mirror of https://github.com/zcash/halo2.git
Move prf_expand{_vec} into a submodule for clarity
This commit is contained in:
parent
f82d00e40d
commit
cea8a3ab69
25
src/spec.rs
25
src/spec.rs
|
@ -3,7 +3,6 @@
|
|||
use std::iter;
|
||||
use std::ops::Deref;
|
||||
|
||||
use blake2b_simd::Params;
|
||||
use ff::{Field, PrimeField};
|
||||
use group::{Curve, Group};
|
||||
use halo2::arithmetic::{CurveAffine, CurveExt, FieldExt};
|
||||
|
@ -15,7 +14,8 @@ use crate::{
|
|||
primitives::{poseidon, sinsemilla},
|
||||
};
|
||||
|
||||
const PRF_EXPAND_PERSONALIZATION: &[u8; 16] = b"Zcash_ExpandSeed";
|
||||
mod prf_expand;
|
||||
pub(crate) use prf_expand::{prf_expand, prf_expand_vec};
|
||||
|
||||
/// A Pallas point that is guaranteed to not be the identity.
|
||||
#[derive(Clone, Copy, Debug)]
|
||||
|
@ -138,27 +138,6 @@ pub(crate) fn diversify_hash(d: &[u8; 11]) -> NonIdentityPallasPoint {
|
|||
NonIdentityPallasPoint(CtOption::new(pk_d, !pk_d.is_identity()).unwrap_or_else(|| hasher(&[])))
|
||||
}
|
||||
|
||||
/// $PRF^\mathsf{expand}(sk, t) := BLAKE2b-512("Zcash_ExpandSeed", sk || t)$
|
||||
///
|
||||
/// Defined in [Zcash Protocol Spec § 5.4.2: Pseudo Random Functions][concreteprfs].
|
||||
///
|
||||
/// [concreteprfs]: https://zips.z.cash/protocol/nu5.pdf#concreteprfs
|
||||
pub(crate) fn prf_expand(sk: &[u8], t: &[u8]) -> [u8; 64] {
|
||||
prf_expand_vec(sk, &[t])
|
||||
}
|
||||
|
||||
pub(crate) fn prf_expand_vec(sk: &[u8], ts: &[&[u8]]) -> [u8; 64] {
|
||||
let mut h = Params::new()
|
||||
.hash_length(64)
|
||||
.personal(PRF_EXPAND_PERSONALIZATION)
|
||||
.to_state();
|
||||
h.update(sk);
|
||||
for t in ts {
|
||||
h.update(t);
|
||||
}
|
||||
*h.finalize().as_array()
|
||||
}
|
||||
|
||||
/// $PRF^\mathsf{nfOrchard}(nk, \rho) := Poseidon(nk, \rho)$
|
||||
///
|
||||
/// Defined in [Zcash Protocol Spec § 5.4.2: Pseudo Random Functions][concreteprfs].
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
use blake2b_simd::Params;
|
||||
|
||||
const PRF_EXPAND_PERSONALIZATION: &[u8; 16] = b"Zcash_ExpandSeed";
|
||||
|
||||
/// $PRF^\mathsf{expand}(sk, t) := BLAKE2b-512("Zcash_ExpandSeed", sk || t)$
|
||||
///
|
||||
/// Defined in [Zcash Protocol Spec § 5.4.2: Pseudo Random Functions][concreteprfs].
|
||||
///
|
||||
/// [concreteprfs]: https://zips.z.cash/protocol/nu5.pdf#concreteprfs
|
||||
pub(crate) fn prf_expand(sk: &[u8], t: &[u8]) -> [u8; 64] {
|
||||
prf_expand_vec(sk, &[t])
|
||||
}
|
||||
|
||||
pub(crate) fn prf_expand_vec(sk: &[u8], ts: &[&[u8]]) -> [u8; 64] {
|
||||
let mut h = Params::new()
|
||||
.hash_length(64)
|
||||
.personal(PRF_EXPAND_PERSONALIZATION)
|
||||
.to_state();
|
||||
h.update(sk);
|
||||
for t in ts {
|
||||
h.update(t);
|
||||
}
|
||||
*h.finalize().as_array()
|
||||
}
|
Loading…
Reference in New Issue