2016-12-08 21:56:37 +01:00
|
|
|
package lnwire
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"math/big"
|
|
|
|
|
"testing"
|
|
|
|
|
|
2022-02-23 14:48:00 +01:00
|
|
|
"github.com/btcsuite/btcd/btcec/v2"
|
|
|
|
|
"github.com/btcsuite/btcd/btcec/v2/ecdsa"
|
2016-12-08 21:56:37 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func TestSignatureSerializeDeserialize(t *testing.T) {
|
2017-06-17 00:59:20 +02:00
|
|
|
t.Parallel()
|
|
|
|
|
|
2016-12-08 21:56:37 +01:00
|
|
|
// Local-scoped closure to serialize and deserialize a Signature and
|
|
|
|
|
// check for errors as well as check if the results are correct.
|
2022-02-23 14:48:00 +01:00
|
|
|
signatureSerializeDeserialize := func(e *ecdsa.Signature) error {
|
|
|
|
|
sig, err := NewSigFromSignature(e)
|
2016-12-08 21:56:37 +01:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-01-31 04:41:52 +01:00
|
|
|
|
|
|
|
|
e2, err := sig.ToSignature()
|
2016-12-08 21:56:37 +01:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-01-31 04:41:52 +01:00
|
|
|
|
2022-02-23 14:48:00 +01:00
|
|
|
if !e.IsEqual(e2) {
|
|
|
|
|
return fmt.Errorf("pre/post-serialize sigs don't " +
|
|
|
|
|
"match")
|
2016-12-08 21:56:37 +01:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check R = N-1, S = 128.
|
2022-02-23 14:48:00 +01:00
|
|
|
r := big.NewInt(1) // Allocate a big.Int before we call .Sub.
|
|
|
|
|
r.Sub(btcec.S256().N, r)
|
|
|
|
|
rScalar := new(btcec.ModNScalar)
|
|
|
|
|
rScalar.SetByteSlice(r.Bytes())
|
|
|
|
|
|
|
|
|
|
sig := ecdsa.NewSignature(rScalar, new(btcec.ModNScalar).SetInt(128))
|
2016-12-08 21:56:37 +01:00
|
|
|
err := signatureSerializeDeserialize(sig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("R = N-1, S = 128: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check R = N-1, S = 127.
|
2022-02-23 14:48:00 +01:00
|
|
|
sig = ecdsa.NewSignature(rScalar, new(btcec.ModNScalar).SetInt(127))
|
2016-12-08 21:56:37 +01:00
|
|
|
err = signatureSerializeDeserialize(sig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("R = N-1, S = 127: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check R = N-1, S = N>>1.
|
2022-02-23 14:48:00 +01:00
|
|
|
s := new(big.Int).Set(btcec.S256().N)
|
|
|
|
|
s.Rsh(s, 1)
|
|
|
|
|
sScalar := new(btcec.ModNScalar)
|
|
|
|
|
sScalar.SetByteSlice(s.Bytes())
|
|
|
|
|
sig = ecdsa.NewSignature(rScalar, sScalar)
|
2016-12-08 21:56:37 +01:00
|
|
|
err = signatureSerializeDeserialize(sig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatalf("R = N-1, S = N>>1: %s", err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check R = N-1, S = N.
|
2022-02-23 14:48:00 +01:00
|
|
|
s = new(big.Int).Set(btcec.S256().N)
|
|
|
|
|
overflow := sScalar.SetByteSlice(s.Bytes())
|
|
|
|
|
if !overflow {
|
|
|
|
|
t.Fatalf("Expect ModNScalar to overflow when setting N but " +
|
|
|
|
|
"didn't")
|
|
|
|
|
}
|
|
|
|
|
sig = ecdsa.NewSignature(rScalar, sScalar)
|
2016-12-08 21:56:37 +01:00
|
|
|
err = signatureSerializeDeserialize(sig)
|
2022-02-23 14:48:00 +01:00
|
|
|
if err.Error() != "invalid signature: S is 0" {
|
2016-12-08 21:56:37 +01:00
|
|
|
t.Fatalf("R = N-1, S = N should become R = N-1, S = 0: %s",
|
|
|
|
|
err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check R = N-1, S = N-1.
|
2022-02-23 14:48:00 +01:00
|
|
|
s = new(big.Int).Set(btcec.S256().N)
|
|
|
|
|
s.Sub(s, big.NewInt(1))
|
|
|
|
|
sScalar.SetByteSlice(s.Bytes())
|
|
|
|
|
sig = ecdsa.NewSignature(rScalar, sScalar)
|
2016-12-08 21:56:37 +01:00
|
|
|
err = signatureSerializeDeserialize(sig)
|
2022-02-23 14:48:00 +01:00
|
|
|
if err.Error() != "pre/post-serialize sigs don't match" {
|
2016-12-08 21:56:37 +01:00
|
|
|
t.Fatalf("R = N-1, S = N-1 should become R = N-1, S = 1: %s",
|
|
|
|
|
err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check R = 2N, S = 128
|
2022-02-23 14:48:00 +01:00
|
|
|
// This cannot be tested anymore since the new ecdsa package creates
|
|
|
|
|
// the signature from ModNScalar values which don't allow setting a
|
|
|
|
|
// value larger than N (hence the name mod n).
|
2016-12-08 21:56:37 +01:00
|
|
|
}
|
