diff options
| author | Wladimir J. van der Laan <laanwj@gmail.com> | 2019-05-16 19:10:13 +0200 |
|---|---|---|
| committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2019-05-16 19:24:52 +0200 |
| commit | 376638afcf945ec43089625d115286594ce0ab16 (patch) | |
| tree | e1eef8d001be93bbdfe0e8eb348da37011794594 /src/test/key_tests.cpp | |
| parent | df7addc4c6e990141869c41decaf3ef98c4e45d2 (diff) | |
| parent | 8794a4b3ae4d34a4cd21a7dee9f694eef7726a4f (diff) | |
Merge #14047: Add HKDF_HMAC256_L32 and method to negate a private key
8794a4b3ae4d34a4cd21a7dee9f694eef7726a4f QA: add test for HKDF HMAC_SHA256 L32 (Jonas Schnelli)
551d489416339dae8f9d896013cd060a21406e2b Add HKDF HMAC_SHA256 L=32 implementations (Jonas Schnelli)
3b64f852e400c552f031697d6a86829dc6e74bd6 QA: add test for CKey::Negate() (Jonas Schnelli)
463921bb649d644f79f9d7f0f96f10aa0d165f76 CKey: add method to negate the key (Jonas Schnelli)
Pull request description:
This adds a limited implementation of `HKDF` (defined by rfc5869) that supports only HMAC-SHA256 and length output of 32 bytes (will be required for v2 transport protocol).
This PR also includes a method to negate a private key which is useful to enforce public keys starting with 0x02 (or 0x03) (a requirement for the v2 transport protocol). The new `CKey::Negate()` method is pretty much a wrapper around `secp256k1_ec_privkey_negate()`.
Including tests.
This is a subset of #14032 and a pre-requirement for the v2 transport protocol.
ACKs for commit 8794a4:
Tree-SHA512: 5341929dfa29f5da766ec3612784baec6a3ad69972f08b5a985a8aafdae4dae36f104a2b888d1f5d1f33561456bd111f960d7e32c2cc4fd18e48358468f26c1a
Diffstat (limited to 'src/test/key_tests.cpp')
| -rw-r--r-- | src/test/key_tests.cpp | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/test/key_tests.cpp b/src/test/key_tests.cpp index ceed73b14d..1b95105eab 100644 --- a/src/test/key_tests.cpp +++ b/src/test/key_tests.cpp @@ -188,4 +188,36 @@ BOOST_AUTO_TEST_CASE(key_signature_tests) BOOST_CHECK(found_small); } +BOOST_AUTO_TEST_CASE(key_key_negation) +{ + // create a dummy hash for signature comparison + unsigned char rnd[8]; + std::string str = "Bitcoin key verification\n"; + GetRandBytes(rnd, sizeof(rnd)); + uint256 hash; + CHash256().Write((unsigned char*)str.data(), str.size()).Write(rnd, sizeof(rnd)).Finalize(hash.begin()); + + // import the static test key + CKey key = DecodeSecret(strSecret1C); + + // create a signature + std::vector<unsigned char> vch_sig; + std::vector<unsigned char> vch_sig_cmp; + key.Sign(hash, vch_sig); + + // negate the key twice + BOOST_CHECK(key.GetPubKey().data()[0] == 0x03); + key.Negate(); + // after the first negation, the signature must be different + key.Sign(hash, vch_sig_cmp); + BOOST_CHECK(vch_sig_cmp != vch_sig); + BOOST_CHECK(key.GetPubKey().data()[0] == 0x02); + key.Negate(); + // after the second negation, we should have the original key and thus the + // same signature + key.Sign(hash, vch_sig_cmp); + BOOST_CHECK(vch_sig_cmp == vch_sig); + BOOST_CHECK(key.GetPubKey().data()[0] == 0x03); +} + BOOST_AUTO_TEST_SUITE_END() |