constantine/tests/t_ethereum_bls_signatures.nim
Mamy Ratsimbazafy 9a7137466e
C API for Ethereum BLS signatures (#228)
* [testsuite] Rework parallel test runner to buffer beyond 65536 chars and properly wait for process exit

* [testsuite] improve error reporting

* rework openArray[byte/char] for BLS signature C API

* Prepare for optimized library and bindings

* properly link to constantine

* Compiler fixes, global sanitizers, GCC bug with --opt:size

* workaround/fix #229: don't inline field reduction in Fp2

* fix clang running out of registers with LTO

* [C API] missed length parameters for ctt_eth_bls_fast_aggregate_verify

* double-precision asm is too large for inlining, try to fix Linux and MacOS woes at https://github.com/mratsim/constantine/pull/228#issuecomment-1512773460

* Use FORTIFY_SOURCE for testing

* Fix #230 - gcc miscompiles Fp6 mul with LTO

* disable LTO for now, PR is too long
2023-04-18 22:02:23 +02:00

326 lines
12 KiB
Nim

# Constantine
# Copyright (c) 2018-2019 Status Research & Development GmbH
# Copyright (c) 2020-Present Mamy André-Ratsimbazafy
# Licensed and distributed under either of
# * MIT license (license terms in the root directory or at http://opensource.org/licenses/MIT).
# * Apache v2 license (license terms in the root directory or at http://www.apache.org/licenses/LICENSE-2.0).
# at your option. This file may not be copied, modified, or distributed except according to those terms.
import
std/[os, unittest, strutils],
pkg/jsony,
../constantine/ethereum_bls_signatures,
../constantine/platforms/codecs,
../constantine/hashes
type
# https://github.com/ethereum/bls12-381-tests/blob/master/formats/
PubkeyField = object
pubkey: array[48, byte]
DeserG1_test = object
input: PubkeyField
output: bool
SignatureField =object
signature: array[96, byte]
DeserG2_test = object
input: SignatureField
output: bool
InputSign = object
privkey: array[32, byte]
message: array[32, byte]
Sign_test = object
input: InputSign
output: array[96, byte]
InputVerify = object
pubkey: array[48, byte]
message: array[32, byte]
signature: array[96, byte]
Verify_test = object
input: InputVerify
output: bool
InputFastAggregateVerify = object
pubkeys: seq[array[48, byte]]
message: array[32, byte]
signature: array[96, byte]
FastAggregateVerify_test = object
input: InputFastAggregateVerify
output: bool
InputAggregateVerify = object
pubkeys: seq[array[48, byte]]
messages: seq[array[32, byte]]
signature: array[96, byte]
AggregateVerify_test = object
input: InputAggregateVerify
output: bool
InputBatchVerify = object
pubkeys: seq[array[48, byte]]
messages: seq[array[32, byte]]
signatures: seq[array[96, byte]]
BatchVerify_test = object
input: InputBatchVerify
output: bool
proc parseHook*[N: static int](src: string, pos: var int, value: var array[N, byte]) =
var str: string
parseHook(src, pos, str)
value.paddedFromHex(str, bigEndian)
const SkippedTests = [
# By construction, input MUST be 48 bytes, which is enforced at the type-system level.
"deserialization_fails_too_many_bytes.json"
]
const TestDir = currentSourcePath.rsplit(DirSep, 1)[0] / "protocol_blssig_pop_on_bls12381_g2_test_vectors_v0.1.1"
iterator walkTests*(category: string, skipped: var int): (string, string) =
let testDir = TestDir/category
for file in walkDirRec(testDir, relative = true):
if file in SkippedTests:
echo "[WARNING] Skipping - ", file
inc skipped
continue
yield (testDir, file)
template testGen*(name, testData, TestType, body: untyped): untyped =
## Generates a test proc
## with identifier "test_name"
## The test vector data is available as JsonNode under the
## the variable passed as `testData`
proc `test _ name`() =
var count = 0 # Need to fail if walkDir doesn't return anything
var skipped = 0
for dir, file in walkTests(astToStr(name), skipped):
stdout.write(" " & astToStr(name) & " test: " & alignLeft(file, 70))
let testFile = readFile(dir/file)
let testData = testFile.fromJson(TestType)
body
stdout.write "[" & $status & "]\n"
inc count
doAssert count > 0, "Empty or inexisting test folder: " & astToStr(name)
if skipped > 0:
echo "[Warning]: ", skipped, " tests skipped."
testGen(deserialization_G1, testVector, DeserG1_test):
var pubkey{.noInit.}: PublicKey
let status = pubkey.deserialize_pubkey_compressed(testVector.input.pubkey)
let success = status == cttBLS_Success or status == cttBLS_PointAtInfinity
doAssert success == testVector.output, block:
"\nDeserialization differs from expected \n" &
" deserializable? " & $success & " (" & $status & ")\n" &
" expected: " & $testVector.output
if success: # Roundtrip
var s{.noInit.}: array[48, byte]
let status2 = s.serialize_pubkey_compressed(pubkey)
doAssert status2 == cttBLS_Success
doAssert s == testVector.input.pubkey, block:
"\nSerialization roundtrip differs from expected \n" &
" serialized: 0x" & $s.toHex() & " (" & $status2 & ")\n" &
" expected: 0x" & $testVector.input.pubkey.toHex()
testGen(deserialization_G2, testVector, DeserG2_test):
var sig{.noInit.}: Signature
let status = sig.deserialize_signature_compressed(testVector.input.signature)
let success = status == cttBLS_Success or status == cttBLS_PointAtInfinity
doAssert success == testVector.output, block:
"\nDeserialization differs from expected \n" &
" deserializable? " & $success & " (" & $status & ")\n" &
" expected: " & $testVector.output
if success: # Roundtrip
var s{.noInit.}: array[96, byte]
let status2 = s.serialize_signature_compressed(sig)
doAssert status2 == cttBLS_Success
doAssert s == testVector.input.signature, block:
"\nSerialization roundtrip differs from expected \n" &
" serialized: 0x" & $s.toHex() & " (" & $status2 & ")\n" &
" expected: 0x" & $testVector.input.signature.toHex()
testGen(sign, testVector, Sign_test):
var seckey{.noInit.}: SecretKey
var sig{.noInit.}: Signature
let status = seckey.deserialize_seckey(testVector.input.privkey)
if status != cttBLS_Success:
doAssert testVector.output == default(array[96, byte])
let status2 = sig.sign(seckey, testVector.input.message)
doAssert status2 != cttBLS_Success
else:
let status2 = sig.sign(seckey, testVector.input.message)
doAssert status2 == cttBLS_Success
block: # deserialize the output for extra codec testing
var output{.noInit.}: Signature
let status3 = output.deserialize_signature_compressed(testVector.output)
doAssert status3 == cttBLS_Success
doAssert signatures_are_equal(sig, output), block:
var sig_bytes{.noInit.}: array[96, byte]
var roundtrip{.noInit.}: array[96, byte]
let sb_status = sig_bytes.serialize_signature_compressed(sig)
let rt_status = roundtrip.serialize_signature_compressed(output)
"\nResult signature differs from expected \n" &
" computed: 0x" & $sig_bytes.toHex() & " (" & $sb_status & ")\n" &
" roundtrip: 0x" & $roundtrip.toHex() & " (" & $rt_status & ")\n" &
" expected: 0x" & $testVector.output.toHex()
block: # serialize the result for extra codec testing
var sig_bytes{.noInit.}: array[96, byte]
let status3 = sig_bytes.serialize_signature_compressed(sig)
doAssert status3 == cttBLS_Success
doAssert sig_bytes == testVector.output, block:
"\nResult signature differs from expected \n" &
" computed: 0x" & $sig_bytes.toHex() & " (" & $status3 & ")\n" &
" expected: 0x" & $testVector.output.toHex()
testGen(verify, testVector, Verify_test):
var
pubkey{.noInit.}: PublicKey
signature{.noInit.}: Signature
status = cttBLS_VerificationFailure
block testChecks:
status = pubkey.deserialize_pubkey_compressed(testVector.input.pubkey)
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
status = signature.deserialize_signature_compressed(testVector.input.signature)
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
status = pubkey.verify(testVector.input.message, signature)
let success = status == cttBLS_Success
doAssert success == testVector.output, block:
"Verification differs from expected \n" &
" valid sig? " & $success & " (" & $status & ")\n" &
" expected: " & $testVector.output
if success: # Extra codec testing
block:
var output{.noInit.}: array[48, byte]
let s = output.serialize_pubkey_compressed(pubkey)
doAssert s == cttBLS_Success
doAssert output == testVector.input.pubkey
block:
var output{.noInit.}: array[96, byte]
let s = output.serialize_signature_compressed(signature)
doAssert s == cttBLS_Success
doAssert output == testVector.input.signature
testGen(fast_aggregate_verify, testVector, FastAggregateVerify_test):
var
pubkeys = newSeq[PublicKey](testVector.input.pubkeys.len)
signature{.noInit.}: Signature
status = cttBLS_VerificationFailure
block testChecks:
for i in 0 ..< testVector.input.pubkeys.len:
status = pubkeys[i].deserialize_pubkey_compressed(testVector.input.pubkeys[i])
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
status = signature.deserialize_signature_compressed(testVector.input.signature)
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
status = pubkeys.fast_aggregate_verify(testVector.input.message, signature)
let success = status == cttBLS_Success
doAssert success == testVector.output, block:
"Verification differs from expected \n" &
" valid sig? " & $success & " (" & $status & ")\n" &
" expected: " & $testVector.output
testGen(aggregate_verify, testVector, AggregateVerify_test):
var
pubkeys = newSeq[PublicKey](testVector.input.pubkeys.len)
signature{.noInit.}: Signature
status = cttBLS_VerificationFailure
block testChecks:
for i in 0 ..< testVector.input.pubkeys.len:
status = pubkeys[i].deserialize_pubkey_compressed(testVector.input.pubkeys[i])
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
status = signature.deserialize_signature_compressed(testVector.input.signature)
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
status = pubkeys.aggregate_verify(testVector.input.messages, signature)
let success = status == cttBLS_Success
doAssert success == testVector.output, block:
"Verification differs from expected \n" &
" valid sig? " & $success & " (" & $status & ")\n" &
" expected: " & $testVector.output
testGen(batch_verify, testVector, BatchVerify_test):
var
pubkeys = newSeq[PublicKey](testVector.input.pubkeys.len)
signatures = newSeq[Signature](testVector.input.signatures.len)
status = cttBLS_VerificationFailure
block testChecks:
for i in 0 ..< testVector.input.pubkeys.len:
status = pubkeys[i].deserialize_pubkey_compressed(testVector.input.pubkeys[i])
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
for i in 0 ..< testVector.input.signatures.len:
status = signatures[i].deserialize_signature_compressed(testVector.input.signatures[i])
if status notin {cttBLS_Success, cttBLS_PointAtInfinity}:
# For point at infinity, we want to make sure that "verify" itself handles them.
break testChecks
let randomBytes = sha256.hash("totally non-secure source of entropy")
status = pubkeys.batch_verify(testVector.input.messages, signatures, randomBytes)
let success = status == cttBLS_Success
doAssert success == testVector.output, block:
"Verification differs from expected \n" &
" valid sig? " & $success & " (" & $status & ")\n" &
" expected: " & $testVector.output
suite "BLS signature on BLS12381G3 - ETH 2.0 test vectors":
test "Deserialization_G1(PublicKey) -> bool":
test_deserialization_G1()
test "Deserialization_G2(Signature) -> bool":
test_deserialization_G2()
test "sign(SecretKey, message) -> Signature":
test_sign()
test "verify(PublicKey, message, Signature) -> bool":
test_verify()
test "fast_aggregate_verify(seq[PublicKey], message, Signature) -> bool":
test_fast_aggregate_verify()
test "aggregate_verify(seq[PublicKey], seq[message], Signature) -> bool":
test_aggregate_verify()
test "batch_verify(seq[PublicKey], seq[message], seq[Signature]) -> bool":
test_batch_verify()