diff options
author | Pieter Wuille <pieter.wuille@gmail.com> | 2020-01-19 14:05:36 -0800 |
---|---|---|
committer | Pieter Wuille <pieter.wuille@gmail.com> | 2020-01-19 14:47:33 -0800 |
commit | 1faa4b19bcfaec44a964a665f68a5bdaba85337e (patch) | |
tree | f74c8c080010c549d17e869774cd97078819dd3c /bip-0340 | |
parent | eb641cbdb50a9991404cd633b5c4cb0139847238 (diff) |
Rename BIPs
Diffstat (limited to 'bip-0340')
-rw-r--r-- | bip-0340/reference.py | 169 | ||||
-rw-r--r-- | bip-0340/test-vectors.csv | 16 | ||||
-rw-r--r-- | bip-0340/test-vectors.py | 241 |
3 files changed, 426 insertions, 0 deletions
diff --git a/bip-0340/reference.py b/bip-0340/reference.py new file mode 100644 index 0000000..f2a944f --- /dev/null +++ b/bip-0340/reference.py @@ -0,0 +1,169 @@ +import hashlib +import binascii + +p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F +n = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 + +# Points are tuples of X and Y coordinates and the point at infinity is +# represented by the None keyword. +G = (0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798, 0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8) + +# This implementation can be sped up by storing the midstate after hashing +# tag_hash instead of rehashing it all the time. +def tagged_hash(tag, msg): + tag_hash = hashlib.sha256(tag.encode()).digest() + return hashlib.sha256(tag_hash + tag_hash + msg).digest() + +def is_infinity(P): + return P is None + +def x(P): + return P[0] + +def y(P): + return P[1] + +def point_add(P1, P2): + if (P1 is None): + return P2 + if (P2 is None): + return P1 + if (x(P1) == x(P2) and y(P1) != y(P2)): + return None + if (P1 == P2): + lam = (3 * x(P1) * x(P1) * pow(2 * y(P1), p - 2, p)) % p + else: + lam = ((y(P2) - y(P1)) * pow(x(P2) - x(P1), p - 2, p)) % p + x3 = (lam * lam - x(P1) - x(P2)) % p + return (x3, (lam * (x(P1) - x3) - y(P1)) % p) + +def point_mul(P, n): + R = None + for i in range(256): + if ((n >> i) & 1): + R = point_add(R, P) + P = point_add(P, P) + return R + +def bytes_from_int(x): + return x.to_bytes(32, byteorder="big") + +def bytes_from_point(P): + return bytes_from_int(x(P)) + +def point_from_bytes(b): + x = int_from_bytes(b) + if x >= p: + return None + y_sq = (pow(x, 3, p) + 7) % p + y = pow(y_sq, (p + 1) // 4, p) + if pow(y, 2, p) != y_sq: + return None + return [x, y] + +def int_from_bytes(b): + return int.from_bytes(b, byteorder="big") + +def hash_sha256(b): + return hashlib.sha256(b).digest() + +def is_square(x): + return pow(x, (p - 1) // 2, p) == 1 + +def has_square_y(P): + return not is_infinity(P) and is_square(y(P)) + +def pubkey_gen(seckey): + x = int_from_bytes(seckey) + if not (1 <= x <= n - 1): + raise ValueError('The secret key must be an integer in the range 1..n-1.') + P = point_mul(G, x) + return bytes_from_point(P) + +def schnorr_sign(msg, seckey0): + if len(msg) != 32: + raise ValueError('The message must be a 32-byte array.') + seckey0 = int_from_bytes(seckey0) + if not (1 <= seckey0 <= n - 1): + raise ValueError('The secret key must be an integer in the range 1..n-1.') + P = point_mul(G, seckey0) + seckey = seckey0 if has_square_y(P) else n - seckey0 + k0 = int_from_bytes(tagged_hash("BIPSchnorrDerive", bytes_from_int(seckey) + msg)) % n + if k0 == 0: + raise RuntimeError('Failure. This happens only with negligible probability.') + R = point_mul(G, k0) + k = n - k0 if not has_square_y(R) else k0 + e = int_from_bytes(tagged_hash("BIPSchnorr", bytes_from_point(R) + bytes_from_point(P) + msg)) % n + return bytes_from_point(R) + bytes_from_int((k + e * seckey) % n) + +def schnorr_verify(msg, pubkey, sig): + if len(msg) != 32: + raise ValueError('The message must be a 32-byte array.') + if len(pubkey) != 32: + raise ValueError('The public key must be a 32-byte array.') + if len(sig) != 64: + raise ValueError('The signature must be a 64-byte array.') + P = point_from_bytes(pubkey) + if (P is None): + return False + r = int_from_bytes(sig[0:32]) + s = int_from_bytes(sig[32:64]) + if (r >= p or s >= n): + return False + e = int_from_bytes(tagged_hash("BIPSchnorr", sig[0:32] + pubkey + msg)) % n + R = point_add(point_mul(G, s), point_mul(P, n - e)) + if R is None or not has_square_y(R) or x(R) != r: + return False + return True + +# +# The following code is only used to verify the test vectors. +# +import csv + +def test_vectors(): + all_passed = True + with open('test-vectors.csv', newline='') as csvfile: + reader = csv.reader(csvfile) + reader.__next__() + for row in reader: + (index, seckey, pubkey, msg, sig, result, comment) = row + pubkey = bytes.fromhex(pubkey) + msg = bytes.fromhex(msg) + sig = bytes.fromhex(sig) + result = result == 'TRUE' + print('\nTest vector #%-3i: ' % int(index)) + if seckey != '': + seckey = bytes.fromhex(seckey) + pubkey_actual = pubkey_gen(seckey) + if pubkey != pubkey_actual: + print(' * Failed key generation.') + print(' Expected key:', pubkey.hex().upper()) + print(' Actual key:', pubkey_actual.hex().upper()) + sig_actual = schnorr_sign(msg, seckey) + if sig == sig_actual: + print(' * Passed signing test.') + else: + print(' * Failed signing test.') + print(' Expected signature:', sig.hex().upper()) + print(' Actual signature:', sig_actual.hex().upper()) + all_passed = False + result_actual = schnorr_verify(msg, pubkey, sig) + if result == result_actual: + print(' * Passed verification test.') + else: + print(' * Failed verification test.') + print(' Expected verification result:', result) + print(' Actual verification result:', result_actual) + if comment: + print(' Comment:', comment) + all_passed = False + print() + if all_passed: + print('All test vectors passed.') + else: + print('Some test vectors failed.') + return all_passed + +if __name__ == '__main__': + test_vectors() diff --git a/bip-0340/test-vectors.csv b/bip-0340/test-vectors.csv new file mode 100644 index 0000000..3970803 --- /dev/null +++ b/bip-0340/test-vectors.csv @@ -0,0 +1,16 @@ +index,secret key,public key,message,signature,verification result,comment
+0,0000000000000000000000000000000000000000000000000000000000000001,79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,0000000000000000000000000000000000000000000000000000000000000000,528F745793E8472C0329742A463F59E58F3A3F1A4AC09C28F6F8514D4D0322A258BD08398F82CF67B812AB2C7717CE566F877C2F8795C846146978E8F04782AE,TRUE,
+1,B7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,667C2F778E0616E611BD0C14B8A600C5884551701A949EF0EBFD72D452D64E844160BCFC3F466ECB8FACD19ADE57D8699D74E7207D78C6AEDC3799B52A8E0598,TRUE,
+2,C90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B14E5C9,DD308AFEC5777E13121FA72B9CC1B7CC0139715309B086C960E18FD969774EB8,5E2D58D8B3BCDF1ABADEC7829054F90DDA9805AAB56C77333024B9D0A508B75C,2D941B38E32624BF0AC7669C0971B990994AF6F9B18426BF4F4E7EC10E6CDF386CF646C6DDAFCFA7F1993EEB2E4D66416AEAD1DDAE2F22D63CAD901412D116C6,TRUE,
+3,0B432B2677937381AEF05BB02A66ECD012773062CF3FA2549E44F58ED2401710,25D1DFF95105F5253C4022F628A996AD3A0D95FBF21D468A1B33F8C160D8F517,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF,8BD2C11604B0A87A443FCC2E5D90E5328F934161B18864FB48CE10CB59B45FB9B5B2A0F129BD88F5BDC05D5C21E5C57176B913002335784F9777A24BD317CD36,TRUE,test fails if msg is reduced modulo p or n
+4,,D69C3509BB99E412E68B0FE8544E72837DFA30746D8BE2AA65975F29D22DC7B9,4DF3C3F68FCC83B27E9D42C90431A72499F17875C81A599B566C9889B9696703,00000000000000000000003B78CE563F89A0ED9414F5AA28AD0D96D6795F9C63EE374AC7FAE927D334CCB190F6FB8FD27A2DDC639CCEE46D43F113A4035A2C7F,TRUE,
+5,,EEFDEA4CDB677750A420FEE807EACF21EB9898AE79B9768766E4FAA04A2D4A34,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,667C2F778E0616E611BD0C14B8A600C5884551701A949EF0EBFD72D452D64E844160BCFC3F466ECB8FACD19ADE57D8699D74E7207D78C6AEDC3799B52A8E0598,FALSE,public key not on the curve
+6,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,F9308A019258C31049344F85F89D5229B531C845836F99B08601F113BCE036F9935554D1AA5F0374E5CDAACB3925035C7C169B27C4426DF0A6B19AF3BAEAB138,FALSE,has_square_y(R) is false
+7,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,10AC49A6A2EBF604189C5F40FC75AF2D42D77DE9A2782709B1EB4EAF1CFE9108D7003B703A3499D5E29529D39BA040A44955127140F81A8A89A96F992AC0FE79,FALSE,negated message
+8,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,667C2F778E0616E611BD0C14B8A600C5884551701A949EF0EBFD72D452D64E84BE9F4303C0B9913470532E6521A827951D39F5C631CFD98CE39AC4D7A5A83BA9,FALSE,negated s value
+9,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,000000000000000000000000000000000000000000000000000000000000000099D2F0EBC2996808208633CD9926BF7EC3DAB73DAAD36E85B3040A698E6D1CE0,FALSE,sG - eP is infinite. Test fails in single verification if has_square_y(inf) is defined as true and x(inf) as 0
+10,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,000000000000000000000000000000000000000000000000000000000000000124E81D89F01304695CE943F7D5EBD00EF726A0864B4FF33895B4E86BEADC5456,FALSE,sG - eP is infinite. Test fails in single verification if has_square_y(inf) is defined as true and x(inf) as 1
+11,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,4A298DACAE57395A15D0795DDBFD1DCB564DA82B0F269BC70A74F8220429BA1D4160BCFC3F466ECB8FACD19ADE57D8699D74E7207D78C6AEDC3799B52A8E0598,FALSE,sig[0:32] is not an X coordinate on the curve
+12,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F4160BCFC3F466ECB8FACD19ADE57D8699D74E7207D78C6AEDC3799B52A8E0598,FALSE,sig[0:32] is equal to field size
+13,,DFF1D77F2A671C5F36183726DB2341BE58FEAE1DA2DECED843240F7B502BA659,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,667C2F778E0616E611BD0C14B8A600C5884551701A949EF0EBFD72D452D64E84FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141,FALSE,sig[32:64] is equal to curve order
+14,,FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC30,243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89,667C2F778E0616E611BD0C14B8A600C5884551701A949EF0EBFD72D452D64E844160BCFC3F466ECB8FACD19ADE57D8699D74E7207D78C6AEDC3799B52A8E0598,FALSE,public key is not a valid X coordinate because it exceeds the field size
diff --git a/bip-0340/test-vectors.py b/bip-0340/test-vectors.py new file mode 100644 index 0000000..195b61b --- /dev/null +++ b/bip-0340/test-vectors.py @@ -0,0 +1,241 @@ +import sys +from reference import * + +def vector0(): + seckey = bytes_from_int(1) + msg = bytes_from_int(0) + sig = schnorr_sign(msg, seckey) + pubkey = pubkey_gen(seckey) + + # The point reconstructed from the public key has an even Y coordinate. + pubkey_point = point_from_bytes(pubkey) + assert(pubkey_point[1] & 1 == 0) + + return (seckey, pubkey, msg, sig, "TRUE", None) + +def vector1(): + seckey = bytes_from_int(0xB7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF) + msg = bytes_from_int(0x243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89) + sig = schnorr_sign(msg, seckey) + pubkey = pubkey_gen(seckey) + + # The point reconstructed from the public key has an odd Y coordinate. + pubkey_point = point_from_bytes(pubkey) + assert(pubkey_point[1] & 1 == 1) + + return (seckey, pubkey, msg, sig, "TRUE", None) + +def vector2(): + seckey = bytes_from_int(0xC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B14E5C9) + msg = bytes_from_int(0x5E2D58D8B3BCDF1ABADEC7829054F90DDA9805AAB56C77333024B9D0A508B75C) + sig = schnorr_sign(msg, seckey) + + # This signature vector would not verify if the implementer checked the + # squareness of the X coordinate of R instead of the Y coordinate. + R = point_from_bytes(sig[0:32]) + assert(not is_square(R[0])) + + return (seckey, pubkey_gen(seckey), msg, sig, "TRUE", None) + +def vector3(): + seckey = bytes_from_int(0x0B432B2677937381AEF05BB02A66ECD012773062CF3FA2549E44F58ED2401710) + msg = bytes_from_int(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF) + sig = schnorr_sign(msg, seckey) + return (seckey, pubkey_gen(seckey), msg, sig, "TRUE", "test fails if msg is reduced modulo p or n") + +# Signs with a given nonce. This can be INSECURE and is only INTENDED FOR +# GENERATING TEST VECTORS. Results in an invalid signature if y(kG) is not +# square. +def insecure_schnorr_sign_fixed_nonce(msg, seckey0, k): + if len(msg) != 32: + raise ValueError('The message must be a 32-byte array.') + seckey0 = int_from_bytes(seckey0) + if not (1 <= seckey0 <= n - 1): + raise ValueError('The secret key must be an integer in the range 1..n-1.') + P = point_mul(G, seckey0) + seckey = seckey0 if has_square_y(P) else n - seckey0 + R = point_mul(G, k) + e = int_from_bytes(tagged_hash("BIPSchnorr", bytes_from_point(R) + bytes_from_point(P) + msg)) % n + return bytes_from_point(R) + bytes_from_int((k + e * seckey) % n) + +# Creates a singature with a small x(R) by using k = 1/2 +def vector4(): + one_half = 0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0 + seckey = bytes_from_int(0x763758E5CBEEDEE4F7D3FC86F531C36578933228998226672F13C4F0EBE855EB) + msg = bytes_from_int(0x4DF3C3F68FCC83B27E9D42C90431A72499F17875C81A599B566C9889B9696703) + sig = insecure_schnorr_sign_fixed_nonce(msg, seckey, one_half) + return (None, pubkey_gen(seckey), msg, sig, "TRUE", None) + +default_seckey = bytes_from_int(0xB7E151628AED2A6ABF7158809CF4F3C762E7160F38B4DA56A784D9045190CFEF) +default_msg = bytes_from_int(0x243F6A8885A308D313198A2E03707344A4093822299F31D0082EFA98EC4E6C89) + +# Public key is not on the curve +def vector5(): + # This creates a dummy signature that doesn't have anything to do with the + # public key. + seckey = default_seckey + msg = default_msg + sig = schnorr_sign(msg, seckey) + + pubkey = bytes_from_int(0xEEFDEA4CDB677750A420FEE807EACF21EB9898AE79B9768766E4FAA04A2D4A34) + assert(point_from_bytes(pubkey) is None) + + return (None, pubkey, msg, sig, "FALSE", "public key not on the curve") + +def vector6(): + seckey = default_seckey + msg = default_msg + k = 3 + sig = insecure_schnorr_sign_fixed_nonce(msg, seckey, k) + + # Y coordinate of R is not a square + R = point_mul(G, k) + assert(not has_square_y(R)) + + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "has_square_y(R) is false") + +def vector7(): + seckey = default_seckey + msg = int_from_bytes(default_msg) + neg_msg = bytes_from_int(n - msg) + sig = schnorr_sign(neg_msg, seckey) + return (None, pubkey_gen(seckey), bytes_from_int(msg), sig, "FALSE", "negated message") + +def vector8(): + seckey = default_seckey + msg = default_msg + sig = schnorr_sign(msg, seckey) + sig = sig[0:32] + bytes_from_int(n - int_from_bytes(sig[32:64])) + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "negated s value") + +def bytes_from_point_inf0(P): + if P == None: + return bytes_from_int(0) + return bytes_from_int(P[0]) + +def vector9(): + seckey = default_seckey + msg = default_msg + + # Override bytes_from_point in schnorr_sign to allow creating a signature + # with k = 0. + k = 0 + bytes_from_point_tmp = bytes_from_point.__code__ + bytes_from_point.__code__ = bytes_from_point_inf0.__code__ + sig = insecure_schnorr_sign_fixed_nonce(msg, seckey, k) + bytes_from_point.__code__ = bytes_from_point_tmp + + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "sG - eP is infinite. Test fails in single verification if has_square_y(inf) is defined as true and x(inf) as 0") + +def bytes_from_point_inf1(P): + if P == None: + return bytes_from_int(1) + return bytes_from_int(P[0]) + +def vector10(): + seckey = default_seckey + msg = default_msg + + # Override bytes_from_point in schnorr_sign to allow creating a signature + # with k = 0. + k = 0 + bytes_from_point_tmp = bytes_from_point.__code__ + bytes_from_point.__code__ = bytes_from_point_inf1.__code__ + sig = insecure_schnorr_sign_fixed_nonce(msg, seckey, k) + bytes_from_point.__code__ = bytes_from_point_tmp + + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "sG - eP is infinite. Test fails in single verification if has_square_y(inf) is defined as true and x(inf) as 1") + +# It's cryptographically impossible to create a test vector that fails if run +# in an implementation which merely misses the check that sig[0:32] is an X +# coordinate on the curve. This test vector just increases test coverage. +def vector11(): + seckey = default_seckey + msg = default_msg + sig = schnorr_sign(msg, seckey) + + # Replace R's X coordinate with an X coordinate that's not on the curve + x_not_on_curve = bytes_from_int(0x4A298DACAE57395A15D0795DDBFD1DCB564DA82B0F269BC70A74F8220429BA1D) + assert(point_from_bytes(x_not_on_curve) is None) + sig = x_not_on_curve + sig[32:64] + + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "sig[0:32] is not an X coordinate on the curve") + +# It's cryptographically impossible to create a test vector that fails if run +# in an implementation which merely misses the check that sig[0:32] is smaller +# than the field size. This test vector just increases test coverage. +def vector12(): + seckey = default_seckey + msg = default_msg + sig = schnorr_sign(msg, seckey) + + # Replace R's X coordinate with an X coordinate that's equal to field size + sig = bytes_from_int(p) + sig[32:64] + + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "sig[0:32] is equal to field size") + +# It's cryptographically impossible to create a test vector that fails if run +# in an implementation which merely misses the check that sig[32:64] is smaller +# than the curve order. This test vector just increases test coverage. +def vector13(): + seckey = default_seckey + msg = default_msg + sig = schnorr_sign(msg, seckey) + + # Replace s with a number that's equal to the curve order + sig = sig[0:32] + bytes_from_int(n) + + return (None, pubkey_gen(seckey), msg, sig, "FALSE", "sig[32:64] is equal to curve order") + +# Test out of range pubkey +# It's cryptographically impossible to create a test vector that fails if run +# in an implementation which accepts out of range pubkeys because we can't find +# a secret key for such a public key and therefore can not create a signature. +# This test vector just increases test coverage. +def vector14(): + # This creates a dummy signature that doesn't have anything to do with the + # public key. + seckey = default_seckey + msg = default_msg + sig = schnorr_sign(msg, seckey) + + pubkey_int = p + 1 + pubkey = bytes_from_int(pubkey_int) + assert(point_from_bytes(pubkey) is None) + # If an implementation would reduce a given public key modulo p then the + # pubkey would be valid + assert(point_from_bytes(bytes_from_int(pubkey_int % p)) is not None) + + return (None, pubkey, msg, sig, "FALSE", "public key is not a valid X coordinate because it exceeds the field size") + +vectors = [ + vector0(), + vector1(), + vector2(), + vector3(), + vector4(), + vector5(), + vector6(), + vector7(), + vector8(), + vector9(), + vector10(), + vector11(), + vector12(), + vector13(), + vector14() + ] + +# Converts the byte strings of a test vector into hex strings +def bytes_to_hex(seckey, pubkey, msg, sig, result, comment): + return (seckey.hex().upper() if seckey is not None else None, pubkey.hex().upper(), msg.hex().upper(), sig.hex().upper(), result, comment) + +vectors = list(map(lambda vector: bytes_to_hex(vector[0], vector[1], vector[2], vector[3], vector[4], vector[5]), vectors)) + +def print_csv(vectors): + writer = csv.writer(sys.stdout) + writer.writerow(("index", "secret key", "public key", "message", "signature", "verification result", "comment")) + for (i,v) in enumerate(vectors): + writer.writerow((i,)+v) + +print_csv(vectors) |