zec
/
librustzcash
mirror of https://github.com/zcash/librustzcash.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

group: Return subtle::Choice from CurveAffine::is_identity

This commit is contained in:
Jack Grigg 2020-05-15 17:33:34 +12:00
parent b94d567076
commit 0941dddc13
7 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bellman/src/groth16/mod.rs
View File

@ -54,7 +54,7 @@ impl<E: Engine> Proof<E> {
.into_affine() .into_affine()
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
.and_then(|e| { .and_then(|e| {
if e.is_identity() { if e.is_identity().into() {
Err(io::Error::new( Err(io::Error::new(
io::ErrorKind::InvalidData, io::ErrorKind::InvalidData,
"point at infinity", "point at infinity",
@ -69,7 +69,7 @@ impl<E: Engine> Proof<E> {
.into_affine() .into_affine()
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
.and_then(|e| { .and_then(|e| {
if e.is_identity() { if e.is_identity().into() {
Err(io::Error::new( Err(io::Error::new(
io::ErrorKind::InvalidData, io::ErrorKind::InvalidData,
"point at infinity", "point at infinity",
@ -84,7 +84,7 @@ impl<E: Engine> Proof<E> {
.into_affine() .into_affine()
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
.and_then(|e| { .and_then(|e| {
if e.is_identity() { if e.is_identity().into() {
Err(io::Error::new( Err(io::Error::new(
io::ErrorKind::InvalidData, io::ErrorKind::InvalidData,
"point at infinity", "point at infinity",
@ -198,7 +198,7 @@ impl<E: Engine> VerifyingKey<E> {
.into_affine() .into_affine()
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
.and_then(|e| { .and_then(|e| {
if e.is_identity() { if e.is_identity().into() {
Err(io::Error::new( Err(io::Error::new(
io::ErrorKind::InvalidData, io::ErrorKind::InvalidData,
"point at infinity", "point at infinity",
@ -303,7 +303,7 @@ impl<E: Engine> Parameters<E> {
} }
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
.and_then(|e| { .and_then(|e| {
if e.is_identity() { if e.is_identity().into() {
Err(io::Error::new( Err(io::Error::new(
io::ErrorKind::InvalidData, io::ErrorKind::InvalidData,
"point at infinity", "point at infinity",
@ -325,7 +325,7 @@ impl<E: Engine> Parameters<E> {
} }
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e)) .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
.and_then(|e| { .and_then(|e| {
if e.is_identity() { if e.is_identity().into() {
Err(io::Error::new( Err(io::Error::new(
io::ErrorKind::InvalidData, io::ErrorKind::InvalidData,
"point at infinity", "point at infinity",

2
bellman/src/groth16/prover.rs
View File

@ -295,7 +295,7 @@ where
); );
let b_g2_aux = multiexp(&worker, b_g2_aux_source, b_aux_density, aux_assignment); let b_g2_aux = multiexp(&worker, b_g2_aux_source, b_aux_density, aux_assignment);
if vk.delta_g1.is_identity() || vk.delta_g2.is_identity() { if bool::from(vk.delta_g1.is_identity() | vk.delta_g2.is_identity()) {
// If this element is zero, someone is trying to perform a // If this element is zero, someone is trying to perform a
// subversion-CRS attack. // subversion-CRS attack.
return Err(SynthesisError::UnexpectedIdentity); return Err(SynthesisError::UnexpectedIdentity);

4
bellman/src/groth16/tests/dummy_engine.rs
View File

@ -471,8 +471,8 @@ impl CurveAffine for Fr {
<Fr as Field>::one() <Fr as Field>::one()
} }
fn is_identity(&self) -> bool { fn is_identity(&self) -> Choice {
<Fr as Field>::is_zero(self) Choice::from(if <Fr as Field>::is_zero(self) { 1 } else { 0 })
} }
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective { fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective {

2
bellman/src/multiexp.rs
View File

@ -55,7 +55,7 @@ impl<G: CurveAffine> Source<G> for (Arc<Vec<G>>, usize) {
.into()); .into());
} }
if self.0[self.1].is_identity() { if self.0[self.1].is_identity().into() {
return Err(SynthesisError::UnexpectedIdentity); return Err(SynthesisError::UnexpectedIdentity);
} }

2
group/src/lib.rs
View File

@ -146,7 +146,7 @@ pub trait CurveAffine:
/// Determines if this point represents the point at infinity; the /// Determines if this point represents the point at infinity; the
/// additive identity. /// additive identity.
fn is_identity(&self) -> bool; fn is_identity(&self) -> Choice;
/// Performs scalar multiplication of this element with mixed addition. /// Performs scalar multiplication of this element with mixed addition.
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective; fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective;

14
pairing/src/bls12_381/ec.rs
View File

@ -177,8 +177,8 @@ macro_rules! curve_impl {
Self::get_generator() Self::get_generator()
} }
fn is_identity(&self) -> bool { fn is_identity(&self) -> Choice {
self.infinity Choice::from(if self.infinity { 1 } else { 0 })
} }
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, by: S) -> $projective { fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, by: S) -> $projective {
@ -893,7 +893,7 @@ pub mod g1 {
fn from_affine(affine: G1Affine) -> Self { fn from_affine(affine: G1Affine) -> Self {
let mut res = Self::empty(); let mut res = Self::empty();
if affine.is_identity() { if affine.is_identity().into() {
// Set the second-most significant bit to indicate this point // Set the second-most significant bit to indicate this point
// is at infinity. // is at infinity.
res.0[0] |= 1 << 6; res.0[0] |= 1 << 6;
@ -990,7 +990,7 @@ pub mod g1 {
fn from_affine(affine: G1Affine) -> Self { fn from_affine(affine: G1Affine) -> Self {
let mut res = Self::empty(); let mut res = Self::empty();
if affine.is_identity() { if affine.is_identity().into() {
// Set the second-most significant bit to indicate this point // Set the second-most significant bit to indicate this point
// is at infinity. // is at infinity.
res.0[0] |= 1 << 6; res.0[0] |= 1 << 6;
@ -1070,7 +1070,7 @@ pub mod g1 {
impl G1Prepared { impl G1Prepared {
pub fn is_identity(&self) -> bool { pub fn is_identity(&self) -> bool {
self.0.is_identity() self.0.is_identity().into()
} }
pub fn from_affine(p: G1Affine) -> Self { pub fn from_affine(p: G1Affine) -> Self {
@ -1515,7 +1515,7 @@ pub mod g2 {
fn from_affine(affine: G2Affine) -> Self { fn from_affine(affine: G2Affine) -> Self {
let mut res = Self::empty(); let mut res = Self::empty();
if affine.is_identity() { if affine.is_identity().into() {
// Set the second-most significant bit to indicate this point // Set the second-most significant bit to indicate this point
// is at infinity. // is at infinity.
res.0[0] |= 1 << 6; res.0[0] |= 1 << 6;
@ -1629,7 +1629,7 @@ pub mod g2 {
fn from_affine(affine: G2Affine) -> Self { fn from_affine(affine: G2Affine) -> Self {
let mut res = Self::empty(); let mut res = Self::empty();
if affine.is_identity() { if affine.is_identity().into() {
// Set the second-most significant bit to indicate this point // Set the second-most significant bit to indicate this point
// is at infinity. // is at infinity.
res.0[0] |= 1 << 6; res.0[0] |= 1 << 6;

2
pairing/src/bls12_381/mod.rs
View File

@ -173,7 +173,7 @@ impl G2Prepared {
} }
pub fn from_affine(q: G2Affine) -> Self { pub fn from_affine(q: G2Affine) -> Self {
if q.is_identity() { if q.is_identity().into() {
return G2Prepared { return G2Prepared {
coeffs: vec![], coeffs: vec![],
infinity: true, infinity: true,