1  // Copyright (c) 2019-2025 Alpha-Delta Network Inc.
 2  // This file is part of the alphavm library.
 3  
 4  // Licensed under the Apache License, Version 2.0 (the "License");
 5  // you may not use this file except in compliance with the License.
 6  // You may obtain a copy of the License at:
 7  
 8  // http://www.apache.org/licenses/LICENSE-2.0
 9  
10  // Unless required by applicable law or agreed to in writing, software
11  // distributed under the License is distributed on an "AS IS" BASIS,
12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  // See the License for the specific language governing permissions and
14  // limitations under the License.
15  
16  use super::*;
17  
18  const ITERATIONS: usize = 100;
19  
20  fn test_ecdsa<H: Hash<Output = Vec<bool>, Input = bool>>(hasher: &H, rng: &mut TestRng) {
21      for i in 1..ITERATIONS {
22          let (signing_key, message, signature) = test_helpers::sample_ecdsa_signature(i, hasher, rng);
23  
24          // Construct the verifying key.
25          let verifying_key = VerifyingKey::from(&signing_key);
26          let verifying_key_bytes = verifying_key.to_encoded_point(true).as_bytes().to_vec();
27          let recovered_verifying_key = ECDSASignature::verifying_key_from_bytes(&verifying_key_bytes).unwrap();
28          assert_eq!(verifying_key, recovered_verifying_key);
29  
30          // Verify the signature.
31          assert!(signature.verify(&verifying_key, hasher, &message.to_bits_le()).is_ok());
32          assert_eq!(signature.recover_public_key(hasher, &message.to_bits_le()).unwrap(), verifying_key);
33  
34          // Verify the signature using the digest.
35          let message_digest = hasher.hash(&message.to_bits_le()).unwrap();
36          assert!(signature.verify_with_digest(&verifying_key, &message_digest).is_ok());
37          assert_eq!(signature.recover_public_key_with_digest(&message_digest).unwrap(), verifying_key);
38      }
39  }
40  
41  #[test]
42  fn test_ecdsa_signature() {
43      let rng = &mut TestRng::default();
44  
45      test_ecdsa(&Keccak224::default(), rng);
46      test_ecdsa(&Keccak256::default(), rng);
47      test_ecdsa(&Keccak384::default(), rng);
48      test_ecdsa(&Keccak512::default(), rng);
49      test_ecdsa(&Sha3_224::default(), rng);
50      test_ecdsa(&Sha3_256::default(), rng);
51      test_ecdsa(&Sha3_384::default(), rng);
52      test_ecdsa(&Sha3_512::default(), rng);
53  }
54  
55  #[test]
56  fn test_ecdsa_signature_vector_1() {
57      let hasher = Keccak256::default();
58  
59      // Declare the test vector values.
60      let data_string = "0x2bcc5ce70000000100000000000000000000000000000000000000000000000000000000000f424000002712000000000000000000000000a0b86a33e6f8ec61cc62f1b0cb2ad6dfe3c10e8b000000000000000000000000742d35cc6e4c6e42e2a6e1b6d6e19d3bb14d3d1a000000000000000000000000a0b86991c6218b36c1d19d4a2e9eb0ce3606eb480000000000000000000000002222222222222222222222222222222222222222000000000000000000000000000000000000000000000000000000000000c350bfab0940d5a2410c007e06c8b1bb24e34391ddc5298e18840df438e8e05b9ac800000000";
61      let signature_string = "0xab5373ec68978e102a9084d6d07aa1e328174d12337e0a028ec3b0c63abdb89e7a906d9de841006143de25cab83b380618972c4803bf978c5b02d4e863465b8a1b";
62      let expected_address = "0x1Be31A94361a391bBaFB2a4CCd704F57dc04d4bb";
63  
64      // Convert the test vector values to bytes.
65      let data_bytes = hex::decode(&data_string[2..]).unwrap();
66      let signature_bytes = hex::decode(&signature_string[2..]).unwrap();
67  
68      // Recover the public key from the signature.
69      let signature = ECDSASignature::from_bytes_le(&signature_bytes).unwrap();
70      let verifying_key = signature.recover_public_key(&hasher, &data_bytes.to_bits_le()).unwrap();
71  
72      // Check that the recovered public key matches the expected address.
73      let expected_address_bytes = ECDSASignature::ethereum_address_from_public_key(&verifying_key).unwrap();
74      assert_eq!(hex::decode(&expected_address[2..]).unwrap(), expected_address_bytes);
75  
76      // Check that the signature verifies against the recovered public key.
77      assert!(signature.verify(&verifying_key, &hasher, &data_bytes.to_bits_le()).is_ok());
78      assert!(signature.verify_ethereum(&expected_address_bytes, &hasher, &data_bytes.to_bits_le()).is_ok());
79  
80      // Check that the signature verifies using the digest.
81      let message_digest = hasher.hash(&data_bytes.to_bits_le()).unwrap();
82      assert!(signature.verify_with_digest(&verifying_key, &message_digest).is_ok());
83      assert!(signature.verify_ethereum_with_digest(&expected_address_bytes, &message_digest).is_ok());
84  
85      // Check that the signature does not verify against modified data.
86      let wrong_data = data_bytes[6..].to_vec();
87      let wrong_verifying_key = signature.recover_public_key(&hasher, &wrong_data.to_bits_le()).unwrap();
88      assert!(signature.verify(&wrong_verifying_key, &hasher, &data_bytes.to_bits_le()).is_err());
89  }