diff --git a/random_oracle.c b/random_oracle.c index 863bfeb..f3ca44e 100644 --- a/random_oracle.c +++ b/random_oracle.c @@ -17,9 +17,11 @@ static const uint8_t domain_sep_H3 = 3; void H0_init(H0_context_t* ctx, unsigned int security_param) { hash_init(ctx, security_param == 128 ? 128 : 256); } + void H0_update(H0_context_t* ctx, const uint8_t* src, size_t len) { hash_update(ctx, src, len); } + void H0_final(H0_context_t* ctx, uint8_t* seed, size_t seed_len, uint8_t* commitment, size_t commitment_len) { hash_update(ctx, &domain_sep_H0, sizeof(domain_sep_H0)); @@ -32,9 +34,11 @@ void H0_final(H0_context_t* ctx, uint8_t* seed, size_t seed_len, uint8_t* commit void H1_init(H1_context_t* ctx, unsigned int security_param) { hash_init(ctx, security_param == 128 ? 128 : 256); } + void H1_update(H1_context_t* ctx, const uint8_t* src, size_t len) { hash_update(ctx, src, len); } + void H1_final(H1_context_t* ctx, uint8_t* digest, size_t len) { hash_update(ctx, &domain_sep_H1, sizeof(domain_sep_H1)); hash_final(ctx); @@ -45,9 +49,11 @@ void H1_final(H1_context_t* ctx, uint8_t* digest, size_t len) { void H2_init(H2_context_t* ctx, unsigned int security_param) { hash_init(ctx, security_param == 128 ? 128 : 256); } + void H2_update(H2_context_t* ctx, const uint8_t* src, size_t len) { hash_update(ctx, src, len); } + void H2_final(H2_context_t* ctx, uint8_t* digest, size_t len) { hash_update(ctx, &domain_sep_H2, sizeof(domain_sep_H2)); hash_final(ctx); @@ -58,9 +64,11 @@ void H2_final(H2_context_t* ctx, uint8_t* digest, size_t len) { void H3_init(H3_context_t* ctx, unsigned int security_param) { hash_init(ctx, security_param == 128 ? 128 : 256); } + void H3_update(H3_context_t* ctx, const uint8_t* src, size_t len) { hash_update(ctx, src, len); } + void H3_final(H3_context_t* ctx, uint8_t* digest, size_t len) { hash_update(ctx, &domain_sep_H3, sizeof(domain_sep_H3)); hash_final(ctx); diff --git a/tests/vole.c b/tests/vole.c index fc0f670..f3217bb 100644 --- a/tests/vole.c +++ b/tests/vole.c @@ -190,7 +190,7 @@ int test_ConvertToVoleProver() { uint32_t outlen = 16; uint8_t* u = malloc(outlen); uint8_t* v = malloc(outlen * depth); - ConvertToVole(lambda, lambdaBytes, vecCom.sd, numVoleInstances, depth, outlen, u, v); + ConvertToVole(lambda, lambdaBytes, vecCom.sd, false, numVoleInstances, depth, outlen, u, v); // TODO: write better test cases : ) #if 0 @@ -243,7 +243,7 @@ int test_ConvertToVoleVerifier() { uint32_t outlen = 16; uint8_t* v = malloc(outlen * depth); // TODO: we do not input veccomRec.m but instead something else defined in - ConvertToVole(lambda, lambdaBytes, vecComRec.m, numVoleInstances, depth, outlen, NULL, v); + ConvertToVole(lambda, lambdaBytes, vecComRec.m, true, numVoleInstances, depth, outlen, NULL, v); // TODO: write better test cases : ) #if 0 @@ -276,4 +276,4 @@ int main(void) { } else { return 1; } -} \ No newline at end of file +} diff --git a/tests/vole.cpp b/tests/vole.cpp index 1342066..0aa44cd 100644 --- a/tests/vole.cpp +++ b/tests/vole.cpp @@ -145,7 +145,7 @@ BOOST_DATA_TEST_CASE(convert_to_vole, all_parameters, param_id) { i < params.faest_param.t0 ? params.faest_param.k0 : params.faest_param.k1; unsigned int nodes = 1 << depth; - ConvertToVole(lambda, lambdaBytes, sd.data(), nodes, depth, ell_hat_bytes, u.data(), + ConvertToVole(lambda, lambdaBytes, sd.data(), false, nodes, depth, ell_hat_bytes, u.data(), v.data()); ChalDec(chal.data(), i, params.faest_param.k0, params.faest_param.t0, params.faest_param.k1, @@ -156,7 +156,7 @@ BOOST_DATA_TEST_CASE(convert_to_vole, all_parameters, param_id) { &sdprime[j * lambdaBytes]); } - ConvertToVole(lambda, lambdaBytes, sdprime.data(), nodes, depth, ell_hat_bytes, nullptr, + ConvertToVole(lambda, lambdaBytes, sdprime.data(), true, nodes, depth, ell_hat_bytes, nullptr, q.data()); for (unsigned int j = 0; j != depth; ++j) { diff --git a/vole.c b/vole.c index 8db8187..5a08b70 100644 --- a/vole.c +++ b/vole.c @@ -92,7 +92,7 @@ void voleCommit(const uint8_t* rootKey, uint32_t ellhat, const faest_paramset_t* // Step 5 vector_commitment(expanded_keys + i * lambdaBytes, params, lambda, lambdaBytes, &vecCom[i], N); // Step 6 - ConvertToVole(lambda, lambdaBytes, vecCom[i].sd, N, depth, ellhatBytes, ui[i], tmp_v); + ConvertToVole(lambda, lambdaBytes, vecCom[i].sd, false, N, depth, ellhatBytes, ui[i], tmp_v); // Step 7 (and parts of 8) for (unsigned int j = 0; j < depth; ++j, ++v_idx) { memcpy(v[v_idx], tmp_v + j * ellhatBytes, ellhatBytes); @@ -160,7 +160,7 @@ void voleReconstruct(const uint8_t* chall, uint8_t** pdec, uint8_t** com_j, uint H1_update(&h1_ctx, vecComRec.com, lambdaBytes * 2); vec_com_rec_clear(&vecComRec); // Step: 7..8 - ConvertToVole(lambda, lambdaBytes, sd, N, depth, ellhatBytes, NULL, tmp_q); + ConvertToVole(lambda, lambdaBytes, sd, true, N, depth, ellhatBytes, NULL, tmp_q); for (unsigned int j = 0; j < depth; ++j, ++q_idx) { memcpy(q[q_idx], tmp_q + j * ellhatBytes, ellhatBytes); } @@ -173,17 +173,7 @@ void voleReconstruct(const uint8_t* chall, uint8_t** pdec, uint8_t** com_j, uint H1_final(&h1_ctx, hcom, lambdaBytes * 2); } -static bool is_all_zeros(const uint8_t* array, size_t len) { - for (size_t idx = 0; idx != len; ++idx) { - if (array[idx]) { - return false; - } - } - - return true; -} - -void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, +void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, bool sd0_bot, uint32_t numVoleInstances, uint32_t depth, uint32_t outLenBytes, uint8_t* u, uint8_t* v) { // (depth + 1) x numVoleInstances array of outLenBytes; but we only need to rows at a time @@ -193,8 +183,7 @@ void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, #define V(idx) (v + (idx)*outLenBytes) // Step: 2 - const bool sd_all_zeros = is_all_zeros(sd, lambdaBytes); - if (sd_all_zeros) { + if (sd0_bot) { memset(r, 0, outLenBytes); } else { uint8_t iv[16] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -219,7 +208,7 @@ void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, } } // Step: 10 - if (sd_all_zeros == false && u != NULL) { + if (!sd0_bot && u != NULL) { memcpy(u, R(depth, 0), outLenBytes); } free(r); diff --git a/vole.h b/vole.h index 3c5280e..039e701 100644 --- a/vole.h +++ b/vole.h @@ -2,6 +2,7 @@ #define FAEST_VOLE_H #include "vc.h" +#include FAEST_BEGIN_C_DECL @@ -15,7 +16,7 @@ void voleCommit(const uint8_t* rootKey, uint32_t ellhat, const faest_paramset_t* void voleReconstruct(const uint8_t* chal, uint8_t** pdec, uint8_t** com_j, uint8_t* hcom, uint8_t** q, uint32_t ellhat, const faest_paramset_t* params); -void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, +void ConvertToVole(uint32_t lambda, uint32_t lambdaBytes, const uint8_t* sd, bool sd0_bot, uint32_t numVoleInstances, uint32_t depth, uint32_t outLenBytes, uint8_t* u, uint8_t* v);