 224, 164, 140, 146, 267 053, 120, 010, 037, 104, 094, 136, 225, 268 249, 102, 171, 160, 097, 132, 015, 071, 269 035, 056, 000, 074, 130, 168, 225, 071, ]; 270 271 #[test] serialize_deserialize_signature()272 fn serialize_deserialize_signature() { 273 let signature: Signature = Signature::from_bytes(&SIGNATURE_BYTES).unwrap(); 274 let encoded_signature: Vec<u8> = serialize(&signature, Infinite).unwrap(); 275 let decoded_signature: Signature = deserialize(&encoded_signature).unwrap(); 276 277 assert_eq!(signature, decoded_signature); 278 } 279 280 #[test] serialize_deserialize_public_key()281 fn serialize_deserialize_public_key() { 282 let public_key: PublicKey = PublicKey::from_bytes(&PUBLIC_KEY_BYTES).unwrap(); 283 let encoded_public_key: Vec<u8> = serialize(&public_key, Infinite).unwrap(); 284 let decoded_public_key: PublicKey = deserialize(&encoded_public_key).unwrap(); 285 286 assert_eq!(&PUBLIC_KEY_BYTES[..], &encoded_public_key[encoded_public_key.len() - 32..]); 287 assert_eq!(public_key, decoded_public_key); 288 } 289 290 #[test] serialize_deserialize_secret_key()291 fn serialize_deserialize_secret_key() { 292 let secret_key: SecretKey = SecretKey::from_bytes(&SECRET_KEY_BYTES).unwrap(); 293 let encoded_secret_key: Vec<u8> = serialize(&secret_key, Infinite).unwrap(); 294 let decoded_secret_key: SecretKey = deserialize(&encoded_secret_key).unwrap(); 295 296 for i in 0..32 { 297 assert_eq!(SECRET_KEY_BYTES[i], decoded_secret_key.as_bytes()[i]); 298 } 299 } 300 301 #[test] serialize_deserialize_keypair_bincode()302 fn serialize_deserialize_keypair_bincode() { 303 let keypair = Keypair::from_bytes(&KEYPAIR_BYTES).unwrap(); 304 let encoded_keypair: Vec<u8> = serialize(&keypair, Infinite).unwrap(); 305 let decoded_keypair: Keypair = deserialize(&encoded_keypair).unwrap(); 306 307 for i in 0..64 { 308 assert_eq!(KEYPAIR_BYTES[i], decoded_keypair.to_bytes()[i]); 309 } 310 } 311 312 #[test] serialize_deserialize_keypair_toml()313 fn serialize_deserialize_keypair_toml() { 314 let demo = Demo { keypair: Keypair::from_bytes(&KEYPAIR_BYTES).unwrap() }; 315 316 println!("\n\nWrite to toml"); 317 let demo_toml = toml::to_string(&demo).unwrap(); 318 println!("{}", demo_toml); 319 let demo_toml_rebuild: Result<Demo, _> = toml::from_str(&demo_toml); 320 println!("{:?}", demo_toml_rebuild); 321 } 322 323 #[test] serialize_public_key_size()324 fn serialize_public_key_size() { 325 let public_key: PublicKey = PublicKey::from_bytes(&PUBLIC_KEY_BYTES).unwrap(); 326 assert_eq!(serialized_size(&public_key) as usize, 40); // These sizes are specific to bincode==1.0.1 327 } 328 329 #[test] serialize_signature_size()330 fn serialize_signature_size() { 331 let signature: Signature = Signature::from_bytes(&SIGNATURE_BYTES).unwrap(); 332 assert_eq!(serialized_size(&signature) as usize, 64); // These sizes are specific to bincode==1.0.1 333 } 334 335 #[test] serialize_secret_key_size()336 fn serialize_secret_key_size() { 337 let secret_key: SecretKey = SecretKey::from_bytes(&SECRET_KEY_BYTES).unwrap(); 338 assert_eq!(serialized_size(&secret_key) as usize, 40); // These sizes are specific to bincode==1.0.1 339 } 340 } 341