zec
/
zcash_note_encryption
mirror of https://github.com/zcash/zcash_note_encryption.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

zcash_note_encryption: s/TryFrom/From on ExtractedCommitmentBytes bound 

This was left over from an earlier refactor where we could call a domain
API to extract cmstar from a note commitment (which could fail for
Orchard). This part of extraction was subsequently refactored into the
domain logic (and is rejected earlier for Orchard). The resulting bound
is wrong because it's always possible to serialize a scalar.


Extracted from: ee2b96c82d
This commit is contained in:
Jack Grigg 2021-05-28 22:57:48 +01:00
parent 22d0991a46
commit d94482d5ac
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/lib.rs
View File

@ -5,7 +5,6 @@
use crypto_api_chachapoly::{ChaCha20Ietf, ChachaPolyIetf}; use crypto_api_chachapoly::{ChaCha20Ietf, ChachaPolyIetf};
use rand_core::RngCore; use rand_core::RngCore;
use std::convert::TryFrom;
use subtle::{Choice, ConstantTimeEq}; use subtle::{Choice, ConstantTimeEq};
pub const COMPACT_NOTE_SIZE: usize = 1 + // version pub const COMPACT_NOTE_SIZE: usize = 1 + // version
@ -75,7 +74,7 @@ pub trait Domain {
type OutgoingViewingKey; type OutgoingViewingKey;
type ValueCommitment; type ValueCommitment;
type ExtractedCommitment; type ExtractedCommitment;
type ExtractedCommitmentBytes: Eq + TryFrom<Self::ExtractedCommitment>; type ExtractedCommitmentBytes: Eq + for<'a> From<&'a Self::ExtractedCommitment>;
type Memo; type Memo;
fn derive_esk(note: &Self::Note) -> Option<Self::EphemeralSecretKey>; fn derive_esk(note: &Self::Note) -> Option<Self::EphemeralSecretKey>;
@ -384,9 +383,7 @@ fn check_note_validity<D: Domain>(
epk: &D::EphemeralPublicKey, epk: &D::EphemeralPublicKey,
cmstar_bytes: &D::ExtractedCommitmentBytes, cmstar_bytes: &D::ExtractedCommitmentBytes,
) -> NoteValidity { ) -> NoteValidity {
if D::ExtractedCommitmentBytes::try_from(D::cmstar(&note)) if &D::ExtractedCommitmentBytes::from(&D::cmstar(&note)) == cmstar_bytes {
.map_or(false, |cs| &cs == cmstar_bytes)
{
let epk_bytes = D::epk_bytes(epk); let epk_bytes = D::epk_bytes(epk);
D::check_epk_bytes(&note, |derived_esk| { D::check_epk_bytes(&note, |derived_esk| {
if D::epk_bytes(&D::ka_derive_public(&note, &derived_esk)) if D::epk_bytes(&D::ka_derive_public(&note, &derived_esk))