Skip to content

Commit

Permalink
Fix field elements validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@AllFi
AllFi committed Dec 4, 2023
1 parent 575fe99 commit e6b7c96
Show file tree
Hide file tree
Showing 8 changed files with 28 additions and 43 deletions.
15 changes: 0 additions & 15 deletions crypto/src/main/java/org/tron/common/crypto/zksnark/BN128.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -220,21 +220,6 @@ public boolean isZero() {
return z.isZero();
}

protected boolean isValid() {

// check whether coordinates belongs to the Field
if (!x.isValid() || !y.isValid() || !z.isValid()) {
return false;
}

// check whether point is on the curve
if (!isOnCurve()) {
return false;
}

return true;
}

@Override
public String toString() {
return String.format("(%s; %s; %s)", x.toString(), y.toString(), z.toString());
Expand Down
7 changes: 6 additions & 1 deletion crypto/src/main/java/org/tron/common/crypto/zksnark/BN128Fp.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,11 @@ public static BN128<Fp> create(byte[] xx, byte[] yy) {
Fp x = Fp.create(xx);
Fp y = Fp.create(yy);

if (x == null || y == null) {
// It means that one or both coordinates are not elements of Fp
return null;
}

// check for point at infinity
if (x.isZero() && y.isZero()) {
return ZERO;
Expand All @@ -55,7 +60,7 @@ public static BN128<Fp> create(byte[] xx, byte[] yy) {
BN128<Fp> p = new BN128Fp(x, y, Fp._1);

// check whether point is a valid one
if (p.isValid()) {
if (p.isOnCurve()) {
return p;
} else {
return null;
Expand Down
7 changes: 6 additions & 1 deletion crypto/src/main/java/org/tron/common/crypto/zksnark/BN128Fp2.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,11 @@ public static BN128<Fp2> create(byte[] aa, byte[] bb, byte[] cc, byte[] dd) {
Fp2 x = Fp2.create(aa, bb);
Fp2 y = Fp2.create(cc, dd);

if (x == null || y == null) {
// It means that one or both coordinates are not elements of Fp
return null;
}

// check for point at infinity
if (x.isZero() && y.isZero()) {
return ZERO;
Expand All @@ -60,7 +65,7 @@ public static BN128<Fp2> create(byte[] aa, byte[] bb, byte[] cc, byte[] dd) {
BN128<Fp2> p = new BN128Fp2(x, y, Fp2._1);

// check whether point is a valid one
if (p.isValid()) {
if (p.isOnCurve()) {
return p;
} else {
return null;
Expand Down
2 changes: 0 additions & 2 deletions crypto/src/main/java/org/tron/common/crypto/zksnark/Field.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,4 @@ interface Field<T> {
T negate();

boolean isZero();

boolean isValid();
}
19 changes: 10 additions & 9 deletions crypto/src/main/java/org/tron/common/crypto/zksnark/Fp.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,10 +84,19 @@ public class Fp implements Field<Fp> {
}

static Fp create(byte[] v) {
return new Fp(toMontgomery(new BigInteger(1, v)));
BigInteger value = new BigInteger(1, v);
if (value.compareTo(P) >= 0) {
// Only the values less than P are valid
return null;
}
return new Fp(toMontgomery(value));
}

static Fp create(BigInteger v) {
if (v.compareTo(P) >= 0) {
// Only the values less than P are valid
return null;
}
return new Fp(toMontgomery(v));
}

Expand Down Expand Up @@ -133,14 +142,6 @@ public boolean isZero() {
return v.compareTo(BigInteger.ZERO) == 0;
}

/**
* Checks if provided value is a valid Fp member
*/
@Override
public boolean isValid() {
return v.compareTo(P) < 0;
}

Fp2 mul(Fp2 o) {
return new Fp2(o.a.mul(this), o.b.mul(this));
}
Expand Down
5 changes: 0 additions & 5 deletions crypto/src/main/java/org/tron/common/crypto/zksnark/Fp12.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -233,11 +233,6 @@ public boolean isZero() {
return this.equals(ZERO);
}

@Override
public boolean isValid() {
return a.isValid() && b.isValid();
}

Fp12 frobeniusMap(int power) {

Fp6 ra = a.frobeniusMap(power);
Expand Down
11 changes: 6 additions & 5 deletions crypto/src/main/java/org/tron/common/crypto/zksnark/Fp2.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,9 @@ static Fp2 create(BigInteger aa, BigInteger bb) {

Fp a = Fp.create(aa);
Fp b = Fp.create(bb);
if (a == null || b == null) {
return null;
}

return new Fp2(a, b);
}
Expand All @@ -68,6 +71,9 @@ static Fp2 create(byte[] aa, byte[] bb) {

Fp a = Fp.create(aa);
Fp b = Fp.create(bb);
if (a == null || b == null) {
return null;
}

return new Fp2(a, b);
}
Expand Down Expand Up @@ -139,11 +145,6 @@ public boolean isZero() {
return this.equals(ZERO);
}

@Override
public boolean isValid() {
return a.isValid() && b.isValid();
}

@Override
public boolean equals(Object o) {
if (this == o) {
Expand Down
5 changes: 0 additions & 5 deletions crypto/src/main/java/org/tron/common/crypto/zksnark/Fp6.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,11 +211,6 @@ public boolean isZero() {
return this.equals(ZERO);
}

@Override
public boolean isValid() {
return a.isValid() && b.isValid() && c.isValid();
}

Fp6 frobeniusMap(int power) {

Fp2 ra = a.frobeniusMap(power);
Expand Down

0 comments on commit e6b7c96

Please sign in to comment.