fixed

Author: deatil

elliptic/ed521/params.go

@@ -269,15 +269,15 @@ func (curve *Ed521Curve) UnmarshalPoint(data []byte) (x, y *big.Int) {
 
     eP = Reverse(eP)
 
-    p := curve.Params().P
+    p := curve.P
     y = new(big.Int).SetBytes(eP)
     if y.Cmp(p) >= 0 {
         return
     }
 
     // x² = (y² - 1) / (dy² - 1)
     x = curve.polynomial(y)
-    x = x.ModSqrt(x, curve.P)
+    x = x.ModSqrt(x, p)
     if x == nil {
         return
     }

pubkey/ed521/ed521.go

@@ -112,6 +112,19 @@ func (priv *PrivateKey) Seed() []byte {
     return priv.D.FillBytes(seed)
 }
 
+func (priv *PrivateKey) Bytes() []byte {
+    seed := make([]byte, SeedSize)
+    priv.D.FillBytes(seed)
+
+    pub := ed521.MarshalPoint(priv.Curve, priv.X, priv.Y)
+
+    buf := make([]byte, 132)
+    copy(buf[:66], seed)
+    copy(buf[66:], pub)
+
+    return buf
+}
+
 // Sign creates a signature for message
 func (priv *PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) ([]byte, error) {
     var context string
@@ -160,7 +173,7 @@ func GenerateKey(rand io.Reader) (*PrivateKey, error) {
 
 func newKeyFromSeed(seed []byte) (*PrivateKey, error) {
     if l := len(seed); l != SeedSize {
-        panic("go-cryptobin/ed521: bad seed length: " + strconv.Itoa(l))
+        return nil, errors.New("go-cryptobin/ed521: bad seed length: " + strconv.Itoa(l))
     }
 
     curve := ed521.ED521()
@@ -185,6 +198,24 @@ func NewKeyFromSeed(seed []byte) (*PrivateKey, error) {
     return newKeyFromSeed(seed)
 }
 
+// New a private key from bytes
+func NewKeyFromBytes(bytes []byte) (*PrivateKey, error) {
+    if l := len(bytes); l != 132 {
+        return nil, errors.New("go-cryptobin/ed521: bad bytes length: " + strconv.Itoa(l))
+    }
+
+    curve := ed521.ED521()
+
+    k := new(big.Int).SetBytes(bytes[:66])
+
+    priv := new(PrivateKey)
+    priv.PublicKey.Curve = curve
+    priv.D = k
+    priv.PublicKey.X, priv.PublicKey.Y = ed521.UnmarshalPoint(curve, bytes[66:])
+
+    return priv, nil
+}
+
 // New a private key from key data bytes
 func NewPrivateKey(d []byte) (*PrivateKey, error) {
     return newKeyFromSeed(d)

pubkey/ed521/ed521_test.go

@@ -2,7 +2,6 @@ package ed521
 
 import (
     "fmt"
-    "bytes"
     "testing"
     "crypto"
     "crypto/rand"
@@ -71,6 +70,16 @@ func Test_NewPrivateKey(t *testing.T) {
 
     // ======
 
+    privBytes2 := priv.Bytes()
+    priv22, err := NewKeyFromBytes(privBytes2)
+    if err != nil {
+        t.Fatal(err)
+    }
+
+    cryptobin_test.Equal(t, priv22, priv, "NewKeyFromBytes Equal error")
+
+    // ======
+
     pub := &priv.PublicKey
 
     pubBytes := PublicKeyTo(pub)
@@ -338,86 +347,6 @@ func Test_Random_Private_Keys(t *testing.T) {
 
 }
 
-func Test_Vec_Check(t *testing.T) {
-    for i, td := range testSigVec {
-        t.Run(fmt.Sprintf("index %d", i), func(t *testing.T) {
-            curve := ed521.ED521()
-
-            if len(td.secretKey) > 0 {
-                priv, err := NewPrivateKey(td.secretKey)
-                if err != nil {
-                    t.Fatal(err)
-                }
-
-                pub := &priv.PublicKey
-
-                pubBytes := ed521.MarshalCompressed(pub.Curve, pub.X, pub.Y)
-
-                // check publicKey
-                if !bytes.Equal(pubBytes, td.publicKey) {
-                    t.Errorf("PublicKey got: %x, want: %x", pubBytes, td.publicKey)
-                }
-
-                // check sig
-                sig, err := priv.Sign(rand.Reader, td.message, nil)
-                if err != nil {
-                    t.Error("encode sig fail")
-                }
-
-                if bytes.Equal(sig, td.signature) != td.verification {
-                    t.Errorf("sig fail, got: %x, want: %x", sig, td.signature)
-                }
-
-            }
-
-            x, y := ed521.UnmarshalCompressed(curve, td.publicKey)
-            if x == nil || y == nil {
-                t.Fatal("publicKey error")
-            }
-
-            pubkey := &PublicKey{
-                Curve: curve,
-                X: x,
-                Y: y,
-            }
-
-            veri := pubkey.Verify(td.message, td.signature)
-            if veri != td.verification {
-                t.Error("Verify fail")
-            }
-
-        })
-    }
-
-}
-
-type testVec struct {
-    secretKey []byte
-    publicKey []byte
-    message   []byte
-    signature []byte
-    verification bool
-}
-
-var testSigVec = []testVec{
-    {
-        secretKey: fromHex("22713dc2f3d8a4611e9266d8a2a9e3d237505dc34c65d87d598b9a4e6c41b35e3d090458e66c8213a4af011e5614377960c99d9f84e379fdd1f1e168b163b5d93012"),
-        publicKey: fromHex("020006be6a2ea17441c94e25799154b049ebae2fedcedfb27355ab03f9eb802d239677c340392fe113ffb18138b95dc8ba3efd766401cabfc4cc30d0ccdce7b178d954"),
-        message:   fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"),
-        signature: fromHex("e6309d7d752de236179d694954f9345a73b1abcbe7ebde16e5e0fa1a4ed60003839a13f03fe1fccfecdac66614b8aff731e7956678be247b8f19795b20351a578301780dd7e6d41db086ef9bdc4658cbcc3d86d259b7e36ea399b075da86f2559489c64f59d196c5a439b3c5442609912dee28721d82dd08c71884b7f406961510110e00"),
-        verification: true,
-    },
-
-    // fail
-    {
-        secretKey: fromHex("22713dc2f3d8a4611e9266d8a2a9e3d237505dc34c65d87d598b9a4e6c41b35e3d090458e66c8213a4af011e5614377960c99d9f84e379fdd1f1e168b163b5d93012"),
-        publicKey: fromHex("020006be6a2ea17441c94e25799154b049ebae2fedcedfb27355ab03f9eb802d239677c340392fe113ffb18138b95dc8ba3efd766401cabfc4cc30d0ccdce7b178d954"),
-        message:   fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"),
-        signature: fromHex("3bd0454bd7a48f25fa40e0ebd76c1eb48e7fff63f606f35f9a8de9fc6d8fde0f75c10c0d97b7dc3001c5da6da681ff95d1a6ace65c19134ca727b99b1c349752ee01e8c9d1f325ab430511bcbf1e009d37418f56f132383ed55e43d97c04feff5a6f875fa64458ab73f9e4d1ad93cc978a7939a9afe532e8e6162b7bcb986f04a2282a00"),
-        verification: false,
-    },
-}
-
 func Test_ED521_Vec_Check(t *testing.T) {
     var message []byte
     var privateKeyBytes []byte