//
// Testing elliptic curve math
// -----------------------------------------------------------------------------
module("ec");

var ecparams = getSECCurveByName("secp256k1");
var rng = new SecureRandom();

test("Classes", function () {
  expect(3);
  ok(ECPointFp, "ECPointFp");
  ok(ECFieldElementFp, "ECFieldElementFp");
  ok(ECCurveFp, "ECCurveFp");
});

test("Point multiplication", function () {
	expect(5);

	var G = ecparams.getG();
	var n = ecparams.getN();

	ok(G.multiply(n).isInfinity(), "Gn is infinite");

  var k = Bitcoin.ECDSA.getBigRandom(n);
  var P = G.multiply(k);
	ok(!P.isInfinity(), "kG is not infinite");
	ok(P.isOnCurve(), "kG on curve");
	ok(P.multiply(n).isInfinity(), "kGn is infinite");

  ok(P.validate(), "kG validates as a public key");
});


//
// Testing ECDSA
// -----------------------------------------------------------------------------
module("ecdsa");

test("Classes", function () {
  expect(2);
  ok(Bitcoin.ECDSA, "Bitcoin.ECDSA");
  ok(Bitcoin.ECKey, "Bitcoin.ECKey");
});

test("Keys & Key Management", function () {
  expect(5);

  var s1 = new Bitcoin.ECKey();
  var p1 = s1.getPub();
  equals(p1.length, 65, "Public key is correct length");

  var p1_q = ECPointFp.decodeFrom(ecparams.getCurve(), p1);
  ok(p1_q, "Decode point from generated bytestring");
  ok(p1_q.validate(), "Is a valid public point");

  var p2 = Crypto.util.hexToBytes(
    "0486f356006a38b847bedec1bf47013776925d939d5a35a97a4d1263e550c7f1a" +
    "b5aba44ab74d22892097a0e851addf07ba97e33416df5affaceeb35d5607cd23c"
  );
  var p2_q = ECPointFp.decodeFrom(ecparams.getCurve(), p2);
  ok(p2_q, "Decode point from constant");
  ok(p2_q.validate(), "Is a valid public point");
});

test("Signing and Verifying", function () {
  expect(7);

  var s1 = new Bitcoin.ECKey();
  var sig_a = s1.sign(BigInteger.ZERO);
  ok(sig_a, "Sign null");
  equals(sig_a.length, 70, "Signature is correct length");
  ok(s1.verify(BigInteger.ZERO, sig_a));
  
  var message = new BigInteger(1024, rng).toByteArrayUnsigned();
  var hash = Crypto.SHA256(message, {asBytes: true});
  var sig_b = s1.sign(hash);
  ok(sig_b, "Sign random string");
  equals(sig_b.length, 70, "Signature is correct length");
  ok(s1.verify(hash, sig_b));

  var message2 = Crypto.util.hexToBytes(
    "12dce2c169986b3346827ffb2305cf393984627f5f9722a1b1368e933c8d" +
    "d296653fbe5d7ac031c4962ad0eb1c4298c3b91d244e1116b4a76a130c13" +
    "1e7aec7fa70184a71a2e66797052831511b93c6e8d72ae58a1980eaacb66" +
    "8a33f50d7cefb96a5dab897b5efcb99cbafb0d777cb83fc9b2115b69c0fa" +
    "3d82507b932b84e4"
  );
  var hash2 = Crypto.SHA256(message2, {asBytes: true});
  var sig_c = Crypto.util.hexToBytes(
    "3044022038d9b8dd5c9fbf330565c1f51d72a59ba869aeb2c2001be959d3" +
    "79e861ec71960220a73945f32cf90d03127d2c3410d16cee120fa1a4b4c3" +
    "f273ab082801a95506c4"
  );
  var s2 = Crypto.util.hexToBytes(
    "045a1594316e433fb91f35ef4874610d22177c3f1a1060f6c1e70a609d51" +
    "b20be5795cd2a5eae0d6b872ba42db95e9afaeea3fbb89e98099575b6828" +
    "609a978528"
  );
  ok(Bitcoin.ECDSA.verify(hash2, sig_c, s2), "Verify constant signature");
});

//
// Testing Paillier
// -----------------------------------------------------------------------------
module("paillier");

test("Classes", function () {
  expect(3);
  ok(Bitcoin.Paillier, "Bitcoin.Paillier");
  ok(Bitcoin.Paillier.PublicKey, "Bitcoin.Paillier.PublicKey");
  ok(Bitcoin.Paillier.PrivateKey, "Bitcoin.Paillier.PrivateKey");
});