Merge pull request #48 from dfns/update-ec

Update `generic-ec` dep to v0.3

.github/changelog.sh

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+m_branch=m;
+
+# fetch master since we might be in a shallow clone
+git fetch origin "$m_branch:$m_branch" --depth=1
+
+changed=0;
+dir=.;
+# check if version changed
+if git diff "$m_branch" -- "Cargo.toml" | grep -q "^-version = "; then
+    # check if changelog updated
+    if git diff --exit-code --no-patch "$m_branch" -- "CHANGELOG.md"; then
+        echo "$dir version changed, but CHANGELOG.md is not updated"
+        changed=1;
+    fi
+fi
+
+exit "$changed";

.github/workflows/rust.yml

@@ -9,24 +9,69 @@ env:
   CARGO_NET_GIT_FETCH_WITH_CLI: true
 
 jobs:
-  build:
+  check-serde:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
+    - name: Check with serde support
+      run: cargo check --features serde
+  check:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
+    - name: Check
+      run: cargo check
+  tests:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@v3
     - uses: Swatinem/rust-cache@v2
       with:
         cache-on-failure: "true"
-    - name: Build with serde support
-      run: cargo build --release --features serde
-    - name: Build
-      run: cargo build --release
     - name: Run tests
       run: cargo test --release --lib
+  doc-tests:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
     - name: Run doc tests
-      run: cargo test --doc --features __internal_doctest
+      run: cargo test --release --doc --features __internal_doctest
+  fmt:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
     - name: Check formatting
       run: cargo fmt --all -- --check
+  clippy:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
+    - name: Run clippy
+      run: cargo clippy --lib -- -D clippy::all
+  clippy-tests:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: Swatinem/rust-cache@v2
+      with:
+        cache-on-failure: "true"
     - name: Run clippy
-      run: cargo clippy --all --lib -- --no-deps -D clippy::all -D clippy::unwrap_used -D clippy::expect_used
-    - name: Run clippy tests
       run: cargo clippy --tests -- -D clippy::all
+  check-changelog:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Check changelogs
+      run: ./.github/changelog.sh

CHANGELOG.md

@@ -0,0 +1,8 @@
+## v0.3.0
+* Update `generic-ec` dep to v0.3 [#48]
+
+[#48]: https://github.com/dfns/paillier-zk/pull/48
+
+## v0.2.0
+
+All changes prior to this version were not documented

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "paillier-zk"
-version = "0.2.0"
+version = "0.3.0"
 edition = "2021"
 license = "MIT OR Apache-2.0"
 description = "ZK-proofs for Paillier encryption scheme"
@@ -11,7 +11,7 @@ keywords = ["paillier", "zk-proofs", "zero-knowledge"]
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-generic-ec = "0.2"
+generic-ec = "0.3"
 rand_core = { version = "0.6", default-features = false }
 digest = "0.10"
 fast-paillier = "0.1"
@@ -23,7 +23,7 @@ serde = { version = "1", features = ["derive"], optional = true }
 serde_with = { version = "3", default-features = false, features = ["macros"], optional = true }
 
 [dev-dependencies]
-generic-ec = { version = "0.2", features = ["all-curves"] }
+generic-ec = { version = "0.3", features = ["all-curves"] }
 rand_dev = { version = "0.1.0", default-features = false }
 sha2 = { version = "0.10", default-features = false }
 

src/curve.rs

@@ -225,12 +225,29 @@ impl generic_ec::core::IntegerEncoding for Scalar {
         self.0.to_le_bytes()
     }
 
-    fn from_be_bytes(bytes: &Self::Bytes) -> Self {
-        u64::from_be_bytes(*bytes).into()
+    fn from_be_bytes_mod_order(bytes: &[u8]) -> Self {
+        use generic_ec::core::{Additive, Multiplicative};
+
+        let scalar_0x100 = Scalar::from(0x100);
+        bytes
+            .iter()
+            .map(|i| Scalar::from(u64::from(*i)))
+            .fold(Scalar::default(), |acc, i| {
+                Scalar::add(&Scalar::mul(&acc, &scalar_0x100), &i)
+            })
     }
 
-    fn from_le_bytes(bytes: &Self::Bytes) -> Self {
-        u64::from_le_bytes(*bytes).into()
+    fn from_le_bytes_mod_order(bytes: &[u8]) -> Self {
+        use generic_ec::core::{Additive, Multiplicative};
+
+        let scalar_0x100 = Scalar::from(0x100);
+        bytes
+            .iter()
+            .rev()
+            .map(|i| Scalar::from(u64::from(*i)))
+            .fold(Scalar::default(), |acc, i| {
+                Scalar::add(&Scalar::mul(&acc, &scalar_0x100), &i)
+            })
     }
 
     fn from_be_bytes_exact(bytes: &Self::Bytes) -> Option<Self> {
@@ -254,37 +271,3 @@ impl generic_ec::Curve for C {
     type ScalarArray = [u8; 8];
     type CoordinateArray = [u8; 8];
 }
-
-impl generic_ec::core::hash_to_curve::HashToCurve for C {
-    fn hash_to_curve(
-        tag: generic_ec::hash_to_curve::Tag,
-        msgs: &[&[u8]],
-    ) -> Result<Self::Point, generic_ec::core::Error> {
-        use sha2::Digest;
-        let mut digest = sha2::Sha256::new();
-        digest.update(tag.as_bytes());
-        for msg in msgs {
-            digest.update(msg);
-        }
-        let bytes = digest.finalize();
-        let bytes = bytes.as_slice()[0..8].try_into().unwrap();
-        let x = u64::from_be_bytes(bytes) % MODULO;
-        Ok(MillionRing(x))
-    }
-
-    fn hash_to_scalar(
-        tag: generic_ec::hash_to_curve::Tag,
-        msgs: &[&[u8]],
-    ) -> Result<Self::Scalar, generic_ec::core::Error> {
-        use sha2::Digest;
-        let mut digest = sha2::Sha256::new();
-        digest.update(tag.as_bytes());
-        for msg in msgs {
-            digest.update(msg);
-        }
-        let bytes = digest.finalize();
-        let bytes = bytes.as_slice()[0..8].try_into().unwrap();
-        let x = u64::from_be_bytes(bytes);
-        Ok(Scalar(x))
-    }
-}

src/group_element_vs_paillier_encryption_in_range.rs

@@ -314,7 +314,7 @@ pub mod non_interactive {
     /// deriving determenistic challenge.
     ///
     /// Obtained from the above interactive proof via Fiat-Shamir heuristic.
-    pub fn prove<C: Curve, R: RngCore, D: Digest>(
+    pub fn prove<C: Curve, R: RngCore, D>(
         shared_state: D,
         aux: &Aux,
         data: Data<C>,
@@ -332,7 +332,7 @@ pub mod non_interactive {
     }
 
     /// Verify the proof, deriving challenge independently from same data
-    pub fn verify<C: Curve, D: Digest>(
+    pub fn verify<C: Curve, D>(
         shared_state: D,
         aux: &Aux,
         data: Data<C>,
@@ -355,10 +355,7 @@ pub mod non_interactive {
         data: Data<C>,
         commitment: &Commitment<C>,
         security: &SecurityParams,
-    ) -> Challenge
-    where
-        D: Digest,
-    {
+    ) -> Challenge {
         let shared_state = shared_state.finalize();
         let hash = |d: D| {
             let order = rug::integer::Order::Msf;

src/lib.rs

@@ -1,5 +1,9 @@
 #![doc = include_str!("../README.md")]
 #![deny(clippy::disallowed_methods)]
+#![cfg_attr(
+    not(test),
+    deny(clippy::panic, clippy::unwrap_used, clippy::expect_used)
+)]
 
 use thiserror::Error;
 

src/paillier_affine_operation_in_range.rs

@@ -464,7 +464,7 @@ pub mod non_interactive {
     }
 
     /// Verify the proof, deriving challenge independently from same data
-    pub fn verify<C: Curve, D: Digest>(
+    pub fn verify<C: Curve, D>(
         shared_state: D,
         aux: &Aux,
         data: Data<C>,
@@ -480,7 +480,7 @@ pub mod non_interactive {
     }
 
     /// Deterministically compute challenge based on prior known values in protocol
-    pub fn challenge<C: Curve, D: Digest>(
+    pub fn challenge<C: Curve, D>(
         shared_state: D,
         aux: &Aux,
         data: Data<C>,