crypto/dleq/src/tests/cross_group/scalar.rs

use rand_core::OsRng;

use ff::{Field, PrimeField};

use k256::Scalar as K256Scalar;
use dalek_ff_group::Scalar as DalekScalar;

use crate::cross_group::scalar::{scalar_normalize, scalar_convert};

#[test]
fn test_scalar() {
  assert_eq!(
    scalar_normalize::<_, DalekScalar>(K256Scalar::zero()),
    (K256Scalar::zero(), DalekScalar::zero())
  );

  assert_eq!(
    scalar_normalize::<_, DalekScalar>(K256Scalar::one()),
    (K256Scalar::one(), DalekScalar::one())
  );

  let mut initial;
  while {
    initial = K256Scalar::random(&mut OsRng);
    let (k, ed) = scalar_normalize::<_, DalekScalar>(initial);

    // The initial scalar should equal the new scalar with Ed25519's capacity
    let mut initial_bytes = (&initial.to_repr()).to_vec();
    // Drop the first 4 bits to hit 252
    initial_bytes[0] = initial_bytes[0] & 0b00001111;
    let k_bytes = (&k.to_repr()).to_vec();
    assert_eq!(initial_bytes, k_bytes);

    let mut ed_bytes = ed.to_repr().as_ref().to_vec();
    // Reverse to big endian
    ed_bytes.reverse();
    assert_eq!(k_bytes, ed_bytes);

    // Verify conversion works as expected
    assert_eq!(scalar_convert::<_, DalekScalar>(k), Some(ed));

    // Run this test again if this secp256k1 scalar didn't have any bits cleared
    initial == k
  } {}
  // Verify conversion returns None when the scalar isn't mutually valid
  assert!(scalar_convert::<_, DalekScalar>(initial).is_none());
}
Implement a DLEq library While Serai only needs the simple DLEq which was already present under monero, this migrates the implementation of the cross-group DLEq I maintain into Serai. This was to have full access to the ecosystem of libraries built under Serai while also ensuring support for it. The cross_group curve, which is extremely experimental, is feature flagged off. So is the built in serialization functionality, as this should be possible to make nostd once const generics are full featured, yet the implemented serialization adds the additional barrier of std::io. 2022-06-30 05:42:29 -04:00			`use rand_core::OsRng;`

			`use ff::{Field, PrimeField};`

			`use k256::Scalar as K256Scalar;`
			`use dalek_ff_group::Scalar as DalekScalar;`

			`use crate::cross_group::scalar::{scalar_normalize, scalar_convert};`

			`#[test]`
			`fn test_scalar() {`
			`assert_eq!(`
			`scalar_normalize::<_, DalekScalar>(K256Scalar::zero()),`
			`(K256Scalar::zero(), DalekScalar::zero())`
			`);`

			`assert_eq!(`
			`scalar_normalize::<_, DalekScalar>(K256Scalar::one()),`
			`(K256Scalar::one(), DalekScalar::one())`
			`);`

			`let mut initial;`
			`while {`
			`initial = K256Scalar::random(&mut OsRng);`
			`let (k, ed) = scalar_normalize::<_, DalekScalar>(initial);`

			`// The initial scalar should equal the new scalar with Ed25519's capacity`
			`let mut initial_bytes = (&initial.to_repr()).to_vec();`
			`// Drop the first 4 bits to hit 252`
			`initial_bytes[0] = initial_bytes[0] & 0b00001111;`
			`let k_bytes = (&k.to_repr()).to_vec();`
			`assert_eq!(initial_bytes, k_bytes);`

			`let mut ed_bytes = ed.to_repr().as_ref().to_vec();`
			`// Reverse to big endian`
			`ed_bytes.reverse();`
			`assert_eq!(k_bytes, ed_bytes);`

			`// Verify conversion works as expected`
			`assert_eq!(scalar_convert::<_, DalekScalar>(k), Some(ed));`

			`// Run this test again if this secp256k1 scalar didn't have any bits cleared`
			`initial == k`
			`} {}`
			`// Verify conversion returns None when the scalar isn't mutually valid`
			`assert!(scalar_convert::<_, DalekScalar>(initial).is_none());`
			`}`