-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Quick refactor, bug fixes and breaking changes. #2
base: master
Are you sure you want to change the base?
Conversation
pub(crate) fn sizeof_system_parameters(number_of_attributes: u8) -> usize { | ||
// G_y is always at least three elements | ||
if number_of_attributes < 3 { | ||
return 32 * (5 + 3 + number_of_attributes as usize + 4) + 1 | ||
// 32 * (5 + 3 + number_of_attributes as usize + 4) + 1 | ||
385 + 32 * number_of_attributes as usize | ||
} else { | ||
// 32 * (5 + (2 * number_of_attributes as usize) + 4) + 1 | ||
289 + 64 * number_of_attributes as usize | ||
} | ||
32 * (5 + (2 * number_of_attributes as usize) + 4) + 1 | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Which part of the paper elaborates on the minimum of 3 attributes to use group elements? Why do the sizes differ more than just 289 + 64 * core::cmp::max(3, number_of_attributes as usize)
?
#[cfg(all(debug_assertions, feature = "std", feature = "debug-errors"))] | ||
eprintln!("Could not decode {:?} from bytes: {:?}", $name, bytes); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't add the debug-errors
feature to Cargo.toml
but I'm not sure this code belongs here.
let G = try_deserialize!("G", &chunks.next().unwrap()); | ||
let G_w = try_deserialize!("G_w", &chunks.next().unwrap()); | ||
let G_w_prime = try_deserialize!("G_w_prime", &chunks.next().unwrap()); | ||
let G_x_0 = try_deserialize!("G_x_0", &chunks.next().unwrap()); | ||
let G_x_1 = try_deserialize!("G_x_1", &chunks.next().unwrap()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These unwraps won't panic as you've already checked the length is within range.
fn from(source: &[u8; 30]) -> Plaintext { | ||
let (M1, _) = encode_to_group(source); | ||
let M2: RistrettoPoint = RistrettoPoint::hash_from_bytes::<Sha512>(source); | ||
let m3: Scalar = Scalar::hash_from_bytes::<Sha512>(source); | ||
let h = Sha512::default().chain(&source); | ||
let M2: RistrettoPoint = RistrettoPoint::from_hash(h.clone().chain(b"M2")); | ||
let m3: Scalar = Scalar::from_hash(h.chain(b"m3")); | ||
|
||
Plaintext { M1, M2, m3 } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Breaking change. The old hash functions reused keying material while the new functions are independent.
let h = Sha512::default().chain(&master_secret[..]); | ||
let a: Scalar = Scalar::from_hash(h.clone().chain(b"a.")); | ||
let a0: Scalar = Scalar::from_hash(h.clone().chain(b"a0")); | ||
let a1: Scalar = Scalar::from_hash(h.chain(b"a1")); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Breaking change. The old hash functions used a hash-chain to derive the scalars. The new functions are independent.
@@ -789,7 +789,7 @@ impl ProofOfValidCredential { | |||
} | |||
} | |||
|
|||
verifier.verify_compact(&self.proof).or_else(|_| return Err(CredentialError::VerificationFailure)); | |||
verifier.verify_compact(&self.proof)?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See issue #1
No description provided.