From d3aa051770988104a34fc7777b622ff0358c4d4f Mon Sep 17 00:00:00 2001
From: Evgeny Vlasenko <mahnunchik@gmail.com>
Date: Wed, 28 Jun 2023 16:12:44 +0400
Subject: [PATCH] feat: tests for extraEntropy

---
 src/abstract/weierstrass.ts |  2 +-
 test/secp256k1.test.js      | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/src/abstract/weierstrass.ts b/src/abstract/weierstrass.ts
index afa3f2c..cac8aa9 100644
--- a/src/abstract/weierstrass.ts
+++ b/src/abstract/weierstrass.ts
@@ -964,7 +964,7 @@ export function weierstrass(curveDef: CurveType): CurveFn {
     if (ent != null) {
       // K = HMAC_K(V || 0x00 || int2octets(x) || bits2octets(h1) || k')
       const e = ent === true ? randomBytes(Fp.BYTES) : ent; // generate random bytes OR pass as-is
-      seedArgs.push(ensureBytes('extraEntropy', e)); // check for being of size BYTES
+      seedArgs.push(ensureBytes('extraEntropy', e)); // check for being bytes
     }
     const seed = ut.concatBytes(...seedArgs); // Step D of RFC6979 3.2
     const m = h1int; // NOTE: no need to call bits2int second time here, it is inside truncateHash!
diff --git a/test/secp256k1.test.js b/test/secp256k1.test.js
index 7ad7d68..2c80808 100644
--- a/test/secp256k1.test.js
+++ b/test/secp256k1.test.js
@@ -268,6 +268,33 @@ describe('secp256k1', () => {
         deepStrictEqual(sign(ent5), e.extraEntropyMax);
       }
     });
+
+    should('handle one byte {extraData}', () => {
+      const extraEntropy = '01';
+      const privKey = hexToBytes(
+        '0101010101010101010101010101010101010101010101010101010101010101'
+      );
+      const msg = 'd1a9dc8ed4e46a6a3e5e594615ca351d7d7ef44df1e4c94c1802f3592183794b';
+      const res = secp.sign(msg, privKey, { extraEntropy }).toCompactHex();
+      deepStrictEqual(
+        res,
+        'a250ec23a54bfdecf0e924cbf484077c5044410f915cdba86731cb2e4e925aaa5b1e4e3553d88be2c48a9a0d8d849ce2cc5720d25b2f97473e02f2550abe9545'
+      );
+    });
+
+    should('handle 48 bytes {extraData}', () => {
+      const extraEntropy =
+        '000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000001';
+      const privKey = hexToBytes(
+        '0101010101010101010101010101010101010101010101010101010101010101'
+      );
+      const msg = 'd1a9dc8ed4e46a6a3e5e594615ca351d7d7ef44df1e4c94c1802f3592183794b';
+      const res = secp.sign(msg, privKey, { extraEntropy }).toCompactHex();
+      deepStrictEqual(
+        res,
+        '2bdf40f42ac0e42ee12750d03bb12b75306dae58eb3c961c5a80d78efae93e595295b66e8eb28f1eb046bb129a976340312159ec0c20b97342667572e4a8379a'
+      );
+    });
   });
 
   describe('verify()', () => {