From a57e5e6d843b5c3dfa9bfecbf170dfd018ff2b5a Mon Sep 17 00:00:00 2001 From: cheatfate Date: Wed, 28 Mar 2018 12:51:15 +0300 Subject: [PATCH] Remove testing code from main files. --- ethp2p/auth.nim | 399 ----------------------------------------------- ethp2p/ecc.nim | 122 --------------- ethp2p/ecies.nim | 151 ------------------ 3 files changed, 672 deletions(-) diff --git a/ethp2p/auth.nim b/ethp2p/auth.nim index 2d2d8f8..dc90fb8 100644 --- a/ethp2p/auth.nim +++ b/ethp2p/auth.nim @@ -454,402 +454,3 @@ proc decodeAuthMessage*(h: var Handshake, msg: openarray[byte]): AuthStatus = proc decodeAckMessage*(h: var Handshake, msg: openarray[byte]): AuthStatus = result = decodeAckMessage(h, unsafeAddr msg[0], len(msg)) - -when isMainModule: - # This was generated by `print` actual auth message generated by - # https://github.com/ethereum/py-evm/blob/master/tests/p2p/test_auth.py - const pyevmAuth = """ - 22034ad2e7545e2b0bf02ecb1e40db478dfbbf7aeecc834aec2523eb2b7e74ee - 77ba40c70a83bfe9f2ab91f0131546dcf92c3ee8282d9907fee093017fd0302d - 0034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46 - cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae406 - 4abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74 - d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb - 1100""" - - # This data comes from https://gist.github.com/fjl/3a78780d17c755d22df2 - const data = [ - ("initiator_private_key", - "5e173f6ac3c669587538e7727cf19b782a4f2fda07c1eaa662c593e5e85e3051"), - ("receiver_private_key", - "c45f950382d542169ea207959ee0220ec1491755abe405cd7498d6b16adb6df8"), - ("initiator_ephemeral_private_key", - "19c2185f4f40634926ebed3af09070ca9e029f2edd5fae6253074896205f5f6c"), - ("receiver_ephemeral_private_key", - "d25688cf0ab10afa1a0e2dba7853ed5f1e5bf1c631757ed4e103b593ff3f5620"), - ("auth_plaintext", - """884c36f7ae6b406637c1f61b2f57e1d2cab813d24c6559aaf843c3f48962f32f - 46662c066d39669b7b2e3ba14781477417600e7728399278b1b5d801a519aa57 - 0034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46 - cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae406 - 4abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74 - d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb - 1100"""), - ("authresp_plaintext", - """802b052f8b066640bba94a4fc39d63815c377fced6fcb84d27f791c9921ddf3e - 9bf0108e298f490812847109cbd778fae393e80323fd643209841a3b7f110397 - f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7 - 00"""), - ("auth_ciphertext", - """04a0274c5951e32132e7f088c9bdfdc76c9d91f0dc6078e848f8e3361193dbdc - 43b94351ea3d89e4ff33ddcefbc80070498824857f499656c4f79bbd97b6c51a - 514251d69fd1785ef8764bd1d262a883f780964cce6a14ff206daf1206aa073a - 2d35ce2697ebf3514225bef186631b2fd2316a4b7bcdefec8d75a1025ba2c540 - 4a34e7795e1dd4bc01c6113ece07b0df13b69d3ba654a36e35e69ff9d482d88d - 2f0228e7d96fe11dccbb465a1831c7d4ad3a026924b182fc2bdfe016a6944312 - 021da5cc459713b13b86a686cf34d6fe6615020e4acf26bf0d5b7579ba813e77 - 23eb95b3cef9942f01a58bd61baee7c9bdd438956b426a4ffe238e61746a8c93 - d5e10680617c82e48d706ac4953f5e1c4c4f7d013c87d34a06626f498f34576d - c017fdd3d581e83cfd26cf125b6d2bda1f1d56"""), - ("authresp_ciphertext", - """049934a7b2d7f9af8fd9db941d9da281ac9381b5740e1f64f7092f3588d4f87f - 5ce55191a6653e5e80c1c5dd538169aa123e70dc6ffc5af1827e546c0e958e42 - dad355bcc1fcb9cdf2cf47ff524d2ad98cbf275e661bf4cf00960e74b5956b79 - 9771334f426df007350b46049adb21a6e78ab1408d5e6ccde6fb5e69f0f4c92b - b9c725c02f99fa72b9cdc8dd53cff089e0e73317f61cc5abf6152513cb7d833f - 09d2851603919bf0fbe44d79a09245c6e8338eb502083dc84b846f2fee1cc310 - d2cc8b1b9334728f97220bb799376233e113"""), - ("ecdhe_shared_secret", - "e3f407f83fc012470c26a93fdff534100f2c6f736439ce0ca90e9914f7d1c381"), - ("initiator_nonce", - "cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb11"), - ("receiver_nonce", - "f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7"), - ("aes_secret", - "c0458fa97a5230830e05f4f20b7c755c1d4e54b1ce5cf43260bb191eef4e418d"), - ("mac_secret", - "48c938884d5067a1598272fcddaa4b833cd5e7d92e8228c0ecdfabbe68aef7f1"), - ("token", - "3f9ec2592d1554852b1f54d228f042ed0a9310ea86d038dc2b401ba8cd7fdac4"), - ("initial_egress_MAC", - "09771e93b1a6109e97074cbe2d2b0cf3d3878efafe68f53c41bb60c0ec49097e"), - ("initial_ingress_MAC", - "75823d96e23136c89666ee025fb21a432be906512b3dd4a3049e898adb433847"), - ("initiator_hello_packet", - """6ef23fcf1cec7312df623f9ae701e63b550cdb8517fefd8dd398fc2acd1d935e - 6e0434a2b96769078477637347b7b01924fff9ff1c06df2f804df3b0402bbb9f - 87365b3c6856b45e1e2b6470986813c3816a71bff9d69dd297a5dbd935ab578f - 6e5d7e93e4506a44f307c332d95e8a4b102585fd8ef9fc9e3e055537a5cec2e9"""), - ("receiver_hello_packet", - """6ef23fcf1cec7312df623f9ae701e63be36a1cdd1b19179146019984f3625d4a - 6e0434a2b96769050577657247b7b02bc6c314470eca7e3ef650b98c83e9d7dd - 4830b3f718ff562349aead2530a8d28a8484604f92e5fced2c6183f304344ab0 - e7c301a0c05559f4c25db65e36820b4b909a226171a60ac6cb7beea09376d6d8""") - ] - - # Thies test vectors was copied from EIP8 specfication - # https://github.com/ethereum/EIPs/blob/master/EIPS/eip-8.md - const eip8data = [ - ("initiator_private_key", - "49a7b37aa6f6645917e7b807e9d1c00d4fa71f18343b0d4122a4d2df64dd6fee"), - ("receiver_private_key", - "b71c71a67e1177ad4e901695e1b4b9ee17ae16c6668d313eac2f96dbcda3f291"), - ("initiator_ephemeral_private_key", - "869d6ecf5211f1cc60418a13b9d870b22959d0c16f02bec714c960dd2298a32d"), - ("receiver_ephemeral_private_key", - "e238eb8e04fee6511ab04c6dd3c89ce097b11f25d584863ac2b6d5b35b1847e4"), - ("initiator_nonce", - "7e968bba13b6c50e2c4cd7f241cc0d64d1ac25c7f5952df231ac6a2bda8ee5d6"), - ("receiver_nonce", - "559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd"), - ("auth_ciphertext_v4", - """048ca79ad18e4b0659fab4853fe5bc58eb83992980f4c9cc147d2aa31532efd29 - a3d3dc6a3d89eaf913150cfc777ce0ce4af2758bf4810235f6e6ceccfee1acc6b - 22c005e9e3a49d6448610a58e98744ba3ac0399e82692d67c1f58849050b3024e - 21a52c9d3b01d871ff5f210817912773e610443a9ef142e91cdba0bd77b5fdf07 - 69b05671fc35f83d83e4d3b0b000c6b2a1b1bba89e0fc51bf4e460df3105c444f - 14be226458940d6061c296350937ffd5e3acaceeaaefd3c6f74be8e23e0f45163 - cc7ebd76220f0128410fd05250273156d548a414444ae2f7dea4dfca2d43c057a - db701a715bf59f6fb66b2d1d20f2c703f851cbf5ac47396d9ca65b6260bd141ac - 4d53e2de585a73d1750780db4c9ee4cd4d225173a4592ee77e2bd94d0be3691f3 - b406f9bba9b591fc63facc016bfa8"""), - ("auth_ciphertext_eip8", - """01b304ab7578555167be8154d5cc456f567d5ba302662433674222360f08d5f15 - 34499d3678b513b0fca474f3a514b18e75683032eb63fccb16c156dc6eb2c0b15 - 93f0d84ac74f6e475f1b8d56116b849634a8c458705bf83a626ea0384d4d7341a - ae591fae42ce6bd5c850bfe0b999a694a49bbbaf3ef6cda61110601d3b4c02ab6 - c30437257a6e0117792631a4b47c1d52fc0f8f89caadeb7d02770bf999cc147d2 - df3b62e1ffb2c9d8c125a3984865356266bca11ce7d3a688663a51d82defaa8aa - d69da39ab6d5470e81ec5f2a7a47fb865ff7cca21516f9299a07b1bc63ba56c7a - 1a892112841ca44b6e0034dee70c9adabc15d76a54f443593fafdc3b27af80597 - 03f88928e199cb122362a4b35f62386da7caad09c001edaeb5f8a06d2b26fb6cb - 93c52a9fca51853b68193916982358fe1e5369e249875bb8d0d0ec36f917bc5e1 - eafd5896d46bd61ff23f1a863a8a8dcd54c7b109b771c8e61ec9c8908c733c026 - 3440e2aa067241aaa433f0bb053c7b31a838504b148f570c0ad62837129e54767 - 8c5190341e4f1693956c3bf7678318e2d5b5340c9e488eefea198576344afbdf6 - 6db5f51204a6961a63ce072c8926c"""), - ("auth_ciphertext_eip8_3f", - """01b8044c6c312173685d1edd268aa95e1d495474c6959bcdd10067ba4c9013df9 - e40ff45f5bfd6f72471f93a91b493f8e00abc4b80f682973de715d77ba3a005a2 - 42eb859f9a211d93a347fa64b597bf280a6b88e26299cf263b01b8dfdb7122784 - 64fd1c25840b995e84d367d743f66c0e54a586725b7bbf12acca27170ae3283c1 - 073adda4b6d79f27656993aefccf16e0d0409fe07db2dc398a1b7e8ee93bcd181 - 485fd332f381d6a050fba4c7641a5112ac1b0b61168d20f01b479e19adf7fdbfa - 0905f63352bfc7e23cf3357657455119d879c78d3cf8c8c06375f3f7d4861aa02 - a122467e069acaf513025ff196641f6d2810ce493f51bee9c966b15c504350535 - 0392b57645385a18c78f14669cc4d960446c17571b7c5d725021babbcd786957f - 3d17089c084907bda22c2b2675b4378b114c601d858802a55345a15116bc61da4 - 193996187ed70d16730e9ae6b3bb8787ebcaea1871d850997ddc08b4f4ea668fb - f37407ac044b55be0908ecb94d4ed172ece66fd31bfdadf2b97a8bc690163ee11 - f5b575a4b44e36e2bfb2f0fce91676fd64c7773bac6a003f481fddd0bae0a1f31 - aa27504e2a533af4cef3b623f4791b2cca6d490"""), - ("authack_ciphertext_v4", - """049f8abcfa9c0dc65b982e98af921bc0ba6e4243169348a236abe9df5f93aa69d - 99cadddaa387662b0ff2c08e9006d5a11a278b1b3331e5aaabf0a32f01281b6f4 - ede0e09a2d5f585b26513cb794d9635a57563921c04a9090b4f14ee42be1a5461 - 049af4ea7a7f49bf4c97a352d39c8d02ee4acc416388c1c66cec761d2bc1c72da - 6ba143477f049c9d2dde846c252c111b904f630ac98e51609b3b1f58168ddca65 - 05b7196532e5f85b259a20c45e1979491683fee108e9660edbf38f3add489ae73 - e3dda2c71bd1497113d5c755e942d1"""), - ("authack_ciphertext_eip8", - """01ea0451958701280a56482929d3b0757da8f7fbe5286784beead59d95089c217 - c9b917788989470b0e330cc6e4fb383c0340ed85fab836ec9fb8a49672712aeab - bdfd1e837c1ff4cace34311cd7f4de05d59279e3524ab26ef753a0095637ac88f - 2b499b9914b5f64e143eae548a1066e14cd2f4bd7f814c4652f11b254f8a2d019 - 1e2f5546fae6055694aed14d906df79ad3b407d94692694e259191cde171ad542 - fc588fa2b7333313d82a9f887332f1dfc36cea03f831cb9a23fea05b33deb999e - 85489e645f6aab1872475d488d7bd6c7c120caf28dbfc5d6833888155ed69d34d - bdc39c1f299be1057810f34fbe754d021bfca14dc989753d61c413d261934e1a9 - c67ee060a25eefb54e81a4d14baff922180c395d3f998d70f46f6b58306f96962 - 7ae364497e73fc27f6d17ae45a413d322cb8814276be6ddd13b885b201b943213 - 656cde498fa0e9ddc8e0b8f8a53824fbd82254f3e2c17e8eaea009c38b4aa0a3f - 306e8797db43c25d68e86f262e564086f59a2fc60511c42abfb3057c247a8a8fe - 4fb3ccbadde17514b7ac8000cdb6a912778426260c47f38919a91f25f4b5ffb45 - 5d6aaaf150f7e5529c100ce62d6d92826a71778d809bdf60232ae21ce8a437eca - 8223f45ac37f6487452ce626f549b3b5fdee26afd2072e4bc75833c2464c80524 - 6155289f4"""), - ("authack_ciphertext_eip8_3f", - """01f004076e58aae772bb101ab1a8e64e01ee96e64857ce82b1113817c6cdd52c0 - 9d26f7b90981cd7ae835aeac72e1573b8a0225dd56d157a010846d888dac7464b - af53f2ad4e3d584531fa203658fab03a06c9fd5e35737e417bc28c1cbf5e5dfc6 - 66de7090f69c3b29754725f84f75382891c561040ea1ddc0d8f381ed1b9d0d4ad - 2a0ec021421d847820d6fa0ba66eaf58175f1b235e851c7e2124069fbc202888d - db3ac4d56bcbd1b9b7eab59e78f2e2d400905050f4a92dec1c4bdf797b3fc9b2f - 8e84a482f3d800386186712dae00d5c386ec9387a5e9c9a1aca5a573ca91082c7 - d68421f388e79127a5177d4f8590237364fd348c9611fa39f78dcdceee3f390f0 - 7991b7b47e1daa3ebcb6ccc9607811cb17ce51f1c8c2c5098dbdd28fca547b3f5 - 8c01a424ac05f869f49c6a34672ea2cbbc558428aa1fe48bbfd61158b1b735a65 - d99f21e70dbc020bfdface9f724a0d1fb5895db971cc81aa7608baa0920abb0a5 - 65c9c436e2fd13323428296c86385f2384e408a31e104670df0791d93e743a3a5 - 194ee6b076fb6323ca593011b7348c16cf58f66b9633906ba54a2ee803187344b - 394f75dd2e663a57b956cb830dd7a908d4f39a2336a61ef9fda549180d4ccde21 - 514d117b6c6fd07a9102b5efe710a32af4eeacae2cb3b1dec035b9593b48b9d3c - a4c13d245d5f04169b0b1"""), - ("auth2ack2_aes_secret", - "80e8632c05fed6fc2a13b0f8d31a3cf645366239170ea067065aba8e28bac487"), - ("auth2ack2_mac_secret", - "2ea74ec5dae199227dff1af715362700e989d889d7a493cb0639691efb8e5f98"), - ("auth2ack2_ingress_message", "foo"), - ("auth2ack2_ingress_mac", - "0c7ec6340062cc46f5e9f1e3cf86f8c8c403c5a0964f5df0ebd34a75ddc86db5") - ] - - proc testValue(s: string): string = - for item in data: - if item[0] == s: - result = item[1] - break - - proc testE8Value(s: string): string = - for item in eip8data: - if item[0] == s: - result = item[1] - break - - block: - var initiator: Handshake - var receiver: Handshake - var m0, dm0: PlainAuthMessage - var em0: AuthMessage - - initiator = newHandshake({Initiator}) - receiver = newHandshake({Responder}) - initiator.host.seckey = getPrivateKey(testValue("initiator_private_key")) - initiator.host.pubkey = initiator.host.seckey.getPublicKey() - var epki = testValue("initiator_ephemeral_private_key") - initiator.ephemeral.seckey = getPrivateKey(epki) - initiator.ephemeral.pubkey = initiator.ephemeral.seckey.getPublicKey() - receiver.host.seckey = getPrivateKey(testValue("receiver_private_key")) - receiver.host.pubkey = receiver.host.seckey.getPublicKey() - var epkr = testValue("receiver_ephemeral_private_key") - receiver.ephemeral.seckey = getPrivateKey(epkr) - receiver.ephemeral.pubkey = receiver.ephemeral.seckey.getPublicKey() - var n0 = fromHex(stripSpaces(testValue("initiator_nonce"))) - initiator.initiatorNonce[0..^1] = n0[0..^1] - var n1 = fromHex(stripSpaces(testValue("receiver_nonce"))) - receiver.responderNonce[0..^1] = n1[0..^1] - - doAssert(authMessage(initiator, receiver.host.pubkey, m0) == Success) - var m1 = fromHex(stripSpaces(testValue("auth_plaintext"))) - var m2 = fromHex(stripSpaces(pyevmAuth)) - - doAssert(m0[65..^1] == m1[65..^1]) - doAssert(m0[0..^1] == m2[0..^1]) - - # Check that encrypting and decrypting the auth_init gets us the orig msg. - doAssert(encryptAuthMessage(m0, em0, receiver.host.pubkey) == Success) - doAssert(decryptAuthMessage(em0, dm0, receiver.host.seckey) == Success) - doAssert(m0[0..^1] == dm0[0..^1]) - - # Check that the responder correctly decodes the auth msg. - doAssert(receiver.decodeAuthMessage(em0) == Success) - - doAssert(receiver.initiatorNonce[0..^1] == n0[0..^1]) - let remoteEPubkey0 = initiator.ephemeral.pubkey.data - doAssert(receiver.remoteEPubkey.data[0..^1] == remoteEPubkey0[0..^1]) - let remoteHPubkey0 = initiator.host.pubkey.data - doAssert(receiver.remoteHPubkey.data[0..^1] == remoteHPubkey0[0..^1]) - - # Check that the auth_ack msg generated by the responder is what we expect. - var k0: PlainAuthAckMessage - var ek0: AuthAckMessage - doAssert(receiver.authAckMessage(k0) == Success) - var ac0 = fromHex(stripSpaces(testValue("authresp_plaintext"))) - doAssert(k0[0..^1] == ac0[0..^1]) - doAssert(receiver.initiatorNonce[0..^1] == n0[0..^1]) - doAssert(encryptAuthAckMessage(k0, ek0, receiver.remoteHPubkey) == Success) - - # Check if initiator correctly decodes the auth ack msg. - doAssert(initiator.decodeAckMessage(ek0) == Success) - let remoteEPubkey1 = receiver.ephemeral.pubkey.data - doAssert(initiator.remoteEPubkey.data[0..^1] == remoteEPubkey1[0..^1]) - let remoteHPubkey1 = receiver.host.pubkey.data - doAssert(initiator.remoteHPubkey.data[0..^1] == remoteHPubkey1[0..^1]) - doAssert(initiator.responderNonce[0..^1] == n1[0..^1]) - - # Check that the secrets derived from ephemeral key agreements match - # the expected values. - var authm = fromHex(stripSpaces(testValue("auth_ciphertext"))) - var ackm = fromHex(stripSpaces(testValue("authresp_ciphertext"))) - var taes = fromHex(stripSpaces(testValue("aes_secret"))) - var tmac = fromHex(stripSpaces(testValue("mac_secret"))) - var temac = fromHex(stripSpaces(testValue("initial_egress_MAC"))) - var timac = fromHex(stripSpaces(testValue("initial_ingress_MAC"))) - - var csecInitiator: ConnectionSecret - var csecResponder: ConnectionSecret - - doAssert(initiator.getSecrets(addr authm[0], len(authm), addr ackm[0], - len(ackm), csecInitiator) == Success) - doAssert(receiver.getSecrets(addr authm[0], len(authm), addr ackm[0], - len(ackm), csecResponder) == Success) - - doAssert(csecInitiator.aesKey == csecResponder.aesKey) - doAssert(csecInitiator.macKey == csecResponder.macKey) - doAssert(taes[0..^1] == csecInitiator.aesKey[0..^1]) - doAssert(tmac[0..^1] == csecInitiator.macKey[0..^1]) - - doAssert(csecInitiator.egressMac[0..^1] == temac[0..^1]) - doAssert(csecInitiator.ingressMac[0..^1] == timac[0..^1]) - doAssert(csecResponder.egressMac[0..^1] == timac[0..^1]) - doAssert(csecResponder.ingressMac[0..^1] == temac[0..^1]) - - block: - proc newTestHandshake(flags: set[HandshakeFlag]): Handshake = - result = newHandshake(flags) - if Initiator in flags: - result.host.seckey = getPrivateKey(testE8Value("initiator_private_key")) - result.host.pubkey = result.host.seckey.getPublicKey() - let esec = testE8Value("initiator_ephemeral_private_key") - result.ephemeral.seckey = getPrivateKey(esec) - result.ephemeral.pubkey = result.ephemeral.seckey.getPublicKey() - let nonce = fromHex(stripSpaces(testE8Value("initiator_nonce"))) - result.initiatorNonce[0..(KeyLength - 1)] = nonce[0..(KeyLength - 1)] - elif Responder in flags: - result.host.seckey = getPrivateKey(testE8Value("receiver_private_key")) - result.host.pubkey = result.host.seckey.getPublicKey() - let esec = testE8Value("receiver_ephemeral_private_key") - result.ephemeral.seckey = getPrivateKey(esec) - result.ephemeral.pubkey = result.ephemeral.seckey.getPublicKey() - let nonce = fromHex(stripSpaces(testE8Value("receiver_nonce"))) - result.responderNonce[0..(KeyLength - 1)] = nonce[0..(KeyLength - 1)] - - block: # auth/ack v4 - var initiator = newTestHandshake({Initiator}) - var receiver = newTestHandshake({Responder}) - - # Check that the responder correctly decodes the auth msg. - var m0 = fromHex(stripSpaces(testE8Value("auth_ciphertext_v4"))) - doAssert(receiver.decodeAuthMessage(m0) == Success) - - doAssert(receiver.initiatorNonce[0..^1] == - initiator.initiatorNonce[0..^1]) - let remoteEPubkey0 = initiator.ephemeral.pubkey.data - doAssert(receiver.remoteEPubkey.data[0..^1] == remoteEPubkey0[0..^1]) - let remoteHPubkey0 = initiator.host.pubkey.data - doAssert(receiver.remoteHPubkey.data[0..^1] == remoteHPubkey0[0..^1]) - - # Check that the initiator correctly decodes the auth ack msg. - var m1 = fromHex(stripSpaces(testE8Value("authack_ciphertext_v4"))) - doAssert(initiator.decodeAckMessage(m1) == Success) - - let remoteEPubkey1 = receiver.ephemeral.pubkey.data - doAssert(initiator.remoteEPubkey.data[0..^1] == remoteEPubkey1[0..^1]) - doAssert(initiator.responderNonce[0..^1] == - receiver.responderNonce[0..^1]) - - block: # auth/ack eip8 - var initiator = newTestHandshake({Initiator}) - var receiver = newTestHandshake({Responder}) - - # Check that the responder correctly decodes the auth msg. - var m0 = fromHex(stripSpaces(testE8Value("auth_ciphertext_eip8"))) - doAssert(receiver.decodeAuthMessage(m0) == Success) - - doAssert(receiver.initiatorNonce[0..^1] == - initiator.initiatorNonce[0..^1]) - let remoteEPubkey0 = initiator.ephemeral.pubkey.data - doAssert(receiver.remoteEPubkey.data[0..^1] == remoteEPubkey0[0..^1]) - let remoteHPubkey0 = initiator.host.pubkey.data - doAssert(receiver.remoteHPubkey.data[0..^1] == remoteHPubkey0[0..^1]) - - # Check that the initiator correctly decodes the auth ack msg. - var m1 = fromHex(stripSpaces(testE8Value("authack_ciphertext_eip8"))) - doAssert(initiator.decodeAckMessage(m1) == Success) - - let remoteEPubkey1 = receiver.ephemeral.pubkey.data - doAssert(initiator.remoteEPubkey.data[0..^1] == remoteEPubkey1[0..^1]) - doAssert(initiator.responderNonce[0..^1] == - receiver.responderNonce[0..^1]) - - # Check that the secrets derived from ephemeral key agreements match - # the expected values. - var taes = fromHex(stripSpaces(testE8Value("auth2ack2_aes_secret"))) - var tmac = fromHex(stripSpaces(testE8Value("auth2ack2_mac_secret"))) - - var csecInitiator: ConnectionSecret - var csecResponder: ConnectionSecret - - doAssert(initiator.getSecrets(addr m0[0], len(m0), addr m1[0], - len(m1), csecInitiator) == Success) - doAssert(receiver.getSecrets(addr m0[0], len(m0), addr m1[0], - len(m1), csecResponder) == Success) - - doAssert(csecInitiator.aesKey == csecResponder.aesKey) - doAssert(csecInitiator.macKey == csecResponder.macKey) - doAssert(taes[0..^1] == csecInitiator.aesKey[0..^1]) - doAssert(tmac[0..^1] == csecInitiator.macKey[0..^1]) - - block: # auth/ack eip8 with 3 additional fields - var initiator = newTestHandshake({Initiator}) - var receiver = newTestHandshake({Responder}) - - # Check that the responder correctly decodes the auth msg. - var m0 = fromHex(stripSpaces(testE8Value("auth_ciphertext_eip8_3f"))) - doAssert(receiver.decodeAuthMessage(m0) == Success) - - doAssert(receiver.initiatorNonce[0..^1] == - initiator.initiatorNonce[0..^1]) - let remoteEPubkey0 = initiator.ephemeral.pubkey.data - doAssert(receiver.remoteEPubkey.data[0..^1] == remoteEPubkey0[0..^1]) - let remoteHPubkey0 = initiator.host.pubkey.data - doAssert(receiver.remoteHPubkey.data[0..^1] == remoteHPubkey0[0..^1]) - - # Check that the initiator correctly decodes the auth ack msg. - var m1 = fromHex(stripSpaces(testE8Value("authack_ciphertext_eip8_3f"))) - doAssert(initiator.decodeAckMessage(m1) == Success) - - let remoteEPubkey1 = receiver.ephemeral.pubkey.data - doAssert(initiator.remoteEPubkey.data[0..^1] == remoteEPubkey1[0..^1]) - doAssert(initiator.responderNonce[0..^1] == - receiver.responderNonce[0..^1]) diff --git a/ethp2p/ecc.nim b/ethp2p/ecc.nim index bd6c403..3ed7a12 100644 --- a/ethp2p/ecc.nim +++ b/ethp2p/ecc.nim @@ -322,125 +322,3 @@ proc dump*(p: pointer, s: int, c: string = ""): string = ## Return hexadecimal dump of memory blob `p` and size `s`. result = if len(c) > 0: c & "=>\n" else: "" result &= dumpHex(p, s) - -when isMainModule: - import nimcrypto/hash, nimcrypto/keccak - - proc compare(x: openarray[byte], y: openarray[byte]): bool = - result = len(x) == len(y) - if result: - for i in 0..(len(x) - 1): - if x[i] != y[i]: - result = false - break - - block: - # ECDHE test vectors - # Copied from - # https://github.com/ethereum/py-evm/blob/master/tests/p2p/test_ecies.py#L19 - const privateKeys = [ - "332143e9629eedff7d142d741f896258f5a1bfab54dab2121d3ec5000093d74b", - "7ebbc6a8358bc76dd73ebc557056702c8cfc34e5cfcd90eb83af0347575fd2ad" - ] - const publicKeys = [ - """f0d2b97981bd0d415a843b5dfe8ab77a30300daab3658c578f2340308a2da1a07 - f0821367332598b6aa4e180a41e92f4ebbae3518da847f0b1c0bbfe20bcf4e1""", - """83ede0f19c3c98649265956a4193677b14c338a22de2086a08d84e4446fe37e4e - 233478259ec90dbeef52f4f6c890f8c38660ec7b61b9d439b8a6d1c323dc025""" - ] - const sharedSecrets = [ - "ee1418607c2fcfb57fda40380e885a707f49000a5dda056d828b7d9bd1f29a08", - "167ccc13ac5e8a26b131c3446030c60fbfac6aa8e31149d0869f93626a4cdf62" - ] - var secret: array[KeyLength, byte] - for i in 0..1: - var s = privateKeys[i].getPrivateKey() - var p = publicKeys[i].getPublicKey() - doAssert(ecdhAgree(s, p, secret) == Success) - var check = fromHex(stripSpaces(sharedSecrets[i])) - doAssert(compare(check, secret)) - - block: - # ECDHE test vectors - # Copied from https://github.com/ethereum/cpp-ethereum/blob/develop/test/unittests/libdevcrypto/crypto.cpp#L394 - var expect = """ - 8ac7e464348b85d9fdfc0a81f2fdc0bbbb8ee5fb3840de6ed60ad9372e718977""" - var secret: array[KeyLength, byte] - var s = keccak256.digest("ecdhAgree").data - var p = s.getPublicKey() - doAssert(ecdhAgree(s, p, secret) == Success) - var check = fromHex(stripSpaces(expect)) - doAssert(compare(check, secret)) - - block: - # ECDHE test vectors - # Copied from https://github.com/ethereum/cpp-ethereum/blob/2409d7ec7d34d5ff5770463b87eb87f758e621fe/test/unittests/libp2p/rlpx.cpp#L425 - var s0 = """ - 332143e9629eedff7d142d741f896258f5a1bfab54dab2121d3ec5000093d74b""" - var p0 = """ - f0d2b97981bd0d415a843b5dfe8ab77a30300daab3658c578f2340308a2da1a0 - 7f0821367332598b6aa4e180a41e92f4ebbae3518da847f0b1c0bbfe20bcf4e1""" - var e0 = """ - ee1418607c2fcfb57fda40380e885a707f49000a5dda056d828b7d9bd1f29a08""" - var secret: array[KeyLength, byte] - var s = getPrivateKey(s0) - var p = getPublicKey(p0) - var check = fromHex(stripSpaces(e0)) - doAssert(ecdhAgree(s, p, secret) == Success) - doAssert(compare(check, secret)) - - block: - # ECDSA test vectors - # Copied from https://github.com/ethereum/cpp-ethereum/blob/develop/test/unittests/libdevcrypto/crypto.cpp#L132 - var signature = """ - b826808a8c41e00b7c5d71f211f005a84a7b97949d5e765831e1da4e34c9b8295d - 2a622eee50f25af78241c1cb7cfff11bcf2a13fe65dee1e3b86fd79a4e3ed000""" - var pubkey = """ - e40930c838d6cca526795596e368d16083f0672f4ab61788277abfa23c3740e1cc - 84453b0b24f49086feba0bd978bb4446bae8dff1e79fcc1e9cf482ec2d07c3""" - var check1 = fromHex(stripSpaces(signature)) - var check2 = fromHex(stripSpaces(pubkey)) - var sig: Signature - var key: PublicKey - var s = keccak256.digest("sec").data - var m = keccak256.digest("msg").data - doAssert(signMessage(s, m, sig) == Success) - var sersig = sig.getRaw().data - doAssert(recoverSignatureKey(sersig, m, key) == Success) - var serkey = key.getRaw().data - doAssert(compare(sersig, check1)) - doAssert(compare(serkey, check2)) - - block: - # signature test - var rkey: PublicKey - var sig: Signature - for i in 1..100: - var m = newPrivateKey() - var s = newPrivateKey() - var key = s.getPublicKey() - doAssert(signMessage(s, m, sig) == Success) - var sersig = sig.getRaw().data - doAssert(recoverSignatureKey(sersig, m, rkey) == Success) - doAssert(key == rkey) - - block: - # key create/recovery test - var rkey: PublicKey - for i in 1..100: - var s = newPrivateKey() - var key = s.getPublicKey() - doAssert(recoverPublicKey(key.getRaw().data, rkey) == Success) - doAssert(key == rkey) - - block: - # ECDHE shared secret test - var secret1, secret2: SharedSecret - for i in 1..100: - var aliceSecret = newPrivateKey() - var alicePublic = aliceSecret.getPublicKey() - var bobSecret = newPrivateKey() - var bobPublic = bobSecret.getPublicKey() - doAssert(ecdhAgree(aliceSecret, bobPublic, secret1) == Success) - doAssert(ecdhAgree(bobSecret, alicePublic, secret2) == Success) - doAssert(secret1 == secret2) diff --git a/ethp2p/ecies.nim b/ethp2p/ecies.nim index a3c040b..6af4340 100644 --- a/ethp2p/ecies.nim +++ b/ethp2p/ecies.nim @@ -340,154 +340,3 @@ proc eciesDecrypt*[A, B, C](input: openarray[A], length, dsize, seckey, cast[ptr byte](unsafeAddr shmac[0]), len(shmac) * sizeof(C)) - -when isMainModule: - proc compare[A, B](x: openarray[A], y: openarray[B], s: int = 0): bool = - result = true - assert(s >= 0) - var size = if s == 0: min(len(x), len(y)) else: min(s, min(len(x), len(y))) - for i in 0..(size - 1): - if x[i] != cast[A](y[i]): - result = false - break - - block: - # KDF test - # Copied from https://github.com/ethereum/pydevp2p/blob/develop/devp2p/tests/test_ecies.py#L53 - let m0 = "961c065873443014e0371f1ed656c586c6730bf927415757f389d92acf8268df" - let c0 = "4050c52e6d9c08755e5a818ac66fabe478b825b1836fd5efc4d44e40d04dabcc" - var m = fromHex(stripSpaces(m0)) - var c = fromHex(stripSpaces(c0)) - var k = kdf(m) - doAssert(compare(k, c)) - - block: - # HMAC-SHA256 test - # https://github.com/ethereum/py-evm/blob/master/tests/p2p/test_ecies.py#L64-L76 - const keys = [ - "07a4b6dfa06369a570f2dcba2f11a18f", - "af6623e52208c596e17c72cea6f1cb09" - ] - const datas = ["4dcb92ed4fc67fe86832", "3461282bcedace970df2"] - const expects = [ - "c90b62b1a673b47df8e395e671a68bfa68070d6e2ef039598bb829398b89b9a9", - "b3ce623bce08d5793677ba9441b22bb34d3e8a7de964206d26589df3e8eb5183" - ] - for i in 0..1: - var k = fromHex(stripSpaces(keys[i])) - var m = fromHex(stripSpaces(datas[i])) - var digest = sha256.hmac(k, m).data - var check = fromHex(stripSpaces(expects[i])) - doAssert(compare(digest, check)) - - block: - # ECIES encryption - var m = "Hello World!" - var encr = newSeq[byte](eciesEncryptedLength(len(m))) - var decr = newSeq[byte](len(m)) - var shmac = [0x13'u8, 0x13'u8] - var outlen = 0 - var s = newPrivateKey() - var p = s.getPublicKey() - # Without additional mac data - doAssert(eciesEncrypt(m, p, encr, outlen) == Success) - doAssert(eciesDecrypt(encr, s, decr, outlen) == Success) - doAssert(outlen == len(m)) - doAssert(equalMem(addr m[0], addr decr[0], outlen)) - # With additional mac data - doAssert(eciesEncrypt(m, p, encr, outlen, shmac) == Success) - doAssert(eciesDecrypt(encr, s, decr, outlen, shmac) == Success) - doAssert(outlen == len(m)) - doAssert(equalMem(addr m[0], addr decr[0], outlen)) - - block: - # ECIES - # https://github.com/ethereum/py-evm/blob/master/tests/p2p/test_ecies.py#L43 - # https://github.com/ethereum/cpp-ethereum/blob/develop/test/unittests/libp2p/rlpx.cpp#L187 - const secretKeys = [ - "c45f950382d542169ea207959ee0220ec1491755abe405cd7498d6b16adb6df8", - "5e173f6ac3c669587538e7727cf19b782a4f2fda07c1eaa662c593e5e85e3051" - ] - const cipherText = [ - """04a0274c5951e32132e7f088c9bdfdc76c9d91f0dc6078e848f8e3361193dbdc - 43b94351ea3d89e4ff33ddcefbc80070498824857f499656c4f79bbd97b6c51a - 514251d69fd1785ef8764bd1d262a883f780964cce6a14ff206daf1206aa073a - 2d35ce2697ebf3514225bef186631b2fd2316a4b7bcdefec8d75a1025ba2c540 - 4a34e7795e1dd4bc01c6113ece07b0df13b69d3ba654a36e35e69ff9d482d88d - 2f0228e7d96fe11dccbb465a1831c7d4ad3a026924b182fc2bdfe016a6944312 - 021da5cc459713b13b86a686cf34d6fe6615020e4acf26bf0d5b7579ba813e77 - 23eb95b3cef9942f01a58bd61baee7c9bdd438956b426a4ffe238e61746a8c93 - d5e10680617c82e48d706ac4953f5e1c4c4f7d013c87d34a06626f498f34576d - c017fdd3d581e83cfd26cf125b6d2bda1f1d56""", - """049934a7b2d7f9af8fd9db941d9da281ac9381b5740e1f64f7092f3588d4f87f - 5ce55191a6653e5e80c1c5dd538169aa123e70dc6ffc5af1827e546c0e958e42 - dad355bcc1fcb9cdf2cf47ff524d2ad98cbf275e661bf4cf00960e74b5956b79 - 9771334f426df007350b46049adb21a6e78ab1408d5e6ccde6fb5e69f0f4c92b - b9c725c02f99fa72b9cdc8dd53cff089e0e73317f61cc5abf6152513cb7d833f - 09d2851603919bf0fbe44d79a09245c6e8338eb502083dc84b846f2fee1cc310 - d2cc8b1b9334728f97220bb799376233e113""" - ] - const expectText = [ - """884c36f7ae6b406637c1f61b2f57e1d2cab813d24c6559aaf843c3f48962f32f - 46662c066d39669b7b2e3ba14781477417600e7728399278b1b5d801a519aa57 - 0034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46 - cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae406 - 4abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74 - d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb - 1100""", - """802b052f8b066640bba94a4fc39d63815c377fced6fcb84d27f791c9921ddf3e - 9bf0108e298f490812847109cbd778fae393e80323fd643209841a3b7f110397 - f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a7 - 00""" - ] - var data: array[1024, byte] - var outlen = 0 - for i in 0..1: - var s = secretKeys[i].getPrivateKey() - var cipher = fromHex(stripSpaces(cipherText[i])) - var check = fromHex(stripSpaces(expectText[i])) - var r = eciesDecrypt(cipher, s, data, outlen) - doAssert(r == Success, $r) - doAssert(outlen == len(check)) - doAssert(compare(data, check)) - - block: - # ECIES - # https://github.com/ethereum/cpp-ethereum/blob/develop/test/unittests/libp2p/rlpx.cpp#L432-L459 - const secretKeys = [ - "57baf2c62005ddec64c357d96183ebc90bf9100583280e848aa31d683cad73cb", - "472413e97f1fd58d84e28a559479e6b6902d2e8a0cee672ef38a3a35d263886b", - "472413e97f1fd58d84e28a559479e6b6902d2e8a0cee672ef38a3a35d263886b", - "472413e97f1fd58d84e28a559479e6b6902d2e8a0cee672ef38a3a35d263886b" - ] - const cipherData = [ - """04ff2c874d0a47917c84eea0b2a4141ca95233720b5c70f81a8415bae1dc7b74 - 6b61df7558811c1d6054333907333ef9bb0cc2fbf8b34abb9730d14e0140f455 - 3f4b15d705120af46cf653a1dc5b95b312cf8444714f95a4f7a0425b67fc064d - 18f4d0a528761565ca02d97faffdac23de10""", - """046f647e1bd8a5cd1446d31513bac233e18bdc28ec0e59d46de453137a725995 - 33f1e97c98154343420d5f16e171e5107999a7c7f1a6e26f57bcb0d2280655d0 - 8fb148d36f1d4b28642d3bb4a136f0e33e3dd2e3cffe4b45a03fb7c5b5ea5e65 - 617250fdc89e1a315563c20504b9d3a72555""", - """0443c24d6ccef3ad095140760bb143078b3880557a06392f17c5e368502d7953 - 2bc18903d59ced4bbe858e870610ab0d5f8b7963dd5c9c4cf81128d10efd7c7a - a80091563c273e996578403694673581829e25a865191bdc9954db14285b56eb - 0043b6288172e0d003c10f42fe413222e273d1d4340c38a2d8344d7aadcbc846 - ee""", - """04c4e40c86bb5324e017e598c6d48c19362ae527af8ab21b077284a4656c8735 - e62d73fb3d740acefbec30ca4c024739a1fcdff69ecaf03301eebf156eb5f17c - ca6f9d7a7e214a1f3f6e34d1ee0ec00ce0ef7d2b242fbfec0f276e17941f9f1b - fbe26de10a15a6fac3cda039904ddd1d7e06e7b96b4878f61860e47f0b84c8ce - b64f6a900ff23844f4359ae49b44154980a626d3c73226c19e""" - ] - const expectData = [ - "a", "a", "aaaaaaaaaaaaaaaa", "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - ] - var data: array[1024, byte] - var outlen = 0 - for i in 0..3: - var s = secretKeys[i].getPrivateKey() - var cipher = fromHex(stripSpaces(cipherData[i])) - doAssert(eciesDecrypt(cipher, s, data, outlen) == Success) - doAssert(outlen == len(expectData[i])) - doAssert(compare(data, expectData[i]))