ecdsa_adaptor: add tests

This commit adds test coverage including Cirrus scripts, Valgrind
constant time tests for secret data, API tests, nonce function tests,
and test vectors from the spec.

.cirrus.yml

@@ -17,6 +17,7 @@ env:
   RANGEPROOF: no
   WHITELIST: no
   MUSIG: no
+  ECDSAADAPTOR: no
   EXPERIMENTAL: no
   CTIMETEST: yes
   BENCH: yes
@@ -59,13 +60,13 @@ task:
     memory: 1G
   matrix: &ENV_MATRIX
     - env: {WIDEMUL:  int64,  RECOVERY: yes}
-    - env: {WIDEMUL:  int64,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes, ECDSA_S2C: yes,  RANGEPROOF: yes, WHITELIST: yes, GENERATOR: yes, MUSIG: yes}
+    - env: {WIDEMUL:  int64,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes, ECDSA_S2C: yes,  RANGEPROOF: yes, WHITELIST: yes, GENERATOR: yes, MUSIG: yes, ECDSAADAPTOR: yes}
     - env: {WIDEMUL: int128}
     - env: {WIDEMUL: int128,  RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes}
-    - env: {WIDEMUL: int128,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes, ECDSA_S2C: yes, RANGEPROOF: yes, WHITELIST: yes, GENERATOR: yes, MUSIG: yes}
+    - env: {WIDEMUL: int128,                 ECDH: yes, EXPERIMENTAL: yes, SCHNORRSIG: yes, ECDSA_S2C: yes, RANGEPROOF: yes, WHITELIST: yes, GENERATOR: yes, MUSIG: yes, ECDSAADAPTOR: yes}
     - env: {WIDEMUL: int128,  ASM: x86_64}
     - env: {BIGNUM: no}
-    - env: {BIGNUM: no,       RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes, ECDSA_S2C: yes, RANGEPROOF: yes, WHITELIST: yes, GENERATOR: yes, MUSIG: yes}
+    - env: {BIGNUM: no,       RECOVERY: yes,            EXPERIMENTAL: yes, SCHNORRSIG: yes, ECDSA_S2C: yes, RANGEPROOF: yes, WHITELIST: yes, GENERATOR: yes, MUSIG: yes, ECDSAADAPTOR: yes}
     - env: {BIGNUM: no,       STATICPRECOMPUTATION: no}
     - env: {BUILD: distcheck, WITH_VALGRIND: no, CTIMETEST: no, BENCH: no}
     - env: {CPPFLAGS: -DDETERMINISTIC}
@@ -85,6 +86,7 @@ task:
         WHITELIST: yes
         GENERATOR: yes
         MUSIG: yes
+        ECDSAADAPTOR: yes
         CTIMETEST: no
     - env: { ECMULTGENPRECISION: 2 }
     - env: { ECMULTGENPRECISION: 8 }
@@ -101,6 +103,7 @@ task:
         WHITELIST: yes
         GENERATOR: yes
         MUSIG: yes
+        ECDSAADAPTOR: yes
         EXTRAFLAGS: "--disable-openssl-tests"
         BUILD:
   matrix:
@@ -130,6 +133,7 @@ task:
     WHITELIST: yes
     GENERATOR: yes
     MUSIG: yes
+    ECDSAADAPTOR: yes
   matrix:
     - env:
         CC: i686-linux-gnu-gcc
@@ -227,6 +231,7 @@ task:
     WHITELIST: yes
     GENERATOR: yes
     MUSIG: yes
+    ECDSAADAPTOR: yes
     CTIMETEST: no
   << : *MERGE_BASE
   test_script:

ci/cirrus.sh

@@ -19,7 +19,7 @@ valgrind --version || true
     --enable-module-ecdh="$ECDH" --enable-module-recovery="$RECOVERY" \
     --enable-module-ecdsa-s2c="$ECDSA_S2C" \
     --enable-module-rangeproof="$RANGEPROOF" --enable-module-whitelist="$WHITELIST" --enable-module-generator="$GENERATOR" \
-    --enable-module-schnorrsig="$SCHNORRSIG"  --enable-module-musig="$MUSIG"\
+    --enable-module-schnorrsig="$SCHNORRSIG"  --enable-module-musig="$MUSIG" --enable-module-ecdsa-adaptor="$ECDSAADAPTOR" \
     --with-valgrind="$WITH_VALGRIND" \
     --host="$HOST" $EXTRAFLAGS
 

src/modules/ecdsa_adaptor/Makefile.am.include

@@ -1,3 +1,4 @@
 include_HEADERS += include/secp256k1_ecdsa_adaptor.h
 noinst_HEADERS += src/modules/ecdsa_adaptor/main_impl.h
 noinst_HEADERS += src/modules/ecdsa_adaptor/dleq_impl.h
+noinst_HEADERS += src/modules/ecdsa_adaptor/tests_impl.h

src/tests.c

@@ -5652,6 +5652,10 @@ void run_ecdsa_openssl(void) {
 # include "modules/ecdsa_s2c/tests_impl.h"
 #endif
 
+#ifdef ENABLE_MODULE_ECDSA_ADAPTOR
+# include "modules/ecdsa_adaptor/tests_impl.h"
+#endif
+
 void run_secp256k1_memczero_test(void) {
     unsigned char buf1[6] = {1, 2, 3, 4, 5, 6};
     unsigned char buf2[sizeof(buf1)];
@@ -5966,6 +5970,10 @@ int main(int argc, char **argv) {
     run_ecdsa_s2c_tests();
 #endif
 
+#ifdef ENABLE_MODULE_ECDSA_ADAPTOR
+    run_ecdsa_adaptor_tests();
+#endif
+
     /* util tests */
     run_secp256k1_memczero_test();
 

src/valgrind_ctime_test.c

@@ -31,6 +31,10 @@
 #include "include/secp256k1_ecdsa_s2c.h"
 #endif
 
+#ifdef ENABLE_MODULE_ECDSA_ADAPTOR
+#include "include/secp256k1_ecdsa_adaptor.h"
+#endif
+
 void run_tests(secp256k1_context *ctx, unsigned char *key);
 
 int main(void) {
@@ -199,4 +203,42 @@ void run_tests(secp256k1_context *ctx, unsigned char *key) {
         CHECK(ret == 1);
     }
 #endif
+
+#ifdef ENABLE_MODULE_ECDSA_ADAPTOR
+    {
+        unsigned char adaptor_sig[162];
+        unsigned char deckey[32];
+        unsigned char expected_deckey[32];
+        secp256k1_pubkey enckey;
+
+        for (i = 0; i < 32; i++) {
+            deckey[i] = i + 2;
+        }
+
+        ret = secp256k1_ec_pubkey_create(ctx, &enckey, deckey);
+        CHECK(ret == 1);
+
+        VALGRIND_MAKE_MEM_UNDEFINED(key, 32);
+        ret = secp256k1_ecdsa_adaptor_encrypt(ctx, adaptor_sig, key, &enckey, msg, NULL, NULL);
+        VALGRIND_MAKE_MEM_DEFINED(adaptor_sig, sizeof(adaptor_sig));
+        VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
+        CHECK(ret == 1);
+
+        VALGRIND_MAKE_MEM_UNDEFINED(deckey, 32);
+        ret = secp256k1_ecdsa_adaptor_decrypt(ctx, &signature, deckey, adaptor_sig);
+        VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
+        CHECK(ret == 1);
+
+        VALGRIND_MAKE_MEM_UNDEFINED(&signature, 32);
+        ret = secp256k1_ecdsa_adaptor_recover(ctx, expected_deckey, &signature, adaptor_sig, &enckey);
+        VALGRIND_MAKE_MEM_DEFINED(expected_deckey, sizeof(expected_deckey));
+        VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
+        CHECK(ret == 1);
+
+        VALGRIND_MAKE_MEM_DEFINED(deckey, sizeof(deckey));
+        ret = secp256k1_memcmp_var(deckey, expected_deckey, sizeof(expected_deckey));
+        VALGRIND_MAKE_MEM_DEFINED(&ret, sizeof(ret));
+        CHECK(ret == 0);
+    }
+#endif
 }