Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace usize with u32 in serialized/deserialized structs to avoid cross-platform issues #17

Merged
merged 17 commits into from
Sep 1, 2023
8 changes: 4 additions & 4 deletions bbs_plus/src/proof.rs
Original file line number Diff line number Diff line change
Expand Up @@ -549,7 +549,7 @@ mod tests {

fn sig_setup<R: RngCore>(
rng: &mut R,
message_count: usize,
message_count: u32,
) -> (
Vec<Fr>,
SignatureParamsG1<Bls12_381>,
Expand Down Expand Up @@ -976,7 +976,7 @@ mod tests {
)
.unwrap();
let proof_1 = pok_1.gen_proof(&challenge).unwrap();
for i in 0..message_count {
for i in 0..message_count as usize {
assert_eq!(
*proof_1
.get_resp_for_message(i, &revealed_indices_1)
Expand Down Expand Up @@ -1089,7 +1089,7 @@ mod tests {
);

// Reveal one message only
for i in 0..message_count {
for i in 0..message_count as usize {
let mut revealed_indices = BTreeSet::new();
revealed_indices.insert(i);
let pok = PoKOfSignatureG1Protocol::init(
Expand All @@ -1106,7 +1106,7 @@ mod tests {
)
.unwrap();
let proof = pok.gen_proof(&challenge).unwrap();
for j in 0..message_count {
for j in 0..message_count as usize {
if i == j {
assert!(proof.get_resp_for_message(j, &revealed_indices).is_err());
} else if i < j {
Expand Down
8 changes: 4 additions & 4 deletions bbs_plus/src/proof_23.rs
Original file line number Diff line number Diff line change
Expand Up @@ -433,7 +433,7 @@ mod tests {

fn sig_setup<R: RngCore>(
rng: &mut R,
message_count: usize,
message_count: u32,
) -> (
Vec<Fr>,
SignatureParams23G1<Bls12_381>,
Expand Down Expand Up @@ -739,7 +739,7 @@ mod tests {
)
.unwrap();
let proof_1 = pok_1.gen_proof(&challenge).unwrap();
for i in 0..message_count {
for i in 0..message_count as usize {
assert_eq!(
*proof_1
.get_resp_for_message(i, &revealed_indices_1)
Expand Down Expand Up @@ -856,7 +856,7 @@ mod tests {
);

// Reveal one message only
for i in 0..message_count {
for i in 0..message_count as usize {
let mut revealed_indices = BTreeSet::new();
revealed_indices.insert(i);
let pok = PoKOfSignature23G1Protocol::init(
Expand All @@ -875,7 +875,7 @@ mod tests {
)
.unwrap();
let proof = pok.gen_proof(&challenge).unwrap();
for j in 0..message_count {
for j in 0..message_count as usize {
if i == j {
assert!(proof.get_resp_for_message(j, &revealed_indices).is_err());
} else if i < j {
Expand Down
8 changes: 4 additions & 4 deletions bbs_plus/src/proof_23_alternate.rs
Original file line number Diff line number Diff line change
Expand Up @@ -457,7 +457,7 @@ mod tests {

fn sig_setup<R: RngCore>(
rng: &mut R,
message_count: usize,
message_count: u32,
) -> (
Vec<Fr>,
SignatureParams23G1<Bls12_381>,
Expand Down Expand Up @@ -515,7 +515,7 @@ mod tests {
)
.unwrap();
let proof_1 = pok_1.gen_proof(&challenge).unwrap();
for i in 0..message_count {
for i in 0..message_count as usize {
assert_eq!(
*proof_1
.get_resp_for_message(i, &revealed_indices_1)
Expand Down Expand Up @@ -628,7 +628,7 @@ mod tests {
);

// Reveal one message only
for i in 0..message_count {
for i in 0..message_count as usize {
let mut revealed_indices = BTreeSet::new();
revealed_indices.insert(i);
let pok = PoKOfSignature23G1Protocol::init(
Expand All @@ -645,7 +645,7 @@ mod tests {
)
.unwrap();
let proof = pok.gen_proof(&challenge).unwrap();
for j in 0..message_count {
for j in 0..message_count as usize {
if i == j {
assert!(proof.get_resp_for_message(j, &revealed_indices).is_err());
} else if i < j {
Expand Down
31 changes: 14 additions & 17 deletions bbs_plus/src/setup.rs
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,9 @@ use zeroize::{Zeroize, ZeroizeOnDrop};

use core::iter::once;
use dock_crypto_utils::{
concat_slices, hashing_utils::projective_group_elem_from_try_and_incr, iter::*,
misc::seq_pairs_satisfy, serde_utils::*, try_iter::CheckLeft,
affine_group_from_slices, concat_slices,
hashing_utils::projective_group_elem_from_try_and_incr, iter::*, misc::seq_pairs_satisfy,
serde_utils::*, try_iter::CheckLeft,
};
use itertools::process_results;

Expand Down Expand Up @@ -244,21 +245,19 @@ macro_rules! impl_sig_params {
/// Generate params by hashing a known string. The hash function is vulnerable to timing
/// attack but since all this is public knowledge, it is fine.
/// This is useful if people need to be convinced that the discrete log of group elements wrt each other is not known.
pub fn new<D: Digest>(label: &[u8], message_count: usize) -> Self {
pub fn new<D: Digest>(label: &[u8], message_count: u32) -> Self {
assert_ne!(message_count, 0);
// Need message_count+2 elements of signature group and 1 element of other group
let mut sig_group_elems = Vec::with_capacity(message_count + 2);
let mut sig_group_elems = Vec::with_capacity(message_count as usize + 2);
// Group element by hashing `label`||`g1` as string.
let g1 = projective_group_elem_from_try_and_incr::<E::$group_affine, D>(
&concat_slices![label, b" : g1"],
);
// h_0 and h[i] for i in 1 to message_count
let mut h = cfg_into_iter!((0..=message_count))
.map(|i| {
projective_group_elem_from_try_and_incr::<E::$group_affine, D>(
&concat_slices![label, b" : h_", (i as u32).to_le_bytes()],
)
})
.map(u32::to_le_bytes)
.map(|i| affine_group_from_slices!(label, b" : h_", i))
.map(E::$group_affine::into)
.collect::<Vec<E::$group_projective>>();
sig_group_elems.push(g1);
sig_group_elems.append(&mut h);
Expand All @@ -268,10 +267,8 @@ macro_rules! impl_sig_params {
let g1 = sig_group_elems.remove(0);
let h_0 = sig_group_elems.remove(0);

let g2 = projective_group_elem_from_try_and_incr::<E::$other_group_affine, D>(
&concat_slices![label, b" : g2"],
)
.into_affine();
let g2: E::$other_group_affine = affine_group_from_slices!(label, b" : g2");

Self {
g1,
g2,
Expand All @@ -281,7 +278,7 @@ macro_rules! impl_sig_params {
}

/// Generate params using a random number generator
pub fn generate_using_rng<R>(rng: &mut R, message_count: usize) -> Self
pub fn generate_using_rng<R>(rng: &mut R, message_count: u32) -> Self
where
R: RngCore,
{
Expand Down Expand Up @@ -516,7 +513,7 @@ impl<E: Pairing> SignatureParams23G1<E> {
/// Generate params by hashing a known string. The hash function is vulnerable to timing
/// attack but since all this is public knowledge, it is fine.
/// This is useful if people need to be convinced that the discrete log of group elements wrt each other is not known.
pub fn new<D: Digest>(label: &[u8], message_count: usize) -> Self {
pub fn new<D: Digest>(label: &[u8], message_count: u32) -> Self {
assert_ne!(message_count, 0);
// Group element by hashing `label`||`g1` as string.
let g1 = projective_group_elem_from_try_and_incr::<E::G1Affine, D>(&concat_slices![
Expand Down Expand Up @@ -545,7 +542,7 @@ impl<E: Pairing> SignatureParams23G1<E> {
}

/// Generate params using a random number generator
pub fn generate_using_rng<R>(rng: &mut R, message_count: usize) -> Self
pub fn generate_using_rng<R>(rng: &mut R, message_count: u32) -> Self
where
R: RngCore,
{
Expand Down Expand Up @@ -636,7 +633,7 @@ mod tests {
let label_1 = "test1".as_bytes();
let params_1 = $params::<Bls12_381>::new::<Blake2b512>(&label_1, $message_count);
assert!(params_1.is_valid());
assert_eq!(params_1.h.len(), $message_count);
assert_eq!(params_1.h.len(), $message_count as usize);

// Same label should generate same params
let params_1_again = $params::<Bls12_381>::new::<Blake2b512>(&label_1, $message_count);
Expand Down
4 changes: 2 additions & 2 deletions bbs_plus/src/threshold/cointoss.rs
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ impl<F: PrimeField, const SALT_SIZE: usize> Party<F, SALT_SIZE> {
pub fn commit<R: RngCore>(
rng: &mut R,
id: ParticipantId,
batch_size: usize,
batch_size: u32,
protocol_id: Vec<u8>,
) -> (Self, Commitments) {
let shares_and_salts = (0..batch_size)
Expand Down Expand Up @@ -186,7 +186,7 @@ pub mod tests {
fn cointoss() {
let mut rng = StdRng::seed_from_u64(0u64);

fn check<const SALT_SIZE: usize>(rng: &mut StdRng, batch_size: usize, num_parties: u16) {
fn check<const SALT_SIZE: usize>(rng: &mut StdRng, batch_size: u32, num_parties: u16) {
let label = b"test".to_vec();
let mut parties = vec![];
let mut commitments = vec![];
Expand Down
16 changes: 8 additions & 8 deletions bbs_plus/src/threshold/multiplication_phase.rs
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ use oblivious_transfer_protocols::{
pub struct Phase2<F: PrimeField, const KAPPA: u16, const STATISTICAL_SECURITY_PARAMETER: u16> {
pub id: ParticipantId,
/// Number of threshold signatures being generated in a single batch.
pub batch_size: usize,
pub batch_size: u32,
/// Transcripts to record protocol interactions with each participant and later used to generate random challenges
pub transcripts: BTreeMap<ParticipantId, Merlin>,
pub ote_params: MultiplicationOTEParams<KAPPA, STATISTICAL_SECURITY_PARAMETER>,
Expand Down Expand Up @@ -69,7 +69,7 @@ impl<F: PrimeField, const KAPPA: u16, const STATISTICAL_SECURITY_PARAMETER: u16>
gadget_vector: &GadgetVector<F, KAPPA, STATISTICAL_SECURITY_PARAMETER>,
) -> Result<(Self, BTreeMap<ParticipantId, Message1<F>>), BBSPlusError> {
assert_eq!(masked_signing_key_share.len(), masked_r.len());
let batch_size = masked_signing_key_share.len();
let batch_size = masked_signing_key_share.len() as u32;

let mut transcripts = BTreeMap::<ParticipantId, Merlin>::new();
let mut multiplication_party1 =
Expand Down Expand Up @@ -154,9 +154,9 @@ impl<F: PrimeField, const KAPPA: u16, const STATISTICAL_SECURITY_PARAMETER: u16>

let (shares, tau, r, gamma_a) =
party1.receive::<D>(U, rlc, gamma, trans, &gadget_vector)?;
debug_assert_eq!(shares.len(), 2 * self.batch_size);
let mut z_A_0 = Vec::with_capacity(self.batch_size);
let mut z_A_1 = Vec::with_capacity(self.batch_size);
debug_assert_eq!(shares.len() as u32, 2 * self.batch_size);
let mut z_A_0 = Vec::with_capacity(self.batch_size as usize);
let mut z_A_1 = Vec::with_capacity(self.batch_size as usize);
for (i, share) in shares.0.into_iter().enumerate() {
if (i & 1) == 0 {
z_A_0.push(share);
Expand Down Expand Up @@ -185,9 +185,9 @@ impl<F: PrimeField, const KAPPA: u16, const STATISTICAL_SECURITY_PARAMETER: u16>
let party2 = self.multiplication_party2.remove(&sender_id).unwrap();
let trans = self.transcripts.get_mut(&sender_id).unwrap();
let shares = party2.receive::<D>(tau, rlc, gamma, trans, &gadget_vector)?;
debug_assert_eq!(shares.len(), 2 * self.batch_size);
let mut z_B_0 = Vec::with_capacity(self.batch_size);
let mut z_B_1 = Vec::with_capacity(self.batch_size);
debug_assert_eq!(shares.len() as u32, 2 * self.batch_size);
let mut z_B_0 = Vec::with_capacity(self.batch_size as usize);
let mut z_B_1 = Vec::with_capacity(self.batch_size as usize);
for (i, share) in shares.0.into_iter().enumerate() {
if (i & 1) == 0 {
z_B_0.push(share);
Expand Down
2 changes: 1 addition & 1 deletion bbs_plus/src/threshold/randomness_generation_phase.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ use oblivious_transfer_protocols::ParticipantId;
pub struct Phase1<F: PrimeField, const SALT_SIZE: usize> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In both Phase1::init_for_*, batch_size should be accepted as u16 or u32

pub id: ParticipantId,
/// Number of threshold signatures being generated in a single batch.
pub batch_size: usize,
pub batch_size: u32,
pub r: Vec<F>,
/// Protocols to generate shares of random values used in signature like `e`
pub commitment_protocol: super::cointoss::Party<F, SALT_SIZE>,
Expand Down
16 changes: 8 additions & 8 deletions bbs_plus/src/threshold/threshold_bbs.rs
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ use oblivious_transfer_protocols::ParticipantId;
#[derive(Clone, Debug, PartialEq, CanonicalSerialize, CanonicalDeserialize)]
pub struct Phase1Output<F: PrimeField> {
pub id: ParticipantId,
pub batch_size: usize,
pub batch_size: u32,
pub r: Vec<F>,
pub e: Vec<F>,
/// Additive shares of the signing key masked by a random `alpha`
Expand All @@ -47,7 +47,7 @@ pub struct BBSSignatureShare<E: Pairing> {
impl<F: PrimeField, const SALT_SIZE: usize> Phase1<F, SALT_SIZE> {
pub fn init_for_bbs<R: RngCore>(
rng: &mut R,
batch_size: usize,
batch_size: u32,
id: ParticipantId,
others: BTreeSet<ParticipantId>,
protocol_id: Vec<u8>,
Expand All @@ -65,7 +65,7 @@ impl<F: PrimeField, const SALT_SIZE: usize> Phase1<F, SALT_SIZE> {
Ok((
Self {
id,
batch_size,
batch_size: batch_size,
r,
commitment_protocol,
zero_sharing_protocol,
Expand All @@ -86,7 +86,7 @@ impl<F: PrimeField, const SALT_SIZE: usize> Phase1<F, SALT_SIZE> {
let r = self.r.clone();
let (others, randomness, masked_signing_key_share, masked_r) =
self.compute_randomness_and_arguments_for_multiplication::<D>(signing_key)?;
debug_assert_eq!(randomness.len(), batch_size);
debug_assert_eq!(randomness.len() as u32, batch_size);
let e = randomness;
Ok(Phase1Output {
id,
Expand Down Expand Up @@ -148,7 +148,7 @@ impl<E: Pairing> BBSSignatureShare<E> {
&phase1.e[sig_index_in_batch],
&phase1.masked_rs[sig_index_in_batch],
&phase1.masked_signing_key_shares[sig_index_in_batch],
sig_index_in_batch,
sig_index_in_batch as u32,
phase2,
);
Ok(Self {
Expand Down Expand Up @@ -307,7 +307,7 @@ pub mod tests {
}
println!("Phase 1 took {:?}", start.elapsed());

assert_eq!(expected_sk, sk * Fr::from(sig_batch_size as u64));
assert_eq!(expected_sk, sk * Fr::from(sig_batch_size));
for i in 1..threshold_signers {
assert_eq!(round1outs[0].e, round1outs[i as usize].e);
}
Expand Down Expand Up @@ -356,7 +356,7 @@ pub mod tests {
for i in 1..=threshold_signers {
for (j, z_A) in &round2_outputs[i as usize - 1].z_A {
let z_B = round2_outputs[*j as usize - 1].z_B.get(&i).unwrap();
for k in 0..sig_batch_size {
for k in 0..sig_batch_size as usize {
assert_eq!(
z_A.0[k] + z_B.0[k],
round1outs[i as usize - 1].masked_signing_key_shares[k]
Expand All @@ -373,7 +373,7 @@ pub mod tests {

let mut sig_shares_time = Duration::default();
let mut sig_aggr_time = Duration::default();
for k in 0..sig_batch_size {
for k in 0..sig_batch_size as usize {
let messages = (0..message_count)
.into_iter()
.map(|_| Fr::rand(&mut rng))
Expand Down
Loading