From 7a23eb3010ec1045ee9fd8c812b454afe5b8ecc5 Mon Sep 17 00:00:00 2001 From: Vasiliy Olekhov Date: Fri, 23 Aug 2024 13:52:40 +0300 Subject: [PATCH] Added macro for throw/assert of marshalling status #316 Add marshalling status checks everywhere #316 Reverted pedersen test, updated message #316 --- .../curves/pasta/plonk/endo_scalar.hpp | 2 +- ...variable_base_endo_scalar_mul_15_wires.hpp | 1 + .../pasta/plonk/variable_base_scalar_mul.hpp | 2 + .../plonk/non_native/bit_decomposition.hpp | 6 +-- .../plonk/non_native/comparison_checked.hpp | 2 +- .../plonk/non_native/comparison_flag.hpp | 5 ++- .../algebra/fields/plonk/range_check.hpp | 4 +- .../hashes/sha2/plonk/sha256_process.hpp | 26 ++++++----- .../hashes/sha2/plonk/sha512_process.hpp | 15 ++++--- .../nil/crypto3/hash/find_group_hash.hpp | 8 ++-- libs/hash/include/nil/crypto3/hash/h2f.hpp | 2 + .../include/nil/crypto3/hash/pedersen.hpp | 5 +-- libs/hash/test/CMakeLists.txt | 11 ++--- libs/hash/test/pedersen.cpp | 36 --------------- .../processing/detail/curve_element.hpp | 1 - libs/marshalling/core/CMakeLists.txt | 8 ++++ .../include/nil/marshalling/status_type.hpp | 16 +++++++ .../include/nil/crypto3/pkpad/emsa/emsa1.hpp | 8 +++- libs/pubkey/test/elgamal_verifiable.cpp | 2 + .../include/nil/crypto3/random/rfc6979.hpp | 5 ++- .../crypto3/zk/commitments/polynomial/kzg.hpp | 4 +- .../zk/commitments/polynomial/kzg_v2.hpp | 4 +- .../commitments/polynomial/powers_of_tau.hpp | 7 +-- .../polynomial/proof_of_knowledge.hpp | 9 ++-- .../polynomial/r1cs_gg_ppzksnark_mpc.hpp | 16 +++---- .../transcript_initialization_context.hpp | 2 +- .../nil/crypto3/zk/transcript/fiat_shamir.hpp | 6 +-- .../zk/transcript/kimchi_transcript.hpp | 44 ++++++++++--------- 28 files changed, 126 insertions(+), 131 deletions(-) diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/endo_scalar.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/endo_scalar.hpp index e3d549ebf..359948143 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/endo_scalar.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/endo_scalar.hpp @@ -220,7 +220,7 @@ namespace nil { std::array bits_msb_all = nil::marshalling::pack(integral_scalar, status); - assert(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "plonk_endo_scalar::generate_assignments"); std::copy(bits_msb_all.end() - component.scalar_size, bits_msb_all.end(), bits_msb.begin()); diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_endo_scalar_mul_15_wires.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_endo_scalar_mul_15_wires.hpp index 36e71e98c..5c747bd05 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_endo_scalar_mul_15_wires.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_endo_scalar_mul_15_wires.hpp @@ -177,6 +177,7 @@ namespace nil { nil::marshalling::status_type status; std::array bits_all = nil::marshalling::pack(integral_b, status); + THROW_IF_ERROR_STATUS(status, "curve_element_variable_base_endo_scalar_mul::generate_assignments"); std::copy(bits_all.end() - 128, bits_all.end(), bits.begin()); } diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_scalar_mul.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_scalar_mul.hpp index 57fa7a402..fb3a39747 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_scalar_mul.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/curves/pasta/plonk/variable_base_scalar_mul.hpp @@ -248,6 +248,7 @@ namespace nil { nil::marshalling::status_type status; std::array bits = nil::marshalling::pack(integral_b, status); + THROW_IF_ERROR_STATUS(status, "curve_element_variable_base_scalar_mul::generate_assignments"); typename BlueprintFieldType::value_type z_n2; typename BlueprintFieldType::value_type aux; @@ -267,6 +268,7 @@ namespace nil { const std::size_t base_size = 255; std::array aux_bits = nil::marshalling::pack(integral_aux, status); + THROW_IF_ERROR_STATUS(status, "curve_element_variable_base_scalar_mul::generate_assignments"); typename BlueprintFieldType::value_type n = 0; typename BlueprintFieldType::value_type n_next = 0; diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/bit_decomposition.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/bit_decomposition.hpp index 544ad56a1..7bff2448b 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/bit_decomposition.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/bit_decomposition.hpp @@ -193,8 +193,8 @@ namespace nil { nil::marshalling::status_type status; std::array bytes_all = nil::marshalling::pack(input, status); + THROW_IF_ERROR_STATUS(status, "bit_decomposition::calculate"); std::copy(bytes_all.end() - bits_amount, bytes_all.end(), bits.begin()); - assert(status == nil::marshalling::status_type::success); } std::vector true_bits(bits_amount); for (std::size_t i = 0; i < bits_amount; i++) { @@ -225,8 +225,8 @@ namespace nil { std::array bytes_all = nil::marshalling::pack( var_value(assignment, instance_input.input), status); + THROW_IF_ERROR_STATUS(status, "bit_decomposition::generate_assignments"); std::copy(bytes_all.end() - component.bits_amount, bytes_all.end(), input_bits.begin()); - assert(status == nil::marshalling::status_type::success); } // calling bit_builder_component's generate_assignments generate_assignments( @@ -324,4 +324,4 @@ namespace nil { } // namespace blueprint } // namespace nil -#endif // CRYPTO3_BLUEPRINT_COMPONENTS_VARIABLE_BASE_MULTIPLICATION_EDWARD25519_HPP \ No newline at end of file +#endif // CRYPTO3_BLUEPRINT_COMPONENTS_VARIABLE_BASE_MULTIPLICATION_EDWARD25519_HPP diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_checked.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_checked.hpp index 2fa2b6a9f..dd6af5322 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_checked.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_checked.hpp @@ -497,9 +497,9 @@ namespace nil { nil::marshalling::status_type status; std::array bytes_all = nil::marshalling::pack(integrals[i], status); + THROW_IF_ERROR_STATUS(status, "comparison_checked::generate_assignments"); std::copy(bytes_all.end() - component.bits_amount, bytes_all.end(), bits[i].begin() + component.padding_bits); - assert(status == nil::marshalling::status_type::success); } std::array, 2> chunks; diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_flag.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_flag.hpp index 44dee4f73..e4c9d3237 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_flag.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/non_native/comparison_flag.hpp @@ -314,9 +314,10 @@ namespace nil { nil::marshalling::status_type status; std::array bytes_all = nil::marshalling::pack(integrals[i], status); + THROW_IF_ERROR_STATUS(status, "comparison_flag::calculate"); + std::copy(bytes_all.end() - arg_bits_amount, bytes_all.end(), bits[i].begin() + padding_bits); - assert(status == nil::marshalling::status_type::success); } BOOST_ASSERT(padded_chunks * chunk_size == @@ -470,9 +471,9 @@ namespace nil { nil::marshalling::status_type status; std::array bytes_all = nil::marshalling::pack(integrals[i], status); + THROW_IF_ERROR_STATUS(status, "comparison_flag::generate_assignments"); std::copy(bytes_all.end() - component.bits_amount, bytes_all.end(), bits[i].begin() + component.padding_bits); - assert(status == nil::marshalling::status_type::success); } BOOST_ASSERT(component.padded_chunks * component.chunk_size == diff --git a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/range_check.hpp b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/range_check.hpp index 6bf2e2289..c7367b792 100644 --- a/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/range_check.hpp +++ b/libs/blueprint/include/nil/blueprint/components/algebra/fields/plonk/range_check.hpp @@ -267,9 +267,9 @@ namespace nil { nil::marshalling::status_type status; std::array bytes_all = nil::marshalling::pack(x_integral, status); + THROW_IF_ERROR_STATUS(status, "range_check::generate_assignments"); std::copy(bytes_all.end() - component.bits_amount, bytes_all.end(), bits.begin() + component.padding_bits); - assert(status == nil::marshalling::status_type::success); } BOOST_ASSERT(component.chunk_size <= 8); @@ -404,4 +404,4 @@ namespace nil { } // namespace blueprint } // namespace nil -#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_FIELD_RANGE_CHECK_HPP \ No newline at end of file +#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_FIELD_RANGE_CHECK_HPP diff --git a/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha256_process.hpp b/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha256_process.hpp index d68874c4f..e7862fe91 100644 --- a/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha256_process.hpp +++ b/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha256_process.hpp @@ -205,16 +205,17 @@ namespace nil { typename BlueprintFieldType::value_type g = input_state[6]; typename BlueprintFieldType::value_type h = input_state[7]; + nil::marshalling::status_type status; std::array sparse_values {}; for (std::size_t i = 0; i < 4; i++) { typename BlueprintFieldType::integral_type integral_input_state_sparse = typename BlueprintFieldType::integral_type(input_state[i].data); std::vector input_state_sparse(32); { - nil::marshalling::status_type status; std::vector input_state_sparse_all = nil::marshalling::pack(integral_input_state_sparse, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::calculate"); std::copy(input_state_sparse_all.end() - 32, input_state_sparse_all.end(), input_state_sparse.begin()); } @@ -230,10 +231,10 @@ namespace nil { typename BlueprintFieldType::integral_type(input_state[i].data); std::vector input_state_sparse(32); { - nil::marshalling::status_type status; std::vector input_state_sparse_all = nil::marshalling::pack(integral_input_state_sparse, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::calculate"); std::copy(input_state_sparse_all.end() - 32, input_state_sparse_all.end(), input_state_sparse.begin()); } @@ -254,9 +255,9 @@ namespace nil { typename BlueprintFieldType::integral_type(message_scheduling_words[(i - row) / 5 + 1].data); std::vector a(32); { - nil::marshalling::status_type status; std::vector a_all = nil::marshalling::pack(integral_a, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::calculate"); std::copy(a_all.end() - 32, a_all.end(), a.begin()); } @@ -276,9 +277,9 @@ namespace nil { typename BlueprintFieldType::integral_type(message_scheduling_words[(i - row) / 5 + 14].data); std::vector b(32); { - nil::marshalling::status_type status; std::vector b_all = nil::marshalling::pack(integral_b, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::calculate"); std::copy(b_all.end() - 32, b_all.end(), b.begin()); } @@ -313,9 +314,9 @@ namespace nil { typename BlueprintFieldType::integral_type(e.data); std::vector e_bits(32); { - nil::marshalling::status_type status; std::vector e_bits_all = nil::marshalling::pack(integral_e, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::calculate"); std::copy(e_bits_all.end() - 32, e_bits_all.end(), e_bits.begin()); } @@ -370,9 +371,9 @@ namespace nil { typename BlueprintFieldType::integral_type(a.data); std::vector a_bits(32); { - nil::marshalling::status_type status; std::vector a_bits_all = nil::marshalling::pack(integral_a, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::calculate"); std::copy(a_bits_all.end() - 32, a_bits_all.end(), a_bits.begin()); } @@ -1386,6 +1387,7 @@ namespace nil { typename BlueprintFieldType::value_type g = input_state[6]; typename BlueprintFieldType::value_type h = input_state[7]; + nil::marshalling::status_type status; std::array sparse_values {}; for (std::size_t i = 0; i < 4; i++) { assignment.witness(component.W(i), row) = input_state[i]; @@ -1393,10 +1395,10 @@ namespace nil { typename BlueprintFieldType::integral_type(input_state[i].data); std::vector input_state_sparse(32); { - nil::marshalling::status_type status; std::vector input_state_sparse_all = nil::marshalling::pack(integral_input_state_sparse, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::generate_assignments"); std::copy(input_state_sparse_all.end() - 32, input_state_sparse_all.end(), input_state_sparse.begin()); } @@ -1415,10 +1417,10 @@ namespace nil { typename BlueprintFieldType::integral_type(input_state[i].data); std::vector input_state_sparse(32); { - nil::marshalling::status_type status; std::vector input_state_sparse_all = nil::marshalling::pack(integral_input_state_sparse, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::generate_assignments"); std::copy(input_state_sparse_all.end() - 32, input_state_sparse_all.end(), input_state_sparse.begin()); } @@ -1444,9 +1446,9 @@ namespace nil { assignment.witness(component.W(0), i) = message_scheduling_words[(i - row) / 5 + 1]; std::vector a(32); { - nil::marshalling::status_type status; std::vector a_all = nil::marshalling::pack(integral_a, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::generate_assignments"); std::copy(a_all.end() - 32, a_all.end(), a.begin()); } @@ -1486,9 +1488,9 @@ namespace nil { typename BlueprintFieldType::integral_type(message_scheduling_words[(i - row) / 5 + 14].data); std::vector b(32); { - nil::marshalling::status_type status; std::vector b_all = nil::marshalling::pack(integral_b, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::generate_assignments"); std::copy(b_all.end() - 32, b_all.end(), b.begin()); } @@ -1555,9 +1557,9 @@ namespace nil { typename BlueprintFieldType::integral_type(e.data); std::vector e_bits(32); { - nil::marshalling::status_type status; std::vector e_bits_all = nil::marshalling::pack(integral_e, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::generate_assignments"); std::copy(e_bits_all.end() - 32, e_bits_all.end(), e_bits.begin()); } @@ -1655,9 +1657,9 @@ namespace nil { typename BlueprintFieldType::integral_type(a.data); std::vector a_bits(32); { - nil::marshalling::status_type status; std::vector a_bits_all = nil::marshalling::pack(integral_a, status); + THROW_IF_ERROR_STATUS(status, "sha256_process::generate_assignments"); std::copy(a_bits_all.end() - 32, a_bits_all.end(), a_bits.begin()); } diff --git a/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha512_process.hpp b/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha512_process.hpp index 3f1242676..c7efc8fca 100644 --- a/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha512_process.hpp +++ b/libs/blueprint/include/nil/blueprint/components/hashes/sha2/plonk/sha512_process.hpp @@ -456,14 +456,17 @@ namespace nil { typename BlueprintFieldType::value_type h = input_state[7]; std::array sparse_values {}; + nil::marshalling::status_type status; + for (std::size_t i = 0; i < 4; i++) { assignment.witness(component.W(i), row) = input_state[i]; typename BlueprintFieldType::integral_type integral_input_state_sparse = typename BlueprintFieldType::integral_type(input_state[i].data); std::vector input_state_sparse(64); { - nil::marshalling::status_type status; std::array input_state_sparse_all = nil::marshalling::pack(integral_input_state_sparse, status); + THROW_IF_ERROR_STATUS(status, "plonk_sha512_process::generate_assignments"); + std::copy(input_state_sparse_all.end() - 64, input_state_sparse_all.end(), input_state_sparse.begin()); } @@ -480,8 +483,8 @@ namespace nil { typename BlueprintFieldType::integral_type(input_state[i].data); std::vector input_state_sparse(64); { - nil::marshalling::status_type status; std::array input_state_sparse_all = nil::marshalling::pack(integral_input_state_sparse, status); + THROW_IF_ERROR_STATUS(status, "plonk_sha512_process::generate_assignments"); std::copy(input_state_sparse_all.end() - 64, input_state_sparse_all.end(), input_state_sparse.begin()); } @@ -506,8 +509,8 @@ namespace nil { assignment.witness(component.W(0), i) = message_scheduling_words[(i - row) / 6 + 1]; std::vector a(64); { - nil::marshalling::status_type status; std::array a_all = nil::marshalling::pack(integral_a, status); + THROW_IF_ERROR_STATUS(status, "plonk_sha512_process::generate_assignments"); std::copy(a_all.end() - 64, a_all.end(), a.begin()); } @@ -560,8 +563,8 @@ namespace nil { message_scheduling_words[(i - row) / 6 + 14].data); std::vector b(64); { - nil::marshalling::status_type status; std::array b_all = nil::marshalling::pack(integral_b, status); + THROW_IF_ERROR_STATUS(status, "plonk_sha512_process::generate_assignments"); std::copy(b_all.end() - 64, b_all.end(), b.begin()); } @@ -627,8 +630,8 @@ namespace nil { typename BlueprintFieldType::integral_type(e.data); std::vector e_bits(64); { - nil::marshalling::status_type status; std::array e_bits_all = nil::marshalling::pack(integral_e, status); + THROW_IF_ERROR_STATUS(status, "plonk_sha512_process::generate_assignments"); std::copy(e_bits_all.end() - 64, e_bits_all.end(), e_bits.begin()); } @@ -730,8 +733,8 @@ namespace nil { typename BlueprintFieldType::integral_type(a.data); std::vector a_bits(64); { - nil::marshalling::status_type status; std::array a_bits_all = nil::marshalling::pack(integral_a, status); + THROW_IF_ERROR_STATUS(status, "plonk_sha512_process::generate_assignments"); std::copy(a_bits_all.end() - 64, a_bits_all.end(), a_bits.begin()); } diff --git a/libs/hash/include/nil/crypto3/hash/find_group_hash.hpp b/libs/hash/include/nil/crypto3/hash/find_group_hash.hpp index b34f1d9fa..0333e29d8 100644 --- a/libs/hash/include/nil/crypto3/hash/find_group_hash.hpp +++ b/libs/hash/include/nil/crypto3/hash/find_group_hash.hpp @@ -133,11 +133,13 @@ namespace nil { if (status == nil::marshalling::status_type::success) { break; } - // TODO: return status - assert(i < 256); + + if (i >= 256) { + THROW_IF_ERROR_STATUS(status, "find_group_hash::process"); + } } point = typename curve_type::scalar_field_type::value_type(group_type::params_type::cofactor) * point; - // TODO: return status + assert(!point.is_zero()); assert(point.is_well_formed()); diff --git a/libs/hash/include/nil/crypto3/hash/h2f.hpp b/libs/hash/include/nil/crypto3/hash/h2f.hpp index 2201dd035..aa4a003bf 100644 --- a/libs/hash/include/nil/crypto3/hash/h2f.hpp +++ b/libs/hash/include/nil/crypto3/hash/h2f.hpp @@ -142,6 +142,7 @@ namespace nil { nil::marshalling::status_type status; boost::multiprecision::number> tmp = nil::marshalling::pack(imported_octets, status); + THROW_IF_ERROR_STATUS(status, "h2f::process"); coordinates[j] = modular_type(typename modular_type::backend_type(tmp.backend())); } result[i] = coordinates[0]; @@ -170,6 +171,7 @@ namespace nil { nil::marshalling::status_type status; boost::multiprecision::number> tmp = nil::marshalling::pack(imported_octets, status); + THROW_IF_ERROR_STATUS(status, "h2f::process"); coordinates[j] = modular_type(typename modular_type::backend_type(tmp.backend())); } result[i] = field_value_type(coordinates[0], coordinates[1]); diff --git a/libs/hash/include/nil/crypto3/hash/pedersen.hpp b/libs/hash/include/nil/crypto3/hash/pedersen.hpp index 464d0b8e8..23e2e23c9 100644 --- a/libs/hash/include/nil/crypto3/hash/pedersen.hpp +++ b/libs/hash/include/nil/crypto3/hash/pedersen.hpp @@ -1,6 +1,7 @@ //---------------------------------------------------------------------------// // Copyright (c) 2021 Mikhail Komarov // Copyright (c) 2021 Ilias Khairullin +// Copyright (c) 2024 Vasiliy Olekhov // // MIT License // @@ -26,8 +27,6 @@ #ifndef CRYPTO3_HASH_PEDERSEN_HPP #define CRYPTO3_HASH_PEDERSEN_HPP -#include - #include #include #include @@ -241,9 +240,9 @@ namespace nil { static inline result_type process(internal_accumulator_type &acc) { auto result_point = nil::crypto3::accumulators::extract::hash(acc); nil::marshalling::status_type status; - // TODO: check status result_type result = nil::marshalling::pack(result_point, status); + THROW_IF_ERROR_STATUS(status, "Pedersen hash processing"); return result; } }; diff --git a/libs/hash/test/CMakeLists.txt b/libs/hash/test/CMakeLists.txt index 95e859d28..1915e96f7 100644 --- a/libs/hash/test/CMakeLists.txt +++ b/libs/hash/test/CMakeLists.txt @@ -69,13 +69,10 @@ set(TESTS_NAMES if(CRYPTO3_HASH_PEDERSEN) list(APPEND TESTS_NAMES - find_group_hash - h2c - h2f) - - if(CRYPTO3_HASH_PEDERSEN) - list(APPEND TESTS_NAMES pedersen) - endif() + pedersen + find_group_hash + h2c + h2f) endif() foreach(TEST_NAME ${TESTS_NAMES}) diff --git a/libs/hash/test/pedersen.cpp b/libs/hash/test/pedersen.cpp index caa986aa1..32e18426d 100644 --- a/libs/hash/test/pedersen.cpp +++ b/libs/hash/test/pedersen.cpp @@ -44,42 +44,6 @@ using namespace nil::crypto3; using namespace nil::crypto3::algebra; -template -void print_field_element(std::ostream &os, const typename fields::detail::element_fp &e) { - std::cout << e.data << std::endl; -} - -template -void print_curve_point(std::ostream &os, - const curves::detail::curve_element &p) { - os << "( X: ["; - print_field_element(os, p.X); - os << "], Y: ["; - print_field_element(os, p.Y); - os << "] )" << std::endl; -} - -namespace boost { - namespace test_tools { - namespace tt_detail { - template - struct print_log_value> { - void operator()(std::ostream &os, - const curves::detail::curve_element &p) { - print_curve_point(os, p); - } - }; - - template class P, typename K, typename V> - struct print_log_value> { - void operator()(std::ostream &, P const &) { - } - }; - - } // namespace tt_detail - } // namespace test_tools -} // namespace boost - BOOST_AUTO_TEST_SUITE(hash_pedersen_manual_test_suite) BOOST_AUTO_TEST_CASE(hash_pedersen_jubjub_sha256_default_params_manual_test) { diff --git a/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp b/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp index 6b8e61a4c..bbed22937 100644 --- a/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp +++ b/libs/marshalling/algebra/include/nil/crypto3/marshalling/algebra/processing/detail/curve_element.hpp @@ -101,7 +101,6 @@ namespace nil { using group_type = typename GroupAffineElement::group_type; using group_affine_value_type = GroupAffineElement; - // TODO: throw catchable error, for example return status if (y_int >= base_field_type::modulus) { return nil::marshalling::status_type::invalid_msg_data; } diff --git a/libs/marshalling/core/CMakeLists.txt b/libs/marshalling/core/CMakeLists.txt index 4ecdd8978..2d51db92a 100644 --- a/libs/marshalling/core/CMakeLists.txt +++ b/libs/marshalling/core/CMakeLists.txt @@ -11,6 +11,14 @@ include(CMSetupVersion) option(BUILD_WITH_NO_WARNINGS "Build threading warnings as errors" FALSE) +# When set, the code always throws on invalid data. +# If not set, the code is using BOOST_VERIFY - noop in release and stop in debug +option(CRYPTO3_MARSHALLING_THROWS "Throw exceptions when marshalling invalid data" TRUE) + +if(CRYPTO3_MARSHALLING_THROWS) + add_definitions(-DCRYPTO3_MARSHALLING_THROWS) +endif() + cm_setup_version(VERSION 0.1.0 PREFIX ${CMAKE_WORKSPACE_NAME}_${CURRENT_PROJECT_NAME}) add_library(${CMAKE_WORKSPACE_NAME}_${CURRENT_PROJECT_NAME} INTERFACE) diff --git a/libs/marshalling/core/include/nil/marshalling/status_type.hpp b/libs/marshalling/core/include/nil/marshalling/status_type.hpp index 15dc896be..b8158d645 100644 --- a/libs/marshalling/core/include/nil/marshalling/status_type.hpp +++ b/libs/marshalling/core/include/nil/marshalling/status_type.hpp @@ -1,6 +1,7 @@ //---------------------------------------------------------------------------// // Copyright (c) 2017-2021 Mikhail Komarov // Copyright (c) 2020-2021 Nikita Kaskov +// Copyright (c) 2024 Vasiliy Olekhov // // MIT License // @@ -114,5 +115,20 @@ inline std::error_code make_error_code(nil::marshalling::status_type e) return {static_cast(e), category}; } +#if defined(CRYPTO3_MARSHALLING_THROWS) + +#define THROW_IF_ERROR_STATUS(status, message) \ + if (nil::marshalling::status_type::success != status) { \ + std::stringstream os; os << "While performing operation " << std::string(message) \ + << " marshalling error status received: " << make_error_code(status) \ + << " @" << __FILE__ << ":" << __LINE__ << std::endl; \ + throw std::invalid_argument(os); \ + } + +#else + +#define THROW_IF_ERROR_STATUS(status, message) \ + BOOST_VERIFY_MSG(nil::marshalling::status_type::success == status, message) +#endif #endif // MARSHALLING_STATUS_TYPE_HPP diff --git a/libs/pkpad/include/nil/crypto3/pkpad/emsa/emsa1.hpp b/libs/pkpad/include/nil/crypto3/pkpad/emsa/emsa1.hpp index 5a2aa8ad9..9a32fff43 100644 --- a/libs/pkpad/include/nil/crypto3/pkpad/emsa/emsa1.hpp +++ b/libs/pkpad/include/nil/crypto3/pkpad/emsa/emsa1.hpp @@ -89,7 +89,9 @@ namespace nil { ::nil::crypto3::accumulators::extract::hash(acc); nil::marshalling::status_type status; - return ::nil::marshalling::pack<::nil::marshalling::option::big_endian>(digest, status); + result_type result = ::nil::marshalling::pack<::nil::marshalling::option::big_endian>(digest, status); + THROW_IF_ERROR_STATUS(status, "emsa1_encoding_policy::process"); + return result; } template( + result_type result = ::nil::marshalling::pack<::nil::marshalling::option::big_endian>( modulus_octets_container, status); + THROW_IF_ERROR_STATUS(status, "emsa_encoding_policy::process"); + return result; } }; diff --git a/libs/pubkey/test/elgamal_verifiable.cpp b/libs/pubkey/test/elgamal_verifiable.cpp index 518aa63cc..cc352c94d 100644 --- a/libs/pubkey/test/elgamal_verifiable.cpp +++ b/libs/pubkey/test/elgamal_verifiable.cpp @@ -232,6 +232,7 @@ struct marshalling_verification_data_groth16_encrypted_input { std::vector blob(filled_val.length()); auto it = std::begin(blob); nil::marshalling::status_type status = filled_val.write(it, blob.size()); + THROW_IF_ERROR_STATUS(status, "marshalling_verification_data_groth16_encrypted_input::serialize_obj"); return blob; } @@ -299,6 +300,7 @@ struct marshalling_verification_data_groth16_encrypted_input { MarshallingType marshalling_obj; auto it = std::cbegin(blob); nil::marshalling::status_type status = marshalling_obj.read(it, blob.size()); + THROW_IF_ERROR_STATUS(status, "marshalling_verification_data_groth16_encrypted_input::read_obj"); return f(marshalling_obj); } diff --git a/libs/random/include/nil/crypto3/random/rfc6979.hpp b/libs/random/include/nil/crypto3/random/rfc6979.hpp index d76d78f03..0f61af8da 100644 --- a/libs/random/include/nil/crypto3/random/rfc6979.hpp +++ b/libs/random/include/nil/crypto3/random/rfc6979.hpp @@ -172,8 +172,10 @@ namespace nil { template static inline modulus_octets_container_type bits2octets(const InputRange& range) { nil::marshalling::status_type status; - return ::nil::marshalling::pack<::nil::marshalling::option::big_endian>( + auto result = ::nil::marshalling::pack<::nil::marshalling::option::big_endian>( field_value_type(bits2int(range)), status); + THROW_IF_ERROR_STATUS(status, "rfc6979::bits2octets"); + return result; } inline void seed(const result_type& x, const digest_type& h1) { @@ -190,6 +192,7 @@ namespace nil { nil::marshalling::status_type status; modulus_octets_container_type int2octets_x = ::nil::marshalling::pack<::nil::marshalling::option::big_endian>(x, status); + THROW_IF_ERROR_STATUS(status, "rfc6979::seed"); auto bits2octets_h1 = bits2octets(h1); compute(V, acc_d); diff --git a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg.hpp b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg.hpp index d281a9d3e..58d02f6ca 100644 --- a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg.hpp +++ b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg.hpp @@ -746,7 +746,7 @@ namespace nil { nil::marshalling::status_type status; std::vector single_commitment_bytes = nil::marshalling::pack(single_commitment, status); - BOOST_ASSERT(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "kzg::commit"); result.insert(result.end(), single_commitment_bytes.begin(), single_commitment_bytes.end()); } _commitments[index] = result; @@ -835,7 +835,7 @@ namespace nil { nil::marshalling::status_type status; typename curve_type::template g1_type<>::value_type i_th_commitment = nil::marshalling::pack(byteblob, status); - BOOST_ASSERT(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "kzg::verify_eval"); auto U_commit = nil::crypto3::zk::algorithms::commit_one(_params, this->get_U( k, diff --git a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg_v2.hpp b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg_v2.hpp index dbfea511f..d708a3128 100644 --- a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg_v2.hpp +++ b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/kzg_v2.hpp @@ -203,7 +203,7 @@ namespace nil { nil::marshalling::status_type status; std::vector single_commitment_bytes = nil::marshalling::pack(single_commitment, status); - BOOST_ASSERT(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "kzg_v2::commit"); result.insert(result.end(), single_commitment_bytes.begin(), single_commitment_bytes.end()); } _commitments[index] = result; @@ -321,7 +321,7 @@ namespace nil { } typename curve_type::template g1_type<>::value_type cm_i = nil::marshalling::pack(byteblob, status); - BOOST_ASSERT(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "kzg_v2::verify_eval"); auto Z_T_S_i = set_difference_polynom(_merged_points, this->_points.at(k)[i]).evaluate( theta_2); F += theta_i * Z_T_S_i * cm_i; diff --git a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/powers_of_tau.hpp b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/powers_of_tau.hpp index c75918d4a..4d0dc9def 100644 --- a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/powers_of_tau.hpp +++ b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/powers_of_tau.hpp @@ -175,11 +175,8 @@ namespace nil { std::vector blob(filled_val.length()); auto it = std::begin(blob); nil::marshalling::status_type status = filled_val.write(it, blob.size()); - if (status != nil::marshalling::status_type::success) { - return {}; - } else { - return blob; - } + THROW_IF_ERROR_STATUS(status, "powers_of_tau::serialize_accumulator"); + return blob; } }; } // namespace commitments diff --git a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/proof_of_knowledge.hpp b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/proof_of_knowledge.hpp index f1091c5cd..1a812d0d8 100644 --- a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/proof_of_knowledge.hpp +++ b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/proof_of_knowledge.hpp @@ -111,11 +111,8 @@ namespace nil { std::vector blob(filled_val.length()); auto it = std::begin(blob); nil::marshalling::status_type status = filled_val.write(it, blob.size()); - if (status != nil::marshalling::status_type::success) { - return {}; - } else { - return blob; - } + THROW_IF_ERROR_STATUS(status, "proof_of_knowledge::serialize_g1_uncompressed"); + return blob; } }; } // namespace commitments @@ -123,4 +120,4 @@ namespace nil { } // namespace crypto3 } // namespace nil -#endif // CRYPTO3_ZK_PROOF_OF_KNOWLEDGE_HPP \ No newline at end of file +#endif // CRYPTO3_ZK_PROOF_OF_KNOWLEDGE_HPP diff --git a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/r1cs_gg_ppzksnark_mpc.hpp b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/r1cs_gg_ppzksnark_mpc.hpp index 7e653042a..ae704b245 100644 --- a/libs/zk/include/nil/crypto3/zk/commitments/polynomial/r1cs_gg_ppzksnark_mpc.hpp +++ b/libs/zk/include/nil/crypto3/zk/commitments/polynomial/r1cs_gg_ppzksnark_mpc.hpp @@ -218,11 +218,8 @@ namespace nil { std::vector blob(filled_val.length()); auto it = std::begin(blob); nil::marshalling::status_type status = filled_val.write(it, blob.size()); - if (status != nil::marshalling::status_type::success) { - return {}; - } else { - return blob; - } + THROW_IF_ERROR_STATUS(status, "r1cs_gg_ppzksnark_mpc::serialize_public_key"); + return blob; } static std::vector @@ -235,11 +232,8 @@ namespace nil { std::vector blob(filled_val.length()); auto it = std::begin(blob); nil::marshalling::status_type status = filled_val.write(it, blob.size()); - if (status != nil::marshalling::status_type::success) { - return {}; - } else { - return blob; - } + THROW_IF_ERROR_STATUS(status, "r1cs_gg_ppzksnark_mpc::serialize_constraint_system"); + return blob; } }; } // namespace commitments @@ -247,4 +241,4 @@ namespace nil { } // namespace crypto3 } // namespace nil -#endif // CRYPTO3_ZK_R1CS_GG_PPZKSNARK_MPC_HPP \ No newline at end of file +#endif // CRYPTO3_ZK_R1CS_GG_PPZKSNARK_MPC_HPP diff --git a/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/detail/transcript_initialization_context.hpp b/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/detail/transcript_initialization_context.hpp index db7e6cd2c..98cc6d941 100644 --- a/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/detail/transcript_initialization_context.hpp +++ b/libs/zk/include/nil/crypto3/zk/snark/systems/plonk/placeholder/detail/transcript_initialization_context.hpp @@ -124,7 +124,7 @@ namespace nil { std::vector cv(filled_context.length(), 0x00); auto write_iter = cv.begin(); nil::marshalling::status_type status = filled_context.write(write_iter, cv.size()); - BOOST_ASSERT(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "transcript_initialization_context::compute_constraint_system_with_params_hash"); // Append constraint_system to the buffer "cv". using FieldType = typename PlaceholderParamsType::field_type; diff --git a/libs/zk/include/nil/crypto3/zk/transcript/fiat_shamir.hpp b/libs/zk/include/nil/crypto3/zk/transcript/fiat_shamir.hpp index d945c291b..8f8ce1be0 100644 --- a/libs/zk/include/nil/crypto3/zk/transcript/fiat_shamir.hpp +++ b/libs/zk/include/nil/crypto3/zk/transcript/fiat_shamir.hpp @@ -94,6 +94,7 @@ namespace nil { nil::marshalling::status_type status; typename hash_type::construction::type::block_type byte_data = nil::marshalling::pack(data, status); + THROW_IF_ERROR_STATUS(status, "fiat_shamir_heuristic_accumulative::operator()"); acc(byte_data); } } @@ -175,7 +176,7 @@ namespace nil { nil::marshalling::status_type status; std::vector byte_data = nil::marshalling::pack(data, status); - BOOST_ASSERT(status == nil::marshalling::status_type::success); + THROW_IF_ERROR_STATUS(status, "fiat_shamir_heuristic_sequential::operator()"); auto acc_convertible = hash(state); state = accumulators::extract::hash( hash(byte_data, static_cast &>(acc_convertible))); @@ -201,8 +202,7 @@ namespace nil { nil::marshalling::status_type status; boost::multiprecision::number raw_result = nil::marshalling::pack(state, status); - BOOST_ASSERT(status == nil::marshalling::status_type::success); - + THROW_IF_ERROR_STATUS(status, "fiat_shamir_heuristic_sequential::challenge"); return raw_result; } diff --git a/libs/zk/include/nil/crypto3/zk/transcript/kimchi_transcript.hpp b/libs/zk/include/nil/crypto3/zk/transcript/kimchi_transcript.hpp index 026f5909b..a953d35d9 100644 --- a/libs/zk/include/nil/crypto3/zk/transcript/kimchi_transcript.hpp +++ b/libs/zk/include/nil/crypto3/zk/transcript/kimchi_transcript.hpp @@ -41,6 +41,7 @@ namespace nil { std::reverse(limbs_lsb.begin(), limbs_lsb.end()); integral_type res = nil::marshalling::pack(limbs_lsb, status); + THROW_IF_ERROR_STATUS(status, "std::vector to integral_type"); return res; } @@ -49,8 +50,9 @@ namespace nil { std::vector unpack(value_type &value) { nil::marshalling::status_type status; integral_type scalar_value = integral_type(value.data); - std::vector limbs_lsb = nil::marshalling::pack( - scalar_value, status); + std::vector limbs_lsb = + nil::marshalling::pack(scalar_value, status); + THROW_IF_ERROR_STATUS(status, "integral_type to std::vector"); std::reverse(limbs_lsb.begin(), limbs_lsb.end()); limbs_lsb.resize(CHALLENGE_LENGTH_IN_LIMBS); @@ -104,7 +106,6 @@ namespace nil { pack(limbs)); } else { auto sq = this->sponge.squeeze(); - nil::marshalling::status_type status; std::vector x = unpack( sq); @@ -205,10 +206,9 @@ namespace nil { return limbs; } else { auto sq = this->sponge.squeeze(); - nil::marshalling::status_type status; - - std::vector x = unpack( - sq); + std::vector x = unpack< + typename base_field_type::value_type, + typename base_field_type::integral_type>(sq); for (int i = 0; i < HIGH_ENTROPY_LIMBS; ++i) { this->last_squeezed.push_back(x[i]); @@ -225,7 +225,6 @@ namespace nil { typename scalar_field_type::value_type squeeze(std::size_t num_limbs) { auto limbs = this->squeeze_limbs(num_limbs); - nil::marshalling::status_type status; auto first_value = pack(limbs); typename scalar_field_type::value_type res = typename scalar_field_type::value_type( pack(limbs)); @@ -258,23 +257,26 @@ namespace nil { } else { nil::marshalling::status_type status; typename scalar_field_type::integral_type scalar_f(f.data); - std::vector bits = nil::marshalling::pack( - scalar_f, status); + std::vector bits = + nil::marshalling::pack(scalar_f, status); + THROW_IF_ERROR_STATUS(status, "FqSponge::absorb_fr"); std::vector shifted_bits(bits.size(), false); std::copy(bits.begin(), bits.end() - 1, shifted_bits.begin() + 1); - typename base_field_type::integral_type low_bit = bits.back() ? - typename base_field_type::integral_type(1) - : typename base_field_type::integral_type( - 0); - typename base_field_type::integral_type high_bits = nil::marshalling::pack( - shifted_bits, status); - - typename base_field_type::value_type high_bits_field = typename base_field_type::value_type( - high_bits); - typename base_field_type::value_type low_bit_field = typename base_field_type::value_type( - low_bit); + typename base_field_type::integral_type low_bit = + bits.back() ? + typename base_field_type::integral_type(1) : + typename base_field_type::integral_type(0); + + typename base_field_type::integral_type high_bits = + nil::marshalling::pack(shifted_bits, status); + THROW_IF_ERROR_STATUS(status, "FqSponge::absorb_fr"); + + typename base_field_type::value_type high_bits_field = + typename base_field_type::value_type(high_bits); + typename base_field_type::value_type low_bit_field = + typename base_field_type::value_type(low_bit); this->sponge.absorb(high_bits_field); this->sponge.absorb(low_bit_field);