mirror of https://github.com/zcash/orchard.git
Add `FullViewingKey::derive_internal`
This is identical to the changes introduced in zcash/orchard#270, except that the output is non-optional (since the derivation is non-fallible).
This commit is contained in:
parent
4dc1ae059a
commit
65f3e6ec32
26
src/keys.rs
26
src/keys.rs
|
@ -7,7 +7,11 @@ use std::mem;
|
||||||
use aes::Aes256;
|
use aes::Aes256;
|
||||||
use blake2b_simd::{Hash as Blake2bHash, Params};
|
use blake2b_simd::{Hash as Blake2bHash, Params};
|
||||||
use fpe::ff1::{BinaryNumeralString, FF1};
|
use fpe::ff1::{BinaryNumeralString, FF1};
|
||||||
use group::{ff::Field, prime::PrimeCurveAffine, Curve, GroupEncoding};
|
use group::{
|
||||||
|
ff::{Field, PrimeField},
|
||||||
|
prime::PrimeCurveAffine,
|
||||||
|
Curve, GroupEncoding,
|
||||||
|
};
|
||||||
use halo2::arithmetic::FieldExt;
|
use halo2::arithmetic::FieldExt;
|
||||||
use pasta_curves::pallas;
|
use pasta_curves::pallas;
|
||||||
use rand::RngCore;
|
use rand::RngCore;
|
||||||
|
@ -320,6 +324,15 @@ impl FullViewingKey {
|
||||||
&self.rivk
|
&self.rivk
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub(crate) fn rivk_internal(&self) -> CommitIvkRandomness {
|
||||||
|
let k = self.rivk.0.to_repr();
|
||||||
|
let ak = self.ak.to_bytes();
|
||||||
|
let nk = self.nk.to_bytes();
|
||||||
|
CommitIvkRandomness(to_scalar(
|
||||||
|
PrfExpand::OrchardRivkInternal.with_ad_slices(&k, &[&ak, &nk]),
|
||||||
|
))
|
||||||
|
}
|
||||||
|
|
||||||
/// Defined in [Zcash Protocol Spec § 4.2.3: Orchard Key Components][orchardkeycomponents].
|
/// Defined in [Zcash Protocol Spec § 4.2.3: Orchard Key Components][orchardkeycomponents].
|
||||||
///
|
///
|
||||||
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
|
/// [orchardkeycomponents]: https://zips.z.cash/protocol/nu5.pdf#orchardkeycomponents
|
||||||
|
@ -391,6 +404,17 @@ impl FullViewingKey {
|
||||||
|
|
||||||
Some(FullViewingKey { ak, nk, rivk })
|
Some(FullViewingKey { ak, nk, rivk })
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Derives an internal full viewing key from a full viewing key, as specified in [ZIP32][orchardinternalfullviewingkey]
|
||||||
|
///
|
||||||
|
/// [orchardinternalfullviewingkey]: https://zips.z.cash/zip-0032#orchard-internal-key-derivation
|
||||||
|
pub fn derive_internal(&self) -> Self {
|
||||||
|
FullViewingKey {
|
||||||
|
ak: self.ak.clone(),
|
||||||
|
nk: self.nk,
|
||||||
|
rivk: self.rivk_internal(),
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A key that provides the capability to derive a sequence of diversifiers.
|
/// A key that provides the capability to derive a sequence of diversifiers.
|
||||||
|
|
|
@ -12,6 +12,7 @@ pub(crate) enum PrfExpand {
|
||||||
Psi,
|
Psi,
|
||||||
OrchardZip32Child,
|
OrchardZip32Child,
|
||||||
OrchardDkOvk,
|
OrchardDkOvk,
|
||||||
|
OrchardRivkInternal,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl PrfExpand {
|
impl PrfExpand {
|
||||||
|
@ -25,6 +26,7 @@ impl PrfExpand {
|
||||||
Self::Psi => 0x09,
|
Self::Psi => 0x09,
|
||||||
Self::OrchardZip32Child => 0x81,
|
Self::OrchardZip32Child => 0x81,
|
||||||
Self::OrchardDkOvk => 0x82,
|
Self::OrchardDkOvk => 0x82,
|
||||||
|
Self::OrchardRivkInternal => 0x83,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue