Qortal/pirate-librustzcash
1
0
Fork 1
mirror of https://github.com/Qortal/pirate-librustzcash.git synced 2025-11-03 04:47:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add error logic to decoding methods.

Browse Source
This commit is contained in:
Sean Bowe
2017-07-17 09:06:03 -06:00
parent 7c35f2b8b0
commit 09531d0810
4 changed files with 155 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
src/bls12_381/ec.rs
View File

@@ -111,10 +111,6 @@ macro_rules! curve_impl {
self.infinity
}
fn is_valid(&self) -> bool {
self.is_on_curve() && self.is_in_correct_subgroup()
}
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, by: S) -> $projective {
let mut res = $projective::zero();
@@ -560,7 +556,7 @@ macro_rules! curve_impl {
pub mod g1 {
use rand::{Rand, Rng};
use super::super::{Fq, Fr, FrRepr, FqRepr};
use ::{CurveProjective, CurveAffine, PrimeField, SqrtField, PrimeFieldRepr, Field, BitIterator, EncodedPoint};
use ::{CurveProjective, CurveAffine, PrimeField, SqrtField, PrimeFieldRepr, Field, BitIterator, EncodedPoint, GroupDecodingError};
curve_impl!(G1, G1Affine, G1Prepared, Fq, Fr, G1Uncompressed, G1Compressed);
@@ -583,7 +579,18 @@ pub mod g1 {
fn empty() -> Self { G1Uncompressed([0; 96]) }
fn size() -> usize { 96 }
fn into_affine_unchecked(&self) -> Result<G1Affine, ()> {
fn into_affine(&self) -> Result<G1Affine, GroupDecodingError> {
let affine = self.into_affine_unchecked()?;
if !affine.is_on_curve() {
Err(GroupDecodingError::NotOnCurve)
} else if !affine.is_in_correct_subgroup() {
Err(GroupDecodingError::NotInSubgroup)
} else {
Ok(affine)
}
}
fn into_affine_unchecked(&self) -> Result<G1Affine, GroupDecodingError> {
use byteorder::{ReadBytesExt, BigEndian};
// Create a copy of this representation.
@@ -591,7 +598,7 @@ pub mod g1 {
if copy[0] & (1 << 7) != 0 {
// Distinguisher bit is set, but this should be uncompressed!
return Err(())
return Err(GroupDecodingError::UnexpectedCompressionMode)
}
if copy[0] & (1 << 6) != 0 {
@@ -603,13 +610,13 @@ pub mod g1 {
if copy.iter().all(|b| *b == 0) {
Ok(G1Affine::zero())
} else {
Err(())
Err(GroupDecodingError::UnexpectedInformation)
}
} else {
if copy[0] & (1 << 5) != 0 {
// The bit indicating the y-coordinate should be lexicographically
// largest is set, but this is an uncompressed element.
return Err(())
return Err(GroupDecodingError::UnexpectedInformation)
}
// Unset the three most significant bits.
@@ -631,8 +638,8 @@ pub mod g1 {
}
Ok(G1Affine {
x: Fq::from_repr(x)?,
y: Fq::from_repr(y)?,
x: Fq::from_repr(x).map_err(|e| GroupDecodingError::CoordinateDecodingError("x coordinate", e))?,
y: Fq::from_repr(y).map_err(|e| GroupDecodingError::CoordinateDecodingError("y coordinate", e))?,
infinity: false
})
}
@@ -681,7 +688,18 @@ pub mod g1 {
fn empty() -> Self { G1Compressed([0; 48]) }
fn size() -> usize { 48 }
fn into_affine_unchecked(&self) -> Result<G1Affine, ()> {
fn into_affine(&self) -> Result<G1Affine, GroupDecodingError> {
let affine = self.into_affine_unchecked()?;
// NB: Decompression guarantees that it is on the curve already.
if !affine.is_in_correct_subgroup() {
Err(GroupDecodingError::NotInSubgroup)
} else {
Ok(affine)
}
}
fn into_affine_unchecked(&self) -> Result<G1Affine, GroupDecodingError> {
use byteorder::{ReadBytesExt, BigEndian};
// Create a copy of this representation.
@@ -689,7 +707,7 @@ pub mod g1 {
if copy[0] & (1 << 7) == 0 {
// Distinguisher bit isn't set.
return Err(())
return Err(GroupDecodingError::UnexpectedCompressionMode)
}
if copy[0] & (1 << 6) != 0 {
@@ -701,7 +719,7 @@ pub mod g1 {
if copy.iter().all(|b| *b == 0) {
Ok(G1Affine::zero())
} else {
Err(())
Err(GroupDecodingError::UnexpectedInformation)
}
} else {
// Determine if the intended y coordinate must be greater
@@ -722,7 +740,7 @@ pub mod g1 {
}
// Interpret as Fq element.
let x = Fq::from_repr(x)?;
let x = Fq::from_repr(x).map_err(|e| GroupDecodingError::CoordinateDecodingError("x coordinate", e))?;
// Compute x^3 + b
let mut x3b = x;
@@ -747,7 +765,7 @@ pub mod g1 {
},
None => {
// Point must not be on the curve.
Err(())
Err(GroupDecodingError::NotOnCurve)
}
}
}
@@ -873,7 +891,7 @@ pub mod g1 {
infinity: false
};
assert!(!p.is_valid());
assert!(!p.is_in_correct_subgroup());
let mut g1 = G1::zero();
@@ -895,7 +913,7 @@ pub mod g1 {
assert_eq!(i, 4);
let g1 = G1Affine::from(g1);
assert!(g1.is_valid());
assert!(g1.is_in_correct_subgroup());
assert_eq!(g1, G1Affine::one());
break;
@@ -918,7 +936,6 @@ pub mod g1 {
};
assert!(!p.is_on_curve());
assert!(p.is_in_correct_subgroup());
assert!(!p.is_valid());
}
// Reject point on a twist (b = 3)
@@ -930,7 +947,6 @@ pub mod g1 {
};
assert!(!p.is_on_curve());
assert!(!p.is_in_correct_subgroup());
assert!(!p.is_valid());
}
// Reject point in an invalid subgroup
@@ -943,7 +959,6 @@ pub mod g1 {
};
assert!(p.is_on_curve());
assert!(!p.is_in_correct_subgroup());
assert!(!p.is_valid());
}
}
@@ -1019,9 +1034,9 @@ pub mod g1 {
infinity: false
};
assert!(a.is_valid());
assert!(b.is_valid());
assert!(c.is_valid());
assert!(a.is_on_curve() && a.is_in_correct_subgroup());
assert!(b.is_on_curve() && b.is_in_correct_subgroup());
assert!(c.is_on_curve() && c.is_in_correct_subgroup());
let mut tmp1 = a.into_projective();
tmp1.add_assign(&b.into_projective());
@@ -1097,7 +1112,7 @@ pub mod g1 {
pub mod g2 {
use rand::{Rand, Rng};
use super::super::{Fq2, Fr, Fq, FrRepr, FqRepr};
use ::{CurveProjective, CurveAffine, PrimeField, SqrtField, PrimeFieldRepr, Field, BitIterator, EncodedPoint};
use ::{CurveProjective, CurveAffine, PrimeField, SqrtField, PrimeFieldRepr, Field, BitIterator, EncodedPoint, GroupDecodingError};
curve_impl!(G2, G2Affine, G2Prepared, Fq2, Fr, G2Uncompressed, G2Compressed);
@@ -1120,7 +1135,18 @@ pub mod g2 {
fn empty() -> Self { G2Uncompressed([0; 192]) }
fn size() -> usize { 192 }
fn into_affine_unchecked(&self) -> Result<G2Affine, ()> {
fn into_affine(&self) -> Result<G2Affine, GroupDecodingError> {
let affine = self.into_affine_unchecked()?;
if !affine.is_on_curve() {
Err(GroupDecodingError::NotOnCurve)
} else if !affine.is_in_correct_subgroup() {
Err(GroupDecodingError::NotInSubgroup)
} else {
Ok(affine)
}
}
fn into_affine_unchecked(&self) -> Result<G2Affine, GroupDecodingError> {
use byteorder::{ReadBytesExt, BigEndian};
// Create a copy of this representation.
@@ -1128,7 +1154,7 @@ pub mod g2 {
if copy[0] & (1 << 7) != 0 {
// Distinguisher bit is set, but this should be uncompressed!
return Err(())
return Err(GroupDecodingError::UnexpectedCompressionMode)
}
if copy[0] & (1 << 6) != 0 {
@@ -1140,13 +1166,13 @@ pub mod g2 {
if copy.iter().all(|b| *b == 0) {
Ok(G2Affine::zero())
} else {
Err(())
Err(GroupDecodingError::UnexpectedInformation)
}
} else {
if copy[0] & (1 << 5) != 0 {
// The bit indicating the y-coordinate should be lexicographically
// largest is set, but this is an uncompressed element.
return Err(())
return Err(GroupDecodingError::UnexpectedInformation)
}
// Unset the three most significant bits.
@@ -1179,12 +1205,12 @@ pub mod g2 {
Ok(G2Affine {
x: Fq2 {
c0: Fq::from_repr(x_c0)?,
c1: Fq::from_repr(x_c1)?
c0: Fq::from_repr(x_c0).map_err(|e| GroupDecodingError::CoordinateDecodingError("x coordinate (c0)", e))?,
c1: Fq::from_repr(x_c1).map_err(|e| GroupDecodingError::CoordinateDecodingError("x coordinate (c1)", e))?,
},
y: Fq2 {
c0: Fq::from_repr(y_c0)?,
c1: Fq::from_repr(y_c1)?
c0: Fq::from_repr(y_c0).map_err(|e| GroupDecodingError::CoordinateDecodingError("y coordinate (c0)", e))?,
c1: Fq::from_repr(y_c1).map_err(|e| GroupDecodingError::CoordinateDecodingError("y coordinate (c1)", e))?,
},
infinity: false
})
@@ -1242,7 +1268,18 @@ pub mod g2 {
fn empty() -> Self { G2Compressed([0; 96]) }
fn size() -> usize { 96 }
fn into_affine_unchecked(&self) -> Result<G2Affine, ()> {
fn into_affine(&self) -> Result<G2Affine, GroupDecodingError> {
let affine = self.into_affine_unchecked()?;
// NB: Decompression guarantees that it is on the curve already.
if !affine.is_in_correct_subgroup() {
Err(GroupDecodingError::NotInSubgroup)
} else {
Ok(affine)
}
}
fn into_affine_unchecked(&self) -> Result<G2Affine, GroupDecodingError> {
use byteorder::{ReadBytesExt, BigEndian};
// Create a copy of this representation.
@@ -1250,7 +1287,7 @@ pub mod g2 {
if copy[0] & (1 << 7) == 0 {
// Distinguisher bit isn't set.
return Err(())
return Err(GroupDecodingError::UnexpectedCompressionMode)
}
if copy[0] & (1 << 6) != 0 {
@@ -1262,7 +1299,7 @@ pub mod g2 {
if copy.iter().all(|b| *b == 0) {
Ok(G2Affine::zero())
} else {
Err(())
Err(GroupDecodingError::UnexpectedInformation)
}
} else {
// Determine if the intended y coordinate must be greater
@@ -1289,8 +1326,8 @@ pub mod g2 {
// Interpret as Fq element.
let x = Fq2 {
c0: Fq::from_repr(x_c0)?,
c1: Fq::from_repr(x_c1)?
c0: Fq::from_repr(x_c0).map_err(|e| GroupDecodingError::CoordinateDecodingError("x coordinate (c0)", e))?,
c1: Fq::from_repr(x_c1).map_err(|e| GroupDecodingError::CoordinateDecodingError("x coordinate (c1)", e))?
};
// Compute x^3 + b
@@ -1316,7 +1353,7 @@ pub mod g2 {
},
None => {
// Point must not be on the curve.
Err(())
Err(GroupDecodingError::NotOnCurve)
}
}
}
@@ -1446,7 +1483,7 @@ pub mod g2 {
infinity: false
};
assert!(!p.is_valid());
assert!(!p.is_in_correct_subgroup());
let mut g2 = G2::zero();
@@ -1468,7 +1505,7 @@ pub mod g2 {
assert_eq!(i, 2);
let g2 = G2Affine::from(g2);
assert!(g2.is_valid());
assert!(g2.is_in_correct_subgroup());
assert_eq!(g2, G2Affine::one());
break;
@@ -1497,7 +1534,6 @@ pub mod g2 {
};
assert!(!p.is_on_curve());
assert!(p.is_in_correct_subgroup());
assert!(!p.is_valid());
}
// Reject point on a twist (b = 2 * (u + 1))
@@ -1515,7 +1551,6 @@ pub mod g2 {
};
assert!(!p.is_on_curve());
assert!(!p.is_in_correct_subgroup());
assert!(!p.is_valid());
}
// Reject point in an invalid subgroup
@@ -1534,7 +1569,6 @@ pub mod g2 {
};
assert!(p.is_on_curve());
assert!(!p.is_in_correct_subgroup());
assert!(!p.is_valid());
}
}