zec
/
sapling-crypto
mirror of https://github.com/zcash/sapling-crypto.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move personalization constants to submodule.

This commit is contained in:
Sean Bowe 2018-03-08 00:06:53 -07:00
parent 25a8050df8
commit c7c8d3c039
No known key found for this signature in database
GPG Key ID: 95684257D8F8B031
5 changed files with 43 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/circuit/mod.rs
View File

@ -27,6 +27,8 @@ use jubjub::{
edwards edwards
}; };
use constants;
trait Assignment<T> { trait Assignment<T> {
fn get(&self) -> Result<&T, SynthesisError>; fn get(&self) -> Result<&T, SynthesisError>;
} }
@ -157,7 +159,7 @@ impl<'a, E: JubjubEngine> Circuit<E> for Spend<'a, E> {
let mut ivk = blake2s::blake2s( let mut ivk = blake2s::blake2s(
cs.namespace(|| "computation of ivk"), cs.namespace(|| "computation of ivk"),
&vk, &vk,
::CRH_IVK_PERSONALIZATION constants::CRH_IVK_PERSONALIZATION
)?; )?;
// Little endian bit order // Little endian bit order
@ -301,7 +303,7 @@ impl<'a, E: JubjubEngine> Circuit<E> for Spend<'a, E> {
let mut rho = blake2s::blake2s( let mut rho = blake2s::blake2s(
cs.namespace(|| "rho computation"), cs.namespace(|| "rho computation"),
&rho_preimage, &rho_preimage,
::PRF_NR_PERSONALIZATION constants::PRF_NR_PERSONALIZATION
)?; )?;
// Little endian bit order // Little endian bit order

23
src/constants.rs Normal file
View File

@ -0,0 +1,23 @@
// BLAKE2s invocation personalizations
/// BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | rk)
pub const CRH_IVK_PERSONALIZATION: &'static [u8; 8] = b"Zcashivk";
/// BLAKE2s Personalization for PRF^nr = BLAKE2s(rk | cm + position)
pub const PRF_NR_PERSONALIZATION: &'static [u8; 8] = b"WhatTheH";
// Group hash personalizations
/// BLAKE2s Personalization for Pedersen hash generators.
pub const PEDERSEN_HASH_GENERATORS_PERSONALIZATION: &'static [u8; 8] = b"PEDERSEN";
/// BLAKE2s Personalization for the group hash for key diversification
pub const KEY_DIVERSIFICATION_PERSONALIZATION: &'static [u8; 8] = b"Zcash_gh";
/// BLAKE2s Personalization for the proof generation key base point
pub const PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"12345678";
/// BLAKE2s Personalization for the note commitment randomness generator
pub const NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"abcdefgh";
/// BLAKE2s Personalization for the nullifier position generator (for PRF^nr)
pub const NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"nfnfnfnf";
/// BLAKE2s Personalization for the value commitment generator for the value
pub const VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"45u8gh45";
/// BLAKE2s Personalization for the value commitment randomness generator
pub const VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"11111111";
/// BLAKE2s Personalization for the spending key base point
pub const SPENDING_KEY_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"sksksksk";

18
src/jubjub/mod.rs
View File

@ -24,7 +24,9 @@ use pairing::{
SqrtField SqrtField
}; };
use super::group_hash::group_hash; use group_hash::group_hash;
use constants;
use pairing::bls12_381::{ use pairing::bls12_381::{
Bls12, Bls12,
@ -188,7 +190,7 @@ impl JubjubBls12 {
let mut pedersen_hash_generators = vec![]; let mut pedersen_hash_generators = vec![];
while pedersen_hash_generators.len() < 5 { while pedersen_hash_generators.len() < 5 {
let gh = group_hash(&[cur], ::PEDERSEN_HASH_GENERATORS_PERSONALIZATION, &tmp); let gh = group_hash(&[cur], constants::PEDERSEN_HASH_GENERATORS_PERSONALIZATION, &tmp);
// We don't want to overflow and start reusing generators // We don't want to overflow and start reusing generators
assert!(cur != u8::max_value()); assert!(cur != u8::max_value());
cur += 1; cur += 1;
@ -228,22 +230,22 @@ impl JubjubBls12 {
for c in 0..(FixedGenerators::Max as usize) { for c in 0..(FixedGenerators::Max as usize) {
let p = match c { let p = match c {
c if c == (FixedGenerators::ProofGenerationKey as usize) => { c if c == (FixedGenerators::ProofGenerationKey as usize) => {
::PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION constants::PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION
}, },
c if c == (FixedGenerators::NoteCommitmentRandomness as usize) => { c if c == (FixedGenerators::NoteCommitmentRandomness as usize) => {
::NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION
}, },
c if c == (FixedGenerators::NullifierPosition as usize) => { c if c == (FixedGenerators::NullifierPosition as usize) => {
::NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION constants::NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION
}, },
c if c == (FixedGenerators::ValueCommitmentValue as usize) => { c if c == (FixedGenerators::ValueCommitmentValue as usize) => {
::VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION constants::VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION
}, },
c if c == (FixedGenerators::ValueCommitmentRandomness as usize) => { c if c == (FixedGenerators::ValueCommitmentRandomness as usize) => {
::VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION constants::VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION
}, },
c if c == (FixedGenerators::SpendingKeyGenerator as usize) => { c if c == (FixedGenerators::SpendingKeyGenerator as usize) => {
::SPENDING_KEY_GENERATOR_PERSONALIZATION constants::SPENDING_KEY_GENERATOR_PERSONALIZATION
}, },
_ => unreachable!() _ => unreachable!()
}; };

26
src/lib.rs
View File

@ -3,7 +3,6 @@ extern crate bellman;
extern crate blake2_rfc; extern crate blake2_rfc;
extern crate digest; extern crate digest;
extern crate rand; extern crate rand;
extern crate byteorder; extern crate byteorder;
#[cfg(test)] #[cfg(test)]
@ -15,27 +14,4 @@ pub mod circuit;
pub mod group_hash; pub mod group_hash;
pub mod pedersen_hash; pub mod pedersen_hash;
pub mod primitives; pub mod primitives;
mod constants;
// BLAKE2s invocation personalizations
/// BLAKE2s Personalization for CRH^ivk = BLAKE2s(ak | rk)
const CRH_IVK_PERSONALIZATION: &'static [u8; 8] = b"Zcashivk";
/// BLAKE2s Personalization for PRF^nr = BLAKE2s(rk | cm + position)
const PRF_NR_PERSONALIZATION: &'static [u8; 8] = b"WhatTheH";
// Group hash personalizations
/// BLAKE2s Personalization for Pedersen hash generators.
const PEDERSEN_HASH_GENERATORS_PERSONALIZATION: &'static [u8; 8] = b"PEDERSEN";
/// BLAKE2s Personalization for the group hash for key diversification
const KEY_DIVERSIFICATION_PERSONALIZATION: &'static [u8; 8] = b"Zcash_gh";
/// BLAKE2s Personalization for the proof generation key base point
const PROOF_GENERATION_KEY_BASE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"12345678";
/// BLAKE2s Personalization for the note commitment randomness generator
const NOTE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"abcdefgh";
/// BLAKE2s Personalization for the nullifier position generator (for PRF^nr)
const NULLIFIER_POSITION_IN_TREE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"nfnfnfnf";
/// BLAKE2s Personalization for the value commitment generator for the value
const VALUE_COMMITMENT_VALUE_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"45u8gh45";
/// BLAKE2s Personalization for the value commitment randomness generator
const VALUE_COMMITMENT_RANDOMNESS_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"11111111";
/// BLAKE2s Personalization for the spending key base point
const SPENDING_KEY_GENERATOR_PERSONALIZATION: &'static [u8; 8] = b"sksksksk";

8
src/primitives/mod.rs
View File

@ -3,6 +3,8 @@ use pairing::{
PrimeFieldRepr PrimeFieldRepr
}; };
use constants;
use group_hash::group_hash; use group_hash::group_hash;
use pedersen_hash::{ use pedersen_hash::{
@ -52,7 +54,7 @@ impl<E: JubjubEngine> ViewingKey<E> {
self.ak.write(&mut preimage[0..32]).unwrap(); self.ak.write(&mut preimage[0..32]).unwrap();
self.rk.write(&mut preimage[32..64]).unwrap(); self.rk.write(&mut preimage[32..64]).unwrap();
let mut h = Blake2s::with_params(32, &[], &[], ::CRH_IVK_PERSONALIZATION); let mut h = Blake2s::with_params(32, &[], &[], constants::CRH_IVK_PERSONALIZATION);
h.update(&preimage); h.update(&preimage);
let mut h = h.finalize().as_ref().to_vec(); let mut h = h.finalize().as_ref().to_vec();
@ -91,7 +93,7 @@ impl Diversifier {
params: &E::Params params: &E::Params
) -> Option<edwards::Point<E, PrimeOrder>> ) -> Option<edwards::Point<E, PrimeOrder>>
{ {
group_hash::<E>(&self.0, ::KEY_DIVERSIFICATION_PERSONALIZATION, params) group_hash::<E>(&self.0, constants::KEY_DIVERSIFICATION_PERSONALIZATION, params)
} }
} }
@ -167,7 +169,7 @@ impl<E: JubjubEngine> Note<E> {
let mut nr_preimage = [0u8; 64]; let mut nr_preimage = [0u8; 64];
viewing_key.rk.write(&mut nr_preimage[0..32]).unwrap(); viewing_key.rk.write(&mut nr_preimage[0..32]).unwrap();
cm_plus_position.write(&mut nr_preimage[32..64]).unwrap(); cm_plus_position.write(&mut nr_preimage[32..64]).unwrap();
let mut h = Blake2s::with_params(32, &[], &[], ::PRF_NR_PERSONALIZATION); let mut h = Blake2s::with_params(32, &[], &[], constants::PRF_NR_PERSONALIZATION);
h.update(&nr_preimage); h.update(&nr_preimage);
let mut h = h.finalize().as_ref().to_vec(); let mut h = h.finalize().as_ref().to_vec();