Pass esk to SaplingNoteEncryption::new and add generate_or_derive_esk()
This commit is contained in:
therealyingtong
parent
65504d9ca7
commit
eda00ec7ad
|
|
@ -6,7 +6,7 @@ use crate::{
|
|||
jubjub::{
|
||||
edwards,
|
||||
fs::{Fs, FsRepr},
|
||||
PrimeOrder, ToUniform, Unknown,
|
||||
PrimeOrder, Unknown,
|
||||
},
|
||||
primitives::{Diversifier, Note, PaymentAddress, Rseed},
|
||||
};
|
||||
|
|
@ -15,7 +15,6 @@ use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt};
|
|||
use crypto_api_chachapoly::{ChaCha20Ietf, ChachaPolyIetf};
|
||||
use ff::PrimeField;
|
||||
use pairing::bls12_381::{Bls12, Fr};
|
||||
use rand_core::{CryptoRng, RngCore};
|
||||
use std::convert::TryInto;
|
||||
use std::fmt;
|
||||
use std::str;
|
||||
|
|
@ -135,15 +134,6 @@ impl str::FromStr for Memo {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn generate_esk<R: RngCore + CryptoRng>(rng: &mut R) -> Fs {
|
||||
// create random 64 byte buffer
|
||||
let mut buffer = [0u8; 64];
|
||||
rng.fill_bytes(&mut buffer);
|
||||
|
||||
// reduce to uniform value
|
||||
Fs::to_uniform(&buffer[..])
|
||||
}
|
||||
|
||||
/// Sapling key agreement for note encryption.
|
||||
///
|
||||
/// Implements section 5.4.4.3 of the Zcash Protocol Specification.
|
||||
|
|
@ -256,14 +246,13 @@ pub struct SaplingNoteEncryption {
|
|||
|
||||
impl SaplingNoteEncryption {
|
||||
/// Creates a new encryption context for the given note.
|
||||
pub fn new<R: RngCore + CryptoRng>(
|
||||
pub fn new(
|
||||
ovk: OutgoingViewingKey,
|
||||
note: Note<Bls12>,
|
||||
to: PaymentAddress<Bls12>,
|
||||
memo: Memo,
|
||||
rng: &mut R,
|
||||
esk: Fs,
|
||||
) -> SaplingNoteEncryption {
|
||||
let esk = generate_esk(rng);
|
||||
let epk = note.g_d.mul(esk, &JUBJUB);
|
||||
|
||||
SaplingNoteEncryption {
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ use crate::group_hash::group_hash;
|
|||
|
||||
use crate::pedersen_hash::{pedersen_hash, Personalization};
|
||||
|
||||
use byteorder::{ByteOrder, LittleEndian, WriteBytesExt};
|
||||
use byteorder::{LittleEndian, WriteBytesExt};
|
||||
|
||||
use crate::jubjub::{edwards, FixedGenerators, JubjubEngine, JubjubParams, PrimeOrder, ToUniform};
|
||||
|
||||
|
|
@ -16,6 +16,8 @@ use crate::keys::prf_expand;
|
|||
|
||||
use blake2s_simd::Params as Blake2sParams;
|
||||
|
||||
use rand_core::{CryptoRng, RngCore};
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct ValueCommitment<E: JubjubEngine> {
|
||||
pub value: u64,
|
||||
|
|
@ -328,4 +330,18 @@ impl<E: JubjubEngine> Note<E> {
|
|||
Rseed::AfterZip212(rseed) => E::Fs::to_uniform(prf_expand(&rseed, &[0x04]).as_bytes()),
|
||||
}
|
||||
}
|
||||
|
||||
pub fn generate_or_derive_esk<R: RngCore + CryptoRng>(&self, rng: &mut R) -> E::Fs {
|
||||
match self.rseed {
|
||||
Rseed::BeforeZip212(_) => {
|
||||
// create random 64 byte buffer
|
||||
let mut buffer = [0u8; 64];
|
||||
&rng.fill_bytes(&mut buffer);
|
||||
|
||||
// reduce to uniform value
|
||||
E::Fs::to_uniform(&buffer[..])
|
||||
}
|
||||
Rseed::AfterZip212(rseed) => E::Fs::to_uniform(prf_expand(&rseed, &[0x05]).as_bytes()),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ use crate::{
|
|||
keys::OutgoingViewingKey,
|
||||
legacy::TransparentAddress,
|
||||
merkle_tree::MerklePath,
|
||||
note_encryption::{generate_esk, Memo, SaplingNoteEncryption},
|
||||
note_encryption::{Memo, SaplingNoteEncryption},
|
||||
prover::TxProver,
|
||||
redjubjub::PrivateKey,
|
||||
sapling::{spend_sig, Node},
|
||||
|
|
@ -132,7 +132,7 @@ impl SaplingOutput {
|
|||
self.note.clone(),
|
||||
self.to.clone(),
|
||||
self.memo,
|
||||
rng,
|
||||
self.note.generate_or_derive_esk(rng),
|
||||
);
|
||||
|
||||
let (zkproof, cv) = prover.output_proof(
|
||||
|
|
@ -634,7 +634,7 @@ impl<R: RngCore + CryptoRng> Builder<R> {
|
|||
)
|
||||
};
|
||||
|
||||
let esk = generate_esk(&mut self.rng);
|
||||
let esk = dummy_note.generate_or_derive_esk(&mut self.rng);
|
||||
let epk = dummy_note.g_d.mul(esk, &JUBJUB);
|
||||
|
||||
let (zkproof, cv) = prover.output_proof(
|
||||
|
|
|
|||
Loading…
Reference in New Issue