100 lines
3 KiB
JavaScript
Executable file
100 lines
3 KiB
JavaScript
Executable file
//
|
|
// Testing elliptic curve math
|
|
// -----------------------------------------------------------------------------
|
|
module("ec");
|
|
|
|
var ecparams = getSECCurveByName("secp256k1");
|
|
var rng = new SecureRandom();
|
|
|
|
test("Classes", function () {
|
|
expect(3);
|
|
ok(ECPointFp, "ECPointFp");
|
|
ok(ECFieldElementFp, "ECFieldElementFp");
|
|
ok(ECCurveFp, "ECCurveFp");
|
|
});
|
|
|
|
test("Point multiplication", function () {
|
|
expect(5);
|
|
|
|
var G = ecparams.getG();
|
|
var n = ecparams.getN();
|
|
|
|
ok(G.multiply(n).isInfinity(), "Gn is infinite");
|
|
|
|
var k = Bitcoin.ECDSA.getBigRandom(n);
|
|
var P = G.multiply(k);
|
|
ok(!P.isInfinity(), "kG is not infinite");
|
|
ok(P.isOnCurve(), "kG on curve");
|
|
ok(P.multiply(n).isInfinity(), "kGn is infinite");
|
|
|
|
ok(P.validate(), "kG validates as a public key");
|
|
});
|
|
|
|
|
|
//
|
|
// Testing ECDSA
|
|
// -----------------------------------------------------------------------------
|
|
module("ecdsa");
|
|
|
|
test("Classes", function () {
|
|
expect(2);
|
|
ok(Bitcoin.ECDSA, "Bitcoin.ECDSA");
|
|
ok(Bitcoin.ECKey, "Bitcoin.ECKey");
|
|
});
|
|
|
|
test("Keys & Key Management", function () {
|
|
expect(5);
|
|
|
|
var s1 = new Bitcoin.ECKey();
|
|
var p1 = s1.getPub();
|
|
equals(p1.length, 65, "Public key is correct length");
|
|
|
|
var p1_q = ECPointFp.decodeFrom(ecparams.getCurve(), p1);
|
|
ok(p1_q, "Decode point from generated bytestring");
|
|
ok(p1_q.validate(), "Is a valid public point");
|
|
|
|
var p2 = Crypto.util.hexToBytes(
|
|
"0486f356006a38b847bedec1bf47013776925d939d5a35a97a4d1263e550c7f1a" +
|
|
"b5aba44ab74d22892097a0e851addf07ba97e33416df5affaceeb35d5607cd23c"
|
|
);
|
|
var p2_q = ECPointFp.decodeFrom(ecparams.getCurve(), p2);
|
|
ok(p2_q, "Decode point from constant");
|
|
ok(p2_q.validate(), "Is a valid public point");
|
|
});
|
|
|
|
test("Signing and Verifying", function () {
|
|
expect(7);
|
|
|
|
var s1 = new Bitcoin.ECKey();
|
|
var sig_a = s1.sign(BigInteger.ZERO);
|
|
ok(sig_a, "Sign null");
|
|
equals(sig_a.length, 70, "Signature is correct length");
|
|
ok(s1.verify(BigInteger.ZERO, sig_a));
|
|
|
|
var message = new BigInteger(1024, rng).toByteArrayUnsigned();
|
|
var hash = Crypto.SHA256(message, {asBytes: true});
|
|
var sig_b = s1.sign(hash);
|
|
ok(sig_b, "Sign random string");
|
|
equals(sig_b.length, 70, "Signature is correct length");
|
|
ok(s1.verify(hash, sig_b));
|
|
|
|
var message2 = Crypto.util.hexToBytes(
|
|
"12dce2c169986b3346827ffb2305cf393984627f5f9722a1b1368e933c8d" +
|
|
"d296653fbe5d7ac031c4962ad0eb1c4298c3b91d244e1116b4a76a130c13" +
|
|
"1e7aec7fa70184a71a2e66797052831511b93c6e8d72ae58a1980eaacb66" +
|
|
"8a33f50d7cefb96a5dab897b5efcb99cbafb0d777cb83fc9b2115b69c0fa" +
|
|
"3d82507b932b84e4"
|
|
);
|
|
var hash2 = Crypto.SHA256(message2, {asBytes: true});
|
|
var sig_c = Crypto.util.hexToBytes(
|
|
"3044022038d9b8dd5c9fbf330565c1f51d72a59ba869aeb2c2001be959d3" +
|
|
"79e861ec71960220a73945f32cf90d03127d2c3410d16cee120fa1a4b4c3" +
|
|
"f273ab082801a95506c4"
|
|
);
|
|
var s2 = Crypto.util.hexToBytes(
|
|
"045a1594316e433fb91f35ef4874610d22177c3f1a1060f6c1e70a609d51" +
|
|
"b20be5795cd2a5eae0d6b872ba42db95e9afaeea3fbb89e98099575b6828" +
|
|
"609a978528"
|
|
);
|
|
ok(Bitcoin.ECDSA.verify(hash2, sig_c, s2), "Verify constant signature");
|
|
});
|