Fixes

KULeuven-COSIC · May 30, 2023 · 28f1b4f · 28f1b4f
1 parent 8795032
commit 28f1b4f
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 22 deletions.
diff --git a/random_oracle.c b/random_oracle.c
@@ -17,9 +17,11 @@ static const uint8_t domain_sep_H3 = 3;
 void H0_init(H0_context_t* ctx, unsigned int security_param) {
   hash_init(ctx, security_param == 128 ? 128 : 256);
 }
+
 void H0_update(H0_context_t* ctx, const uint8_t* src, size_t len) {
   hash_update(ctx, src, len);
 }
+
 void H0_final(H0_context_t* ctx, uint8_t* seed, size_t seed_len, uint8_t* commitment,
               size_t commitment_len) {
   hash_update(ctx, &domain_sep_H0, sizeof(domain_sep_H0));
@@ -32,9 +34,11 @@ void H0_final(H0_context_t* ctx, uint8_t* seed, size_t seed_len, uint8_t* commit
 void H1_init(H1_context_t* ctx, unsigned int security_param) {
   hash_init(ctx, security_param == 128 ? 128 : 256);
 }
+
 void H1_update(H1_context_t* ctx, const uint8_t* src, size_t len) {
   hash_update(ctx, src, len);
 }
+
 void H1_final(H1_context_t* ctx, uint8_t* digest, size_t len) {
   hash_update(ctx, &domain_sep_H1, sizeof(domain_sep_H1));
   hash_final(ctx);
@@ -45,9 +49,11 @@ void H1_final(H1_context_t* ctx, uint8_t* digest, size_t len) {
 void H2_init(H2_context_t* ctx, unsigned int security_param) {
   hash_init(ctx, security_param == 128 ? 128 : 256);
 }
+
 void H2_update(H2_context_t* ctx, const uint8_t* src, size_t len) {
   hash_update(ctx, src, len);
 }
+
 void H2_final(H2_context_t* ctx, uint8_t* digest, size_t len) {
   hash_update(ctx, &domain_sep_H2, sizeof(domain_sep_H2));
   hash_final(ctx);
@@ -58,9 +64,11 @@ void H2_final(H2_context_t* ctx, uint8_t* digest, size_t len) {
 void H3_init(H3_context_t* ctx, unsigned int security_param) {
   hash_init(ctx, security_param == 128 ? 128 : 256);
 }
+
 void H3_update(H3_context_t* ctx, const uint8_t* src, size_t len) {
   hash_update(ctx, src, len);
 }
+
 void H3_final(H3_context_t* ctx, uint8_t* digest, size_t len) {
   hash_update(ctx, &domain_sep_H3, sizeof(domain_sep_H3));
   hash_final(ctx);

diff --git a/tests/vole.c b/tests/vole.c
@@ -190,7 +190,7 @@ int test_ConvertToVoleProver() {
   uint32_t outlen = 16;
   uint8_t* u      = malloc(outlen);
   uint8_t* v      = malloc(outlen * depth);
-  ConvertToVole(lambda, lambdaBytes, vecCom.sd, numVoleInstances, depth, outlen, u, v);
+  ConvertToVole(lambda, lambdaBytes, vecCom.sd, false, numVoleInstances, depth, outlen, u, v);
 
 // TODO: write better test cases : )
 #if 0
@@ -243,7 +243,7 @@ int test_ConvertToVoleVerifier() {
   uint32_t outlen = 16;
   uint8_t* v      = malloc(outlen * depth);
   // TODO: we do not input veccomRec.m but instead something else defined in
-  ConvertToVole(lambda, lambdaBytes, vecComRec.m, numVoleInstances, depth, outlen, NULL, v);
+  ConvertToVole(lambda, lambdaBytes, vecComRec.m, true, numVoleInstances, depth, outlen, NULL, v);
 
 // TODO: write better test cases : )
 #if 0
@@ -276,4 +276,4 @@ int main(void) {
   } else {
     return 1;
   }
-}
+}
diff --git a/tests/vole.cpp b/tests/vole.cpp
@@ -145,7 +145,7 @@ BOOST_DATA_TEST_CASE(convert_to_vole, all_parameters, param_id) {
           i < params.faest_param.t0 ? params.faest_param.k0 : params.faest_param.k1;
       unsigned int nodes = 1 << depth;
 
-      ConvertToVole(lambda, lambdaBytes, sd.data(), nodes, depth, ell_hat_bytes, u.data(),
+      ConvertToVole(lambda, lambdaBytes, sd.data(), false, nodes, depth, ell_hat_bytes, u.data(),
                     v.data());
 
       ChalDec(chal.data(), i, params.faest_param.k0, params.faest_param.t0, params.faest_param.k1,
@@ -156,7 +156,7 @@ BOOST_DATA_TEST_CASE(convert_to_vole, all_parameters, param_id) {
                   &sdprime[j * lambdaBytes]);
       }
 
-      ConvertToVole(lambda, lambdaBytes, sdprime.data(), nodes, depth, ell_hat_bytes, nullptr,
+      ConvertToVole(lambda, lambdaBytes, sdprime.data(), true, nodes, depth, ell_hat_bytes, nullptr,
                     q.data());
 
       for (unsigned int j = 0; j != depth; ++j) {

diff --git a/vole.c b/vole.c
@@ -92,7 +92,7 @@ void voleCommit(const uint8_t* rootKey, uint32_t ellhat, const faest_paramset_t*
     // Step 5
     vector_commitment(expanded_keys + i * lambdaBytes, params, lambda, lambdaBytes, &vecCom[i], N);
     // Step 6
-    ConvertToVole(lambda, lambdaBytes, vecCom[i].sd, N, depth, ellhatBytes, ui[i], tmp_v);
+    ConvertToVole(lambda, lambdaBytes, vecCom[i].sd, false, N, depth, ellhatBytes, ui[i], tmp_v);
     // Step 7 (and parts of 8)
     for (unsigned int j = 0; j < depth; ++j, ++v_idx) {
       memcpy(v[v_idx], tmp_v + j * ellhatBytes, ellhatBytes);
@@ -160,7 +160,7 @@ void voleReconstruct(const uint8_t* chall, uint8_t** pdec, uint8_t** com_j, uint
     H1_update(&h1_ctx, vecComRec.com, lambdaBytes * 2);
     vec_com_rec_clear(&vecComRec);
     // Step: 7..8
-    ConvertToVole(lambda, lambdaBytes, sd, N, depth, ellhatBytes, NULL, tmp_q);
+    ConvertToVole(lambda, lambdaBytes, sd, true, N, depth, ellhatBytes, NULL, tmp_q);
     for (unsigned int j = 0; j < depth; ++j, ++q_idx) {
       memcpy(q[q_idx], tmp_q + j * ellhatBytes, ellhatBytes);
     }
@@ -173,17 +173,7 @@ void voleReconstruct(const uint8_t* chall, uint8_t** pdec, uint8_t** com_j, uint
   H1_final(&h1_ctx, hcom, lambdaBytes * 2);
 }
 
-static bool is_all_zeros(const uint8_t* array, size_t len) {
-  for (size_t idx = 0; idx != len; ++idx) {
-    if (array[idx]) {
-      return false;
-    }
-  }
-
-  return true;
-}
-
-void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd,
+void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, bool sd0_bot,
                    uint32_t numVoleInstances, uint32_t depth, uint32_t outLenBytes, uint8_t* u,
                    uint8_t* v) {
   // (depth + 1) x numVoleInstances array of outLenBytes; but we only need to rows at a time
@@ -193,8 +183,7 @@ void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd,
 #define V(idx) (v + (idx)*outLenBytes)
 
   // Step: 2
-  const bool sd_all_zeros = is_all_zeros(sd, lambdaBytes);
-  if (sd_all_zeros) {
+  if (sd0_bot) {
     memset(r, 0, outLenBytes);
   } else {
     uint8_t iv[16] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -219,7 +208,7 @@ void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd,
     }
   }
   // Step: 10
-  if (sd_all_zeros == false && u != NULL) {
+  if (!sd0_bot && u != NULL) {
     memcpy(u, R(depth, 0), outLenBytes);
   }
   free(r);

diff --git a/vole.h b/vole.h
@@ -2,6 +2,7 @@
 #define FAEST_VOLE_H
 
 #include "vc.h"
+#include <stdbool.h>
 
 FAEST_BEGIN_C_DECL
 
@@ -15,7 +16,7 @@ void voleCommit(const uint8_t* rootKey, uint32_t ellhat, const faest_paramset_t*
 void voleReconstruct(const uint8_t* chal, uint8_t** pdec, uint8_t** com_j, uint8_t* hcom,
                      uint8_t** q, uint32_t ellhat, const faest_paramset_t* params);
 
-void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd,
+void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, bool sd0_bot,
                    uint32_t numVoleInstances, uint32_t depth, uint32_t outLenBytes, uint8_t* u,
                    uint8_t* v);