1 # This is a reference implementation of the COMMIT/REVEAL calculation for
2 # prop250. We use it to generate a test vector for the test_encoding()
5 # Here is the computation formula:
8 # TIMESTAMP = 8 bytes network-endian value
9 # RAND = H(32 bytes of random)
11 # REVEAL = base64-encode( TIMESTAMP || RAND )
12 # COMMIT = base64-encode( TIMESTAMP || H(REVEAL) )
20 # Python 3.6+, the SHA3 is available in hashlib natively. Else this requires
21 # the pysha3 package (pip install pysha3).
22 if sys
.version_info
< (3, 6):
25 # Test vector to make sure the right sha3 version will be used. pysha3 < 1.0
26 # used the old Keccak implementation. During the finalization of SHA3, NIST
27 # changed the delimiter suffix from 0x01 to 0x06. The Keccak sponge function
28 # stayed the same. pysha3 1.0 provides the previous Keccak hash, too.
29 TEST_VALUE
= "e167f68d6563d75bb25f3aa49c29ef612d41352dc00606de7cbd630bb2665f51"
30 if TEST_VALUE
!= sha3
.sha3_256(b
"Hello World").hexdigest():
31 print("pysha3 version is < 1.0. Please install from:")
32 print("https://github.com/tiran/pysha3https://github.com/tiran/pysha3")
38 data
= 'A' * 32 # Yes very very random, NIST grade :).
39 rand
= hashlib
.sha3_256(data
)
41 reveal
= struct
.pack('!Q', ts
) + rand
.digest()
42 b64_reveal
= base64
.b64encode(reveal
)
43 print("REVEAL: %s" % (b64_reveal
))
45 # Yes we do hash the _encoded_ reveal here that is H(REVEAL)
46 hashed_reveal
= hashlib
.sha3_256(b64_reveal
)
47 commit
= struct
.pack('!Q', ts
) + hashed_reveal
.digest()
48 print("COMMIT: %s" % (base64
.b64encode(commit
)))
50 # REVEAL: AAAAAFavXpZJxbwTupvaJCTeIUCQmOPxAMblc7ChL5H2nZKuGchdaA==
51 # COMMIT: AAAAAFavXpbkBMzMQG7aNoaGLFNpm2Wkk1ozXhuWWqL//GynltxVAg==