hsig blake2 calculation

Cargo.lock

@@ -40,6 +40,11 @@ dependencies = [
  "xdg 2.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "arrayref"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+
 [[package]]
 name = "arrayvec"
 version = "0.4.10"
@@ -126,6 +131,7 @@ version = "0.1.0"
 dependencies = [
  "bellman 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc.git?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)",
+ "blake2b_simd 0.4.1 (git+https://github.com/oconnor663/blake2b_simd.git)",
  "bn 0.4.4 (git+https://github.com/paritytech/bn)",
  "lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "pairing 0.14.2 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -154,6 +160,17 @@ dependencies = [
  "constant_time_eq 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
+[[package]]
+name = "blake2b_simd"
+version = "0.4.1"
+source = "git+https://github.com/oconnor663/blake2b_simd.git#b75a0d10e39000fcae18a1f54fab89e2a9a0a1f6"
+dependencies = [
+ "arrayref 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)",
+ "arrayvec 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)",
+ "byteorder 1.2.7 (registry+https://github.com/rust-lang/crates.io-index)",
+ "constant_time_eq 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)",
+]
+
 [[package]]
 name = "bn"
 version = "0.4.4"
@@ -1981,6 +1998,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 "checksum ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
 "checksum ansi_term 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "23ac7c30002a5accbf7e8987d0632fa6de155b7c3d39d0067317a391e00a2ef6"
 "checksum app_dirs 1.2.1 (git+https://github.com/paritytech/app-dirs-rs)" = "<none>"
+"checksum arrayref 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)" = "0d382e583f07208808f6b1249e60848879ba3543f57c32277bf52d69c2f0f0ee"
 "checksum arrayvec 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)" = "92c7fb76bc8826a8b33b4ee5bb07a247a81e76764ab4d55e8f73e3a4d8808c71"
 "checksum assert_matches 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7deb0a829ca7bcfaf5da70b073a8d128619259a7be8216a355e23f00763059e5"
 "checksum atty 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)" = "9a7d5b8723950951411ee34d271d99dddcc2035a16ab25310ea2c8cfd4369652"
@@ -1991,6 +2009,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 "checksum bit-vec 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "02b4ff8b16e6076c3e14220b39fbc1fabb6737522281a388998046859400895f"
 "checksum bitflags 1.0.4 (registry+https://github.com/rust-lang/crates.io-index)" = "228047a76f468627ca71776ecdebd732a3423081fcf5125585bcd7c49886ce12"
 "checksum blake2-rfc 0.2.18 (git+https://github.com/gtank/blake2-rfc.git?rev=7a5b5fc99ae483a0043db7547fb79a6fa44b88a9)" = "<none>"
+"checksum blake2b_simd 0.4.1 (git+https://github.com/oconnor663/blake2b_simd.git)" = "<none>"
 "checksum bn 0.4.4 (git+https://github.com/paritytech/bn)" = "<none>"
 "checksum byteorder 1.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "94f88df23a25417badc922ab0f5716cc1330e87f71ddd9203b3a3ccd9cedf75d"
 "checksum bytes 0.4.11 (registry+https://github.com/rust-lang/crates.io-index)" = "40ade3d27603c2cb345eb0912aec461a6dec7e06a4ae48589904e808335c7afa"

crypto/Cargo.toml

@@ -17,3 +17,4 @@ serde = "1.0"
 serde_derive = "1.0"
 rustc-hex = "2"
 lazy_static = "1.2.0"
+blake2b_simd = { git = "https://github.com/oconnor663/blake2b_simd.git" }

crypto/src/lib.rs

@@ -10,6 +10,7 @@ extern crate rustc_hex as hex;
 pub extern crate bellman;
 pub extern crate pairing;
 pub extern crate sapling_crypto;
+pub extern crate blake2b_simd as blake2;
 
 #[macro_use] extern crate lazy_static;
 #[macro_use] extern crate serde_derive;

verification/src/lib.rs

@@ -83,6 +83,7 @@ mod equihash;
 mod error;
 mod sapling;
 mod sigops;
+mod sprout;
 mod timestamp;
 mod work;
 

verification/src/sprout.rs

@@ -0,0 +1,60 @@
+
+// blake2 hash of ('ZcashComputehSig', random_seed, nullifier[0], nullifier[1], pub_key_hash)
+pub fn compute_hsig(random_seed: [u8; 32], nullifiers: [[u8; 32]; 2], pub_key_hash: [u8; 32]) -> [u8; 32] {
+	use crypto::blake2::Params;
+
+	let res = Params::new()
+		.hash_length(32)
+		.personal(b"ZcashComputehSig")
+		.to_state()
+		.update(&random_seed[..])
+		.update(&nullifiers[0][..])
+		.update(&nullifiers[1][..])
+		.update(&pub_key_hash[..])
+		.finalize();
+
+	let mut result = [0u8; 32];
+	result.copy_from_slice(res.as_bytes());
+	result
+}
+
+#[cfg(test)]
+mod tests {
+
+	use super::compute_hsig;
+
+	fn hash(s: &'static str) -> [u8; 32] {
+		use hex::FromHex;
+		let bytes: Vec<u8> = s.from_hex().expect(&format!("hash '{}' is not actually a hash somehow", s));
+		assert_eq!(bytes.len(), 32);
+		let mut result = [0u8; 32];
+		result.copy_from_slice(&bytes[..]);
+		result
+	}
+
+	fn reversed_hash(s: &'static str) -> [u8; 32] {
+		use hex::FromHex;
+		let mut bytes: Vec<u8> = s.from_hex().expect(&format!("hash '{}' is not actually a hash somehow", s));
+		bytes.reverse();
+		assert_eq!(bytes.len(), 32);
+		let mut result = [0u8; 32];
+		result.copy_from_slice(&bytes[..]);
+		result
+	}
+
+	#[test]
+	fn test_vectors() {
+		assert_eq!(
+			compute_hsig(
+				hash("6161616161616161616161616161616161616161616161616161616161616161"),
+				[
+					hash("6262626262626262626262626262626262626262626262626262626262626262"),
+					hash("6363636363636363636363636363636363636363636363636363636363636363"),
+				],
+				hash("6464646464646464646464646464646464646464646464646464646464646464"),
+			),
+			reversed_hash("a8cba69f1fa329c055756b4af900f8a00b61e44f4cb8a1824ceb58b90a5b8113"),
+		);
+	}
+
+}