From b0f61a2ec2a05a2e5688ad39bb323a5350230ac0 Mon Sep 17 00:00:00 2001
From: Waylon Jepsen <waylonjepsen1@gmail.com>
Date: Thu, 5 Sep 2024 14:34:49 -0600
Subject: [PATCH] test harness working

---
 circuits/aes-gcm/ghash.circom      |  8 +++++---
 circuits/test/hashes/ghash.test.ts | 17 ++++++-----------
 2 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/circuits/aes-gcm/ghash.circom b/circuits/aes-gcm/ghash.circom
index 02445c2..3429b62 100644
--- a/circuits/aes-gcm/ghash.circom
+++ b/circuits/aes-gcm/ghash.circom
@@ -37,7 +37,7 @@ include "gfmul.circom";
 template GHASH(NUM_BLOCKS) {
     signal input HashKey[2][64]; // Hash subkey (128 bits)
     signal input msg[NUM_BLOCKS][2][64]; // Input blocks (each 128 bits)
-    signal output tag[2][64]; // Output tag (128 bits)
+    signal output tag[128]; // Output tag (128 bits)
 
     // Intermediate tags
     signal intermediate[NUM_BLOCKS][2][64];
@@ -77,6 +77,8 @@ template GHASH(NUM_BLOCKS) {
         intermediate[i][1] <== gfmul[i].out[1];
     }
     // Assign the final tag
-    tag[0] <== intermediate[NUM_BLOCKS-1][0];
-    tag[1] <== intermediate[NUM_BLOCKS-1][1];
+    for (var j = 0; j < 64; j++) {
+        tag[j] <== intermediate[NUM_BLOCKS-1][0][j];
+        tag[j+64] <== intermediate[NUM_BLOCKS-1][1][j];
+    }
 }
diff --git a/circuits/test/hashes/ghash.test.ts b/circuits/test/hashes/ghash.test.ts
index 2df3d71..3b3fc4e 100644
--- a/circuits/test/hashes/ghash.test.ts
+++ b/circuits/test/hashes/ghash.test.ts
@@ -6,8 +6,8 @@ import { assert } from "chai";
 const H = hexToBitArray("25629347589242761d31f826ba4b757b");
 const X1 = "4f4f95668c83dfb6401762bb2d01a262";
 const X2 = "d1a24ddd2721d006bbe45f20d3c9f362";
-const M = [hexToBitArray(X1), hexToBitArray(X2)];
-const EXPECT = "bd9b3997046731fb96251b91f9c99d7a";
+const M = hexToBitArray(X1.concat(X2));
+const EXPECT = hexToBitArray("bd9b3997046731fb96251b91f9c99d7a");
 
 describe("ghash-hash", () => {
   let circuit: WitnessTester<["HashKey", "msg"], ["tag"]>;
@@ -22,16 +22,11 @@ describe("ghash-hash", () => {
   });
 
   it("test ghash", async () => {
-    const input = { msg: M, HashKey: H };
+    const input = { HashKey: H, msg: M };
     console.log("input message length: ", input.msg.length);
-    console.log("input message length: ", input.HashKey.length);
-    const _res = await circuit.compute(input, ["out"]);
-    // take the first 32 bytes
-    const result = bitArrayToHex(
-      (_res.out as number[]).map((bit) => Number(bit))
-    ).slice(0, 32);
-    console.log("expect: ", EXPECT, "\nresult: ", result);
-    assert.equal(result, EXPECT);
+    console.log("input hash key length: ", input.HashKey.length);
+    console.log("input message: ", EXPECT);
+    const _res = await circuit.expectPass(input, { tag: EXPECT });
   });
 });