WIP: Verify participant shares

bancaditalia · Nov 29, 2023 · 71408eb · 71408eb
1 parent 81fdde7
commit 71408eb
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 2 deletions.
diff --git a/src/modules/frost/frost_ietf_test_vectors.h b/src/modules/frost/frost_ietf_test_vectors.h
@@ -5,9 +5,19 @@
 
 
 /* Section: group_input_parameters */
+static const uint32_t ietf_frost_participants[]      = {1, 3};
 static const unsigned char ietf_frost_group_secret_key[]    = { 0x0d,0x00,0x41,0x50,0xd2,0x7c,0x3b,0xf2,0xa4,0x2f,0x31,0x26,0x83,0xd3,0x5f,0xac,0x73,0x94,0xb1,0xe9,0xe3,0x18,0x24,0x9c,0x1b,0xfe,0x7f,0x07,0x95,0xa8,0x31,0x14};
 static const unsigned char ietf_frost_group_public_key[]    = { 0x02,0xf3,0x7c,0x34,0xb6,0x6c,0xed,0x1f,0xb5,0x1c,0x34,0xa9,0x0b,0xda,0xe0,0x06,0x90,0x1f,0x10,0x62,0x5c,0xc0,0x6c,0x4f,0x64,0x66,0x3b,0x0e,0xae,0x87,0xd8,0x7b,0x4f};
 static const unsigned char ietf_frost_message[]    = { 0x74,0x65,0x73,0x74};
 static const size_t ietf_frost_message_length      = 8;
-static const uint32_t ietf_frost_participants[]      = {1, 3};
 static const unsigned char ietf_frost_share_polynomial_coefficients_0[]  = { 0xfb,0xf8,0x5e,0xad,0xae,0x30,0x58,0xea,0x14,0xf1,0x91,0x48,0xbb,0x72,0xb4,0x5e,0x43,0x99,0xc0,0xb1,0x60,0x28,0xac,0xaf,0x03,0x95,0xc9,0xb0,0x3c,0x82,0x35,0x79};
+
+
+/* Section: signer_input_parameters */
+#define IETF_FROST_PARTICIPANT_SHARE_SIZE 32
+static const unsigned char ietf_frost_participant_shares[]    = { 
+0x08,0xf8,0x9f,0xfe,0x80,0xac,0x94,0xdc,0xb9,0x20,0xc2,0x6f,0x3f,0x46,0x14,0x0b,0xfc,0x7f,0x95,0xb4,0x93,0xf8,0x31,0x0f,0x5f,0xc1,0xea,0x2b,0x01,0xf4,0x25,0x4c,
+0x04,0xf0,0xfe,0xac,0x2e,0xdc,0xed,0xc6,0xce,0x12,0x53,0xb7,0xfa,0xb8,0xc8,0x6b,0x85,0x6a,0x79,0x7f,0x44,0xd8,0x3d,0x82,0xa3,0x85,0x55,0x4e,0x6e,0x40,0x19,0x84,
+0x00,0xe9,0x5d,0x59,0xdd,0x0d,0x46,0xb0,0xe3,0x03,0xe5,0x00,0xb6,0x2b,0x7c,0xcb,0x0e,0x55,0x5d,0x49,0xf5,0xb8,0x49,0xf5,0xe7,0x48,0xc0,0x71,0xda,0x8c,0x0d,0xbc,
+};
+
diff --git a/src/modules/frost/tests_impl.h b/src/modules/frost/tests_impl.h
@@ -3093,7 +3093,7 @@ void test_secp256k1_frost_ietf_test_vector(void) {
     secp256k1_frost_vss_commitments *vss_commitments;
     secp256k1_frost_keygen_secret_share secret_key_shares[3];
     secp256k1_frost_keypair keypairs[3];
-    int result;
+    int result, i;
     secp256k1_scalar secret;
     shamir_coefficients *coefficients;
 
@@ -3123,6 +3123,13 @@ void test_secp256k1_frost_ietf_test_vector(void) {
     result = memcmp(ietf_frost_group_public_key, group_public_key, 33);
     CHECK(result == 0);
 
+    /* Check: Verify participant shares */
+    for(i = 0; i < IETF_FROST_MAX_PARTICIPANTS; i++) {
+        result = memcmp(&ietf_frost_participant_shares[i * IETF_FROST_PARTICIPANT_SHARE_SIZE],
+                        secret_key_shares[i].value,
+                        IETF_FROST_PARTICIPANT_SHARE_SIZE);
+        CHECK(result == 0);
+    }
 
     secp256k1_frost_vss_commitments_destroy(vss_commitments);
     secp256k1_context_destroy(sign_ctx);

diff --git a/tools/tests_frost_ietf_generate.py b/tools/tests_frost_ietf_generate.py
@@ -55,3 +55,12 @@ def to_c_array(x):
 print("static const unsigned char ietf_frost_share_polynomial_coefficients_0[]  = { " +
       to_c_array(doc['group_input_parameters']['share_polynomial_coefficients'][0]) + "};")
 
+print("\n")
+print("/* Section: signer_input_parameters */")
+
+print(f"#define IETF_FROST_PARTICIPANT_SHARE_SIZE {str(int(len(doc['signer_input_parameters']['participant_share'][0])/2))}")
+print("static const unsigned char ietf_frost_participant_shares[]    = { ");
+for i in doc['signer_input_parameters']['participant_share']:
+     print(f"{to_c_array(i)},")
+print("};\n")
+