From 0a8b75e4050e3191291d564dd5fe43ffbe40e412 Mon Sep 17 00:00:00 2001
From: ChihYunChuang <chihyun@maicoin.com>
Date: Wed, 29 Jun 2022 13:57:02 +0800
Subject: [PATCH] crypto/tss/eddsa: add some tests

---
 crypto/tss/eddsa/frost/signer/signer_test.go | 138 ++++++++++++-------
 1 file changed, 88 insertions(+), 50 deletions(-)

diff --git a/crypto/tss/eddsa/frost/signer/signer_test.go b/crypto/tss/eddsa/frost/signer/signer_test.go
index f0448012..b6674376 100644
--- a/crypto/tss/eddsa/frost/signer/signer_test.go
+++ b/crypto/tss/eddsa/frost/signer/signer_test.go
@@ -21,6 +21,7 @@ import (
 	"github.com/getamis/alice/crypto/birkhoffinterpolation"
 	"github.com/getamis/alice/crypto/ecpointgrouplaw"
 	"github.com/getamis/alice/crypto/elliptic"
+	"github.com/getamis/alice/crypto/polynomial"
 	"github.com/getamis/alice/crypto/tss"
 	"github.com/getamis/alice/crypto/utils"
 	"github.com/getamis/alice/internal/message/types"
@@ -38,83 +39,120 @@ func TestSigner(t *testing.T) {
 
 var _ = Describe("Signer", func() {
 	var (
-		curve = elliptic.Ed25519()
-	)
+		RumTime          = 10
+		curve            = elliptic.Ed25519()
+		poly, _          = polynomial.RandomPolynomial(curve.Params().N, 2)
+		x1, _            = utils.RandomPositiveInt(curve.Params().N)
+		x2, _            = utils.RandomPositiveInt(curve.Params().N)
+		x3, _            = utils.RandomPositiveInt(curve.Params().N)
+		share1           = poly.Evaluate(x1)
+		share2           = poly.Evaluate(x2)
+		share3           = poly.Evaluate(x3)
+		secrertRandomKey = poly.Evaluate(big0)
 
-	DescribeTable("It should be OK", func(ss [][]*big.Int, privateKey *big.Int) {
-		expPublic := ecpointgrouplaw.ScalarBaseMult(curve, privateKey)
-		threshold := len(ss)
-		message := []byte("8077818")
-		signers, listeners := newSigners(curve, expPublic, ss, message)
-		doneChs := make([]chan struct{}, threshold)
-		i := 0
-		for _, l := range listeners {
-			doneChs[i] = make(chan struct{})
-			doneCh := doneChs[i]
-			l.On("OnStateChanged", types.StateInit, types.StateDone).Run(func(args mock.Arguments) {
-				close(doneCh)
-			}).Once()
-			i++
-		}
+		setx1, _     = new(big.Int).SetString("2254765913981550676205803762478430869696580688700958727495894224115312987764", 10)
+		setx2, _     = new(big.Int).SetString("2117636074604900758115075527580492494720639688970891834155177238392086845382", 10)
+		setx3, _     = new(big.Int).SetString("6414582964050248729324272790247195316284712038021768098875147472012178712076", 10)
+		setShare1, _ = new(big.Int).SetString("3675788498585450082991846428007326057826754636663877385528274415846839676857", 10)
+		setShare2, _ = new(big.Int).SetString("1522795425006476177538987458185716386773973361216994141828318603466392185301", 10)
+		setShare3, _ = new(big.Int).SetString("4575846830523611786637644129807785488887694553004765055615792711279484061401", 10)
+		xcoord1, _   = new(big.Int).SetString("13303072567237052328013834338380099174471808636153533034015575804719580433195", 10)
+		ycoord1, _   = new(big.Int).SetString("16964052623936448625187294284159857344364737590067812676140890490183700057118", 10)
+		pubKey, _    = ecpointgrouplaw.NewECPoint(curve, xcoord1, ycoord1)
+	)
 
-		for _, s := range signers {
-			s.Start()
-		}
+	DescribeTable("It should be OK", func(ss [][]*big.Int, privateKey *big.Int, pubKey *ecpointgrouplaw.ECPoint) {
+		for i := 0; i < RumTime; i++ {
+			expPublic := pubKey
+			if privateKey != nil {
+				expPublic = ecpointgrouplaw.ScalarBaseMult(curve, privateKey)
+			}
+			threshold := len(ss)
+			message := []byte("8077818")
+			signers, listeners := newSigners(curve, expPublic, ss, message)
+			doneChs := make([]chan struct{}, threshold)
+			i := 0
+			for _, l := range listeners {
+				doneChs[i] = make(chan struct{})
+				doneCh := doneChs[i]
+				l.On("OnStateChanged", types.StateInit, types.StateDone).Run(func(args mock.Arguments) {
+					close(doneCh)
+				}).Once()
+				i++
+			}
 
-		for i := 0; i < threshold; i++ {
-			<-doneChs[i]
-		}
+			for _, s := range signers {
+				s.Start()
+			}
 
-		// Build public key
-		var R *ecpointgrouplaw.ECPoint
-		var s *big.Int
-		for _, signer := range signers {
-			signer.Stop()
-			result, err := signer.GetResult()
-			Expect(err).Should(BeNil())
-			// All R and S should be the same
-			if R != nil {
-				Expect(R.Equal(result.R)).Should(BeTrue())
-				Expect(s).Should(Equal(result.S))
-			} else {
-				R = result.R
-				s = result.S
+			for i := 0; i < threshold; i++ {
+				<-doneChs[i]
 			}
-		}
-		edwardPubKey := edwards.NewPublicKey(edwards.Edwards(), expPublic.GetX(), expPublic.GetY())
-		test1 := ecpointEncoding(R)
-		test2 := *test1
-		r := new(big.Int).SetBytes(utils.ReverseByte(test2[:]))
 
-		Expect(edwards.Verify(edwardPubKey, message, r, s)).Should(BeTrue())
-		for _, l := range listeners {
-			l.AssertExpectations(GinkgoT())
+			// Build public key
+			var R *ecpointgrouplaw.ECPoint
+			var s *big.Int
+			for _, signer := range signers {
+				signer.Stop()
+				result, err := signer.GetResult()
+				Expect(err).Should(BeNil())
+				// All R and S should be the same
+				if R != nil {
+					Expect(R.Equal(result.R)).Should(BeTrue())
+					Expect(s).Should(Equal(result.S))
+				} else {
+					R = result.R
+					s = result.S
+				}
+			}
+			edwardPubKey := edwards.NewPublicKey(edwards.Edwards(), expPublic.GetX(), expPublic.GetY())
+			test1 := ecpointEncoding(R)
+			test2 := *test1
+			r := new(big.Int).SetBytes(utils.ReverseByte(test2[:]))
+			verifyResult := edwards.Verify(edwardPubKey, message, r, s)
+			Expect(verifyResult).Should(BeTrue())
+			if !verifyResult {
+				break
+			}
+			for _, l := range listeners {
+				l.AssertExpectations(GinkgoT())
+			}
 		}
 	},
 		Entry("(x-cooord, share, rank):f(x) = 2x+100", [][]*big.Int{
 			{big.NewInt(1), big.NewInt(102), big.NewInt(0)},
 			{big.NewInt(2), big.NewInt(104), big.NewInt(0)},
 			{big.NewInt(8), big.NewInt(116), big.NewInt(0)},
-		}, big.NewInt(100)),
+		}, big.NewInt(100), nil),
 		Entry("(x-cooord, share, rank):f(x) = 2x+100", [][]*big.Int{
 			{big.NewInt(1), big.NewInt(102), big.NewInt(0)},
 			{big.NewInt(2), big.NewInt(104), big.NewInt(0)},
-		}, big.NewInt(100)),
+		}, big.NewInt(100), nil),
 		Entry("(x-cooord, share, rank):f(x) = x^2+5*x+1109", [][]*big.Int{
 			{big.NewInt(1), big.NewInt(1115), big.NewInt(0)},
 			{big.NewInt(2), big.NewInt(1123), big.NewInt(0)},
 			{big.NewInt(50), big.NewInt(3859), big.NewInt(0)},
-		}, big.NewInt(1109)),
+		}, big.NewInt(1109), nil),
 		Entry("(x-cooord, share, rank):f(x) = x^2+3*x+5555", [][]*big.Int{
 			{big.NewInt(1), big.NewInt(5559), big.NewInt(0)},
 			{big.NewInt(2), big.NewInt(5565), big.NewInt(0)},
 			{big.NewInt(50), big.NewInt(103), big.NewInt(1)},
-		}, big.NewInt(5555)),
+		}, big.NewInt(5555), nil),
 		Entry("(x-cooord, share, rank):f(x) = 2*x^2+3*x+1111", [][]*big.Int{
 			{big.NewInt(1), big.NewInt(1116), big.NewInt(0)},
 			{big.NewInt(2), big.NewInt(4), big.NewInt(2)},
 			{big.NewInt(50), big.NewInt(203), big.NewInt(1)},
-		}, big.NewInt(1111)),
+		}, big.NewInt(1111), nil),
+		Entry("(x-cooord, share, rank):f(x) = random", [][]*big.Int{
+			{x1, share1, big.NewInt(0)},
+			{x2, share2, big.NewInt(0)},
+			{x3, share3, big.NewInt(0)},
+		}, secrertRandomKey, nil),
+		FEntry("(x-cooord, share, rank):", [][]*big.Int{
+			{setx1, setShare1, big.NewInt(0)},
+			{setx2, setShare2, big.NewInt(0)},
+			{setx3, setShare3, big.NewInt(0)},
+		}, nil, pubKey),
 	)
 })