Skip to content

Commit b7ebe64

Browse files
jonasnickjonasnick
committedJan 4, 2022
Test APIs of funcs that need an ecmult_gen ctx with static ctx
The API tests of upstream functions were similarly amended in commit 3b0c218.
1 parent 72c8dea commit b7ebe64

File tree

6 files changed

+162
-116
lines changed

6 files changed

+162
-116
lines changed
 

‎src/modules/ecdsa_adaptor/tests_impl.h

+18-10
Original file line numberDiff line numberDiff line change
@@ -828,16 +828,19 @@ void test_ecdsa_adaptor_api(void) {
828828
secp256k1_context *sign = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
829829
secp256k1_context *vrfy = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);
830830
secp256k1_context *both = secp256k1_context_create(SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY);
831+
secp256k1_context *sttc = secp256k1_context_clone(secp256k1_context_no_precomp);
831832
int ecount;
832833

833834
secp256k1_context_set_error_callback(none, counting_illegal_callback_fn, &ecount);
834835
secp256k1_context_set_error_callback(sign, counting_illegal_callback_fn, &ecount);
835836
secp256k1_context_set_error_callback(vrfy, counting_illegal_callback_fn, &ecount);
836837
secp256k1_context_set_error_callback(both, counting_illegal_callback_fn, &ecount);
838+
secp256k1_context_set_error_callback(sttc, counting_illegal_callback_fn, &ecount);
837839
secp256k1_context_set_illegal_callback(none, counting_illegal_callback_fn, &ecount);
838840
secp256k1_context_set_illegal_callback(sign, counting_illegal_callback_fn, &ecount);
839841
secp256k1_context_set_illegal_callback(vrfy, counting_illegal_callback_fn, &ecount);
840842
secp256k1_context_set_illegal_callback(both, counting_illegal_callback_fn, &ecount);
843+
secp256k1_context_set_illegal_callback(sttc, counting_illegal_callback_fn, &ecount);
841844

842845
secp256k1_testrand256(sk);
843846
secp256k1_testrand256(msg);
@@ -852,16 +855,18 @@ void test_ecdsa_adaptor_api(void) {
852855
CHECK(secp256k1_ecdsa_adaptor_encrypt(vrfy, asig, sk, &enckey, msg, NULL, NULL) == 1);
853856
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, &enckey, msg, NULL, NULL) == 1);
854857
CHECK(ecount == 0);
855-
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, NULL, sk, &enckey, msg, NULL, NULL) == 0);
858+
CHECK(secp256k1_ecdsa_adaptor_encrypt(sttc, asig, sk, &enckey, msg, NULL, NULL) == 0);
856859
CHECK(ecount == 1);
857-
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, &enckey, NULL, NULL, NULL) == 0);
860+
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, NULL, sk, &enckey, msg, NULL, NULL) == 0);
858861
CHECK(ecount == 2);
859-
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, NULL, &enckey, msg, NULL, NULL) == 0);
862+
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, &enckey, NULL, NULL, NULL) == 0);
860863
CHECK(ecount == 3);
861-
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, NULL, msg, NULL, NULL) == 0);
864+
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, NULL, &enckey, msg, NULL, NULL) == 0);
862865
CHECK(ecount == 4);
863-
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, &zero_pk, msg, NULL, NULL) == 0);
866+
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, NULL, msg, NULL, NULL) == 0);
864867
CHECK(ecount == 5);
868+
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, &zero_pk, msg, NULL, NULL) == 0);
869+
CHECK(ecount == 6);
865870

866871
ecount = 0;
867872
CHECK(secp256k1_ecdsa_adaptor_encrypt(sign, asig, sk, &enckey, msg, NULL, NULL) == 1);
@@ -900,21 +905,24 @@ void test_ecdsa_adaptor_api(void) {
900905
CHECK(secp256k1_ecdsa_adaptor_recover(vrfy, deckey, &sig, asig, &enckey) == 1);
901906
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, asig, &enckey) == 1);
902907
CHECK(ecount == 0);
903-
CHECK(secp256k1_ecdsa_adaptor_recover(sign, NULL, &sig, asig, &enckey) == 0);
908+
CHECK(secp256k1_ecdsa_adaptor_recover(sttc, deckey, &sig, asig, &enckey) == 0);
904909
CHECK(ecount == 1);
905-
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, NULL, asig, &enckey) == 0);
910+
CHECK(secp256k1_ecdsa_adaptor_recover(sign, NULL, &sig, asig, &enckey) == 0);
906911
CHECK(ecount == 2);
907-
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, NULL, &enckey) == 0);
912+
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, NULL, asig, &enckey) == 0);
908913
CHECK(ecount == 3);
909-
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, asig, NULL) == 0);
914+
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, NULL, &enckey) == 0);
910915
CHECK(ecount == 4);
911-
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, asig, &zero_pk) == 0);
916+
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, asig, NULL) == 0);
912917
CHECK(ecount == 5);
918+
CHECK(secp256k1_ecdsa_adaptor_recover(sign, deckey, &sig, asig, &zero_pk) == 0);
919+
CHECK(ecount == 6);
913920

914921
secp256k1_context_destroy(none);
915922
secp256k1_context_destroy(sign);
916923
secp256k1_context_destroy(vrfy);
917924
secp256k1_context_destroy(both);
925+
secp256k1_context_destroy(sttc);
918926
}
919927

920928
void adaptor_tests(void) {

‎src/modules/ecdsa_s2c/tests_impl.h

+9
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,7 @@ static void test_ecdsa_s2c_api(void) {
9393
secp256k1_context *sign = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
9494
secp256k1_context *vrfy = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);
9595
secp256k1_context *both = secp256k1_context_create(SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY);
96+
secp256k1_context *sttc = secp256k1_context_clone(secp256k1_context_no_precomp);
9697

9798
secp256k1_ecdsa_s2c_opening s2c_opening;
9899
secp256k1_ecdsa_signature sig;
@@ -108,6 +109,7 @@ static void test_ecdsa_s2c_api(void) {
108109
secp256k1_context_set_illegal_callback(sign, counting_illegal_callback_fn, &ecount);
109110
secp256k1_context_set_illegal_callback(vrfy, counting_illegal_callback_fn, &ecount);
110111
secp256k1_context_set_illegal_callback(both, counting_illegal_callback_fn, &ecount);
112+
secp256k1_context_set_illegal_callback(sttc, counting_illegal_callback_fn, &ecount);
111113
CHECK(secp256k1_ec_pubkey_create(ctx, &pk, sec));
112114

113115
ecount = 0;
@@ -125,6 +127,8 @@ static void test_ecdsa_s2c_api(void) {
125127
CHECK(secp256k1_ecdsa_s2c_sign(vrfy, &sig, &s2c_opening, msg, sec, s2c_data) == 1);
126128
CHECK(secp256k1_ecdsa_s2c_sign(sign, &sig, &s2c_opening, msg, sec, s2c_data) == 1);
127129
CHECK(ecount == 4);
130+
CHECK(secp256k1_ecdsa_s2c_sign(sttc, &sig, &s2c_opening, msg, sec, s2c_data) == 0);
131+
CHECK(ecount == 5);
128132

129133
CHECK(secp256k1_ecdsa_verify(ctx, &sig, msg, &pk) == 1);
130134

@@ -168,6 +172,8 @@ static void test_ecdsa_s2c_api(void) {
168172
CHECK(secp256k1_ecdsa_anti_exfil_signer_commit(vrfy, &s2c_opening, msg, sec, hostrand_commitment) == 1);
169173
CHECK(secp256k1_ecdsa_anti_exfil_signer_commit(sign, &s2c_opening, msg, sec, hostrand_commitment) == 1);
170174
CHECK(ecount == 4);
175+
CHECK(secp256k1_ecdsa_anti_exfil_signer_commit(sttc, &s2c_opening, msg, sec, hostrand_commitment) == 0);
176+
CHECK(ecount == 5);
171177

172178
ecount = 0;
173179
CHECK(secp256k1_anti_exfil_sign(both, NULL, msg, sec, hostrand) == 0);
@@ -182,6 +188,8 @@ static void test_ecdsa_s2c_api(void) {
182188
CHECK(secp256k1_anti_exfil_sign(vrfy, &sig, msg, sec, hostrand) == 1);
183189
CHECK(secp256k1_anti_exfil_sign(both, &sig, msg, sec, hostrand) == 1);
184190
CHECK(ecount == 4);
191+
CHECK(secp256k1_anti_exfil_sign(sttc, &sig, msg, sec, hostrand) == 0);
192+
CHECK(ecount == 5);
185193

186194
ecount = 0;
187195
CHECK(secp256k1_anti_exfil_host_verify(both, NULL, msg, &pk, hostrand, &s2c_opening) == 0);
@@ -203,6 +211,7 @@ static void test_ecdsa_s2c_api(void) {
203211
secp256k1_context_destroy(vrfy);
204212
secp256k1_context_destroy(sign);
205213
secp256k1_context_destroy(none);
214+
secp256k1_context_destroy(sttc);
206215
}
207216

208217
/* When using sign-to-contract commitments, the nonce function is fixed, so we can use fixtures to test. */

‎src/modules/generator/tests_impl.h

+15-9
Original file line numberDiff line numberDiff line change
@@ -24,15 +24,18 @@ void test_generator_api(void) {
2424
secp256k1_context *none = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
2525
secp256k1_context *sign = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
2626
secp256k1_context *vrfy = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);
27+
secp256k1_context *sttc = secp256k1_context_clone(secp256k1_context_no_precomp);
2728
secp256k1_generator gen;
2829
int32_t ecount = 0;
2930

3031
secp256k1_context_set_error_callback(none, counting_illegal_callback_fn, &ecount);
3132
secp256k1_context_set_error_callback(sign, counting_illegal_callback_fn, &ecount);
3233
secp256k1_context_set_error_callback(vrfy, counting_illegal_callback_fn, &ecount);
34+
secp256k1_context_set_error_callback(sttc, counting_illegal_callback_fn, &ecount);
3335
secp256k1_context_set_illegal_callback(none, counting_illegal_callback_fn, &ecount);
3436
secp256k1_context_set_illegal_callback(sign, counting_illegal_callback_fn, &ecount);
3537
secp256k1_context_set_illegal_callback(vrfy, counting_illegal_callback_fn, &ecount);
38+
secp256k1_context_set_illegal_callback(sttc, counting_illegal_callback_fn, &ecount);
3639
secp256k1_testrand256(key);
3740
secp256k1_testrand256(blind);
3841

@@ -49,31 +52,34 @@ void test_generator_api(void) {
4952
CHECK(ecount == 2);
5053
CHECK(secp256k1_generator_generate_blinded(none, &gen, key, blind) == 1);
5154
CHECK(ecount == 2);
52-
CHECK(secp256k1_generator_generate_blinded(vrfy, NULL, key, blind) == 0);
55+
CHECK(secp256k1_generator_generate_blinded(sttc, &gen, key, blind) == 0);
5356
CHECK(ecount == 3);
54-
CHECK(secp256k1_generator_generate_blinded(vrfy, &gen, NULL, blind) == 0);
57+
CHECK(secp256k1_generator_generate_blinded(vrfy, NULL, key, blind) == 0);
5558
CHECK(ecount == 4);
56-
CHECK(secp256k1_generator_generate_blinded(vrfy, &gen, key, NULL) == 0);
59+
CHECK(secp256k1_generator_generate_blinded(vrfy, &gen, NULL, blind) == 0);
5760
CHECK(ecount == 5);
61+
CHECK(secp256k1_generator_generate_blinded(vrfy, &gen, key, NULL) == 0);
62+
CHECK(ecount == 6);
5863

5964
CHECK(secp256k1_generator_serialize(none, sergen, &gen) == 1);
60-
CHECK(ecount == 5);
61-
CHECK(secp256k1_generator_serialize(none, NULL, &gen) == 0);
6265
CHECK(ecount == 6);
63-
CHECK(secp256k1_generator_serialize(none, sergen, NULL) == 0);
66+
CHECK(secp256k1_generator_serialize(none, NULL, &gen) == 0);
6467
CHECK(ecount == 7);
68+
CHECK(secp256k1_generator_serialize(none, sergen, NULL) == 0);
69+
CHECK(ecount == 8);
6570

6671
CHECK(secp256k1_generator_serialize(none, sergen, &gen) == 1);
6772
CHECK(secp256k1_generator_parse(none, &gen, sergen) == 1);
68-
CHECK(ecount == 7);
69-
CHECK(secp256k1_generator_parse(none, NULL, sergen) == 0);
7073
CHECK(ecount == 8);
71-
CHECK(secp256k1_generator_parse(none, &gen, NULL) == 0);
74+
CHECK(secp256k1_generator_parse(none, NULL, sergen) == 0);
7275
CHECK(ecount == 9);
76+
CHECK(secp256k1_generator_parse(none, &gen, NULL) == 0);
77+
CHECK(ecount == 10);
7378

7479
secp256k1_context_destroy(none);
7580
secp256k1_context_destroy(sign);
7681
secp256k1_context_destroy(vrfy);
82+
secp256k1_context_destroy(sttc);
7783
}
7884

7985
void test_shallue_van_de_woestijne(void) {

‎src/modules/musig/tests_impl.h

+16-10
Original file line numberDiff line numberDiff line change
@@ -160,14 +160,17 @@ void musig_api_tests(secp256k1_scratch_space *scratch) {
160160
secp256k1_context *none = secp256k1_context_create(SECP256K1_CONTEXT_NONE);
161161
secp256k1_context *sign = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
162162
secp256k1_context *vrfy = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);
163+
secp256k1_context *sttc = secp256k1_context_clone(secp256k1_context_no_precomp);
163164
int ecount;
164165

165166
secp256k1_context_set_error_callback(none, counting_illegal_callback_fn, &ecount);
166167
secp256k1_context_set_error_callback(sign, counting_illegal_callback_fn, &ecount);
167168
secp256k1_context_set_error_callback(vrfy, counting_illegal_callback_fn, &ecount);
169+
secp256k1_context_set_error_callback(sttc, counting_illegal_callback_fn, &ecount);
168170
secp256k1_context_set_illegal_callback(none, counting_illegal_callback_fn, &ecount);
169171
secp256k1_context_set_illegal_callback(sign, counting_illegal_callback_fn, &ecount);
170172
secp256k1_context_set_illegal_callback(vrfy, counting_illegal_callback_fn, &ecount);
173+
secp256k1_context_set_illegal_callback(sttc, counting_illegal_callback_fn, &ecount);
171174

172175
memset(max64, 0xff, sizeof(max64));
173176
memset(&invalid_keypair, 0, sizeof(invalid_keypair));
@@ -280,34 +283,36 @@ void musig_api_tests(secp256k1_scratch_space *scratch) {
280283
CHECK(secp256k1_musig_nonce_gen(vrfy, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, &keyagg_cache, max64) == 1);
281284
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, &keyagg_cache, max64) == 1);
282285
CHECK(ecount == 0);
283-
CHECK(secp256k1_musig_nonce_gen(sign, NULL, &pubnonce[0], session_id[0], sk[0], msg, &keyagg_cache, max64) == 0);
286+
CHECK(secp256k1_musig_nonce_gen(sttc, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, &keyagg_cache, max64) == 0);
284287
CHECK(ecount == 1);
285-
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], NULL, session_id[0], sk[0], msg, &keyagg_cache, max64) == 0);
288+
CHECK(secp256k1_musig_nonce_gen(sign, NULL, &pubnonce[0], session_id[0], sk[0], msg, &keyagg_cache, max64) == 0);
286289
CHECK(ecount == 2);
287-
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], NULL, sk[0], msg, &keyagg_cache, max64) == 0);
290+
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], NULL, session_id[0], sk[0], msg, &keyagg_cache, max64) == 0);
288291
CHECK(ecount == 3);
292+
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], NULL, sk[0], msg, &keyagg_cache, max64) == 0);
293+
CHECK(ecount == 4);
289294
CHECK(memcmp_and_randomize(secnonce[0].data, zeros68, sizeof(secnonce[0].data)) == 0);
290295
/* no seckey and session_id is 0 */
291296
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], zeros68, NULL, msg, &keyagg_cache, max64) == 0);
292-
CHECK(ecount == 3);
297+
CHECK(ecount == 4);
293298
CHECK(memcmp_and_randomize(secnonce[0].data, zeros68, sizeof(secnonce[0].data)) == 0);
294299
/* session_id 0 is fine when a seckey is provided */
295300
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], zeros68, sk[0], msg, &keyagg_cache, max64) == 1);
296301
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], NULL, msg, &keyagg_cache, max64) == 1);
297-
CHECK(ecount == 3);
302+
CHECK(ecount == 4);
298303
/* invalid seckey */
299304
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], max64, msg, &keyagg_cache, max64) == 0);
300305
CHECK(memcmp_and_randomize(secnonce[0].data, zeros68, sizeof(secnonce[0].data)) == 0);
301-
CHECK(ecount == 3);
306+
CHECK(ecount == 4);
302307
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], sk[0], NULL, &keyagg_cache, max64) == 1);
303-
CHECK(ecount == 3);
308+
CHECK(ecount == 4);
304309
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, NULL, max64) == 1);
305-
CHECK(ecount == 3);
306-
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, &invalid_keyagg_cache, max64) == 0);
307310
CHECK(ecount == 4);
311+
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, &invalid_keyagg_cache, max64) == 0);
312+
CHECK(ecount == 5);
308313
CHECK(memcmp_and_randomize(secnonce[0].data, zeros68, sizeof(secnonce[0].data)) == 0);
309314
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], sk[0], msg, &keyagg_cache, NULL) == 1);
310-
CHECK(ecount == 4);
315+
CHECK(ecount == 5);
311316

312317
/* Every in-argument except session_id can be NULL */
313318
CHECK(secp256k1_musig_nonce_gen(sign, &secnonce[0], &pubnonce[0], session_id[0], NULL, NULL, NULL, NULL) == 1);
@@ -583,6 +588,7 @@ void musig_api_tests(secp256k1_scratch_space *scratch) {
583588
secp256k1_context_destroy(none);
584589
secp256k1_context_destroy(sign);
585590
secp256k1_context_destroy(vrfy);
591+
secp256k1_context_destroy(sttc);
586592
}
587593

588594
void musig_nonce_bitflip(unsigned char **args, size_t n_flip, size_t n_bytes) {

‎src/modules/rangeproof/tests_impl.h

+73-63
Large diffs are not rendered by default.

‎src/modules/surjection/tests_impl.h

+31-24
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ static void test_surjectionproof_api(void) {
1919
secp256k1_context *sign = secp256k1_context_create(SECP256K1_CONTEXT_SIGN);
2020
secp256k1_context *vrfy = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY);
2121
secp256k1_context *both = secp256k1_context_create(SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY);
22+
secp256k1_context *sttc = secp256k1_context_clone(secp256k1_context_no_precomp);
2223
secp256k1_fixed_asset_tag fixed_input_tags[10];
2324
secp256k1_fixed_asset_tag fixed_output_tag;
2425
secp256k1_generator ephemeral_input_tags[10];
@@ -39,10 +40,13 @@ static void test_surjectionproof_api(void) {
3940
secp256k1_context_set_error_callback(sign, counting_illegal_callback_fn, &ecount);
4041
secp256k1_context_set_error_callback(vrfy, counting_illegal_callback_fn, &ecount);
4142
secp256k1_context_set_error_callback(both, counting_illegal_callback_fn, &ecount);
43+
secp256k1_context_set_error_callback(sttc, counting_illegal_callback_fn, &ecount);
4244
secp256k1_context_set_illegal_callback(none, counting_illegal_callback_fn, &ecount);
4345
secp256k1_context_set_illegal_callback(sign, counting_illegal_callback_fn, &ecount);
4446
secp256k1_context_set_illegal_callback(vrfy, counting_illegal_callback_fn, &ecount);
4547
secp256k1_context_set_illegal_callback(both, counting_illegal_callback_fn, &ecount);
48+
secp256k1_context_set_illegal_callback(sttc, counting_illegal_callback_fn, &ecount);
49+
4650

4751
for (i = 0; i < n_inputs; i++) {
4852
secp256k1_testrand256(input_blinding_key[i]);
@@ -127,76 +131,79 @@ static void test_surjectionproof_api(void) {
127131
CHECK(secp256k1_surjectionproof_generate(sign, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 1);
128132
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) != 0);
129133
CHECK(ecount == 7);
134+
CHECK(secp256k1_surjectionproof_generate(sttc, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
135+
CHECK(ecount == 8);
130136

131137
CHECK(secp256k1_surjectionproof_generate(both, NULL, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
132-
CHECK(ecount == 8);
133-
CHECK(secp256k1_surjectionproof_generate(both, &proof, NULL, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
134138
CHECK(ecount == 9);
139+
CHECK(secp256k1_surjectionproof_generate(both, &proof, NULL, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
140+
CHECK(ecount == 10);
135141
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs + 1, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
136-
CHECK(ecount == 9);
142+
CHECK(ecount == 10);
137143
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs - 1, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
138-
CHECK(ecount == 9);
144+
CHECK(ecount == 10);
139145
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, 0, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) == 0);
140-
CHECK(ecount == 9);
141-
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, NULL, 0, input_blinding_key[0], output_blinding_key) == 0);
142146
CHECK(ecount == 10);
147+
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, NULL, 0, input_blinding_key[0], output_blinding_key) == 0);
148+
CHECK(ecount == 11);
143149
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 1, input_blinding_key[0], output_blinding_key) != 0);
144-
CHECK(ecount == 10); /* the above line "succeeds" but generates an invalid proof as the input_index is wrong. it is fairly expensive to detect this. should we? */
150+
CHECK(ecount == 11); /* the above line "succeeds" but generates an invalid proof as the input_index is wrong. it is fairly expensive to detect this. should we? */
145151
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, n_inputs + 1, input_blinding_key[0], output_blinding_key) != 0);
146-
CHECK(ecount == 10);
147-
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, NULL, output_blinding_key) == 0);
148152
CHECK(ecount == 11);
149-
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], NULL) == 0);
153+
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, NULL, output_blinding_key) == 0);
150154
CHECK(ecount == 12);
155+
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], NULL) == 0);
156+
CHECK(ecount == 13);
151157

152158
CHECK(secp256k1_surjectionproof_generate(both, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag, 0, input_blinding_key[0], output_blinding_key) != 0);
153159
/* check verify */
154160
CHECK(secp256k1_surjectionproof_verify(none, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag) == 1);
155161
CHECK(secp256k1_surjectionproof_verify(sign, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag) == 1);
156162
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, ephemeral_input_tags, n_inputs, &ephemeral_output_tag) == 1);
157-
CHECK(ecount == 12);
163+
CHECK(ecount == 13);
158164

159165
CHECK(secp256k1_surjectionproof_verify(vrfy, NULL, ephemeral_input_tags, n_inputs, &ephemeral_output_tag) == 0);
160-
CHECK(ecount == 13);
161-
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, NULL, n_inputs, &ephemeral_output_tag) == 0);
162166
CHECK(ecount == 14);
167+
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, NULL, n_inputs, &ephemeral_output_tag) == 0);
168+
CHECK(ecount == 15);
163169
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, ephemeral_input_tags, n_inputs - 1, &ephemeral_output_tag) == 0);
164-
CHECK(ecount == 14);
170+
CHECK(ecount == 15);
165171
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, ephemeral_input_tags, n_inputs + 1, &ephemeral_output_tag) == 0);
166-
CHECK(ecount == 14);
167-
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, ephemeral_input_tags, n_inputs, NULL) == 0);
168172
CHECK(ecount == 15);
173+
CHECK(secp256k1_surjectionproof_verify(vrfy, &proof, ephemeral_input_tags, n_inputs, NULL) == 0);
174+
CHECK(ecount == 16);
169175

170176
/* Check serialize */
171177
serialized_len = sizeof(serialized_proof);
172178
CHECK(secp256k1_surjectionproof_serialize(none, serialized_proof, &serialized_len, &proof) != 0);
173-
CHECK(ecount == 15);
179+
CHECK(ecount == 16);
174180
serialized_len = sizeof(serialized_proof);
175181
CHECK(secp256k1_surjectionproof_serialize(none, NULL, &serialized_len, &proof) == 0);
176-
CHECK(ecount == 16);
182+
CHECK(ecount == 17);
177183
serialized_len = sizeof(serialized_proof);
178184
CHECK(secp256k1_surjectionproof_serialize(none, serialized_proof, NULL, &proof) == 0);
179-
CHECK(ecount == 17);
185+
CHECK(ecount == 18);
180186
serialized_len = sizeof(serialized_proof);
181187
CHECK(secp256k1_surjectionproof_serialize(none, serialized_proof, &serialized_len, NULL) == 0);
182-
CHECK(ecount == 18);
188+
CHECK(ecount == 19);
183189

184190
serialized_len = sizeof(serialized_proof);
185191
CHECK(secp256k1_surjectionproof_serialize(none, serialized_proof, &serialized_len, &proof) != 0);
186192
/* Check parse */
187193
CHECK(secp256k1_surjectionproof_parse(none, &proof, serialized_proof, serialized_len) != 0);
188-
CHECK(ecount == 18);
189-
CHECK(secp256k1_surjectionproof_parse(none, NULL, serialized_proof, serialized_len) == 0);
190194
CHECK(ecount == 19);
191-
CHECK(secp256k1_surjectionproof_parse(none, &proof, NULL, serialized_len) == 0);
195+
CHECK(secp256k1_surjectionproof_parse(none, NULL, serialized_proof, serialized_len) == 0);
192196
CHECK(ecount == 20);
197+
CHECK(secp256k1_surjectionproof_parse(none, &proof, NULL, serialized_len) == 0);
198+
CHECK(ecount == 21);
193199
CHECK(secp256k1_surjectionproof_parse(none, &proof, serialized_proof, 0) == 0);
194-
CHECK(ecount == 20);
200+
CHECK(ecount == 21);
195201

196202
secp256k1_context_destroy(none);
197203
secp256k1_context_destroy(sign);
198204
secp256k1_context_destroy(vrfy);
199205
secp256k1_context_destroy(both);
206+
secp256k1_context_destroy(sttc);
200207
}
201208

202209
static void test_input_selection(size_t n_inputs) {

0 commit comments

Comments
 (0)
Please sign in to comment.