From 3e5f95e84f0b59fe8e1b0a1bb0793f43fce05437 Mon Sep 17 00:00:00 2001
From: James Zheng <jameszheng@oasislabs.com>
Date: Tue, 31 May 2022 09:12:41 -0700
Subject: [PATCH 1/3] add same unittest for derive_symmetric_key of
 client-sdk/web-ts for golang and rust

---
 Cargo.lock                                    |  7 ++++++
 .../crypto/mrae/deoxysii/asymmetric_test.go   | 20 ++++++++++++++--
 runtime/Cargo.toml                            |  1 +
 runtime/src/common/crypto/mrae/deoxysii.rs    | 24 ++++++++++++++++++-
 4 files changed, 49 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 37cbb464118..39767442afd 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1226,6 +1226,12 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "hex"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
+
 [[package]]
 name = "hmac"
 version = "0.11.0"
@@ -1948,6 +1954,7 @@ dependencies = [
  "deoxysii",
  "ed25519-dalek",
  "futures 0.3.21",
+ "hex",
  "hmac",
  "honggfuzz",
  "impl-trait-for-tuples",
diff --git a/go/common/crypto/mrae/deoxysii/asymmetric_test.go b/go/common/crypto/mrae/deoxysii/asymmetric_test.go
index 0ccbf868fc6..abf3ac5c3da 100644
--- a/go/common/crypto/mrae/deoxysii/asymmetric_test.go
+++ b/go/common/crypto/mrae/deoxysii/asymmetric_test.go
@@ -2,12 +2,28 @@ package deoxysii
 
 import (
 	"testing"
-
+	"encoding/hex"
 	"github.com/oasisprotocol/deoxysii"
-
+	curve25519 "github.com/oasisprotocol/curve25519-voi/primitives/x25519"
 	"github.com/oasisprotocol/oasis-core/go/common/crypto/mrae/api"
+	"github.com/stretchr/testify/require"
 )
 
+func Test_DeriveSymmetricKey(t *testing.T) {
+	p, _ := hex.DecodeString("c07b151fbc1e7a11dff926111188f8d872f62eba0396da97c0a24adb75161750")
+	var privateKey [32]byte
+	copy(privateKey[:], p)
+	var publicKey [32]byte
+	curve25519.ScalarBaseMult(&publicKey, &privateKey)
+	publicKeyHex := hex.EncodeToString(publicKey[:])
+	require.EqualValues(t, publicKeyHex, "3046db3fa70ce605457dc47c48837ebd8bd0a26abfde5994d033e1ced68e2576", "derive public key")
+	
+	var sharedKey [deoxysii.KeySize]byte
+	Box.DeriveSymmetricKey(sharedKey[:], &publicKey, &privateKey)
+	sharedKeyHex := hex.EncodeToString(sharedKey[:])
+	require.EqualValues(t, sharedKeyHex, "e69ac21066a8c2284e8fdc690e579af4513547b9b31dd144792c1904b45cf586", "derive symmetric key")
+}
+
 func TestDeoxysII_Box_Integration(t *testing.T) {
 	api.TestBoxIntegration(t, Box, deoxysii.New, deoxysii.KeySize)
 }
diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
index dbe8d4e6490..bb95efc13d0 100644
--- a/runtime/Cargo.toml
+++ b/runtime/Cargo.toml
@@ -69,6 +69,7 @@ features = ["full"]
 # For storage interoperability tests only.
 jsonrpc = { version = "0.12.1", features = ["simple_uds"] }
 tempfile = "3.3.0"
+hex = "0.4"
 
 [[bin]]
 name = "fuzz-mkvs-proof"
diff --git a/runtime/src/common/crypto/mrae/deoxysii.rs b/runtime/src/common/crypto/mrae/deoxysii.rs
index f7a7ad55e29..8b08a27525a 100644
--- a/runtime/src/common/crypto/mrae/deoxysii.rs
+++ b/runtime/src/common/crypto/mrae/deoxysii.rs
@@ -84,12 +84,34 @@ pub fn box_open(
 
 #[cfg(test)]
 mod tests {
+    extern crate hex;
     extern crate test;
-
     use self::test::{black_box, Bencher};
     use super::*;
+    use hex::FromHex;
     use rand::RngCore;
 
+    #[test]
+    fn test_drive_symmetric_key() {
+        let private_key_buffer = <[u8; 32]>::from_hex(
+            "c07b151fbc1e7a11dff926111188f8d872f62eba0396da97c0a24adb75161750",
+        )
+        .expect("derive private key from hex string");
+        let private_key = x25519_dalek::StaticSecret::from(private_key_buffer);
+        let public_key = x25519_dalek::PublicKey::from(&private_key);
+        let public_key_hex = hex::encode(public_key.to_bytes());
+        assert_eq!(
+            public_key_hex,
+            "3046db3fa70ce605457dc47c48837ebd8bd0a26abfde5994d033e1ced68e2576"
+        );
+        let shared = derive_symmetric_key(&public_key.to_bytes(), &private_key.to_bytes());
+        let shared_hex = hex::encode(shared);
+        assert_eq!(
+            shared_hex,
+            "e69ac21066a8c2284e8fdc690e579af4513547b9b31dd144792c1904b45cf586"
+        );
+    }
+
     #[test]
     fn test_mrae_asymmetric() {
         let (a_pub, a_priv) = generate_key_pair(); // Alice

From 4a8168ac6ebf493ffcbd696ee88ea3869d4a8f08 Mon Sep 17 00:00:00 2001
From: James Zheng <jameszheng@oasislabs.com>
Date: Tue, 31 May 2022 20:07:55 -0700
Subject: [PATCH 2/3] fmt

---
 go/common/crypto/mrae/deoxysii/asymmetric_test.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/go/common/crypto/mrae/deoxysii/asymmetric_test.go b/go/common/crypto/mrae/deoxysii/asymmetric_test.go
index abf3ac5c3da..2cf6f513c1d 100644
--- a/go/common/crypto/mrae/deoxysii/asymmetric_test.go
+++ b/go/common/crypto/mrae/deoxysii/asymmetric_test.go
@@ -1,12 +1,14 @@
 package deoxysii
 
 import (
-	"testing"
 	"encoding/hex"
-	"github.com/oasisprotocol/deoxysii"
+	"testing"
+
 	curve25519 "github.com/oasisprotocol/curve25519-voi/primitives/x25519"
-	"github.com/oasisprotocol/oasis-core/go/common/crypto/mrae/api"
+	"github.com/oasisprotocol/deoxysii"
 	"github.com/stretchr/testify/require"
+
+	"github.com/oasisprotocol/oasis-core/go/common/crypto/mrae/api"
 )
 
 func Test_DeriveSymmetricKey(t *testing.T) {
@@ -17,7 +19,7 @@ func Test_DeriveSymmetricKey(t *testing.T) {
 	curve25519.ScalarBaseMult(&publicKey, &privateKey)
 	publicKeyHex := hex.EncodeToString(publicKey[:])
 	require.EqualValues(t, publicKeyHex, "3046db3fa70ce605457dc47c48837ebd8bd0a26abfde5994d033e1ced68e2576", "derive public key")
-	
+
 	var sharedKey [deoxysii.KeySize]byte
 	Box.DeriveSymmetricKey(sharedKey[:], &publicKey, &privateKey)
 	sharedKeyHex := hex.EncodeToString(sharedKey[:])

From cd7b0fcf142dd19ef049fb36421ebccf7b91d541 Mon Sep 17 00:00:00 2001
From: James Zheng <jameszheng@oasislabs.com>
Date: Tue, 21 Jun 2022 08:59:57 -0700
Subject: [PATCH 3/3] add some comments

---
 go/common/crypto/mrae/deoxysii/asymmetric_test.go | 1 +
 runtime/Cargo.toml                                | 2 +-
 runtime/src/common/crypto/mrae/deoxysii.rs        | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/go/common/crypto/mrae/deoxysii/asymmetric_test.go b/go/common/crypto/mrae/deoxysii/asymmetric_test.go
index 2cf6f513c1d..70cd6d5c182 100644
--- a/go/common/crypto/mrae/deoxysii/asymmetric_test.go
+++ b/go/common/crypto/mrae/deoxysii/asymmetric_test.go
@@ -12,6 +12,7 @@ import (
 )
 
 func Test_DeriveSymmetricKey(t *testing.T) {
+	// use the same test Hex string for rust at: oasis-core/runtime/src/common/crypto/mrae/deoxysii.rs
 	p, _ := hex.DecodeString("c07b151fbc1e7a11dff926111188f8d872f62eba0396da97c0a24adb75161750")
 	var privateKey [32]byte
 	copy(privateKey[:], p)
diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml
index bb95efc13d0..e0164f42595 100644
--- a/runtime/Cargo.toml
+++ b/runtime/Cargo.toml
@@ -67,9 +67,9 @@ features = ["full"]
 
 [dev-dependencies]
 # For storage interoperability tests only.
+hex = "0.4"
 jsonrpc = { version = "0.12.1", features = ["simple_uds"] }
 tempfile = "3.3.0"
-hex = "0.4"
 
 [[bin]]
 name = "fuzz-mkvs-proof"
diff --git a/runtime/src/common/crypto/mrae/deoxysii.rs b/runtime/src/common/crypto/mrae/deoxysii.rs
index 8b08a27525a..774492d32ac 100644
--- a/runtime/src/common/crypto/mrae/deoxysii.rs
+++ b/runtime/src/common/crypto/mrae/deoxysii.rs
@@ -93,6 +93,7 @@ mod tests {
 
     #[test]
     fn test_drive_symmetric_key() {
+        // use the same test Hex string for golang at: oasis-core/go/common/crypto/mrae/deoxysii/asymmetric_test.go
         let private_key_buffer = <[u8; 32]>::from_hex(
             "c07b151fbc1e7a11dff926111188f8d872f62eba0396da97c0a24adb75161750",
         )