Browse Source

update babyjub B8, clean unused funcs & errs in mimc7, small update in mimc7 tests

decompress-modsqrt
arnaucube 5 years ago
parent
commit
c4b3b7a09c
4 changed files with 28 additions and 32 deletions
  1. +5
    -4
      babyjub/babyjub.go
  2. +7
    -7
      babyjub/eddsa_test.go
  3. +7
    -16
      mimc7/mimc7.go
  4. +9
    -5
      mimc7/mimc7_test.go

+ 5
- 4
babyjub/babyjub.go

@ -2,9 +2,10 @@ package babyjub
import ( import (
"fmt" "fmt"
"math/big"
"github.com/iden3/go-iden3-crypto/constants" "github.com/iden3/go-iden3-crypto/constants"
"github.com/iden3/go-iden3-crypto/utils" "github.com/iden3/go-iden3-crypto/utils"
"math/big"
) )
// A is one of the babyjub constants. // A is one of the babyjub constants.
@ -35,9 +36,9 @@ func init() {
B8 = NewPoint() B8 = NewPoint()
B8.X = utils.NewIntFromString( B8.X = utils.NewIntFromString(
"17777552123799933955779906779655732241715742912184938656739573121738514868268")
"5299619240641551281634865583518297030282874472190772894086521144482721001553")
B8.Y = utils.NewIntFromString( B8.Y = utils.NewIntFromString(
"2626589144620713026669568689430873010625803728049924121243784502389097019475")
"16950150798460657717958625567821834550301663161624707787222815936182638968203")
} }
// Point represents a point of the babyjub curve. // Point represents a point of the babyjub curve.
@ -74,7 +75,7 @@ func (res *Point) Add(a *Point, b *Point) *Point {
x2.Mod(x2, constants.Q) x2.Mod(x2, constants.Q)
x2.ModInverse(x2, constants.Q) // x2 = (1 + D * a.x * b.x * a.y * b.y)^-1 x2.ModInverse(x2, constants.Q) // x2 = (1 + D * a.x * b.x * a.y * b.y)^-1
// y = (a.y * b.y + A * a.x * a.x) * (1 - D * a.x * b.x * a.y * b.y)^-1 mod q
// y = (a.y * b.y - A * a.x * b.x) * (1 - D * a.x * b.x * a.y * b.y)^-1 mod q
y1a := new(big.Int).Mul(a.Y, b.Y) y1a := new(big.Int).Mul(a.Y, b.Y)
y1b := new(big.Int).Set(A) y1b := new(big.Int).Set(A)
y1b.Mul(y1b, a.X) y1b.Mul(y1b, a.X)

+ 7
- 7
babyjub/eddsa_test.go

@ -37,21 +37,21 @@ func TestSignVerify1(t *testing.T) {
pk := k.Public() pk := k.Public()
assert.Equal(t, assert.Equal(t,
"2610057752638682202795145288373380503107623443963127956230801721756904484787",
"13277427435165878497778222415993513565335242147425444199013288855685581939618",
pk.X.String()) pk.X.String())
assert.Equal(t, assert.Equal(t,
"16617171478497210597712478520507818259149717466230047843969353176573634386897",
"13622229784656158136036771217484571176836296686641868549125388198837476602820",
pk.Y.String()) pk.Y.String())
sig := k.SignMimc7(msg) sig := k.SignMimc7(msg)
assert.Equal(t, assert.Equal(t,
"4974729414807584049518234760796200867685098748448054182902488636762478901554",
"11384336176656855268977457483345535180380036354188103142384839473266348197733",
sig.R8.X.String()) sig.R8.X.String())
assert.Equal(t, assert.Equal(t,
"18714049394522540751536514815950425694461287643205706667341348804546050128733",
"15383486972088797283337779941324724402501462225528836549661220478783371668959",
sig.R8.Y.String()) sig.R8.Y.String())
assert.Equal(t, assert.Equal(t,
"2171284143457722024136077617757713039502332290425057126942676527240038689549",
"2523202440825208709475937830811065542425109372212752003460238913256192595070",
sig.S.String()) sig.S.String())
ok := pk.VerifyMimc7(msg, sig) ok := pk.VerifyMimc7(msg, sig)
@ -62,8 +62,8 @@ func TestSignVerify1(t *testing.T) {
assert.Equal(t, nil, err) assert.Equal(t, nil, err)
assert.Equal(t, ""+ assert.Equal(t, ""+
"5dfb6f843c023fe3e52548ccf22e55c81b426f7af81b4f51f7152f2fcfc65f29"+
"0dab19c5a0a75973cd75a54780de0c3a41ede6f57396fe99b5307fff3ce7cc04",
"dfedb4315d3f2eb4de2d3c510d7a987dcab67089c8ace06308827bf5bcbe02a2"+
"7ed40dab29bf993c928e789d007387998901a24913d44fddb64b1f21fc149405",
hex.EncodeToString(sigBuf[:])) hex.EncodeToString(sigBuf[:]))
ok = pk.VerifyMimc7(msg, sig2) ok = pk.VerifyMimc7(msg, sig2)

+ 7
- 16
mimc7/mimc7.go

@ -26,9 +26,6 @@ type constantsData struct {
cts []*big.Int cts []*big.Int
} }
func getIV(seed string) {
}
func generateConstantsData() constantsData { func generateConstantsData() constantsData {
var constants constantsData var constants constantsData
@ -43,10 +40,7 @@ func generateConstantsData() constantsData {
constants.iv = new(big.Int).Mod(c, constants.maxFieldVal) constants.iv = new(big.Int).Mod(c, constants.maxFieldVal)
constants.nRounds = 91 constants.nRounds = 91
cts, err := getConstants(constants.fqR, SEED, constants.nRounds)
if err != nil {
panic(err)
}
cts := getConstants(constants.fqR, SEED, constants.nRounds)
constants.cts = cts constants.cts = cts
return constants return constants
} }
@ -81,7 +75,7 @@ func RElemsToBigInts(arr []RElem) []*big.Int {
return o return o
} }
func getConstants(fqR field.Fq, seed string, nRounds int) ([]*big.Int, error) {
func getConstants(fqR field.Fq, seed string, nRounds int) []*big.Int {
cts := make([]*big.Int, nRounds) cts := make([]*big.Int, nRounds)
cts[0] = big.NewInt(int64(0)) cts[0] = big.NewInt(int64(0))
c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED))) c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED)))
@ -91,15 +85,12 @@ func getConstants(fqR field.Fq, seed string, nRounds int) ([]*big.Int, error) {
n := fqR.Affine(c) n := fqR.Affine(c)
cts[i] = n cts[i] = n
} }
return cts, nil
return cts
} }
// MIMC7HashGeneric performs the MIMC7 hash over a RElem, in a generic way, where it can be specified the Finite Field over R, and the number of rounds // MIMC7HashGeneric performs the MIMC7 hash over a RElem, in a generic way, where it can be specified the Finite Field over R, and the number of rounds
func MIMC7HashGeneric(fqR field.Fq, xIn, k *big.Int, nRounds int) (*big.Int, error) {
cts, err := getConstants(fqR, SEED, nRounds)
if err != nil {
return &big.Int{}, err
}
func MIMC7HashGeneric(fqR field.Fq, xIn, k *big.Int, nRounds int) *big.Int {
cts := getConstants(fqR, SEED, nRounds)
var r *big.Int var r *big.Int
for i := 0; i < nRounds; i++ { for i := 0; i < nRounds; i++ {
var t *big.Int var t *big.Int
@ -112,7 +103,7 @@ func MIMC7HashGeneric(fqR field.Fq, xIn, k *big.Int, nRounds int) (*big.Int, err
t4 := fqR.Square(t2) t4 := fqR.Square(t2)
r = fqR.Mul(fqR.Mul(t4, t2), t) r = fqR.Mul(fqR.Mul(t4, t2), t)
} }
return fqR.Affine(fqR.Add(r, k)), nil
return fqR.Affine(fqR.Add(r, k))
} }
// HashGeneric performs the MIMC7 hash over a RElem array, in a generic way, where it can be specified the Finite Field over R, and the number of rounds // HashGeneric performs the MIMC7 hash over a RElem array, in a generic way, where it can be specified the Finite Field over R, and the number of rounds
@ -121,7 +112,7 @@ func HashGeneric(iv *big.Int, arrEl []RElem, fqR field.Fq, nRounds int) (RElem,
r := iv r := iv
var err error var err error
for i := 0; i < len(arr); i++ { for i := 0; i < len(arr); i++ {
r, err = MIMC7HashGeneric(fqR, r, arr[i], nRounds)
r = MIMC7HashGeneric(fqR, r, arr[i], nRounds)
if err != nil { if err != nil {
return r, err return r, err
} }

+ 9
- 5
mimc7/mimc7_test.go

@ -5,6 +5,7 @@ import (
"math/big" "math/big"
"testing" "testing"
"github.com/ethereum/go-ethereum/crypto"
"github.com/iden3/go-iden3-crypto/field" "github.com/iden3/go-iden3-crypto/field"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@ -43,6 +44,13 @@ func TestUtils(t *testing.T) {
assert.Nil(t, err) assert.Nil(t, err)
} }
func TestKeccak256(t *testing.T) {
res := crypto.Keccak256([]byte(SEED))
assert.Equal(t, "b6e489e6b37224a50bebfddbe7d89fa8fdcaa84304a70bd13f79b5d9f7951e9e", hex.EncodeToString(res))
c := new(big.Int).SetBytes(crypto.Keccak256([]byte(SEED)))
assert.Equal(t, "82724731331859054037315113496710413141112897654334566532528783843265082629790", c.String())
}
func TestMIMC7Generic(t *testing.T) { func TestMIMC7Generic(t *testing.T) {
b1 := big.NewInt(int64(1)) b1 := big.NewInt(int64(1))
b2 := big.NewInt(int64(2)) b2 := big.NewInt(int64(2))
@ -57,7 +65,7 @@ func TestMIMC7Generic(t *testing.T) {
assert.Nil(t, err) assert.Nil(t, err)
// Generic Hash // Generic Hash
mhg, err := MIMC7HashGeneric(fqR, b1, b2, 91)
mhg := MIMC7HashGeneric(fqR, b1, b2, 91)
assert.Nil(t, err) assert.Nil(t, err)
assert.Equal(t, "10594780656576967754230020536574539122676596303354946869887184401991294982664", mhg.String()) assert.Equal(t, "10594780656576967754230020536574539122676596303354946869887184401991294982664", mhg.String())
hg, err := HashGeneric(fqR.Zero(), elementsArray, fqR, 91) hg, err := HashGeneric(fqR.Zero(), elementsArray, fqR, 91)
@ -86,10 +94,6 @@ func TestMIMC7(t *testing.T) {
elementsArray2a, err := BigIntsToRElems(bigArray2a) elementsArray2a, err := BigIntsToRElems(bigArray2a)
assert.Nil(t, err) assert.Nil(t, err)
mh2a := MIMC7Hash(b12, b45)
assert.Nil(t, err)
assert.Equal(t, "0x"+hex.EncodeToString((*big.Int)(mh2a).Bytes()), "0x2ba7ebad3c6b6f5a20bdecba2333c63173ca1a5f2f49d958081d9fa7179c44e4")
h2a := Hash(elementsArray2a, nil) h2a := Hash(elementsArray2a, nil)
assert.Nil(t, err) assert.Nil(t, err)
// same hash value than the iden3js and circomlib tests: // same hash value than the iden3js and circomlib tests:

Loading…
Cancel
Save