aboutsummaryrefslogblamecommitdiffstats
path: root/test/bls_c_test.hpp
blob: e9b6e63022e3a28c974c30970674a7d9870bfba9 (plain) (tree) 
160b6af




ae27eb0

f09ec7c

160b6af

6154531

















160b6af












































6154531

160b6af






6154531

160b6af





b861a41

160b6af





































c4ba996

160b6af







c4ba996

160b6af




































































6154531

160b6af






















6154531



160b6af

6154531

160b6af

























6154531






160b6af


6154531






160b6af













6154531

160b6af


6154531

160b6af











































72f0379






























b861a41


b861a41



6150306



b861a41

6150306


b861a41








6150306

b861a41


ae27eb0












da48823

ae27eb0



160b6af


da48823


da48823

b861a41

da48823






8ec3e30

da48823





8ec3e30

e4197b9

da48823





160b6af


160b6af


da48823

994b575





160b6af


b861a41

160b6af

da48823

160b6af

72f0379

b861a41

ae27eb0

160b6af


1
2
3
4

5

6

7

8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

69

70
71
72
73
74
75

76

77
78
79
80
81

82

83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

120

121
122
123
124
125
126
127

128

129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196

197

198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219

220
221
222

223

224

225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249

250
251
252
253
254
255

256
257

258
259
260
261
262
263

264
265
266
267
268
269
270
271
272
273
274
275
276

277

278
279

280

281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323

324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353

354
355

356
357
358

359
360
361

362

363
364

365
366
367
368
369
370
371
372

373

374
375

376
377
378
379
380
381
382
383
384
385
386
387

388

389
390
391

392
393

394
395

396

397

398
399
400
401
402
403

404

405
406
407
408
409

410

411

412
413
414
415
416

417
418

419
420

421

422
423
424
425
426

427
428

429

430

431

432

433

434

435

436
437




                             
                               
                           
 
















                             











































                                                                
                                              





                                                              
                                              




                                                              
                                                                             




































                                                                                 
                                                                               






                                                  
                                                                                   



































































                                                                   
                                     





















                                                              


                                
                            
      
























                                                              





                            

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               





                            












                                                                                                                                                                                                                                                                                               
                                                          

                                   
                                                          










































                                                                                          





























                                                              

                              


                                     


                                                                 
                                  

                                                                                      







                                                                 
                                    

 











                                           
                                                                         


                                                                            

                     

                              
                              
                              





                                                                                                        
                                                      




                                                                                                                                              
      
                                                      




                                                                                                                                              

          

                                                                   
                                                                             




                                                

                                    
                                                 
                                   
                                                                            
                                
                                      
                                  
                           

         
#include <cybozu/test.hpp>
#include <cybozu/inttype.hpp>
#include <bls/bls.h>
#include <string.h>
#include <cybozu/benchmark.hpp>
#include <mcl/gmp_util.hpp>

size_t pubSize(size_t FrSize)
{
#ifdef BLS_SWAP_G
    return FrSize;
#else
    return FrSize * 2;
#endif
}
size_t sigSize(size_t FrSize)
{
#ifdef BLS_SWAP_G
    return FrSize * 2;
#else
    return FrSize;
#endif
}

void bls_use_stackTest()
{
    blsSecretKey sec;
    blsPublicKey pub;
    blsSignature sig;
    const char *msg = "this is a pen";
    const size_t msgSize = strlen(msg);

    blsSecretKeySetByCSPRNG(&sec);

    blsGetPublicKey(&pub, &sec);

    blsSign(&sig, &sec, msg, msgSize);

    CYBOZU_TEST_ASSERT(blsVerify(&sig, &pub, msg, msgSize));
}

void blsDataTest()
{
    const char *msg = "test test";
    const size_t msgSize = strlen(msg);
    const size_t FrSize = blsGetFrByteSize();
    const size_t FpSize = blsGetG1ByteSize();
    blsSecretKey sec1, sec2;
    blsSecretKeySetByCSPRNG(&sec1);
    char buf[1024];
    size_t n;
    size_t ret;
    n = blsSecretKeyGetHexStr(buf, sizeof(buf), &sec1);
    CYBOZU_TEST_ASSERT(0 < n && n <= FrSize * 2);
    ret = blsSecretKeySetHexStr(&sec2, buf, n);
    CYBOZU_TEST_EQUAL(ret, 0);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));

    memset(&sec2, 0, sizeof(sec2));
    n = blsSecretKeySerialize(buf, sizeof(buf), &sec1);
    CYBOZU_TEST_EQUAL(n, FrSize);
    ret = blsSecretKeyDeserialize(&sec2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));

    blsPublicKey pub1, pub2;
    blsGetPublicKey(&pub1, &sec1);
    n = blsPublicKeySerialize(buf, sizeof(buf), &pub1);
    CYBOZU_TEST_EQUAL(n, pubSize(FpSize));
    ret = blsPublicKeyDeserialize(&pub2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2));
    blsSignature sig1, sig2;
    blsSign(&sig1, &sec1, msg, msgSize);
    n = blsSignatureSerialize(buf, sizeof(buf), &sig1);
    CYBOZU_TEST_EQUAL(n, sigSize(FpSize));
    ret = blsSignatureDeserialize(&sig2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2));
}

void blsOrderTest(const char *curveOrder/*Fr*/, const char *fieldOrder/*Fp*/)
{
    char buf[1024];
    size_t len;
    len = blsGetCurveOrder(buf, sizeof(buf));
    CYBOZU_TEST_ASSERT(len > 0);
    CYBOZU_TEST_EQUAL(buf, curveOrder);
    len = blsGetFieldOrder(buf, sizeof(buf));
    CYBOZU_TEST_ASSERT(len > 0);
    CYBOZU_TEST_EQUAL(buf, fieldOrder);
}

#if !defined(DISABLE_THREAD_TEST) || defined(__clang__)
#if defined(CYBOZU_CPP_VERSION) && CYBOZU_CPP_VERSION >= CYBOZU_CPP_VERSION_CPP11
#include <thread>
#include <vector>
struct Thread {
    std::unique_ptr<std::thread> t;
    Thread() : t() {}
    ~Thread()
    {
        if (t) {
            t->join();
        }
    }
    template<class F>
    void run(F func, int p1, int p2)
    {
        t.reset(new std::thread(func, p1, p2));
    }
};

CYBOZU_TEST_AUTO(multipleInit)
{
    const size_t n = 100;
    {
        std::vector<Thread> vt(n);
        for (size_t i = 0; i < n; i++) {
            vt[i].run(blsInit, MCL_BN254, MCLBN_COMPILED_TIME_VAR);
        }
    }
    CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 4u);
#if MCLBN_FP_UNIT_SIZE == 6
    {
        std::vector<Thread> vt(n);
        for (size_t i = 0; i < n; i++) {
            vt[i].run(blsInit, MCL_BLS12_381, MCLBN_COMPILED_TIME_VAR);
        }
    }
    CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 6u);
#endif
}
#endif
#endif

void blsSerializeTest()
{
    const size_t FrSize = blsGetFrByteSize();
    const size_t FpSize = blsGetG1ByteSize();
    printf("FrSize=%d, FpSize=%d\n", (int)FrSize, (int)FpSize);
    blsId id1, id2;
    blsSecretKey sec1, sec2;
    blsPublicKey pub1, pub2;
    blsSignature sig1, sig2;
    char buf[1024];
    size_t n;
    size_t expectSize;
    size_t ret;
    const char dummyChar = '1';

    // Id
    expectSize = FrSize;
    blsIdSetInt(&id1, -1);
    n = blsIdSerialize(buf, sizeof(buf), &id1);
    CYBOZU_TEST_EQUAL(n, expectSize);

    ret = blsIdDeserialize(&id2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsIdIsEqual(&id1, &id2));

    ret = blsIdDeserialize(&id2, buf, n - 1);
    CYBOZU_TEST_EQUAL(ret, 0);

    memset(&id2, 0, sizeof(id2));
    buf[n] = dummyChar;
    ret = blsIdDeserialize(&id2, buf, n + 1);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsIdIsEqual(&id1, &id2));

    n = blsIdSerialize(buf, expectSize, &id1);
    CYBOZU_TEST_EQUAL(n, expectSize);

    // SecretKey
    expectSize = FrSize;
    blsSecretKeySetDecStr(&sec1, "-1", 2);
    n = blsSecretKeySerialize(buf, sizeof(buf), &sec1);
    CYBOZU_TEST_EQUAL(n, expectSize);

    ret = blsSecretKeyDeserialize(&sec2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));

    ret = blsSecretKeyDeserialize(&sec2, buf, n - 1);
    CYBOZU_TEST_EQUAL(ret, 0);

    memset(&sec2, 0, sizeof(sec2));
    buf[n] = dummyChar;
    ret = blsSecretKeyDeserialize(&sec2, buf, n + 1);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));

    n = blsSecretKeySerialize(buf, expectSize, &sec1);
    CYBOZU_TEST_EQUAL(n, expectSize);

    // PublicKey
    expectSize = pubSize(FpSize);
    blsGetPublicKey(&pub1, &sec1);
    n = blsPublicKeySerialize(buf, sizeof(buf), &pub1);
    CYBOZU_TEST_EQUAL(n, expectSize);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsValidOrder(&pub1));

    ret = blsPublicKeyDeserialize(&pub2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2));

    ret = blsPublicKeyDeserialize(&pub2, buf, n - 1);
    CYBOZU_TEST_EQUAL(ret, 0);

    memset(&pub2, 0, sizeof(pub2));
    buf[n] = dummyChar;
    ret = blsPublicKeyDeserialize(&pub2, buf, n + 1);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2));

    n = blsPublicKeySerialize(buf, expectSize, &pub1);
    CYBOZU_TEST_EQUAL(n, expectSize);

    // Signature
#ifdef BLS_SWAP_G
    expectSize = FpSize * 2;
#else
    expectSize = FpSize;
#endif
    blsSign(&sig1, &sec1, "abc", 3);
    n = blsSignatureSerialize(buf, sizeof(buf), &sig1);
    CYBOZU_TEST_EQUAL(n, expectSize);
    CYBOZU_TEST_ASSERT(blsSignatureIsValidOrder(&sig1));

    ret = blsSignatureDeserialize(&sig2, buf, n);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2));

    ret = blsSignatureDeserialize(&sig2, buf, n - 1);
    CYBOZU_TEST_EQUAL(ret, 0);

    memset(&sig2, 0, sizeof(sig2));
    buf[n] = dummyChar;
    ret = blsSignatureDeserialize(&sig2, buf, n + 1);
    CYBOZU_TEST_EQUAL(ret, n);
    CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2));

    n = blsSignatureSerialize(buf, expectSize, &sig1);
    CYBOZU_TEST_EQUAL(n, expectSize);
}

void blsVerifyOrderTest()
{
    puts("blsVerifyOrderTest");
#ifdef BLS_SWAP_G
    const uint8_t Qs[] =
#else
    const uint8_t Ps[] =
#endif
    {
0x7b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
    };
#ifdef BLS_SWAP_G
    const uint8_t Ps[] =
#else
    const uint8_t Qs[] =
#endif
    {
0x7c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
    };
    size_t n;
    blsPublicKey pub;
    n = blsPublicKeyDeserialize(&pub, Ps, sizeof(Ps));
    CYBOZU_TEST_EQUAL(n, 0);
    blsPublicKeyVerifyOrder(0);
    n = blsPublicKeyDeserialize(&pub, Ps, sizeof(Ps));
    CYBOZU_TEST_ASSERT(n > 0);
    CYBOZU_TEST_ASSERT(!blsPublicKeyIsValidOrder(&pub));
    blsPublicKeyVerifyOrder(1);

    blsSignature sig;
    n = blsSignatureDeserialize(&sig, Qs, sizeof(Qs));
    CYBOZU_TEST_EQUAL(n, 0);
    blsSignatureVerifyOrder(0);
    n = blsSignatureDeserialize(&sig, Qs, sizeof(Qs));
    CYBOZU_TEST_ASSERT(n > 0);
    CYBOZU_TEST_ASSERT(!blsSignatureIsValidOrder(&sig));
    blsSignatureVerifyOrder(1);
}

void blsAddSubTest()
{
    blsSecretKey sec[3];
    blsPublicKey pub[3];
    blsSignature sig[3];
    const char *msg = "this is a pen";
    const size_t msgSize = strlen(msg);

    const char *secHexStr[8] = { "12", "34" };
    for (int i = 0; i < 2; i++) {
        blsSecretKeySetHexStr(&sec[i], secHexStr[i], strlen(secHexStr[i]));
        blsGetPublicKey(&pub[i], &sec[i]);
        blsSign(&sig[i], &sec[i], msg, msgSize);
    }
    sec[2] = sec[0];
    blsSecretKeyAdd(&sec[2], &sec[1]);
    char buf[1024];
    size_t n = blsSecretKeyGetHexStr(buf, sizeof(buf), &sec[2]);
    CYBOZU_TEST_EQUAL(n, 2);
    CYBOZU_TEST_EQUAL(buf, "46"); // "12" + "34"

    pub[2] = pub[0];
    blsPublicKeyAdd(&pub[2], &pub[1]);
    sig[2] = sig[0];
    blsSignatureAdd(&sig[2], &sig[1]); // sig[2] = sig[0] + sig[1]
    blsSignature sig2;
    blsSign(&sig2, &sec[2], msg, msgSize); // sig2 = signature by sec[2]
    CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig2, &sig[2]));
    CYBOZU_TEST_ASSERT(blsVerify(&sig[2], &pub[2], msg, msgSize)); // verify by pub[2]

    blsSecretKeySub(&sec[2], &sec[1]);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec[2], &sec[0]));
    blsPublicKeySub(&pub[2], &pub[1]);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub[2], &pub[0]));
    blsSignatureSub(&sig[2], &sig[1]);
    CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig[2], &sig[0]));
}

void blsTrivialShareTest()
{
    blsSecretKey sec1, sec2;
    blsPublicKey pub1, pub2;
    blsId id;
    blsIdSetInt(&id, 123);

    blsSecretKeySetByCSPRNG(&sec1);
    blsGetPublicKey(&pub1, &sec1);
    int ret;

    memset(&sec2, 0, sizeof(sec2));
    ret = blsSecretKeyShare(&sec2, &sec1, 1, &id);
    CYBOZU_TEST_EQUAL(ret, 0);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));
    memset(&sec2, 0, sizeof(sec2));
    ret = blsSecretKeyRecover(&sec2, &sec1, &id, 1);
    CYBOZU_TEST_EQUAL(ret, 0);
    CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2));

    memset(&pub2, 0, sizeof(pub2));
    ret = blsPublicKeyShare(&pub2, &pub1, 1, &id);
    CYBOZU_TEST_EQUAL(ret, 0);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2));
    memset(&pub2, 0, sizeof(pub2));
    ret = blsPublicKeyRecover(&pub2, &pub1, &id, 1);
    CYBOZU_TEST_EQUAL(ret, 0);
    CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2));
}

void modTest(const char *rStr)
{
    unsigned char buf[1024] = {};
    int ret;
    blsSecretKey sec;
    const size_t maxByte = 64; // 512-bit
    memset(buf, 0xff, maxByte);
    ret = blsSecretKeySetLittleEndianMod(&sec, buf, maxByte);
    CYBOZU_TEST_EQUAL(ret, 0);
    const mpz_class x = (mpz_class(1) << (maxByte * 8)) - 1; // 512-bit 0xff....ff
    const mpz_class r(rStr);
    size_t n = blsSecretKeySerialize(buf, sizeof(buf), &sec);
    CYBOZU_TEST_ASSERT(n > 0);
    // serialized data to mpz_class
    mpz_class y = 0;
    for (size_t i = 0; i < n; i++) {
        y <<= 8;
        y += buf[n - 1 - i];
    }
    CYBOZU_TEST_EQUAL(y, x % r);
}

void blsBench()
{
    blsSecretKey sec;
    blsPublicKey pub;
    blsSignature sig;
    const char *msg = "this is a pen";
    const size_t msgSize = strlen(msg);

    blsSecretKeySetByCSPRNG(&sec);

    blsGetPublicKey(&pub, &sec);

    CYBOZU_BENCH_C("sign", 10000, blsSign, &sig, &sec, msg, msgSize);
    CYBOZU_BENCH_C("verify", 1000, blsVerify, &sig, &pub, msg, msgSize);
}

CYBOZU_TEST_AUTO(all)
{
    const struct {
        int curveType;
        const char *r;
        const char *p;
    } tbl[] = {
        {
            MCL_BN254,
            "16798108731015832284940804142231733909759579603404752749028378864165570215949",
            "16798108731015832284940804142231733909889187121439069848933715426072753864723",
        },
#if MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE == 6
        {
            MCL_BN381_1,
            "5540996953667913971058039301942914304734176495422447785042938606876043190415948413757785063597439175372845535461389",
            "5540996953667913971058039301942914304734176495422447785045292539108217242186829586959562222833658991069414454984723",
        },
#endif
#if MCLBN_FP_UNIT_SIZE == 6 && MCLBN_FR_UNIT_SIZE >= 4
        {
            MCL_BLS12_381,
            "52435875175126190479447740508185965837690552500527637822603658699938581184513",
            "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787",
        },
#endif
    };
    for (size_t i = 0; i < sizeof(tbl) / sizeof(tbl[0]); i++) {
        printf("i=%d\n", (int)i);
        int ret = blsInit(tbl[i].curveType, MCLBN_COMPILED_TIME_VAR);
        CYBOZU_TEST_EQUAL(ret, 0);
        if (ret) {
            printf("ERR %d\n", ret);
            exit(1);
        }
        bls_use_stackTest();
        blsDataTest();
        blsOrderTest(tbl[i].r, tbl[i].p);
        blsSerializeTest();
        if (tbl[i].curveType == MCL_BLS12_381) blsVerifyOrderTest();
        blsAddSubTest();
        blsTrivialShareTest();
        modTest(tbl[i].r);
        blsBench();
    }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-13 02:16:03 +0800