1 // Copyright 2016 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
18 "golang.org/x/crypto/ed25519/internal/edwards25519"
21 type zeroReader struct{}
23 func (zeroReader) Read(buf []byte) (int, error) {
30 func TestUnmarshalMarshal(t *testing.T) {
31 pub, _, _ := GenerateKey(rand.Reader)
33 var A edwards25519.ExtendedGroupElement
35 copy(pubBytes[:], pub)
36 if !A.FromBytes(&pubBytes) {
37 t.Fatalf("ExtendedGroupElement.FromBytes failed")
44 t.Errorf("FromBytes(%v)->ToBytes does not round-trip, got %x\n", pubBytes, pub2)
48 func TestSignVerify(t *testing.T) {
50 public, private, _ := GenerateKey(zero)
52 message := []byte("test message")
53 sig := Sign(private, message)
54 if !Verify(public, message, sig) {
55 t.Errorf("valid signature rejected")
58 wrongMessage := []byte("wrong message")
59 if Verify(public, wrongMessage, sig) {
60 t.Errorf("signature of different message accepted")
64 func TestCryptoSigner(t *testing.T) {
66 public, private, _ := GenerateKey(zero)
68 signer := crypto.Signer(private)
70 publicInterface := signer.Public()
71 public2, ok := publicInterface.(PublicKey)
73 t.Fatalf("expected PublicKey from Public() but got %T", publicInterface)
76 if !bytes.Equal(public, public2) {
77 t.Errorf("public keys do not match: original:%x vs Public():%x", public, public2)
80 message := []byte("message")
81 var noHash crypto.Hash
82 signature, err := signer.Sign(zero, message, noHash)
84 t.Fatalf("error from Sign(): %s", err)
87 if !Verify(public, message, signature) {
88 t.Errorf("Verify failed on signature from Sign()")
92 func TestGolden(t *testing.T) {
93 // sign.input.gz is a selection of test cases from
94 // https://ed25519.cr.yp.to/python/sign.input
95 testDataZ, err := os.Open("testdata/sign.input.gz")
99 defer testDataZ.Close()
100 testData, err := gzip.NewReader(testDataZ)
104 defer testData.Close()
106 scanner := bufio.NewScanner(testData)
112 line := scanner.Text()
113 parts := strings.Split(line, ":")
115 t.Fatalf("bad number of parts on line %d", lineNo)
118 privBytes, _ := hex.DecodeString(parts[0])
119 pubKey, _ := hex.DecodeString(parts[1])
120 msg, _ := hex.DecodeString(parts[2])
121 sig, _ := hex.DecodeString(parts[3])
122 // The signatures in the test vectors also include the message
123 // at the end, but we just want R and S.
124 sig = sig[:SignatureSize]
126 if l := len(pubKey); l != PublicKeySize {
127 t.Fatalf("bad public key length on line %d: got %d bytes", lineNo, l)
130 var priv [PrivateKeySize]byte
131 copy(priv[:], privBytes)
132 copy(priv[32:], pubKey)
134 sig2 := Sign(priv[:], msg)
135 if !bytes.Equal(sig, sig2[:]) {
136 t.Errorf("different signature result on line %d: %x vs %x", lineNo, sig, sig2)
139 if !Verify(pubKey, msg, sig2) {
140 t.Errorf("signature failed to verify on line %d", lineNo)
144 if err := scanner.Err(); err != nil {
145 t.Fatalf("error reading test data: %s", err)
149 func BenchmarkKeyGeneration(b *testing.B) {
151 for i := 0; i < b.N; i++ {
152 if _, _, err := GenerateKey(zero); err != nil {
158 func BenchmarkSigning(b *testing.B) {
160 _, priv, err := GenerateKey(zero)
164 message := []byte("Hello, world!")
166 for i := 0; i < b.N; i++ {
171 func BenchmarkVerification(b *testing.B) {
173 pub, priv, err := GenerateKey(zero)
177 message := []byte("Hello, world!")
178 signature := Sign(priv, message)
180 for i := 0; i < b.N; i++ {
181 Verify(pub, message, signature)