diff --git a/bellman/src/groth16/mod.rs b/bellman/src/groth16/mod.rs index 0d85c0ffb..2602bc716 100644 --- a/bellman/src/groth16/mod.rs +++ b/bellman/src/groth16/mod.rs @@ -38,19 +38,19 @@ impl PartialEq for Proof { impl Proof { pub fn write(&self, mut writer: W) -> io::Result<()> { - writer.write_all(self.a.to_compressed().as_ref())?; - writer.write_all(self.b.to_compressed().as_ref())?; - writer.write_all(self.c.to_compressed().as_ref())?; + writer.write_all(self.a.to_bytes().as_ref())?; + writer.write_all(self.b.to_bytes().as_ref())?; + writer.write_all(self.c.to_bytes().as_ref())?; Ok(()) } pub fn read(mut reader: R) -> io::Result { let read_g1 = |reader: &mut R| -> io::Result { - let mut g1_repr = ::Compressed::default(); + let mut g1_repr = ::Repr::default(); reader.read_exact(g1_repr.as_mut())?; - let affine = E::G1Affine::from_compressed(&g1_repr); + let affine = E::G1Affine::from_bytes(&g1_repr); let affine = if affine.is_some().into() { Ok(affine.unwrap()) } else { @@ -70,10 +70,10 @@ impl Proof { }; let read_g2 = |reader: &mut R| -> io::Result { - let mut g2_repr = ::Compressed::default(); + let mut g2_repr = ::Repr::default(); reader.read_exact(g2_repr.as_mut())?; - let affine = E::G2Affine::from_compressed(&g2_repr); + let affine = E::G2Affine::from_bytes(&g2_repr); let affine = if affine.is_some().into() { Ok(affine.unwrap()) } else { diff --git a/bellman/src/groth16/tests/dummy_engine.rs b/bellman/src/groth16/tests/dummy_engine.rs index 5fb661bf4..3ddb98c90 100644 --- a/bellman/src/groth16/tests/dummy_engine.rs +++ b/bellman/src/groth16/tests/dummy_engine.rs @@ -446,17 +446,17 @@ impl CurveAffine for Fr { } impl GroupEncoding for Fr { - type Compressed = FakePoint; + type Repr = FakePoint; - fn from_compressed(_bytes: &Self::Compressed) -> CtOption { + fn from_bytes(_bytes: &Self::Repr) -> CtOption { unimplemented!() } - fn from_compressed_unchecked(_bytes: &Self::Compressed) -> CtOption { + fn from_bytes_unchecked(_bytes: &Self::Repr) -> CtOption { unimplemented!() } - fn to_compressed(&self) -> Self::Compressed { + fn to_bytes(&self) -> Self::Repr { unimplemented!() } } diff --git a/group/src/lib.rs b/group/src/lib.rs index 59e25aa76..0b105c051 100644 --- a/group/src/lib.rs +++ b/group/src/lib.rs @@ -156,22 +156,22 @@ pub trait CurveAffine: pub trait GroupEncoding: Sized { /// The encoding of group elements. - type Compressed: Default + AsRef<[u8]> + AsMut<[u8]>; + type Repr: Default + AsRef<[u8]> + AsMut<[u8]>; - /// Attempts to deserialize an element from its compressed encoding. - fn from_compressed(bytes: &Self::Compressed) -> CtOption; + /// Attempts to deserialize a group element from its encoding. + fn from_bytes(bytes: &Self::Repr) -> CtOption; - /// Attempts to deserialize a compressed element, not checking if the element is in - /// the correct subgroup. + /// Attempts to deserialize a group element, not checking if the element is valid. /// /// **This is dangerous to call unless you trust the bytes you are reading; otherwise, /// API invariants may be broken.** Please consider using - /// [`CurveAffine::from_compressed`] instead. - fn from_compressed_unchecked(bytes: &Self::Compressed) -> CtOption; + /// [`GroupEncoding::from_bytes`] instead. + fn from_bytes_unchecked(bytes: &Self::Repr) -> CtOption; - /// Converts this element into its compressed encoding, so long as it's not - /// the point at infinity. - fn to_compressed(&self) -> Self::Compressed; + /// Converts this element into its byte encoding. This may or may not support + /// encoding the identity. + // TODO: Figure out how to handle identity encoding generically. + fn to_bytes(&self) -> Self::Repr; } /// Affine representation of a point on an elliptic curve that has a defined uncompressed diff --git a/group/src/tests/mod.rs b/group/src/tests/mod.rs index cb1f12f8a..763cee28e 100644 --- a/group/src/tests/mod.rs +++ b/group/src/tests/mod.rs @@ -401,21 +401,21 @@ fn random_compressed_encoding_tests() { ]); assert_eq!( - G::Affine::from_compressed(&G::Affine::identity().to_compressed()).unwrap(), + G::Affine::from_bytes(&G::Affine::identity().to_bytes()).unwrap(), G::Affine::identity() ); for _ in 0..1000 { let mut r = G::random(&mut rng).to_affine(); - let compressed = r.to_compressed(); - let de_compressed = G::Affine::from_compressed(&compressed).unwrap(); + let compressed = r.to_bytes(); + let de_compressed = G::Affine::from_bytes(&compressed).unwrap(); assert_eq!(de_compressed, r); r = r.neg(); - let compressed = r.to_compressed(); - let de_compressed = G::Affine::from_compressed(&compressed).unwrap(); + let compressed = r.to_bytes(); + let de_compressed = G::Affine::from_bytes(&compressed).unwrap(); assert_eq!(de_compressed, r); } } diff --git a/pairing/src/bls12_381/ec.rs b/pairing/src/bls12_381/ec.rs index 29c591cf2..8d2a3f18c 100644 --- a/pairing/src/bls12_381/ec.rs +++ b/pairing/src/bls12_381/ec.rs @@ -223,10 +223,10 @@ macro_rules! curve_impl { } impl GroupEncoding for $affine { - type Compressed = $compressed; + type Repr = $compressed; - fn from_compressed(bytes: &Self::Compressed) -> CtOption { - Self::from_compressed_unchecked(bytes).and_then(|affine| { + fn from_bytes(bytes: &Self::Repr) -> CtOption { + Self::from_bytes_unchecked(bytes).and_then(|affine| { // NB: Decompression guarantees that it is on the curve already. CtOption::new( affine, @@ -239,7 +239,7 @@ macro_rules! curve_impl { }) } - fn from_compressed_unchecked(bytes: &Self::Compressed) -> CtOption { + fn from_bytes_unchecked(bytes: &Self::Repr) -> CtOption { if let Ok(p) = bytes.into_affine_unchecked() { CtOption::new(p, Choice::from(1)) } else { @@ -247,7 +247,7 @@ macro_rules! curve_impl { } } - fn to_compressed(&self) -> Self::Compressed { + fn to_bytes(&self) -> Self::Repr { $compressed::from_affine(*self) } } diff --git a/pairing/src/bls12_381/tests/mod.rs b/pairing/src/bls12_381/tests/mod.rs index cac563caf..e905a486a 100644 --- a/pairing/src/bls12_381/tests/mod.rs +++ b/pairing/src/bls12_381/tests/mod.rs @@ -87,22 +87,20 @@ where fn compressed_test_vectors(expected: &[u8]) { let mut e = G::identity(); - let encoded_len = ::Compressed::default() - .as_ref() - .len(); + let encoded_len = ::Repr::default().as_ref().len(); let mut v = vec![]; { let mut expected = expected; for _ in 0..1000 { let e_affine = e.to_affine(); - let encoded = e_affine.to_compressed(); + let encoded = e_affine.to_bytes(); v.extend_from_slice(encoded.as_ref()); - let mut decoded = ::Compressed::default(); + let mut decoded = ::Repr::default(); decoded.as_mut().copy_from_slice(&expected[0..encoded_len]); expected = &expected[encoded_len..]; - let decoded = G::Affine::from_compressed(&decoded).unwrap(); + let decoded = G::Affine::from_bytes(&decoded).unwrap(); assert_eq!(e_affine, decoded); e.add_assign(&G::generator()); @@ -395,12 +393,12 @@ fn test_g2_uncompressed_invalid_vectors() { #[test] fn test_g1_compressed_invalid_vectors() { { - let z = G1Affine::identity().to_compressed(); + let z = G1Affine::identity().to_bytes(); { let mut z = z; z.as_mut()[0] &= 0b0111_1111; - if G1Affine::from_compressed(&z).is_none().into() { + if G1Affine::from_bytes(&z).is_none().into() { // :) } else { panic!("should have rejected the point because we expected a compressed point"); @@ -410,7 +408,7 @@ fn test_g1_compressed_invalid_vectors() { { let mut z = z; z.as_mut()[0] |= 0b0010_0000; - if G1Affine::from_compressed(&z).is_none().into() { + if G1Affine::from_bytes(&z).is_none().into() { // :) } else { panic!("should have rejected the point because the parity bit should not be set if the point is at infinity"); @@ -420,7 +418,7 @@ fn test_g1_compressed_invalid_vectors() { for i in 0..G1Compressed::size() { let mut z = z; z.as_mut()[i] |= 0b0000_0001; - if G1Affine::from_compressed(&z).is_none().into() { + if G1Affine::from_bytes(&z).is_none().into() { // :) } else { panic!("should have rejected the point because the coordinates should be zeroes at the point at infinity"); @@ -428,12 +426,12 @@ fn test_g1_compressed_invalid_vectors() { } } - let o = G1Affine::generator().to_compressed(); + let o = G1Affine::generator().to_bytes(); { let mut o = o; o.as_mut()[0] &= 0b0111_1111; - if G1Affine::from_compressed(&o).is_none().into() { + if G1Affine::from_bytes(&o).is_none().into() { // :) } else { panic!("should have rejected the point because we expected a compressed point"); @@ -447,7 +445,7 @@ fn test_g1_compressed_invalid_vectors() { o.as_mut()[..48].copy_from_slice(m.as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G1Affine::from_compressed(&o).is_none().into() { + if G1Affine::from_bytes(&o).is_none().into() { // x coordinate } else { panic!("should have rejected the point") @@ -469,7 +467,7 @@ fn test_g1_compressed_invalid_vectors() { o.as_mut().copy_from_slice(x.to_repr().as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G1Affine::from_compressed(&o).is_none().into() { + if G1Affine::from_bytes(&o).is_none().into() { break; } else { panic!("should have rejected the point because it isn't on the curve") @@ -492,7 +490,7 @@ fn test_g1_compressed_invalid_vectors() { o.as_mut().copy_from_slice(x.to_repr().as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G1Affine::from_compressed(&o).is_none().into() { + if G1Affine::from_bytes(&o).is_none().into() { break; } else { panic!( @@ -509,12 +507,12 @@ fn test_g1_compressed_invalid_vectors() { #[test] fn test_g2_compressed_invalid_vectors() { { - let z = G2Affine::identity().to_compressed(); + let z = G2Affine::identity().to_bytes(); { let mut z = z; z.as_mut()[0] &= 0b0111_1111; - if G2Affine::from_compressed(&z).is_none().into() { + if G2Affine::from_bytes(&z).is_none().into() { // :) } else { panic!("should have rejected the point because we expected a compressed point"); @@ -524,7 +522,7 @@ fn test_g2_compressed_invalid_vectors() { { let mut z = z; z.as_mut()[0] |= 0b0010_0000; - if G2Affine::from_compressed(&z).is_none().into() { + if G2Affine::from_bytes(&z).is_none().into() { // :) } else { panic!("should have rejected the point because the parity bit should not be set if the point is at infinity"); @@ -534,7 +532,7 @@ fn test_g2_compressed_invalid_vectors() { for i in 0..G2Compressed::size() { let mut z = z; z.as_mut()[i] |= 0b0000_0001; - if G2Affine::from_compressed(&z).is_none().into() { + if G2Affine::from_bytes(&z).is_none().into() { // :) } else { panic!("should have rejected the point because the coordinates should be zeroes at the point at infinity"); @@ -542,12 +540,12 @@ fn test_g2_compressed_invalid_vectors() { } } - let o = G2Affine::generator().to_compressed(); + let o = G2Affine::generator().to_bytes(); { let mut o = o; o.as_mut()[0] &= 0b0111_1111; - if G2Affine::from_compressed(&o).is_none().into() { + if G2Affine::from_bytes(&o).is_none().into() { // :) } else { panic!("should have rejected the point because we expected a compressed point"); @@ -561,7 +559,7 @@ fn test_g2_compressed_invalid_vectors() { o.as_mut()[..48].copy_from_slice(m.as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G2Affine::from_compressed(&o).is_none().into() { + if G2Affine::from_bytes(&o).is_none().into() { // x coordinate (c1) } else { panic!("should have rejected the point") @@ -573,7 +571,7 @@ fn test_g2_compressed_invalid_vectors() { o.as_mut()[48..96].copy_from_slice(m.as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G2Affine::from_compressed(&o).is_none().into() { + if G2Affine::from_bytes(&o).is_none().into() { // x coordinate (c0) } else { panic!("should have rejected the point") @@ -602,7 +600,7 @@ fn test_g2_compressed_invalid_vectors() { o.as_mut()[48..].copy_from_slice(x.c0.to_repr().as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G2Affine::from_compressed(&o).is_none().into() { + if G2Affine::from_bytes(&o).is_none().into() { break; } else { panic!("should have rejected the point because it isn't on the curve") @@ -632,7 +630,7 @@ fn test_g2_compressed_invalid_vectors() { o.as_mut()[48..].copy_from_slice(x.c0.to_repr().as_ref()); o.as_mut()[0] |= 0b1000_0000; - if G2Affine::from_compressed(&o).is_none().into() { + if G2Affine::from_bytes(&o).is_none().into() { break; } else { panic!(