diff options
Diffstat (limited to 'src/ringct')
| -rw-r--r-- | src/ringct/bulletproofs.cc | 62 | ||||
| -rw-r--r-- | src/ringct/rctSigs.cpp | 1 | ||||
| -rw-r--r-- | src/ringct/rctTypes.h | 2 |
3 files changed, 36 insertions, 29 deletions
diff --git a/src/ringct/bulletproofs.cc b/src/ringct/bulletproofs.cc index e394ef088..6270d4d14 100644 --- a/src/ringct/bulletproofs.cc +++ b/src/ringct/bulletproofs.cc @@ -48,12 +48,12 @@ extern "C" //#define DEBUG_BP -#if 1 +#if 0 #define PERF_TIMER_START_BP(x) PERF_TIMER_START_UNIT(x, 1000000) #define PERF_TIMER_STOP_BP(x) PERF_TIMER_STOP(x) #else -#define PERF_TIMER_START_BP(x) ((void*)0) -#define PERF_TIMER_STOP_BP(x) ((void*)0) +#define PERF_TIMER_START_BP(x) ((void)0) +#define PERF_TIMER_STOP_BP(x) ((void)0) #endif #define STRAUS_SIZE_LIMIT 232 @@ -439,35 +439,35 @@ static epee::span<const rct::key> slice(const rct::keyV &a, size_t start, size_t static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1) { - rct::keyV data; - data.reserve(3); - data.push_back(hash_cache); - data.push_back(mash0); - data.push_back(mash1); - return hash_cache = rct::hash_to_scalar(data); + rct::key data[3]; + data[0] = hash_cache; + data[1] = mash0; + data[2] = mash1; + rct::hash_to_scalar(hash_cache, data, sizeof(data)); + return hash_cache; } static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1, const rct::key &mash2) { - rct::keyV data; - data.reserve(4); - data.push_back(hash_cache); - data.push_back(mash0); - data.push_back(mash1); - data.push_back(mash2); - return hash_cache = rct::hash_to_scalar(data); + rct::key data[4]; + data[0] = hash_cache; + data[1] = mash0; + data[2] = mash1; + data[3] = mash2; + rct::hash_to_scalar(hash_cache, data, sizeof(data)); + return hash_cache; } static rct::key hash_cache_mash(rct::key &hash_cache, const rct::key &mash0, const rct::key &mash1, const rct::key &mash2, const rct::key &mash3) { - rct::keyV data; - data.reserve(5); - data.push_back(hash_cache); - data.push_back(mash0); - data.push_back(mash1); - data.push_back(mash2); - data.push_back(mash3); - return hash_cache = rct::hash_to_scalar(data); + rct::key data[5]; + data[0] = hash_cache; + data[1] = mash0; + data[2] = mash1; + data[3] = mash2; + data[4] = mash3; + rct::hash_to_scalar(hash_cache, data, sizeof(data)); + return hash_cache; } /* Given a value v (0..2^N-1) and a mask gamma, construct a range proof */ @@ -825,6 +825,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs) size_t inv_offset = 0; std::vector<rct::key> to_invert; to_invert.reserve(11 * sizeof(proofs)); + size_t max_logM = 0; for (const Bulletproof *p: proofs) { const Bulletproof &proof = *p; @@ -861,6 +862,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs) size_t M; for (pd.logM = 0; (M = 1<<pd.logM) <= maxM && M < proof.V.size(); ++pd.logM); CHECK_AND_ASSERT_MES(proof.L.size() == 6+pd.logM, false, "Proof is not the expected size"); + max_logM = std::max(pd.logM, max_logM); const size_t rounds = pd.logM+logN; CHECK_AND_ASSERT_MES(rounds > 0, false, "Zero rounds"); @@ -888,7 +890,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs) rct::key tmp; std::vector<MultiexpData> multiexp_data; - multiexp_data.reserve(nV + (2 * (10/*logM*/ + logN) + 4) * proofs.size() + 2 * maxMN); + multiexp_data.reserve(nV + (2 * (max_logM + logN) + 4) * proofs.size() + 2 * maxMN); multiexp_data.resize(2 * maxMN); PERF_TIMER_START_BP(VERIFY_line_24_25_invert); @@ -901,6 +903,8 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs) rct::keyV m_z4(maxMN, rct::zero()), m_z5(maxMN, rct::zero()); rct::key m_y0 = rct::zero(), y1 = rct::zero(); int proof_data_index = 0; + rct::keyV w_cache; + rct::keyV proof8_V, proof8_L, proof8_R; for (const Bulletproof *p: proofs) { const Bulletproof &proof = *p; @@ -913,9 +917,9 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs) const rct::key weight_z = rct::skGen(); // pre-multiply some points by 8 - rct::keyV proof8_V = proof.V; for (rct::key &k: proof8_V) k = rct::scalarmult8(k); - rct::keyV proof8_L = proof.L; for (rct::key &k: proof8_L) k = rct::scalarmult8(k); - rct::keyV proof8_R = proof.R; for (rct::key &k: proof8_R) k = rct::scalarmult8(k); + proof8_V.resize(proof.V.size()); for (size_t i = 0; i < proof.V.size(); ++i) proof8_V[i] = rct::scalarmult8(proof.V[i]); + proof8_L.resize(proof.L.size()); for (size_t i = 0; i < proof.L.size(); ++i) proof8_L[i] = rct::scalarmult8(proof.L[i]); + proof8_R.resize(proof.R.size()); for (size_t i = 0; i < proof.R.size(); ++i) proof8_R[i] = rct::scalarmult8(proof.R[i]); rct::key proof8_T1 = rct::scalarmult8(proof.T1); rct::key proof8_T2 = rct::scalarmult8(proof.T2); rct::key proof8_S = rct::scalarmult8(proof.S); @@ -976,7 +980,7 @@ bool bulletproof_VERIFY(const std::vector<const Bulletproof*> &proofs) // precalc PERF_TIMER_START_BP(VERIFY_line_24_25_precalc); - rct::keyV w_cache(1<<rounds); + w_cache.resize(1<<rounds); w_cache[0] = winv[0]; w_cache[1] = pd.w[0]; for (size_t j = 1; j < rounds; ++j) diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index e877c13ce..ff2a81d43 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -695,6 +695,7 @@ namespace rct { CHECK_AND_ASSERT_THROW_MES(mixRing[n].size() == inSk.size(), "Bad mixRing size"); } CHECK_AND_ASSERT_THROW_MES((kLRki && msout) || (!kLRki && !msout), "Only one of kLRki/msout is present"); + CHECK_AND_ASSERT_THROW_MES(inSk.size() < 2, "genRct is not suitable for 2+ rings"); rctSig rv; rv.type = RCTTypeFull; diff --git a/src/ringct/rctTypes.h b/src/ringct/rctTypes.h index 50d0f4d91..e5413f1dc 100644 --- a/src/ringct/rctTypes.h +++ b/src/ringct/rctTypes.h @@ -191,6 +191,8 @@ namespace rct { Bulletproof(const rct::keyV &V, const rct::key &A, const rct::key &S, const rct::key &T1, const rct::key &T2, const rct::key &taux, const rct::key &mu, const rct::keyV &L, const rct::keyV &R, const rct::key &a, const rct::key &b, const rct::key &t): V(V), A(A), S(S), T1(T1), T2(T2), taux(taux), mu(mu), L(L), R(R), a(a), b(b), t(t) {} + bool operator==(const Bulletproof &other) const { return V == other.V && A == other.A && S == other.S && T1 == other.T1 && T2 == other.T2 && taux == other.taux && mu == other.mu && L == other.L && R == other.R && a == other.a && b == other.b && t == other.t; } + BEGIN_SERIALIZE_OBJECT() // Commitments aren't saved, they're restored via outPk // FIELD(V) |