Updates fuzz tests (#10)

Author: Ruteri

Makefile

@@ -29,7 +29,7 @@ test:
 test-race:
 	go test -race ./...
 
-FUZZTIME ?= 10s
+FUZZTIME ?= 2s
 
 .PHONY: test-fuzz
 test-fuzz:

crypto/blinding.go

@@ -23,7 +23,7 @@ func DeriveBlindingVector(sharedSecrets []SharedKey, round uint32, nEls int32, f
 	}
 
 	roundKeyBuf := make([]byte, 4+len(sharedSecrets[0]))
-	binary.BigEndian.PutUint32(roundKeyBuf[:4], round)
+	binary.BigEndian.PutUint32(roundKeyBuf, round)
 
 	workingEl := big.NewInt(0)
 	words := make([]big.Word, bytesPerElement*8/bits.UintSize)

crypto/blinding_fuzz_test.go

@@ -93,8 +93,10 @@ func FuzzDeriveXorBlindingVector(f *testing.F) {
 			t.Errorf("non-deterministic output")
 		}
 
-		// Invariant 3: Different round produces different output
-		if nBytes > 0 && round < ^uint32(0) {
+		// Invariant 3: Different round produces different output (with high probability)
+		// Skip this check for small nBytes since collisions are statistically expected
+		// (e.g., 1/256 chance for nBytes=1)
+		if nBytes >= 16 && round < ^uint32(0) {
 			result3 := DeriveXorBlindingVector(sharedSecrets, round+1, nBytes)
 			if bytes.Equal(result, result3) {
 				t.Errorf("different rounds produced identical output")

crypto/fields.go

@@ -15,7 +15,7 @@ func init() {
 // The result is stored in l and also returned.
 func FieldAddInplace(l *big.Int, r *big.Int, fieldOrder *big.Int) *big.Int {
 	l.Add(l, r)
-	if l.Cmp(fieldOrder) > 0 {
+	if l.Cmp(fieldOrder) >= 0 {
 		l.Sub(l, fieldOrder)
 	}
 
@@ -39,7 +39,7 @@ func FieldAddInplace(l *big.Int, r *big.Int, fieldOrder *big.Int) *big.Int {
 // The result is stored in l and also returned.
 func FieldSubInplace(l *big.Int, r *big.Int, fieldOrder *big.Int) *big.Int {
 	l.Sub(l, r)
-	if l.Cmp(fieldOrder) > 0 {
+	if l.Cmp(fieldOrder) >= 0 {
 		l.Sub(l, fieldOrder)
 	}
 	if l.Sign() < 0 {

crypto/types_fuzz_test.go

@@ -2,6 +2,7 @@ package crypto
 
 import (
 	"bytes"
+	"strings"
 	"testing"
 )
 
@@ -103,7 +104,8 @@ func FuzzXorInplace(f *testing.F) {
 		}
 
 		// Invariant 3: Self-inverse property: XOR(XOR(a, b), b) = a
-		XorInplace(a, b)
+		// Use bCopy since a and b might share backing array (fuzzer can alias them)
+		XorInplace(a, bCopy)
 		if !bytes.Equal(a, aCopy) {
 			t.Error("XOR is not self-inverse")
 		}
@@ -197,8 +199,8 @@ func FuzzNewPublicKeyFromString(f *testing.F) {
 			return
 		}
 
-		// Invariant: String representation round-trips
-		if pubKey.String() != input {
+		// Invariant: String representation round-trips (case-insensitive, since hex is case-insensitive)
+		if !strings.EqualFold(pubKey.String(), input) {
 			t.Errorf("string round trip failed: got %s, want %s", pubKey.String(), input)
 		}