mirror of
https://github.com/Qortal/pirate-librustzcash.git
synced 2025-07-30 20:11:23 +00:00
Constant-time field inversion
WARNING: THIS IS NOT ACTUALLY CONSTANT TIME YET! The jubjub and bls12_381 crates will replace our constant-time usages, but we NEED to fix ff_derive because other users will expect it to implement the Field trait correctly.
This commit is contained in:
Jack Grigg
@@ -344,13 +344,11 @@ impl<E: JubjubEngine> EdwardsPoint<E> {
|
||||
let mut t1 = E::Fr::one();
|
||||
t1.add_assign(c.get_value().get()?);
|
||||
|
||||
match t1.inverse() {
|
||||
Some(t1) => {
|
||||
t0.mul_assign(&t1);
|
||||
|
||||
Ok(t0)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let res = t1.invert().map(|t1| t0 * &t1);
|
||||
if bool::from(res.is_some()) {
|
||||
Ok(res.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
@@ -371,13 +369,11 @@ impl<E: JubjubEngine> EdwardsPoint<E> {
|
||||
let mut t1 = E::Fr::one();
|
||||
t1.sub_assign(c.get_value().get()?);
|
||||
|
||||
match t1.inverse() {
|
||||
Some(t1) => {
|
||||
t0.mul_assign(&t1);
|
||||
|
||||
Ok(t0)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let res = t1.invert().map(|t1| t0 * &t1);
|
||||
if bool::from(res.is_some()) {
|
||||
Ok(res.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
@@ -451,13 +447,11 @@ impl<E: JubjubEngine> EdwardsPoint<E> {
|
||||
let mut t1 = E::Fr::one();
|
||||
t1.add_assign(c.get_value().get()?);
|
||||
|
||||
match t1.inverse() {
|
||||
Some(t1) => {
|
||||
t0.mul_assign(&t1);
|
||||
|
||||
Ok(t0)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let ret = t1.invert().map(|t1| t0 * &t1);
|
||||
if bool::from(ret.is_some()) {
|
||||
Ok(ret.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
@@ -478,13 +472,11 @@ impl<E: JubjubEngine> EdwardsPoint<E> {
|
||||
let mut t1 = E::Fr::one();
|
||||
t1.sub_assign(c.get_value().get()?);
|
||||
|
||||
match t1.inverse() {
|
||||
Some(t1) => {
|
||||
t0.mul_assign(&t1);
|
||||
|
||||
Ok(t0)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let ret = t1.invert().map(|t1| t0 * &t1);
|
||||
if bool::from(ret.is_some()) {
|
||||
Ok(ret.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
@@ -521,13 +513,11 @@ impl<E: JubjubEngine> MontgomeryPoint<E> {
|
||||
let mut t0 = *self.x.get_value().get()?;
|
||||
t0.mul_assign(params.scale());
|
||||
|
||||
match self.y.get_value().get()?.inverse() {
|
||||
Some(invy) => {
|
||||
t0.mul_assign(&invy);
|
||||
|
||||
Ok(t0)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let ret = self.y.get_value().get()?.invert().map(|invy| t0 * &invy);
|
||||
if bool::from(ret.is_some()) {
|
||||
Ok(ret.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
@@ -545,13 +535,11 @@ impl<E: JubjubEngine> MontgomeryPoint<E> {
|
||||
t0.sub_assign(&E::Fr::one());
|
||||
t1.add_assign(&E::Fr::one());
|
||||
|
||||
match t1.inverse() {
|
||||
Some(t1) => {
|
||||
t0.mul_assign(&t1);
|
||||
|
||||
Ok(t0)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let ret = t1.invert().map(|t1| t0 * &t1);
|
||||
if bool::from(ret.is_some()) {
|
||||
Ok(ret.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
@@ -593,12 +581,11 @@ impl<E: JubjubEngine> MontgomeryPoint<E> {
|
||||
let mut d = *other.x.get_value().get()?;
|
||||
d.sub_assign(self.x.get_value().get()?);
|
||||
|
||||
match d.inverse() {
|
||||
Some(d) => {
|
||||
n.mul_assign(&d);
|
||||
Ok(n)
|
||||
}
|
||||
None => Err(SynthesisError::DivisionByZero),
|
||||
let ret = d.invert().map(|d| n * &d);
|
||||
if bool::from(ret.is_some()) {
|
||||
Ok(ret.unwrap())
|
||||
} else {
|
||||
Err(SynthesisError::DivisionByZero)
|
||||
}
|
||||
})?;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user