From 61e73113fa9fd853e6282b35e2da162db729fa51 Mon Sep 17 00:00:00 2001 From: ngutech21 Date: Sun, 25 Feb 2024 16:19:19 +0100 Subject: [PATCH] chore: remove old h2c and fix tests --- moksha-core/src/dhke.rs | 75 ++++++----------------------------------- 1 file changed, 10 insertions(+), 65 deletions(-) diff --git a/moksha-core/src/dhke.rs b/moksha-core/src/dhke.rs index 4fca85b2..cbfa731c 100644 --- a/moksha-core/src/dhke.rs +++ b/moksha-core/src/dhke.rs @@ -63,24 +63,6 @@ impl Dhke { } } - fn get_hash(message: &[u8]) -> Vec { - let hash = sha256::Hash::hash(message); - hash.as_byte_array().to_vec() - } - - /// Generates a point from the message hash and checks if the point lies on the curve. - /// If it does not, iteratively tries to compute a new point from the hash. - fn hash_to_curve(message: &[u8]) -> PublicKey { - let mut point: Option = None; - let mut msg_to_hash = message.to_vec(); - while point.is_none() { - let hash = Self::get_hash(&msg_to_hash); - let input = &once(&0x02).chain(hash.iter()).cloned().collect::>(); - PublicKey::from_slice(input).map_or_else(|_| msg_to_hash = hash, |p| point = Some(p)) - } - point.unwrap() - } - /// The point is generated by hashing the message with a domain separator and then /// iteratively trying to compute a point from the hash. An increasing uint32 counter /// (byte order little endian) is appended to the hash until a point is found that lies on the curve. @@ -91,7 +73,7 @@ impl Dhke { /// The domain separator is b"Secp256k1_HashToCurve_Cashu_" or /// bytes.fromhex("536563703235366b315f48617368546f43757276655f43617368755f"). - fn hash_to_curve_domain_separated(message: &[u8]) -> Result { + fn hash_to_curve(message: &[u8]) -> Result { let msg_to_hash = sha256::Hash::hash(&[b"Secp256k1_HashToCurve_Cashu_", message].concat()); (0..2u32.pow(16)) .map(|counter| sha256::Hash::hash(&[&msg_to_hash[..], &counter.to_le_bytes()].concat())) @@ -114,7 +96,7 @@ impl Dhke { ) -> Result<(PublicKey, SecretKey), MokshaCoreError> { let mut rng = rand::thread_rng(); - let y = Self::hash_to_curve(secret_msg.into().as_bytes()); + let y = Self::hash_to_curve(secret_msg.into().as_bytes())?; let secret_key = match blinding_factor { Some(f) => SecretKey::from_slice(f)?, None => SecretKey::new(&mut rng), @@ -148,7 +130,7 @@ impl Dhke { c: PublicKey, secret_msg: impl Into, ) -> Result { - let y = Self::hash_to_curve(secret_msg.into().as_bytes()); + let y = Self::hash_to_curve(secret_msg.into().as_bytes())?; Some(c == y.mul_tweak(&self.secp, &Scalar::from(a))?).ok_or( MokshaCoreError::Secp256k1Error(secp256k1::Error::InvalidPublicKey), ) @@ -183,31 +165,20 @@ mod tests { fn test_hash_to_curve_zero() -> anyhow::Result<()> { let input_str = hex_to_string("0000000000000000000000000000000000000000000000000000000000000000"); - let expected_result = "0266687aadf862bd776c8fc18b8e9f8e20089714856ee233b3902a591d0d5f2925"; + let expected_result = "024cce997d3b518f739663b757deaec95bcd9473c30a14ac2fd04023a739d1a725"; - let pk = Dhke::hash_to_curve(input_str.as_bytes()).to_string(); + let pk = Dhke::hash_to_curve(input_str.as_bytes())?.to_string(); assert_eq!(pk, expected_result); Ok(()) } #[test] - fn test_hash_to_curve_zero_one() -> anyhow::Result<()> { + fn test_hash_to_curve_one() -> anyhow::Result<()> { let input_str = hex_to_string("0000000000000000000000000000000000000000000000000000000000000001"); - let expected_result = "02ec4916dd28fc4c10d78e287ca5d9cc51ee1ae73cbfde08c6b37324cbfaac8bc5"; - - let pk = Dhke::hash_to_curve(input_str.as_bytes()).to_string(); - assert_eq!(pk, expected_result); - Ok(()) - } - - #[test] - fn test_hash_to_curve_iterate() -> anyhow::Result<()> { - let input_str = - hex_to_string("0000000000000000000000000000000000000000000000000000000000000002"); - let expected_result = "02076c988b353fcbb748178ecb286bc9d0b4acf474d4ba31ba62334e46c97c416a"; + let expected_result = "022e7158e11c9506f1aa4248bf531298daa7febd6194f003edcd9b93ade6253acf"; - let pk = Dhke::hash_to_curve(input_str.as_bytes()).to_string(); + let pk = Dhke::hash_to_curve(input_str.as_bytes())?.to_string(); assert_eq!(pk, expected_result); Ok(()) } @@ -223,7 +194,7 @@ mod tests { assert_eq!( pub_key_str, - "02a9acc1e48c25eeeb9289b5031cc57da9fe72f3fe2861d264bdc074209b107ba2" + "025cc16fe33b953e2ace39653efb3e7a7049711ae1d8a2f7a9108753f1cdea742b" ); assert_eq!( @@ -245,7 +216,7 @@ mod tests { let c = dhke.step2_bob(pub_key, &a)?; let c_str = c.to_string(); assert_eq!( - "02a9acc1e48c25eeeb9289b5031cc57da9fe72f3fe2861d264bdc074209b107ba2".to_string(), + "025cc16fe33b953e2ace39653efb3e7a7049711ae1d8a2f7a9108753f1cdea742b".to_string(), c_str ); @@ -309,30 +280,4 @@ mod tests { Ok(()) } - - #[test] - fn test_hash_to_curve_domain_separated_zero() -> anyhow::Result<()> { - let input_str = - hex_to_string("0000000000000000000000000000000000000000000000000000000000000000"); - let expected_result = "024cce997d3b518f739663b757deaec95bcd9473c30a14ac2fd04023a739d1a725"; - - let pk = Dhke::hash_to_curve_domain_separated(input_str.as_bytes()) - .unwrap() - .to_string(); - assert_eq!(pk, expected_result); - Ok(()) - } - - #[test] - fn test_hash_to_curve_domain_separated_one() -> anyhow::Result<()> { - let input_str = - hex_to_string("0000000000000000000000000000000000000000000000000000000000000001"); - let expected_result = "022e7158e11c9506f1aa4248bf531298daa7febd6194f003edcd9b93ade6253acf"; - - let pk = Dhke::hash_to_curve_domain_separated(input_str.as_bytes()) - .unwrap() - .to_string(); - assert_eq!(pk, expected_result); - Ok(()) - } }