Finalizing tests so that test vectors match Sage outputs

nougzarm · nougzarm · commit de5d06daf28b · 2025-05-12T11:13:02.000+02:00
diff --git a/Cargo.toml b/Cargo.toml
@@ -36,7 +36,7 @@ sha2 = "0.10"
 subtle = "2.6.1"
 num-bigint = "0.4.6"
 num-traits = "0.2.19"
-tiny-keccak = { version = "2.0.2", features = ["keccak"] }
+tiny-keccak = { version = "2.0.2", features = ["fips202"] }
 bls12_381 = "0.8.0"
 
 [dev-dependencies]
diff --git a/src/toolbox/sigma/transcript/keccak_transcript.rs b/src/toolbox/sigma/transcript/keccak_transcript.rs
@@ -135,11 +135,11 @@ impl DuplexSpongeInterface for KeccakDuplexSponge {
             }
 
             let chunk_size = usize::min(self.rate - self.squeeze_index, length);
-            output.extend_from_slice(
-                &self.state.state[self.squeeze_index..self.squeeze_index + chunk_size],
-            );
             self.squeeze_index += chunk_size;
             length -= chunk_size;
+            output.extend_from_slice(
+                &self.state.state[self.squeeze_index..self.squeeze_index + chunk_size]
+            );
         }
 
         output
diff --git a/tests/spec/bls12_381.rs b/tests/spec/bls12_381.rs
@@ -65,4 +65,10 @@ impl SRandom for G1Projective {
         }
         G1Projective::scalar_from_hex_be(&hex_string).unwrap()
     }
+
+    fn prandom(
+        rng: &mut (impl Rng + CryptoRng)
+    ) -> Self {
+        Self::generator() * Self::srandom(rng)
+    }
 }
diff --git a/tests/spec/custom_schnorr_proof.rs b/tests/spec/custom_schnorr_proof.rs
@@ -83,7 +83,9 @@ where
         }
 
         for response in response.iter().take(scalar_nb) {
-            bytes.extend_from_slice(&G::serialize_scalar(response));
+            let mut scalar_bytes = G::serialize_scalar(response);
+            scalar_bytes.reverse();
+            bytes.extend_from_slice(&scalar_bytes);
         }
         bytes
     }
@@ -119,8 +121,9 @@ where
             let start = point_nb * point_size + i * scalar_size;
             let end = start + scalar_size;
 
-            let slice = &data[start..end];
-            let scalar = G::deserialize_scalar(slice)?;
+            let mut slice = data[start..end].to_vec();
+            slice.reverse();
+            let scalar = G::deserialize_scalar(&slice)?;
             responses.push(scalar);
         }
 
diff --git a/tests/spec/low_level_tests.rs b/tests/spec/low_level_tests.rs
diff --git a/tests/spec/random.rs b/tests/spec/random.rs
@@ -18,5 +18,9 @@ pub trait SRandom: Group {
     fn srandom(
         rng: &mut (impl Rng + CryptoRng)
     ) -> Self::Scalar;
+
+    fn prandom(
+        rng: &mut (impl Rng + CryptoRng)
+    ) -> Self;
 }
 
diff --git a/tests/spec/sage_test_vectors.rs b/tests/spec/sage_test_vectors.rs

Original file line number	Diff line number	Diff line change
`@@ -135,11 +135,11 @@ impl DuplexSpongeInterface for KeccakDuplexSponge {`
`135`	`135`	`}`
`136`	`136`
`137`	`137`	`let chunk_size = usize::min(self.rate - self.squeeze_index, length);`
`138`		`- output.extend_from_slice(`
`139`		`- &self.state.state[self.squeeze_index..self.squeeze_index + chunk_size],`
`140`		`- );`
`141`	`138`	`self.squeeze_index += chunk_size;`
`142`	`139`	`length -= chunk_size;`
	`140`	`+ output.extend_from_slice(`
	`141`	`+ &self.state.state[self.squeeze_index..self.squeeze_index + chunk_size]`
	`142`	`+ );`
`143`	`143`	`}`
`144`	`144`
`145`	`145`	`output`
Original file line number	Diff line number	Diff line change
`@@ -65,4 +65,10 @@ impl SRandom for G1Projective {`
`65`	`65`	`}`
`66`	`66`	`G1Projective::scalar_from_hex_be(&hex_string).unwrap()`
`67`	`67`	`}`
	`68`	`+`
	`69`	`+ fn prandom(`
	`70`	`+ rng: &mut (impl Rng + CryptoRng)`
	`71`	`+ ) -> Self {`
	`72`	`+ Self::generator() * Self::srandom(rng)`
	`73`	`+ }`
`68`	`74`	`}`
Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,9 @@ where`
`83`	`83`	`}`
`84`	`84`
`85`	`85`	`for response in response.iter().take(scalar_nb) {`
`86`		`- bytes.extend_from_slice(&G::serialize_scalar(response));`
	`86`	`+ let mut scalar_bytes = G::serialize_scalar(response);`
	`87`	`+ scalar_bytes.reverse();`
	`88`	`+ bytes.extend_from_slice(&scalar_bytes);`
`87`	`89`	`}`
`88`	`90`	`bytes`
`89`	`91`	`}`
`@@ -119,8 +121,9 @@ where`
`119`	`121`	`let start = point_nb * point_size + i * scalar_size;`
`120`	`122`	`let end = start + scalar_size;`
`121`	`123`
`122`		`- let slice = &data[start..end];`
`123`		`- let scalar = G::deserialize_scalar(slice)?;`
	`124`	`+ let mut slice = data[start..end].to_vec();`
	`125`	`+ slice.reverse();`
	`126`	`+ let scalar = G::deserialize_scalar(&slice)?;`
`124`	`127`	`responses.push(scalar);`
`125`	`128`	`}`
`126`	`129`
Original file line number	Diff line number	Diff line change
`@@ -18,5 +18,9 @@ pub trait SRandom: Group {`
`18`	`18`	`fn srandom(`
`19`	`19`	`rng: &mut (impl Rng + CryptoRng)`
`20`	`20`	`) -> Self::Scalar;`
	`21`	`+`
	`22`	`+ fn prandom(`
	`23`	`+ rng: &mut (impl Rng + CryptoRng)`
	`24`	`+ ) -> Self;`
`21`	`25`	`}`
`22`	`26`