Merge branch 'master' into blake2_simd

2025-07-31 12:31:22 +00:00 · 2019-07-18 18:22:20 +02:00
parent d1ce6749fe 5e3409ea85
commit 8361674efc
10 changed files with 1271 additions and 104 deletions
--- a/librustzcash/src/rustzcash.rs
+++ b/librustzcash/src/rustzcash.rs
@@ -12,7 +12,7 @@ extern crate zcash_proofs;

 extern crate lazy_static;

-use ff::{BitIterator, PrimeField, PrimeFieldRepr};
+use ff::{PrimeField, PrimeFieldRepr};
 use pairing::bls12_381::{Bls12, Fr, FrRepr};

 use sapling_crypto::{
@@ -23,7 +23,6 @@ use sapling_crypto::{
        fs::{Fs, FsRepr},
        FixedGenerators, JubjubEngine, JubjubParams, PrimeOrder, ToUniform, Unknown,
    },
-    pedersen_hash::{pedersen_hash, Personalization},
    redjubjub::{self, Signature},
 };

@@ -58,10 +57,15 @@ use std::ffi::OsString;
 use std::os::windows::ffi::OsStringExt;

 use sapling_crypto::primitives::{ProofGenerationKey, ViewingKey};
-use zcash_primitives::{note_encryption::sapling_ka_agree, sapling::spend_sig, zip32, JUBJUB};
+use zcash_primitives::{
+    merkle_tree::CommitmentTreeWitness,
+    note_encryption::sapling_ka_agree,
+    sapling::{merkle_hash, spend_sig},
+    zip32, JUBJUB,
+};
 use zcash_proofs::{
    load_parameters,
-    sapling::{CommitmentTreeWitness, SaplingProvingContext, SaplingVerificationContext},
+    sapling::{SaplingProvingContext, SaplingVerificationContext},
 };

 pub mod equihash;
@@ -255,28 +259,7 @@ pub extern "system" fn librustzcash_merkle_hash(
    // size of the representation
    let b_repr = read_le(unsafe { &(&*b)[..] });

-    let mut lhs = [false; 256];
-    let mut rhs = [false; 256];
-
-    for (a, b) in lhs.iter_mut().rev().zip(BitIterator::new(a_repr)) {
-        *a = b;
-    }
-
-    for (a, b) in rhs.iter_mut().rev().zip(BitIterator::new(b_repr)) {
-        *a = b;
-    }
-
-    let tmp = pedersen_hash::<Bls12, _>(
-        Personalization::MerkleTree(depth),
-        lhs.iter()
-            .map(|&x| x)
-            .take(Fr::NUM_BITS as usize)
-            .chain(rhs.iter().map(|&x| x).take(Fr::NUM_BITS as usize)),
-        &JUBJUB,
-    )
-    .into_xy()
-    .0
-    .into_repr();
+    let tmp = merkle_hash(depth, &a_repr, &b_repr);

    // Should be okay, caller is responsible for ensuring the pointer
    // is a valid pointer to 32 bytes that can be mutated.