Merge pull request #467 from nuttycom/decrypt_diversifier_index
Add decryption of Sapling diversifiers.
This commit is contained in:
str4d
GitHub
commit
69c3b4b5e1
|
|
@ -149,6 +149,7 @@ impl DiversifierKey {
|
|||
d_j.copy_from_slice(&enc.to_bytes_le());
|
||||
let diversifier = Diversifier(d_j);
|
||||
|
||||
// validate that the generated diversifier maps to a jubjub subgroup point.
|
||||
diversifier.g_d().map(|_| diversifier)
|
||||
}
|
||||
|
||||
|
|
@ -159,6 +160,21 @@ impl DiversifierKey {
|
|||
Self::try_diversifier_internal(&ff, j)
|
||||
}
|
||||
|
||||
/// Returns the diversifier index to which this key maps the given diversifier.
|
||||
///
|
||||
/// This method cannot be used to verify whether the diversifier was originally
|
||||
/// generated with this diversifier key, because all valid diversifiers can be
|
||||
/// produced by all diversifier keys.
|
||||
pub fn diversifier_index(&self, d: &Diversifier) -> DiversifierIndex {
|
||||
let ff = FF1::<Aes256>::new(&self.0, 2).unwrap();
|
||||
let dec = ff
|
||||
.decrypt(&[], &BinaryNumeralString::from_bytes_le(&d.0[..]))
|
||||
.unwrap();
|
||||
let mut j = DiversifierIndex::new();
|
||||
j.0.copy_from_slice(&dec.to_bytes_le());
|
||||
j
|
||||
}
|
||||
|
||||
/// Returns the first index starting from j that generates a valid
|
||||
/// diversifier, along with the corresponding diversifier. Returns
|
||||
/// `None` if the diversifier space contains no valid diversifiers
|
||||
|
|
@ -578,6 +594,7 @@ mod tests {
|
|||
// j = 0
|
||||
let d_j = dk.diversifier(j_0).unwrap();
|
||||
assert_eq!(d_j.0, d_0);
|
||||
assert_eq!(dk.diversifier_index(&Diversifier(d_0)), j_0);
|
||||
|
||||
// j = 1
|
||||
assert_eq!(dk.diversifier(j_1), None);
|
||||
|
|
@ -588,6 +605,7 @@ mod tests {
|
|||
// j = 3
|
||||
let d_j = dk.diversifier(j_3).unwrap();
|
||||
assert_eq!(d_j.0, d_3);
|
||||
assert_eq!(dk.diversifier_index(&Diversifier(d_3)), j_3);
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
|
|||
Loading…
Reference in New Issue