Wycheproof tests vectors #1106

issue real-or-random openend this issue on May 11, 2022
  1. real-or-random commented at 6:18 am on May 11, 2022: contributor

    Though we have good tests, the Wycheproof test vectors will be a good addition.

    • The ECDSA test vectors are probably most interesting but some test vectors are incompatible with Bitcoin (see https://github.com/google/wycheproof/issues/70). We asked for other vectors there but they don’t respond currently. But even if we disable the incompatible vectors (after careful checking), the other vectors will be a good addition
    • Not sure if we can ECDH to work but I expect it will work at least with a custom derivation function
    • SHA256 and HMAC should not be an issue

    The test cases are in a simple JSON format: https://github.com/google/wycheproof/tree/master/testvectors We could either parse them (e.g., https://github.com/zserge/jsmn is very thin, MIT single-header parser that we ), or have a small script (in whatever language) that converts the vectors to C code.

  2. Sajjon commented at 2:02 pm on March 20, 2023: none

    @real-or-random Any progress on this? I’ve written a Swift wrapper called K1 around this wonderful library, and I’ve implemented unit test for every secp256k1 test vector known to man. Here is the folder with all unit tests and here are all test vectors I use

    I’ve also done the necessary filtering out test vector which are incompatible with this library.

    In K1 I support three ECDH variants, what this library does by default (SHA256 of compressed shared public point), and also ASN1 X9.63 version (returning only X component of shared public point, unhashed) and also a custom one which returns the whole point unhashed, I’ve implemented test for the first two, by having generated a couple of hundreds of tests using Python wrappers around this library and some other secp256k1 Python libraries (based on Open SSL secp25k1 I think), which vendors ASN1 X9.63 ECDH function. See the repo with the code to generated these ECDH test vectors here

    This is such an important library since so many libraries build on top of it. I would love for this library to vendors thousands of test vectors for:

    • Public Key derivation
    • Public Key serialization
    • Public Key deserialziation
    • ECDH
    • ECDSA recoverable
    • ECDSA non-recoverable
    • Schnorr

    I would be happy to contribute, but my C skills is not the greatest… how would one parse JSON i C? But I could probably easilty contribute once some first tests parsing JSON is up! :)

  3. real-or-random commented at 1:43 pm on March 21, 2023: contributor

    @Sajjon That sounds very interesting.

    Parsing JSON is indeed a pain point, but since it’s really only for tests, and test vectors rarely change, we can really do whatever is most convenient. For example, we could just have a Python script that parses the JSON and outputs C data structures and literals… This was recently done in the fork secp256k1-zkp for MuSig2 test vectors (see https://github.com/BlockstreamResearch/secp256k1-zkp/blob/master/contrib/musig2-vectors.py). Not exactly elegant, but it does the job. We could do the same here. What do you think?

    Please let us know if you run into any issues / API inconveniences with your Swift wrapper.

    By the way, I’m currently out of office, so I won’t reply quickly.

  4. RandomLattice referenced this in commit 69b06ff8b5 on Mar 22, 2023
  5. RandomLattice cross-referenced this on Mar 22, 2023 from issue tests: Add Wycheproof ECDSA vectors by RandomLattice
  6. RandomLattice referenced this in commit 41c7cadf0b on Mar 22, 2023
  7. andozw commented at 5:54 pm on March 22, 2023: contributor
    We opened a PR that adds coverage for ECDSA Wycheproof test vectors at #1245 . We wrote a small Python script that parses the JSON and outputs C data structure, and embedded it in the source file (much like it is done elsewhere). All the tests for ECDSA pass from the latest drop of Wycheproof (released about 3 weeks ago).
  8. RandomLattice referenced this in commit a1cce06fdf on Mar 22, 2023
  9. RandomLattice referenced this in commit 7bb877c19d on Mar 22, 2023
  10. RandomLattice referenced this in commit 7c4ced79cd on Mar 23, 2023
  11. RandomLattice referenced this in commit 04c70ffacc on Mar 25, 2023
  12. RandomLattice referenced this in commit f47c00812a on Mar 25, 2023
  13. RandomLattice referenced this in commit 24d8b50d97 on Apr 7, 2023
  14. RandomLattice referenced this in commit 9b4a51cde6 on Apr 8, 2023
  15. RandomLattice referenced this in commit fa10384919 on Apr 8, 2023
  16. RandomLattice referenced this in commit 2d6f94bc5e on Apr 8, 2023
  17. RandomLattice referenced this in commit 06d339c448 on Apr 9, 2023
  18. RandomLattice referenced this in commit e5de454609 on Apr 9, 2023
  19. sipa referenced this in commit 7b7503dac5 on Apr 10, 2023
  20. dderjoel referenced this in commit 2bd2dd8fcd on May 23, 2023

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-23 15:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me