7#ifndef SECP256K1_MODULE_SCHNORRSIG_TESTS_H
8#define SECP256K1_MODULE_SCHNORRSIG_TESTS_H
10#include "../../../include/secp256k1_schnorrsig.h"
16 unsigned char nonces[2][32];
24 unsigned char tag[] = {
'B',
'I',
'P',
'0',
'3',
'4',
'0',
'/',
'n',
'o',
'n',
'c',
'e'};
25 unsigned char aux_tag[] = {
'B',
'I',
'P',
'0',
'3',
'4',
'0',
'/',
'a',
'u',
'x'};
26 unsigned char algo[] = {
'B',
'I',
'P',
'0',
'3',
'4',
'0',
'/',
'n',
'o',
'n',
'c',
'e'};
27 size_t algolen =
sizeof(algo);
30 unsigned char nonce[32], nonce_z[32];
31 unsigned char msg[32];
32 size_t msglen =
sizeof(
msg);
33 unsigned char key[32];
35 unsigned char aux_rand[32];
36 unsigned char *args[5];
64 for (i = 0; i <
COUNT; i++) {
82 for (i = 0; i <
COUNT; i++) {
83 unsigned char nonce2[32];
85 size_t msglen_tmp = (msglen + offset) % msglen;
94 algolen_tmp = (algolen + offset) % algolen;
100 memset(aux_rand, 0, 32);
107 unsigned char sk1[32];
108 unsigned char sk2[32];
109 unsigned char sk3[32];
110 unsigned char msg[32];
115 unsigned char sig[64];
129 memset(&zero_pk, 0,
sizeof(zero_pk));
161 unsigned char tag[] = {
'B',
'I',
'P',
'0',
'3',
'4',
'0',
'/',
'c',
'h',
'a',
'l',
'l',
'e',
'n',
'g',
'e'};
173 unsigned char sig[64];
201 const unsigned char sk[32] = {
202 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
203 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
204 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
205 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
207 const unsigned char pk[32] = {
208 0xF9, 0x30, 0x8A, 0x01, 0x92, 0x58, 0xC3, 0x10,
209 0x49, 0x34, 0x4F, 0x85, 0xF8, 0x9D, 0x52, 0x29,
210 0xB5, 0x31, 0xC8, 0x45, 0x83, 0x6F, 0x99, 0xB0,
211 0x86, 0x01, 0xF1, 0x13, 0xBC, 0xE0, 0x36, 0xF9
213 unsigned char aux_rand[32] = {
214 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
215 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
216 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
217 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
219 const unsigned char msg[32] = {
220 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
221 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
222 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
223 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
225 const unsigned char sig[64] = {
226 0xE9, 0x07, 0x83, 0x1F, 0x80, 0x84, 0x8D, 0x10,
227 0x69, 0xA5, 0x37, 0x1B, 0x40, 0x24, 0x10, 0x36,
228 0x4B, 0xDF, 0x1C, 0x5F, 0x83, 0x07, 0xB0, 0x08,
229 0x4C, 0x55, 0xF1, 0xCE, 0x2D, 0xCA, 0x82, 0x15,
230 0x25, 0xF6, 0x6A, 0x4A, 0x85, 0xEA, 0x8B, 0x71,
231 0xE4, 0x82, 0xA7, 0x4F, 0x38, 0x2D, 0x2C, 0xE5,
232 0xEB, 0xEE, 0xE8, 0xFD, 0xB2, 0x17, 0x2F, 0x47,
233 0x7D, 0xF4, 0x90, 0x0D, 0x31, 0x05, 0x36, 0xC0
240 const unsigned char sk[32] = {
241 0xB7, 0xE1, 0x51, 0x62, 0x8A, 0xED, 0x2A, 0x6A,
242 0xBF, 0x71, 0x58, 0x80, 0x9C, 0xF4, 0xF3, 0xC7,
243 0x62, 0xE7, 0x16, 0x0F, 0x38, 0xB4, 0xDA, 0x56,
244 0xA7, 0x84, 0xD9, 0x04, 0x51, 0x90, 0xCF, 0xEF
246 const unsigned char pk[32] = {
247 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
248 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
249 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
250 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
252 unsigned char aux_rand[32] = {
253 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
254 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
255 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
256 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
258 const unsigned char msg[32] = {
259 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
260 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
261 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
262 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
264 const unsigned char sig[64] = {
265 0x68, 0x96, 0xBD, 0x60, 0xEE, 0xAE, 0x29, 0x6D,
266 0xB4, 0x8A, 0x22, 0x9F, 0xF7, 0x1D, 0xFE, 0x07,
267 0x1B, 0xDE, 0x41, 0x3E, 0x6D, 0x43, 0xF9, 0x17,
268 0xDC, 0x8D, 0xCF, 0x8C, 0x78, 0xDE, 0x33, 0x41,
269 0x89, 0x06, 0xD1, 0x1A, 0xC9, 0x76, 0xAB, 0xCC,
270 0xB2, 0x0B, 0x09, 0x12, 0x92, 0xBF, 0xF4, 0xEA,
271 0x89, 0x7E, 0xFC, 0xB6, 0x39, 0xEA, 0x87, 0x1C,
272 0xFA, 0x95, 0xF6, 0xDE, 0x33, 0x9E, 0x4B, 0x0A
279 const unsigned char sk[32] = {
280 0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
281 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
282 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
283 0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x14, 0xE5, 0xC9
285 const unsigned char pk[32] = {
286 0xDD, 0x30, 0x8A, 0xFE, 0xC5, 0x77, 0x7E, 0x13,
287 0x12, 0x1F, 0xA7, 0x2B, 0x9C, 0xC1, 0xB7, 0xCC,
288 0x01, 0x39, 0x71, 0x53, 0x09, 0xB0, 0x86, 0xC9,
289 0x60, 0xE1, 0x8F, 0xD9, 0x69, 0x77, 0x4E, 0xB8
291 unsigned char aux_rand[32] = {
292 0xC8, 0x7A, 0xA5, 0x38, 0x24, 0xB4, 0xD7, 0xAE,
293 0x2E, 0xB0, 0x35, 0xA2, 0xB5, 0xBB, 0xBC, 0xCC,
294 0x08, 0x0E, 0x76, 0xCD, 0xC6, 0xD1, 0x69, 0x2C,
295 0x4B, 0x0B, 0x62, 0xD7, 0x98, 0xE6, 0xD9, 0x06
297 const unsigned char msg[32] = {
298 0x7E, 0x2D, 0x58, 0xD8, 0xB3, 0xBC, 0xDF, 0x1A,
299 0xBA, 0xDE, 0xC7, 0x82, 0x90, 0x54, 0xF9, 0x0D,
300 0xDA, 0x98, 0x05, 0xAA, 0xB5, 0x6C, 0x77, 0x33,
301 0x30, 0x24, 0xB9, 0xD0, 0xA5, 0x08, 0xB7, 0x5C
303 const unsigned char sig[64] = {
304 0x58, 0x31, 0xAA, 0xEE, 0xD7, 0xB4, 0x4B, 0xB7,
305 0x4E, 0x5E, 0xAB, 0x94, 0xBA, 0x9D, 0x42, 0x94,
306 0xC4, 0x9B, 0xCF, 0x2A, 0x60, 0x72, 0x8D, 0x8B,
307 0x4C, 0x20, 0x0F, 0x50, 0xDD, 0x31, 0x3C, 0x1B,
308 0xAB, 0x74, 0x58, 0x79, 0xA5, 0xAD, 0x95, 0x4A,
309 0x72, 0xC4, 0x5A, 0x91, 0xC3, 0xA5, 0x1D, 0x3C,
310 0x7A, 0xDE, 0xA9, 0x8D, 0x82, 0xF8, 0x48, 0x1E,
311 0x0E, 0x1E, 0x03, 0x67, 0x4A, 0x6F, 0x3F, 0xB7
318 const unsigned char sk[32] = {
319 0x0B, 0x43, 0x2B, 0x26, 0x77, 0x93, 0x73, 0x81,
320 0xAE, 0xF0, 0x5B, 0xB0, 0x2A, 0x66, 0xEC, 0xD0,
321 0x12, 0x77, 0x30, 0x62, 0xCF, 0x3F, 0xA2, 0x54,
322 0x9E, 0x44, 0xF5, 0x8E, 0xD2, 0x40, 0x17, 0x10
324 const unsigned char pk[32] = {
325 0x25, 0xD1, 0xDF, 0xF9, 0x51, 0x05, 0xF5, 0x25,
326 0x3C, 0x40, 0x22, 0xF6, 0x28, 0xA9, 0x96, 0xAD,
327 0x3A, 0x0D, 0x95, 0xFB, 0xF2, 0x1D, 0x46, 0x8A,
328 0x1B, 0x33, 0xF8, 0xC1, 0x60, 0xD8, 0xF5, 0x17
330 unsigned char aux_rand[32] = {
331 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
332 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
333 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
334 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
336 const unsigned char msg[32] = {
337 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
338 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
339 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
340 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
342 const unsigned char sig[64] = {
343 0x7E, 0xB0, 0x50, 0x97, 0x57, 0xE2, 0x46, 0xF1,
344 0x94, 0x49, 0x88, 0x56, 0x51, 0x61, 0x1C, 0xB9,
345 0x65, 0xEC, 0xC1, 0xA1, 0x87, 0xDD, 0x51, 0xB6,
346 0x4F, 0xDA, 0x1E, 0xDC, 0x96, 0x37, 0xD5, 0xEC,
347 0x97, 0x58, 0x2B, 0x9C, 0xB1, 0x3D, 0xB3, 0x93,
348 0x37, 0x05, 0xB3, 0x2B, 0xA9, 0x82, 0xAF, 0x5A,
349 0xF2, 0x5F, 0xD7, 0x88, 0x81, 0xEB, 0xB3, 0x27,
350 0x71, 0xFC, 0x59, 0x22, 0xEF, 0xC6, 0x6E, 0xA3
357 const unsigned char pk[32] = {
358 0xD6, 0x9C, 0x35, 0x09, 0xBB, 0x99, 0xE4, 0x12,
359 0xE6, 0x8B, 0x0F, 0xE8, 0x54, 0x4E, 0x72, 0x83,
360 0x7D, 0xFA, 0x30, 0x74, 0x6D, 0x8B, 0xE2, 0xAA,
361 0x65, 0x97, 0x5F, 0x29, 0xD2, 0x2D, 0xC7, 0xB9
363 const unsigned char msg[32] = {
364 0x4D, 0xF3, 0xC3, 0xF6, 0x8F, 0xCC, 0x83, 0xB2,
365 0x7E, 0x9D, 0x42, 0xC9, 0x04, 0x31, 0xA7, 0x24,
366 0x99, 0xF1, 0x78, 0x75, 0xC8, 0x1A, 0x59, 0x9B,
367 0x56, 0x6C, 0x98, 0x89, 0xB9, 0x69, 0x67, 0x03
369 const unsigned char sig[64] = {
370 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
371 0x00, 0x00, 0x00, 0x3B, 0x78, 0xCE, 0x56, 0x3F,
372 0x89, 0xA0, 0xED, 0x94, 0x14, 0xF5, 0xAA, 0x28,
373 0xAD, 0x0D, 0x96, 0xD6, 0x79, 0x5F, 0x9C, 0x63,
374 0x76, 0xAF, 0xB1, 0x54, 0x8A, 0xF6, 0x03, 0xB3,
375 0xEB, 0x45, 0xC9, 0xF8, 0x20, 0x7D, 0xEE, 0x10,
376 0x60, 0xCB, 0x71, 0xC0, 0x4E, 0x80, 0xF5, 0x93,
377 0x06, 0x0B, 0x07, 0xD2, 0x83, 0x08, 0xD7, 0xF4
383 const unsigned char pk[32] = {
384 0xEE, 0xFD, 0xEA, 0x4C, 0xDB, 0x67, 0x77, 0x50,
385 0xA4, 0x20, 0xFE, 0xE8, 0x07, 0xEA, 0xCF, 0x21,
386 0xEB, 0x98, 0x98, 0xAE, 0x79, 0xB9, 0x76, 0x87,
387 0x66, 0xE4, 0xFA, 0xA0, 0x4A, 0x2D, 0x4A, 0x34
395 const unsigned char pk[32] = {
396 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
397 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
398 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
399 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
401 const unsigned char msg[32] = {
402 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
403 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
404 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
405 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
407 const unsigned char sig[64] = {
408 0xFF, 0xF9, 0x7B, 0xD5, 0x75, 0x5E, 0xEE, 0xA4,
409 0x20, 0x45, 0x3A, 0x14, 0x35, 0x52, 0x35, 0xD3,
410 0x82, 0xF6, 0x47, 0x2F, 0x85, 0x68, 0xA1, 0x8B,
411 0x2F, 0x05, 0x7A, 0x14, 0x60, 0x29, 0x75, 0x56,
412 0x3C, 0xC2, 0x79, 0x44, 0x64, 0x0A, 0xC6, 0x07,
413 0xCD, 0x10, 0x7A, 0xE1, 0x09, 0x23, 0xD9, 0xEF,
414 0x7A, 0x73, 0xC6, 0x43, 0xE1, 0x66, 0xBE, 0x5E,
415 0xBE, 0xAF, 0xA3, 0x4B, 0x1A, 0xC5, 0x53, 0xE2
421 const unsigned char pk[32] = {
422 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
423 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
424 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
425 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
427 const unsigned char msg[32] = {
428 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
429 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
430 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
431 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
433 const unsigned char sig[64] = {
434 0x1F, 0xA6, 0x2E, 0x33, 0x1E, 0xDB, 0xC2, 0x1C,
435 0x39, 0x47, 0x92, 0xD2, 0xAB, 0x11, 0x00, 0xA7,
436 0xB4, 0x32, 0xB0, 0x13, 0xDF, 0x3F, 0x6F, 0xF4,
437 0xF9, 0x9F, 0xCB, 0x33, 0xE0, 0xE1, 0x51, 0x5F,
438 0x28, 0x89, 0x0B, 0x3E, 0xDB, 0x6E, 0x71, 0x89,
439 0xB6, 0x30, 0x44, 0x8B, 0x51, 0x5C, 0xE4, 0xF8,
440 0x62, 0x2A, 0x95, 0x4C, 0xFE, 0x54, 0x57, 0x35,
441 0xAA, 0xEA, 0x51, 0x34, 0xFC, 0xCD, 0xB2, 0xBD
447 const unsigned char pk[32] = {
448 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
449 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
450 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
451 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
453 const unsigned char msg[32] = {
454 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
455 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
456 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
457 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
459 const unsigned char sig[64] = {
460 0x6C, 0xFF, 0x5C, 0x3B, 0xA8, 0x6C, 0x69, 0xEA,
461 0x4B, 0x73, 0x76, 0xF3, 0x1A, 0x9B, 0xCB, 0x4F,
462 0x74, 0xC1, 0x97, 0x60, 0x89, 0xB2, 0xD9, 0x96,
463 0x3D, 0xA2, 0xE5, 0x54, 0x3E, 0x17, 0x77, 0x69,
464 0x96, 0x17, 0x64, 0xB3, 0xAA, 0x9B, 0x2F, 0xFC,
465 0xB6, 0xEF, 0x94, 0x7B, 0x68, 0x87, 0xA2, 0x26,
466 0xE8, 0xD7, 0xC9, 0x3E, 0x00, 0xC5, 0xED, 0x0C,
467 0x18, 0x34, 0xFF, 0x0D, 0x0C, 0x2E, 0x6D, 0xA6
473 const unsigned char pk[32] = {
474 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
475 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
476 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
477 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
479 const unsigned char msg[32] = {
480 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
481 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
482 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
483 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
485 const unsigned char sig[64] = {
486 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
487 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
488 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
489 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
490 0x12, 0x3D, 0xDA, 0x83, 0x28, 0xAF, 0x9C, 0x23,
491 0xA9, 0x4C, 0x1F, 0xEE, 0xCF, 0xD1, 0x23, 0xBA,
492 0x4F, 0xB7, 0x34, 0x76, 0xF0, 0xD5, 0x94, 0xDC,
493 0xB6, 0x5C, 0x64, 0x25, 0xBD, 0x18, 0x60, 0x51
499 const unsigned char pk[32] = {
500 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
501 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
502 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
503 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
505 const unsigned char msg[32] = {
506 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
507 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
508 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
509 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
511 const unsigned char sig[64] = {
512 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
513 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
514 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
515 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
516 0x76, 0x15, 0xFB, 0xAF, 0x5A, 0xE2, 0x88, 0x64,
517 0x01, 0x3C, 0x09, 0x97, 0x42, 0xDE, 0xAD, 0xB4,
518 0xDB, 0xA8, 0x7F, 0x11, 0xAC, 0x67, 0x54, 0xF9,
519 0x37, 0x80, 0xD5, 0xA1, 0x83, 0x7C, 0xF1, 0x97
525 const unsigned char pk[32] = {
526 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
527 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
528 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
529 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
531 const unsigned char msg[32] = {
532 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
533 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
534 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
535 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
537 const unsigned char sig[64] = {
538 0x4A, 0x29, 0x8D, 0xAC, 0xAE, 0x57, 0x39, 0x5A,
539 0x15, 0xD0, 0x79, 0x5D, 0xDB, 0xFD, 0x1D, 0xCB,
540 0x56, 0x4D, 0xA8, 0x2B, 0x0F, 0x26, 0x9B, 0xC7,
541 0x0A, 0x74, 0xF8, 0x22, 0x04, 0x29, 0xBA, 0x1D,
542 0x69, 0xE8, 0x9B, 0x4C, 0x55, 0x64, 0xD0, 0x03,
543 0x49, 0x10, 0x6B, 0x84, 0x97, 0x78, 0x5D, 0xD7,
544 0xD1, 0xD7, 0x13, 0xA8, 0xAE, 0x82, 0xB3, 0x2F,
545 0xA7, 0x9D, 0x5F, 0x7F, 0xC4, 0x07, 0xD3, 0x9B
551 const unsigned char pk[32] = {
552 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
553 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
554 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
555 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
557 const unsigned char msg[32] = {
558 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
559 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
560 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
561 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
563 const unsigned char sig[64] = {
564 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
565 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
566 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
567 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
568 0x69, 0xE8, 0x9B, 0x4C, 0x55, 0x64, 0xD0, 0x03,
569 0x49, 0x10, 0x6B, 0x84, 0x97, 0x78, 0x5D, 0xD7,
570 0xD1, 0xD7, 0x13, 0xA8, 0xAE, 0x82, 0xB3, 0x2F,
571 0xA7, 0x9D, 0x5F, 0x7F, 0xC4, 0x07, 0xD3, 0x9B
577 const unsigned char pk[32] = {
578 0xDF, 0xF1, 0xD7, 0x7F, 0x2A, 0x67, 0x1C, 0x5F,
579 0x36, 0x18, 0x37, 0x26, 0xDB, 0x23, 0x41, 0xBE,
580 0x58, 0xFE, 0xAE, 0x1D, 0xA2, 0xDE, 0xCE, 0xD8,
581 0x43, 0x24, 0x0F, 0x7B, 0x50, 0x2B, 0xA6, 0x59
583 const unsigned char msg[32] = {
584 0x24, 0x3F, 0x6A, 0x88, 0x85, 0xA3, 0x08, 0xD3,
585 0x13, 0x19, 0x8A, 0x2E, 0x03, 0x70, 0x73, 0x44,
586 0xA4, 0x09, 0x38, 0x22, 0x29, 0x9F, 0x31, 0xD0,
587 0x08, 0x2E, 0xFA, 0x98, 0xEC, 0x4E, 0x6C, 0x89
589 const unsigned char sig[64] = {
590 0x6C, 0xFF, 0x5C, 0x3B, 0xA8, 0x6C, 0x69, 0xEA,
591 0x4B, 0x73, 0x76, 0xF3, 0x1A, 0x9B, 0xCB, 0x4F,
592 0x74, 0xC1, 0x97, 0x60, 0x89, 0xB2, 0xD9, 0x96,
593 0x3D, 0xA2, 0xE5, 0x54, 0x3E, 0x17, 0x77, 0x69,
594 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
595 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
596 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
597 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
603 const unsigned char pk[32] = {
604 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
605 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
606 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
607 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x30
616static int nonce_function_failing(
unsigned char *nonce32,
const unsigned char *
msg,
size_t msglen,
const unsigned char *key32,
const unsigned char *xonly_pk32,
const unsigned char *algo,
size_t algolen,
void *data) {
629static int nonce_function_0(
unsigned char *nonce32,
const unsigned char *
msg,
size_t msglen,
const unsigned char *key32,
const unsigned char *xonly_pk32,
const unsigned char *algo,
size_t algolen,
void *data) {
638 memset(nonce32, 0, 32);
643static int nonce_function_overflowing(
unsigned char *nonce32,
const unsigned char *
msg,
size_t msglen,
const unsigned char *key32,
const unsigned char *xonly_pk32,
const unsigned char *algo,
size_t algolen,
void *data) {
652 memset(nonce32, 0xFF, 32);
657 unsigned char sk[32];
660 const unsigned char msg[] = {
't',
'h',
'i',
's',
' ',
'i',
's',
' ',
'a',
' ',
'm',
's',
'g',
' ',
'f',
'o',
'r',
' ',
'a',
' ',
's',
'c',
'h',
'n',
'o',
'r',
'r',
's',
'i',
'g',
'.',
'.'};
661 unsigned char sig[64];
662 unsigned char sig2[64];
663 unsigned char zeros64[64] = { 0 };
665 unsigned char aux_rand[32];
680 memset(
sig, 1,
sizeof(
sig));
684 memset(&
sig, 1,
sizeof(
sig));
688 memset(&
sig, 1,
sizeof(
sig));
696 extraparams.
ndata = aux_rand;
707 unsigned char sk[32];
719 for (i = 0; i <
N_SIGS; i++) {
731 sig[sig_idx][byte_idx] ^= xorbyte;
733 sig[sig_idx][byte_idx] ^= xorbyte;
736 sig[sig_idx][32+byte_idx] ^= xorbyte;
738 sig[sig_idx][32+byte_idx] ^= xorbyte;
741 msg[sig_idx][byte_idx] ^= xorbyte;
743 msg[sig_idx][byte_idx] ^= xorbyte;
752 memset(&
sig[0][32], 0xFF, 32);
769 unsigned char msg_large[32 * 8];
771 for (i = 0; i <
sizeof(msg_large); i += 32) {
777 msglen = (msglen + (
sizeof(msg_large) - 1)) %
sizeof(msg_large);
784 unsigned char sk[32];
787 unsigned char internal_pk_bytes[32];
789 unsigned char output_pk_bytes[32];
790 unsigned char tweak[32];
792 unsigned char msg[32];
793 unsigned char sig[64];
826 for (i = 0; i <
COUNT; i++) {
static void secp256k1_sha256_initialize_tagged(secp256k1_sha256 *hash, const unsigned char *tag, size_t taglen)
static void secp256k1_scalar_set_b32(secp256k1_scalar *r, const unsigned char *bin, int *overflow)
Set a scalar from a big endian byte array.
static void secp256k1_scalar_get_b32(unsigned char *bin, const secp256k1_scalar *a)
Convert a scalar to a byte array.
static void secp256k1_scalar_negate(secp256k1_scalar *r, const secp256k1_scalar *a)
Compute the complement of a scalar (modulo the group order).
static int nonce_function_bip340(unsigned char *nonce32, const unsigned char *msg, size_t msglen, const unsigned char *key32, const unsigned char *xonly_pk32, const unsigned char *algo, size_t algolen, void *data)
static void secp256k1_nonce_function_bip340_sha256_tagged_aux(secp256k1_sha256 *sha)
static void secp256k1_nonce_function_bip340_sha256_tagged(secp256k1_sha256 *sha)
static void secp256k1_schnorrsig_sha256_tagged(secp256k1_sha256 *sha)
static void test_schnorrsig_sign_verify(void)
static void run_nonce_function_bip340_tests(void)
static int nonce_function_overflowing(unsigned char *nonce32, const unsigned char *msg, size_t msglen, const unsigned char *key32, const unsigned char *xonly_pk32, const unsigned char *algo, size_t algolen, void *data)
static void test_schnorrsig_sign(void)
static void test_schnorrsig_api(void)
static int nonce_function_0(unsigned char *nonce32, const unsigned char *msg, size_t msglen, const unsigned char *key32, const unsigned char *xonly_pk32, const unsigned char *algo, size_t algolen, void *data)
static void test_schnorrsig_taproot(void)
static void test_schnorrsig_bip_vectors(void)
static void test_schnorrsig_bip_vectors_check_verify(const unsigned char *pk_serialized, const unsigned char *msg32, const unsigned char *sig, int expected)
static void test_schnorrsig_bip_vectors_check_signing(const unsigned char *sk, const unsigned char *pk_serialized, const unsigned char *aux_rand, const unsigned char *msg32, const unsigned char *expected_sig)
static void run_schnorrsig_tests(void)
static int nonce_function_failing(unsigned char *nonce32, const unsigned char *msg, size_t msglen, const unsigned char *key32, const unsigned char *xonly_pk32, const unsigned char *algo, size_t algolen, void *data)
static void test_schnorrsig_sha256_tagged(void)
static void nonce_function_bip340_bitflip(unsigned char **args, size_t n_flip, size_t n_bytes, size_t msglen, size_t algolen)
static SECP256K1_INLINE int secp256k1_memcmp_var(const void *s1, const void *s2, size_t n)
Semantics like memcmp.
SECP256K1_API int secp256k1_schnorrsig_sign32(const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg32, const secp256k1_keypair *keypair, const unsigned char *aux_rand32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4)
Create a Schnorr signature.
#define SECP256K1_SCHNORRSIG_EXTRAPARAMS_INIT
SECP256K1_API int secp256k1_schnorrsig_sign(const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg32, const secp256k1_keypair *keypair, const unsigned char *aux_rand32) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(4) SECP256K1_DEPRECATED("Use secp256k1_schnorrsig_sign32 instead")
Same as secp256k1_schnorrsig_sign32, but DEPRECATED.
SECP256K1_API int secp256k1_schnorrsig_sign_custom(const secp256k1_context *ctx, unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_keypair *keypair, secp256k1_schnorrsig_extraparams *extraparams) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(5)
Create a Schnorr signature with a more flexible API.
SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_schnorrsig_verify(const secp256k1_context *ctx, const unsigned char *sig64, const unsigned char *msg, size_t msglen, const secp256k1_xonly_pubkey *pubkey) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(5)
Verify a Schnorr signature.
Opaque data structure that holds a keypair consisting of a secret and a public key.
A scalar modulo the group order of the secp256k1 curve.
Opaque data structure that holds a parsed and valid "x-only" public key.
static uint32_t secp256k1_testrand_int(uint32_t range)
Generate a pseudorandom number in the range [0..range-1].
static void secp256k1_testrand_flip(unsigned char *b, size_t len)
Flip a single random bit in a byte array.
static void secp256k1_testrand_bytes_test(unsigned char *bytes, size_t len)
Generate pseudorandom bytes with long sequences of zero and one bits.
static void secp256k1_testrand256(unsigned char *b32)
Generate a pseudorandom 32-byte array.
static SECP256K1_INLINE uint64_t secp256k1_testrand_bits(int bits)
Generate a pseudorandom number in the range [0..2**bits-1].
#define CHECK_ILLEGAL(ctx, expr)
static secp256k1_context * CTX
static void test_sha256_eq(const secp256k1_sha256 *sha1, const secp256k1_sha256 *sha2)
static secp256k1_context * STATIC_CTX
1.9.4