diff --git a/examples/bulletproof.rs b/examples/bulletproof.rs index ecf4a78..7c009b7 100644 --- a/examples/bulletproof.rs +++ b/examples/bulletproof.rs @@ -4,7 +4,7 @@ use ark_ec::{AffineRepr, CurveGroup, VariableBaseMSM}; use ark_ff::Field; use ark_std::log2; use nimue::plugins::arkworks::prelude::*; -use nimue::{DuplexHash, InvalidTag}; +use nimue::{DuplexHash, IOPatternError}; use rand::rngs::OsRng; fn fold_generators( @@ -126,7 +126,7 @@ fn verify( generators: (&[G::Affine], &[G::Affine], &G::Affine), mut n: usize, statement: &G, -) -> Result<(), InvalidTag> +) -> Result<(), IOPatternError> where H: DuplexHash, G: CurveGroup, diff --git a/examples/schnorr.rs b/examples/schnorr.rs index 0b3e29a..be01626 100644 --- a/examples/schnorr.rs +++ b/examples/schnorr.rs @@ -1,6 +1,6 @@ use ark_ec::{CurveGroup, PrimeGroup}; use ark_std::UniformRand; -use nimue::{DuplexHash, InvalidTag}; +use nimue::{DuplexHash, IOPatternError}; use nimue::plugins::arkworks::prelude::*; use rand::rngs::OsRng; @@ -14,7 +14,7 @@ fn keygen() -> (G::ScalarField, G) { fn prove, G: CurveGroup>( arthur: &mut ArkGroupArthur, witness: G::ScalarField, -) -> Result<&[u8], InvalidTag> { +) -> Result<&[u8], IOPatternError> { let k = G::ScalarField::rand(&mut arthur.rng()); let commitment = G::generator() * k; arthur.add_points(&[commitment])?; diff --git a/src/arthur.rs b/src/arthur.rs index 3992287..999a855 100644 --- a/src/arthur.rs +++ b/src/arthur.rs @@ -4,7 +4,7 @@ use crate::hash::Unit; use crate::{IOPattern, Safe}; use super::hash::{DuplexHash, Keccak}; -use super::{DefaultHash, DefaultRng, InvalidTag}; +use super::{DefaultHash, DefaultRng, IOPatternError}; /// A cryptographically-secure random number generator that is bound to the protocol transcript. /// @@ -100,7 +100,7 @@ where impl> Arthur { #[inline(always)] - pub fn add(&mut self, input: &[U]) -> Result<(), InvalidTag> { + pub fn add(&mut self, input: &[U]) -> Result<(), IOPatternError> { // let serialized = bincode::serialize(input).unwrap(); // self.arthur.sponge.absorb_unchecked(&serialized); let old_len = self.transcript.len(); @@ -114,19 +114,19 @@ impl> Arthur { Ok(()) } - pub fn public(&mut self, input: &[U]) -> Result<(), InvalidTag> { + pub fn public(&mut self, input: &[U]) -> Result<(), IOPatternError> { let len = self.transcript.len(); self.add(input)?; self.transcript.truncate(len); Ok(()) } - pub fn challenge(&mut self, output: &mut [U]) -> Result<(), InvalidTag> { + pub fn challenge(&mut self, output: &mut [U]) -> Result<(), IOPatternError> { self.safe.squeeze(output) } #[inline(always)] - pub fn ratchet(&mut self) -> Result<(), InvalidTag> { + pub fn ratchet(&mut self) -> Result<(), IOPatternError> { self.safe.ratchet() } @@ -150,12 +150,12 @@ impl> core::fmt::Debug for Art impl, R: RngCore + CryptoRng> Arthur { #[inline(always)] - pub fn add_bytes(&mut self, input: &[u8]) -> Result<(), InvalidTag> { + pub fn add_bytes(&mut self, input: &[u8]) -> Result<(), IOPatternError> { self.add(input) } #[inline(always)] - pub fn challenge_bytes(&mut self, output: &mut [u8]) -> Result<(), InvalidTag> { + pub fn challenge_bytes(&mut self, output: &mut [u8]) -> Result<(), IOPatternError> { self.safe.squeeze(output) } } diff --git a/src/errors.rs b/src/errors.rs index 0bb21e0..8541bf5 100644 --- a/src/errors.rs +++ b/src/errors.rs @@ -1,28 +1,56 @@ -use std::{error::Error, fmt::Display}; +use std::{error::Error, fmt::Display, borrow::Borrow}; /// Signals an invalid IO pattern. /// /// This error indicates a wrong IO Pattern declared /// upon instantiation of the SAFE sponge. #[derive(Debug, Clone)] -pub struct InvalidTag(String); +pub struct IOPatternError(String); -impl Display for InvalidTag { +#[derive(Debug, Clone)] +pub enum ProofError { + InvalidProof, + InvalidIO(IOPatternError), + SerializationError, +} + + +pub type ProofResult = Result; + +impl Display for IOPatternError { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { write!(f, "{:?}", self.0) } } -impl Error for InvalidTag {} +impl Display for ProofError { + fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { + match self { + Self::SerializationError => + write!(f, "Serialization Error"), + Self::InvalidIO(e) => e.fmt(f), + Self::InvalidProof => write!(f, "Invalid proof") + } + } +} + +impl Error for IOPatternError {} +impl Error for ProofError {} -impl From<&str> for InvalidTag { +impl From<&str> for IOPatternError { fn from(s: &str) -> Self { s.to_string().into() } } -impl From for InvalidTag { +impl From for IOPatternError { fn from(s: String) -> Self { Self(s) } } + +impl> From for ProofError { + fn from(value: B) -> Self { + ProofError::InvalidIO(value.borrow().clone()) + } +} \ No newline at end of file diff --git a/src/lib.rs b/src/lib.rs index 063dff0..a37c40f 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -118,16 +118,29 @@ This crate doesn't support big-endian targets. "# ); +/// Built-in proof results +mod errors; /// Support for hash functions. pub mod hash; /// APIs for common zkp libraries. pub mod plugins; +/// Prover's internal state and transcript generation. +mod arthur; +/// Verifier state and transcript deserialization. +mod merlin; +/// SAFE API +mod safe; +/// Unit-tests. +#[cfg(test)] +mod tests; + pub use arthur::Arthur; -pub use errors::InvalidTag; -pub use hash::DuplexHash; +pub use errors::IOPatternError; +pub use hash::{DuplexHash, Unit}; pub use merlin::Merlin; pub use safe::{IOPattern, Safe}; +pub use errors::{ProofResult, ProofError}; // Default random number generator used ([`rand::rngs::OsRng`]) pub type DefaultRng = rand::rngs::OsRng; @@ -135,14 +148,4 @@ pub type DefaultRng = rand::rngs::OsRng; /// Default hash function used ([`hash::Keccak`]) pub type DefaultHash = hash::Keccak; -/// Prover's internal state and transcript generation. -mod arthur; -/// Error types. -mod errors; -/// Verifier state and transcript deserialization. -mod merlin; -/// SAFE API -mod safe; -/// Unit-tests. -#[cfg(test)] -mod tests; + diff --git a/src/merlin.rs b/src/merlin.rs index 5929e10..16eff78 100644 --- a/src/merlin.rs +++ b/src/merlin.rs @@ -1,7 +1,7 @@ use super::hash::DuplexHash; use crate::DefaultHash; -use crate::errors::InvalidTag; +use crate::errors::IOPatternError; use crate::hash::Unit; use crate::safe::{IOPattern, Safe}; @@ -28,31 +28,31 @@ impl<'a, U: Unit, H: DuplexHash> Merlin<'a, H, U> { /// Read `input.len()` elements from the transcript. #[inline(always)] - pub fn fill_next(&mut self, input: &mut [U]) -> Result<(), InvalidTag> { + pub fn fill_next(&mut self, input: &mut [U]) -> Result<(), IOPatternError> { U::read(&mut self.transcript, input).unwrap(); self.safe.absorb(input) } #[inline(always)] - pub fn public_input(&mut self, input: &[U]) -> Result<(), InvalidTag> { + pub fn public_input(&mut self, input: &[U]) -> Result<(), IOPatternError> { self.safe.absorb(input) } /// Get a challenge of `count` elements. #[inline(always)] - pub fn fill_challenges(&mut self, input: &mut [U]) -> Result<(), InvalidTag> { + pub fn fill_challenges(&mut self, input: &mut [U]) -> Result<(), IOPatternError> { self.safe.squeeze(input) } /// Signals the end of the statement. #[inline(always)] - pub fn ratchet(&mut self) -> Result<(), InvalidTag> { + pub fn ratchet(&mut self) -> Result<(), IOPatternError> { self.safe.ratchet() } /// Signals the end of the statement and returns the (compressed) sponge state. #[inline(always)] - pub fn preprocess(self) -> Result<&'static [U], InvalidTag> { + pub fn preprocess(self) -> Result<&'static [U], IOPatternError> { self.safe.preprocess() } } @@ -65,21 +65,21 @@ impl<'a, H: DuplexHash, U: Unit> core::fmt::Debug for Merlin<'a, H, U> { impl<'a, H: DuplexHash> Merlin<'a, H, u8> { #[inline(always)] - pub fn fill_next_bytes(&mut self, input: &mut [u8]) -> Result<(), InvalidTag> { + pub fn fill_next_bytes(&mut self, input: &mut [u8]) -> Result<(), IOPatternError> { self.fill_next(input) } #[inline(always)] - pub fn fill_challenge_bytes(&mut self, output: &mut [u8]) -> Result<(), InvalidTag> { + pub fn fill_challenge_bytes(&mut self, output: &mut [u8]) -> Result<(), IOPatternError> { self.fill_challenges(output) } - pub fn next_bytes(&mut self) -> Result<[u8; N], InvalidTag> { + pub fn next_bytes(&mut self) -> Result<[u8; N], IOPatternError> { let mut input = [0u8; N]; self.fill_next_bytes(&mut input).map(|()| input) } - pub fn challenge_bytes(&mut self) -> Result<[u8; N], InvalidTag> { + pub fn challenge_bytes(&mut self) -> Result<[u8; N], IOPatternError> { let mut output = [0u8; N]; self.fill_challenge_bytes(&mut output).map(|()| output) } diff --git a/src/plugins/arkworks/arthur.rs b/src/plugins/arkworks/arthur.rs index 51f00ab..b72e5b9 100644 --- a/src/plugins/arkworks/arthur.rs +++ b/src/plugins/arkworks/arthur.rs @@ -2,7 +2,7 @@ use ark_ec::CurveGroup; use ark_ff::{Field, PrimeField}; use rand::CryptoRng; -use super::prelude::*; +use crate::{ProofResult, Arthur, DuplexHash, IOPattern, Unit}; pub struct ArkFieldArthur where @@ -73,24 +73,23 @@ where H: DuplexHash, R: rand::RngCore + CryptoRng, { - pub fn public_scalars(&mut self, input: &[F]) -> Result, InvalidTag> { + pub fn public_scalars(&mut self, input: &[F]) -> ProofResult> { let mut buf = Vec::::new(); for scalar in input { scalar - .serialize_compressed(&mut buf) - .expect("serialization failed"); + .serialize_compressed(&mut buf)? } - self.public(&buf).map(|()| buf) + self.public(&buf).map(|()| buf).map_err(|x| x.into()) } - fn add_scalars(&mut self, input: &[F]) -> Result<(), InvalidTag> { + fn add_scalars(&mut self, input: &[F]) -> ProofResult<()> { let serialized = self.public_scalars(input); self.arthur.transcript.extend(serialized?); Ok(()) } - fn fill_challenge_scalars(&mut self, output: &mut [F]) -> Result<(), InvalidTag> { + fn fill_challenge_scalars(&mut self, output: &mut [F]) -> ProofResult<()> { let mut buf = vec![0u8; super::f_bytes::()]; for o in output.iter_mut() { self.arthur.challenge_bytes(&mut buf)?; @@ -99,7 +98,7 @@ where Ok(()) } - pub fn challenge_scalars(&mut self) -> Result<[F; N], InvalidTag> { + pub fn challenge_scalars(&mut self) -> ProofResult<[F; N]> { let mut output = [F::default(); N]; self.fill_challenge_scalars(&mut output)?; Ok(output) @@ -168,36 +167,35 @@ where Arthur::new(io, csrng).into() } - pub fn public_scalars(&mut self, input: &[G::ScalarField]) -> Result, InvalidTag> { + pub fn public_scalars(&mut self, input: &[G::ScalarField]) -> ProofResult> { self.arthur.public_scalars(input) } - pub fn add_scalars(&mut self, input: &[G::ScalarField]) -> Result<(), InvalidTag> { + pub fn add_scalars(&mut self, input: &[G::ScalarField]) -> ProofResult<()> { self.arthur.add_scalars(input) } pub fn fill_challenge_scalars( &mut self, output: &mut [G::ScalarField], - ) -> Result<(), InvalidTag> { + ) -> ProofResult<()> { self.arthur.fill_challenge_scalars(output) } - pub fn challenge_scalars(&mut self) -> Result<[G::ScalarField; N], InvalidTag> { + pub fn challenge_scalars(&mut self) -> ProofResult<[G::ScalarField; N]> { self.arthur.challenge_scalars() } - pub fn public_points(&mut self, input: &[G]) -> Result, InvalidTag> { + pub fn public_points(&mut self, input: &[G]) -> ProofResult> { let mut buf = Vec::new(); for point in input { point - .serialize_compressed(&mut buf) - .expect("serialization failed"); + .serialize_compressed(&mut buf)? } - self.arthur.public(&buf).map(|()| buf) + self.arthur.public(&buf).map(|()| buf).map_err(|x| x.into()) } - pub fn add_points(&mut self, input: &[G]) -> Result<(), InvalidTag> { + pub fn add_points(&mut self, input: &[G]) -> ProofResult<()> { let serialized = self.public_points(input); self.arthur.transcript.extend(serialized?); Ok(()) diff --git a/src/plugins/arkworks/iopattern.rs b/src/plugins/arkworks/iopattern.rs index 875a875..97d5279 100644 --- a/src/plugins/arkworks/iopattern.rs +++ b/src/plugins/arkworks/iopattern.rs @@ -2,7 +2,7 @@ use ark_ec::CurveGroup; use ark_ff::{Field, PrimeField}; use core::ops::Deref; -use super::prelude::*; +use super::*; pub struct ArkFieldIOPattern where diff --git a/src/plugins/arkworks/merlin.rs b/src/plugins/arkworks/merlin.rs index 79c8ebb..861efe5 100644 --- a/src/plugins/arkworks/merlin.rs +++ b/src/plugins/arkworks/merlin.rs @@ -3,7 +3,7 @@ use ark_ff::{Field, PrimeField}; use ark_serialize::CanonicalSerialize; use crate::hash::Unit; -use crate::{DuplexHash, IOPattern, InvalidTag, Merlin}; +use crate::{DuplexHash, IOPattern, IOPatternError, Merlin}; pub struct ArkFieldMerlin<'a, F, H = crate::DefaultHash, U = u8> where @@ -69,11 +69,11 @@ where F: PrimeField, H: DuplexHash, { - pub fn fill_next(&mut self, input: &mut [u8]) -> Result<(), InvalidTag> { + pub fn fill_next(&mut self, input: &mut [u8]) -> Result<(), IOPatternError> { self.merlin.fill_next_bytes(input) } - pub fn fill_challenges(&mut self, input: &mut [u8]) -> Result<(), InvalidTag> { + pub fn fill_challenges(&mut self, input: &mut [u8]) -> Result<(), IOPatternError> { self.merlin.fill_challenge_bytes(input) } @@ -81,11 +81,11 @@ where &self.merlin.transcript } - pub fn public_input(&mut self, input: &[u8]) -> Result<(), InvalidTag> { + pub fn public_input(&mut self, input: &[u8]) -> Result<(), IOPatternError> { self.merlin.public_input(input) } - pub fn fill_next_scalars(&mut self, output: &mut [F]) -> Result<(), InvalidTag> { + pub fn fill_next_scalars(&mut self, output: &mut [F]) -> Result<(), IOPatternError> { let point_size = F::default().compressed_size(); let mut buf = vec![0u8; point_size]; for o in output.iter_mut() { @@ -95,7 +95,7 @@ where Ok(()) } - pub fn fill_next_challenges(&mut self, output: &mut [F]) -> Result<(), InvalidTag> { + pub fn fill_next_challenges(&mut self, output: &mut [F]) -> Result<(), IOPatternError> { for o in output.iter_mut() { let mut buf = vec![0u8; F::MODULUS_BIT_SIZE as usize / 8 + 16]; self.merlin.fill_challenges(&mut buf)?; @@ -104,22 +104,22 @@ where Ok(()) } - pub fn next(&mut self) -> Result<[u8; N], InvalidTag> { + pub fn next(&mut self) -> Result<[u8; N], IOPatternError> { let mut output = [0u8; N]; self.fill_next(&mut output).map(|()| output) } - pub fn challenge(&mut self) -> Result<[u8; N], InvalidTag> { + pub fn challenge(&mut self) -> Result<[u8; N], IOPatternError> { let mut output = [0u8; N]; self.fill_challenges(&mut output).map(|()| output) } - pub fn next_scalars(&mut self) -> Result<[F; N], InvalidTag> { + pub fn next_scalars(&mut self) -> Result<[F; N], IOPatternError> { let mut output = [F::default(); N]; self.fill_next_scalars(&mut output).map(|()| output) } - pub fn public_scalars(&mut self, input: &[F]) -> Result<(), InvalidTag> { + pub fn public_scalars(&mut self, input: &[F]) -> Result<(), IOPatternError> { let mut buf = Vec::new(); for i in input { i.serialize_compressed(&mut buf) @@ -128,7 +128,7 @@ where self.merlin.public_input(&buf) } - pub fn challenge_scalars(&mut self) -> Result<[F; N], InvalidTag> { + pub fn challenge_scalars(&mut self) -> Result<[F; N], IOPatternError> { let mut output = [F::zero(); N]; self.fill_next_challenges(&mut output).map(|()| output) } @@ -215,11 +215,11 @@ where Merlin::new(io, transcript).into() } - pub fn fill_next(&mut self, input: &mut [u8]) -> Result<(), InvalidTag> { + pub fn fill_next(&mut self, input: &mut [u8]) -> Result<(), IOPatternError> { self.merlin.fill_next(input) } - pub fn fill_challenges(&mut self, input: &mut [u8]) -> Result<(), InvalidTag> { + pub fn fill_challenges(&mut self, input: &mut [u8]) -> Result<(), IOPatternError> { self.merlin.fill_challenges(input) } @@ -227,38 +227,38 @@ where &self.merlin.transcript } - pub fn fill_next_scalars(&mut self, output: &mut [G::ScalarField]) -> Result<(), InvalidTag> { + pub fn fill_next_scalars(&mut self, output: &mut [G::ScalarField]) -> Result<(), IOPatternError> { self.merlin.fill_next_scalars(output) } pub fn fill_next_challenge_scalars( &mut self, output: &mut [G::ScalarField], - ) -> Result<(), InvalidTag> { + ) -> Result<(), IOPatternError> { self.merlin.fill_next_challenges(output) } - pub fn next(&mut self) -> Result<[u8; N], InvalidTag> { + pub fn next(&mut self) -> Result<[u8; N], IOPatternError> { self.merlin.next() } - pub fn challenge(&mut self) -> Result<[u8; N], InvalidTag> { + pub fn challenge(&mut self) -> Result<[u8; N], IOPatternError> { self.merlin.challenge() } - pub fn next_scalars(&mut self) -> Result<[G::ScalarField; N], InvalidTag> { + pub fn next_scalars(&mut self) -> Result<[G::ScalarField; N], IOPatternError> { self.merlin.next_scalars() } - pub fn public_scalars(&mut self, input: &[G::ScalarField]) -> Result<(), InvalidTag> { + pub fn public_scalars(&mut self, input: &[G::ScalarField]) -> Result<(), IOPatternError> { self.merlin.public_scalars(input) } - pub fn squeeze_scalars(&mut self) -> Result<[G::ScalarField; N], InvalidTag> { + pub fn squeeze_scalars(&mut self) -> Result<[G::ScalarField; N], IOPatternError> { self.merlin.challenge_scalars() } - pub fn fill_next_points(&mut self, output: &mut [G]) -> Result<(), InvalidTag> { + pub fn fill_next_points(&mut self, output: &mut [G]) -> Result<(), IOPatternError> { let point_size = G::default().compressed_size(); let mut buf = vec![0u8; point_size]; @@ -268,12 +268,12 @@ where } Ok(()) } - pub fn next_points(&mut self) -> Result<[G; N], InvalidTag> { + pub fn next_points(&mut self) -> Result<[G; N], IOPatternError> { let mut output = [G::default(); N]; self.fill_next_points(&mut output).map(|()| output) } - pub fn public_points(&mut self, input: &[G]) -> Result<(), InvalidTag> { + pub fn public_points(&mut self, input: &[G]) -> Result<(), IOPatternError> { let mut buf = Vec::new(); for i in input { i.into_affine() diff --git a/src/plugins/arkworks/mod.rs b/src/plugins/arkworks/mod.rs index bfe551c..c55dffa 100644 --- a/src/plugins/arkworks/mod.rs +++ b/src/plugins/arkworks/mod.rs @@ -1,13 +1,16 @@ mod arthur; mod iopattern; mod merlin; -pub mod prelude; use ark_ff::{Fp, FpConfig, PrimeField}; -use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; +use ark_serialize::{CanonicalDeserialize, CanonicalSerialize, SerializationError}; use std::io; -pub use prelude::*; +pub use arthur::{ArkFieldArthur, ArkGroupArthur}; +pub use iopattern::{ArkFieldIOPattern, ArkGroupIOPattern}; +pub use merlin::{ArkFieldMerlin, ArkGroupMerlin}; +use crate::ProofError; +pub use crate::{hash::Unit, Arthur, DuplexHash, IOPattern, IOPatternError, Merlin, Safe}; /// Compute the bits needed in order to obtain a /// (pseudo-random) uniform distribution in F. @@ -32,3 +35,10 @@ impl, const N: usize> Unit for Fp { Ok(()) } } + + +impl From for ProofError { + fn from(_value: SerializationError) -> Self { + ProofError::SerializationError + } +} \ No newline at end of file diff --git a/src/plugins/arkworks/prelude.rs b/src/plugins/arkworks/prelude.rs deleted file mode 100644 index 58836da..0000000 --- a/src/plugins/arkworks/prelude.rs +++ /dev/null @@ -1,4 +0,0 @@ -pub use super::arthur::{ArkFieldArthur, ArkGroupArthur}; -pub use super::iopattern::{ArkFieldIOPattern, ArkGroupIOPattern}; -pub use super::merlin::{ArkFieldMerlin, ArkGroupMerlin}; -pub use crate::{hash::Unit, Arthur, DuplexHash, IOPattern, InvalidTag, Merlin, Safe}; diff --git a/src/plugins/dalek/mod.rs b/src/plugins/dalek/mod.rs index b63dcf2..9005878 100644 --- a/src/plugins/dalek/mod.rs +++ b/src/plugins/dalek/mod.rs @@ -1,7 +1,7 @@ use std::ops::{Deref, DerefMut}; use crate::DefaultRng; -pub use crate::{hash::Unit, Arthur, DuplexHash, IOPattern, InvalidTag, Merlin, Safe}; +pub use crate::{hash::Unit, Arthur, DuplexHash, IOPattern, IOPatternError, Merlin, Safe}; use curve25519_dalek::{ristretto::RistrettoPoint, Scalar}; pub struct DalekIOPattern @@ -117,7 +117,7 @@ impl, R: rand::RngCore + rand::CryptoRng> DalekArthur Result, InvalidTag> { + pub fn public_scalars(&mut self, input: &[Scalar]) -> Result, IOPatternError> { let mut buf = Vec::new(); for scalar in input { @@ -128,13 +128,13 @@ impl, R: rand::RngCore + rand::CryptoRng> DalekArthur Result<(), InvalidTag> { + pub fn add_scalars(&mut self, input: &[Scalar]) -> Result<(), IOPatternError> { let serialized = self.public_scalars(input); self.arthur.transcript.extend(serialized?); Ok(()) } - pub fn fill_challenge_scalars(&mut self, output: &mut [Scalar]) -> Result<(), InvalidTag> { + pub fn fill_challenge_scalars(&mut self, output: &mut [Scalar]) -> Result<(), IOPatternError> { let mut buf = [[0u8; 32]; 2]; for o in output.into_iter() { @@ -145,13 +145,13 @@ impl, R: rand::RngCore + rand::CryptoRng> DalekArthur(&mut self) -> Result<[Scalar; N], InvalidTag> { + pub fn challenge_scalars(&mut self) -> Result<[Scalar; N], IOPatternError> { let mut scalars = [Scalar::default(); N]; self.fill_challenge_scalars(&mut scalars)?; Ok(scalars) } - pub fn public_points(&mut self, input: &[RistrettoPoint]) -> Result, InvalidTag> { + pub fn public_points(&mut self, input: &[RistrettoPoint]) -> Result, IOPatternError> { let mut buf = Vec::new(); for point in input { @@ -162,7 +162,7 @@ impl, R: rand::RngCore + rand::CryptoRng> DalekArthur Result<(), InvalidTag> { + pub fn add_points(&mut self, input: &[RistrettoPoint]) -> Result<(), IOPatternError> { let serialized = self.public_points(input); self.arthur.transcript.extend(serialized?); Ok(()) diff --git a/src/safe.rs b/src/safe.rs index ebd2bc7..183a54c 100644 --- a/src/safe.rs +++ b/src/safe.rs @@ -3,7 +3,7 @@ use std::collections::vec_deque::VecDeque; use crate::hash::Unit; -use super::errors::InvalidTag; +use super::errors::IOPatternError; use super::hash::{DuplexHash, Keccak}; // XXX. before, absorb and squeeze were accepting arguments of type @@ -37,7 +37,7 @@ pub(crate) enum Op { impl Op { /// Create a new OP from the portion of a tag. - fn new(id: char, count: Option) -> Result { + fn new(id: char, count: Option) -> Result { match (id, count) { ('A', Some(c)) if c > 0 => Ok(Op::Absorb(c)), ('R', None) | ('R', Some(0)) => Ok(Op::Ratchet), @@ -119,7 +119,7 @@ impl, U: Unit> IOPattern { .expect("Internal error. Please submit issue to m@orru.net") } - fn parse_io(io_pattern: &[u8]) -> Result, InvalidTag> { + fn parse_io(io_pattern: &[u8]) -> Result, IOPatternError> { let mut stack = VecDeque::new(); // skip the domain separator @@ -145,7 +145,7 @@ impl, U: Unit> IOPattern { fn simplify_stack( mut dst: VecDeque, mut stack: VecDeque, - ) -> Result, InvalidTag> { + ) -> Result, IOPatternError> { if stack.is_empty() { Ok(dst) } else { @@ -214,7 +214,7 @@ impl> Safe { } /// Finish the block and compress the state. - pub fn ratchet(&mut self) -> Result<(), InvalidTag> { + pub fn ratchet(&mut self) -> Result<(), IOPatternError> { if self.stack.pop_front().unwrap() != Op::Ratchet { Err("Invalid tag".into()) } else { @@ -224,7 +224,7 @@ impl> Safe { } /// Ratchet and return the sponge state. - pub fn preprocess(self) -> Result<&'static [U], InvalidTag> { + pub fn preprocess(self) -> Result<&'static [U], IOPatternError> { unimplemented!() // self.ratchet()?; // Ok(self.sponge.tag().clone()) @@ -233,7 +233,7 @@ impl> Safe { /// Perform secure absorption of the elements in `input`. /// /// Absorb calls can be batched together, or provided separately for streaming-friendly protocols. - pub fn absorb(&mut self, input: &[U]) -> Result<(), InvalidTag> { + pub fn absorb(&mut self, input: &[U]) -> Result<(), IOPatternError> { match self.stack.pop_front() { Some(Op::Absorb(length)) if length >= input.len() => { if length > input.len() { @@ -267,7 +267,7 @@ impl> Safe { /// For byte-oriented sponges, this operation is equivalent to the squeeze operation. /// However, for algebraic hashes, this operation is non-trivial. /// This function provides no guarantee of streaming-friendliness. - pub fn squeeze(&mut self, output: &mut [U]) -> Result<(), InvalidTag> { + pub fn squeeze(&mut self, output: &mut [U]) -> Result<(), IOPatternError> { match self.stack.pop_front() { Some(Op::Squeeze(length)) if output.len() <= length => { self.sponge.squeeze_unchecked(output); @@ -341,12 +341,12 @@ impl, B: core::borrow::Borrow>> From> Safe { #[inline(always)] - pub fn absorb_bytes(&mut self, input: &[u8]) -> Result<(), InvalidTag> { + pub fn absorb_bytes(&mut self, input: &[u8]) -> Result<(), IOPatternError> { self.absorb(input) } #[inline(always)] - pub fn squeeze_bytes(&mut self, output: &mut [u8]) -> Result<(), InvalidTag> { + pub fn squeeze_bytes(&mut self, output: &mut [u8]) -> Result<(), IOPatternError> { self.squeeze(output) } }