1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-25 14:50:57 +00:00
trezor-firmware/trezorlib/tests/device_tests/test_cosi.py
matejcik 54f1599a5a regenerate license headers
This clarifies the intent: the project is licenced under terms
of LGPL version 3 only, but the standard headers cover only "3 or later",
so we had to rewrite them.

In the same step, we removed author information from individual files
in favor of "SatoshiLabs and contributors", and include an AUTHORS
file that lists the contributors.

Apologies to those whose names are missing; please contact us if you wish
to add your info to the AUTHORS file.
2018-06-21 16:49:13 +02:00

98 lines
3.7 KiB
Python

# This file is part of the Trezor project.
#
# Copyright (C) 2012-2018 SatoshiLabs and contributors
#
# This library is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License version 3
# as published by the Free Software Foundation.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the License along with this library.
# If not, see <https://www.gnu.org/licenses/lgpl-3.0.html>.
import pytest
from hashlib import sha256
from .common import TrezorTest
from trezorlib import cosi
from trezorlib.tools import parse_path
@pytest.mark.skip_t2
class TestCosi(TrezorTest):
def test_cosi_commit(self):
self.setup_mnemonic_pin_passphrase()
digest = sha256(b'this is a message').digest()
c0 = self.client.cosi_commit(parse_path("10018'/0'"), digest)
c1 = self.client.cosi_commit(parse_path("10018'/1'"), digest)
c2 = self.client.cosi_commit(parse_path("10018'/2'"), digest)
assert c0.pubkey != c1.pubkey
assert c0.pubkey != c2.pubkey
assert c1.pubkey != c2.pubkey
assert c0.commitment != c1.commitment
assert c0.commitment != c2.commitment
assert c1.commitment != c2.commitment
digestb = sha256(b'this is a different message').digest()
c0b = self.client.cosi_commit(parse_path("10018'/0'"), digestb)
c1b = self.client.cosi_commit(parse_path("10018'/1'"), digestb)
c2b = self.client.cosi_commit(parse_path("10018'/2'"), digestb)
assert c0.pubkey == c0b.pubkey
assert c1.pubkey == c1b.pubkey
assert c2.pubkey == c2b.pubkey
assert c0.commitment != c0b.commitment
assert c1.commitment != c1b.commitment
assert c2.commitment != c2b.commitment
def test_cosi_sign(self):
self.setup_mnemonic_pin_passphrase()
digest = sha256(b'this is a message').digest()
c0 = self.client.cosi_commit(parse_path("10018'/0'"), digest)
c1 = self.client.cosi_commit(parse_path("10018'/1'"), digest)
c2 = self.client.cosi_commit(parse_path("10018'/2'"), digest)
global_pk = cosi.combine_keys([c0.pubkey, c1.pubkey, c2.pubkey])
global_R = cosi.combine_keys([c0.commitment, c1.commitment, c2.commitment])
sig0 = self.client.cosi_sign(parse_path("10018'/0'"), digest, global_R, global_pk)
sig1 = self.client.cosi_sign(parse_path("10018'/1'"), digest, global_R, global_pk)
sig2 = self.client.cosi_sign(parse_path("10018'/2'"), digest, global_R, global_pk)
sig = cosi.combine_sig(global_R, [sig0.signature, sig1.signature, sig2.signature])
cosi.verify(sig, digest, global_pk)
def test_cosi_compat(self):
self.setup_mnemonic_pin_passphrase()
digest = sha256(b'this is not a pipe').digest()
remote_commit = self.client.cosi_commit(parse_path("10018'/0'"), digest)
local_privkey = sha256(b'private key').digest()[:32]
local_pubkey = cosi.pubkey_from_privkey(local_privkey)
local_nonce, local_commitment = cosi.get_nonce(local_privkey, digest, 42)
global_pk = cosi.combine_keys([remote_commit.pubkey, local_pubkey])
global_R = cosi.combine_keys([remote_commit.commitment, local_commitment])
remote_sig = self.client.cosi_sign(parse_path("10018'/0'"), digest, global_R, global_pk)
local_sig = cosi.sign_with_privkey(digest, local_privkey, global_pk, local_nonce, global_R)
sig = cosi.combine_sig(global_R, [remote_sig.signature, local_sig])
cosi.verify(sig, digest, global_pk)