schnorr_sig 1.0.0.1 → 1.0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2814a65e511ccfe596ddd02783ab04e697e1b8817331e1558928cc7fb1bcf502
-  data.tar.gz: f7305611c29e474f29dc97b813c520b46e3e583d443c920cf20941d0690ba190
+  metadata.gz: 583aef17bbda178fd790a7cfddb29bdd1d38ee1d44092d3cb6afc2517a564a09
+  data.tar.gz: 299a66f0e042c200b81f902e23ab2adb712a6260532fb28a6e23555cfc414db6
 SHA512:
-  metadata.gz: a1a31085a79d32387d426e7e8600b3752feeec45127e1233bee14db7b931e66ff5de40ca1f520088a70f979cd14efced6f24d5d1d23505028c3dc4c9aa019602
-  data.tar.gz: 76486cad9ad52e2c9eb40c8c7e04a809f52708381368b4b9f2fa20bd1bb5815ba74c6a30d25918b6edc046feba6d3b9d3605f6afa2b06c708dfbb2aba4eeb828
+  metadata.gz: bb3a7ade41fcdd713ae0b9da0d8c0cf8c390f7c3da232e19e4be146f66bf45311aa19ab02025ff3b55e5dc11a000094817751aaf4dd2c4a9d7e9f93b455ff866
+  data.tar.gz: 0dd87d6af1595d3a51b4d1788bb3b24f3c1a11a0997ceb3fc0543e422b4dde75fa04e2b3f1ca4ec5cdafe3fbd9f23091c23cd9608e9ea338e7a21f5b515a6dcf

data/Rakefile

@@ -4,7 +4,6 @@ Rake::TestTask.new :test do |t|
   t.test_files = [
     'test/utils.rb',
     'test/pure.rb',
-    'test/vectors.rb',
   ]
   t.warning = true
 end
@@ -17,6 +16,14 @@ Rake::TestTask.new :vectors do |t|
   t.warning = true
 end
 
+Rake::TestTask.new :fast do |t|
+  t.test_files = [
+    'test/utils.rb',
+    'test/fast.rb',
+  ]
+  t.warning = true
+end
+
 task default: :test
 
 begin

data/VERSION

@@ -1 +1 @@
-1.0.0.1
+1.0.1.1

data/lib/schnorr_sig/fast.rb

@@ -34,11 +34,10 @@ module SchnorrSig
     # Output
     #   Secp256k1::KeyPair
     def keypair_obj(sk = nil)
-      if sk
-        binary!(sk, KEY)
-        CONTEXT.key_pair_from_private_key(sk)
-      else
+      if sk.nil?
         CONTEXT.generate_key_pair
+      else
+        CONTEXT.key_pair_from_private_key(binary!(sk, KEY))
       end
     end
 
@@ -69,8 +68,7 @@ module SchnorrSig
     # Output
     #   Secp256k1::SchnorrSignature
     def signature(str)
-      binary!(str, SIG)
-      Secp256k1::SchnorrSignature.from_data(str)
+      Secp256k1::SchnorrSignature.from_data(binary!(str, SIG))
     end
 
     # Input
@@ -78,10 +76,8 @@ module SchnorrSig
     #   The message, m:     32 byte hash value
     # Output
     #   64 bytes binary
-    def sign(sk, m)
-      binary!(sk, KEY) and binary!(m, 32)
-      CONTEXT.sign_schnorr(keypair_obj(sk), m).serialized
-    end
+    def sign(sk, m) = CONTEXT.sign_schnorr(keypair_obj(sk),
+                                           binary!(m, 32)).serialized
 
     # Input
     #   The public key, pk: 32 bytes binary
@@ -112,10 +108,7 @@ module SchnorrSig
     #   msg: UTF-8 / binary / agnostic
     # Output
     #   32 bytes binary
-    def tagged_hash(tag, msg)
-      check!(tag, String) and check!(msg, String)
-      CONTEXT.tagged_sha256(tag, msg)
-    end
+    def tagged_hash(tag, msg) = CONTEXT.tagged_sha256(str!(tag), str!(msg))
   end
 
   Fast.include Utils

data/lib/schnorr_sig/pure.rb

@@ -5,8 +5,6 @@ autoload :SecureRandom, 'securerandom' # stdlib
 # This implementation is based on the BIP340 spec: https://bips.xyz/340
 module SchnorrSig
   class SanityCheck < Error; end
-  class VerifyFail < Error; end
-  class InfinityPoint < Error; end
 
   GROUP = ECDSA::Group::Secp256k1
   P = GROUP.field.prime # smaller than 256**32
@@ -48,7 +46,7 @@ module SchnorrSig
       when ECDSA::Point
         # BIP340: The function bytes(P), where P is a point,
         # returns bytes(x(P)).
-        val.infinity? ? raise(InfinityPoint, val.inspect) : big2bin(val.x)
+        val.infinity? ? raise(SanityCheck, val.inspect) : big2bin(val.x)
       else
         raise(SanityCheck, val.inspect)
       end
@@ -89,15 +87,12 @@ module SchnorrSig
     # Output
     #   32 bytes binary
     def tagged_hash(tag, msg)
-      check!(tag, String) and check!(msg, String)
-      warn("tag expected to be UTF-8") unless tag.encoding == Encoding::UTF_8
-
       # BIP340: The function hash[name](x) where x is a byte array
       #         returns the 32-byte hash
       #         SHA256(SHA256(tag) || SHA256(tag) || x)
       #         where tag is the UTF-8 encoding of name.
-      tag_hash = Digest::SHA256.digest(tag)
-      Digest::SHA256.digest(tag_hash + tag_hash + msg)
+      tag_hash = Digest::SHA256.digest tag
+      Digest::SHA256.digest(tag_hash + tag_hash + str!(msg).b)
     end
 
     #
@@ -137,7 +132,7 @@ module SchnorrSig
     #   The signature, sig:       64 bytes binary
     def sign(sk, m, auxrand: nil)
       a = auxrand.nil? ? random_bytes(B) : auxrand
-      binary!(sk, KEY) and check!(m, String) and binary!(a, B)
+      binary!(sk, KEY) and str!(m) and binary!(a, B)
 
       # BIP340: Let d' = int(sk)
       # BIP340: Fail if d' = 0 or d' >= n
@@ -177,7 +172,7 @@ module SchnorrSig
       # BIP340: Fail unless Verify(bytes(P), m, sig)
       # BIP340: Return the signature sig
       sig = bytes_r + bytes((k + e * d) % N)
-      raise(VerifyFail) unless verify?(bytes_p, m, sig)
+      raise(SanityCheck, "sig did not verify") unless verify?(bytes_p, m, sig)
       sig
     end
 
@@ -188,7 +183,7 @@ module SchnorrSig
     # Output
     #   Boolean
     def verify?(pk, m, sig)
-      binary!(pk, KEY) and check!(m, String) and binary!(sig, SIG)
+      binary!(pk, KEY) and str!(m) and binary!(sig, SIG)
 
       # BIP340: Let P = lift_x(int(pk))
       p = lift_x(int(pk))
@@ -219,7 +214,7 @@ module SchnorrSig
     def soft_verify?(pk, m, sig)
       begin
         verify?(pk, m, sig)
-      rescue SanityCheck, InfinityPoint
+      rescue SanityCheck
         false
       end
     end

data/lib/schnorr_sig/utils.rb

@@ -1,21 +1,29 @@
 module SchnorrSig
   class Error < RuntimeError; end
-  class SizeError < Error; end
+  class SpecError < Error; end
 
   KEY = 32 # bytes
   SIG = 64 # bytes
 
   module Utils
-    # raise TypeError or return val
+    # raise SpecError or return val
     def check!(val, cls)
-      val.is_a?(cls) ? val : raise(TypeError, "#{cls}: #{val.inspect}")
+      val.is_a?(cls) ? val : raise(SpecError, "#{cls}: #{val.inspect}")
     end
 
-    # raise TypeError, EncodingError, or SizeError, or return str
+    # raise SpecError or return str
+    def str!(str, length = nil)
+      if check!(str, String) and !length.nil? and length != str.length
+        raise(SpecError, "Length #{str.length} should be #{length}")
+      end
+      str
+    end
+
+    # raise SpecError or return str
     def binary!(str, length)
-      check!(str, String)
-      raise(EncodingError, str.encoding) if str.encoding != Encoding::BINARY
-      raise(SizeError, str.length) if str.length != length
+      if str!(str, length).encoding != Encoding::BINARY
+        raise(SpecError, "Encoding: #{str.encoding}")
+      end
       str
     end
 

data/schnorr_sig.gemspec

@@ -13,6 +13,7 @@ Gem::Specification.new do |s|
   s.files = %w[schnorr_sig.gemspec VERSION README.md Rakefile]
   s.files += Dir['lib/**/*.rb']
   s.files += Dir['test/**/*.rb']
+  s.files += Dir['sig/**/*.rbs']
 
   s.add_dependency "ecdsa_ext", "~> 0"
 end

data/sig/fast.rbs

@@ -0,0 +1,15 @@
+module SchnorrSig
+  CONTEXT: Secp256k1::Context
+
+  module Fast
+    def keypair_obj: (?String sk) -> Secp256k1::KeyPair
+    def extract_keys: (Secp256k1::KeyPair keypair_obj) -> [String, String]
+    def pubkey: (String sk) -> String
+    def keypair: -> [String, String]
+    def signature: (String str) -> Secp256k1::SchnorrSignature
+    def sign: (String sk, String m) -> String
+    def verify?: (String pk, String m, String sig) -> bool
+    def soft_verify?: (String pk, String m, String sig) -> bool
+    def tagged_hash: (String tag, String msg) -> String
+  end
+end

data/sig/pure.rbs

@@ -0,0 +1,24 @@
+module SchnorrSig
+  class SanityCheck < Error
+  end
+
+  GROUP: ECDSA::Group::Secp256k1
+  P: Integer
+  N: Integer
+  B: Integer
+
+  module Pure
+    def random_bytes: (Integer count) -> String
+    def point: (Integer int) -> ECDSA::Point
+    def select_even_y: (ECDSA::Point point, Integer even_val) -> Integer
+    def int: (String x) -> Integer
+    def bytes: (Integer | ECDSA::Point val) -> String
+    def lift_x: (Integer x) -> ECDSA::Point
+    def tagged_hash: (String tag, String msg) -> String
+    def pubkey: (String sk) -> String
+    def keypair: -> [String, String]
+    def sign: (String sk, String m, ?auxrand: String?) -> String
+    def verify?: (String pk, String m, String sig) -> bool
+    def soft_verify?: (String pk, String m, String sig) -> bool
+  end
+end

data/sig/utils.rbs

@@ -0,0 +1,18 @@
+module SchnorrSig
+  class Error < RuntimeError
+  end
+  class SpecError < Error
+  end
+
+  KEY: 32
+  SIG: 64
+
+  module Utils
+    def check!: (untyped val, Class cls) -> untyped
+    def binary!: (String str, Integer length) -> String
+    def bin2big: (String str) -> Integer
+    def big2bin: (Integer bignum) -> String
+    def bin2hex: (String str) -> String
+    def hex2bin: (String hex) -> String
+  end
+end

data/test/utils.rb

@@ -10,17 +10,17 @@ describe Utils do
     it "enforces the class of any object" do
       expect(Utils.check!('123', String)).must_equal '123'
       expect(Utils.check!(123, Integer)).must_equal 123
-      expect { Utils.check!([], String) }.must_raise TypeError
+      expect { Utils.check!([], String) }.must_raise SpecError
     end
 
     it "enforces binary strings: type, encoding, length" do
       expect(Utils.binary!("\x00\x01".b, 2)).must_equal "\x00\x01".b
       expect {
         Utils.binary!("\x00\x01".b, 3)
-      }.must_raise SchnorrSig::SizeError
+      }.must_raise SpecError
       expect {
         Utils.binary!("\x00\x01", 2)
-      }.must_raise EncodingError
+      }.must_raise SpecError
     end
   end
 

data/test/vectors.rb

@@ -18,7 +18,7 @@ table.each { |row|
 
   result = begin
              SchnorrSig.soft_verify?(pk, m, sig)
-           rescue SchnorrSig::SizeError
+           rescue SchnorrSig::SpecError
              skip << row
              next
            end
@@ -37,4 +37,3 @@ puts "Failure: #{failure.count}"
 puts "Skipped: #{skip.count}"
 
 failure.each { |row| p row }
-exit failure.count

data/test/vectors_extra.rb

@@ -31,18 +31,22 @@ table.each { |row|
     # calculate a signature
     begin
       calc_sig = SchnorrSig.sign(sk, m)
-    rescue SchnorrSig::Error
-      calc_sig = "sig error"
+      sig_msg = (calc_sig == sig) ? "sig match" : "sig mismatch"
+    rescue SchnorrSig::SpecError
+      sig_msg = "sig error"
     end
-    sig_msg = (calc_sig == sig) ? "sig match" : "sig mismatch"
   end
 
-  begin
-    result = SchnorrSig.soft_verify?(pk, m, sig)
-  rescue SchnorrSig::SizeError
-    next
+  if sig_msg != "sig error"
+    begin
+      result = SchnorrSig.soft_verify?(pk, m, sig)
+      verify_msg = (result == expected) ? "verify match" : "verify mismatch"
+    rescue SchnorrSig::SpecError
+      verify_msg = "verify error"
+    end
+  else
+    verify_msg = "sig error"
   end
-  verify_msg = (result == expected) ? "verify match" : "verify mismatch"
   puts [index, pk_msg, sig_msg, verify_msg, comment].join("\t")
 }
 puts

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: schnorr_sig
 version: !ruby/object:Gem::Version
-  version: 1.0.0.1
+  version: 1.0.1.1
 platform: ruby
 authors:
 - Rick Hull
@@ -38,6 +38,9 @@ files:
 - lib/schnorr_sig/pure.rb
 - lib/schnorr_sig/utils.rb
 - schnorr_sig.gemspec
+- sig/fast.rbs
+- sig/pure.rbs
+- sig/utils.rbs
 - test/fast.rb
 - test/pure.rb
 - test/utils.rb