diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index 53d5c5779..5132a4fa9 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -1541,18 +1541,9 @@ namespace rct { } } - //RingCT protocol - //genRct: - // creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the - // columns that are claimed as inputs, and that the sum of inputs = sum of outputs. - // Also contains masked "amount" and "mask" so the receiver can see how much they received - //verRct: - // verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct - //decodeRct: (c.f. https://eprint.iacr.org/2015/1098 section 5.1.1) - // uses the attached ecdh info to find the amounts represented by each output commitment - // must know the destination private key to find the correct amount, else will return a random number xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask, hw::device &hwdev) { - CHECK_AND_ASSERT_MES(rv.type == RCTTypeFull, false, "decodeRct called on non-full rctSig"); + CHECK_AND_ASSERT_MES(rv.type != RCTTypeNull && rv.type <= RCTTypeBulletproofPlus, + false, "decodeRct called on unrecognized rctSig type"); CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index"); CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.ecdhInfo.size(), "Mismatched sizes of rv.outPk and rv.ecdhInfo"); @@ -1583,38 +1574,4 @@ namespace rct { key mask; return decodeRct(rv, sk, i, mask, hwdev); } - - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask, hw::device &hwdev) { - CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus, - false, "decodeRct called on non simple rctSig"); - CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index"); - CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.ecdhInfo.size(), "Mismatched sizes of rv.outPk and rv.ecdhInfo"); - - //mask amount and mask - ecdhTuple ecdh_info = rv.ecdhInfo[i]; - hwdev.ecdhDecode(ecdh_info, sk, rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus); - mask = ecdh_info.mask; - key amount = ecdh_info.amount; - key C = rv.outPk[i].mask; - DP("C"); - DP(C); - key Ctmp; - CHECK_AND_ASSERT_THROW_MES(sc_check(mask.bytes) == 0, "warning, bad ECDH mask"); - CHECK_AND_ASSERT_THROW_MES(sc_check(amount.bytes) == 0, "warning, bad ECDH amount"); - addKeys2(Ctmp, mask, amount, H); - DP("Ctmp"); - DP(Ctmp); - if (equalKeys(C, Ctmp) == false) { - CHECK_AND_ASSERT_THROW_MES(false, "warning, amount decoded incorrectly, will be unable to spend"); - } - rct::xmr_amount amount_8; - CHECK_AND_ASSERT_THROW_MES(h2d(amount_8, amount), - "long decoded amount contains superfluous data"); - return amount_8; - } - - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, hw::device &hwdev) { - key mask; - return decodeRctSimple(rv, sk, i, mask, hwdev); - } } diff --git a/src/ringct/rctSigs.h b/src/ringct/rctSigs.h index 00cd6fc7d..3b7011d01 100644 --- a/src/ringct/rctSigs.h +++ b/src/ringct/rctSigs.h @@ -122,7 +122,7 @@ namespace rct { // verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct //decodeRct: (c.f. https://eprint.iacr.org/2015/1098 section 5.1.1) // uses the attached ecdh info to find the amounts represented by each output commitment - // must know the destination private key to find the correct amount, else will return a random number + // must know the destination private key to find the correct amount, else will throw rctSig genRct(const key &message, const ctkeyV & inSk, const keyV & destinations, const std::vector & amounts, const ctkeyM &mixRing, const keyV &amount_keys, unsigned int index, ctkeyV &outSk, const RCTConfig &rct_config, hw::device &hwdev); rctSig genRct(const key &message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const std::vector & amounts, const keyV &amount_keys, const int mixin, const RCTConfig &rct_config, hw::device &hwdev); rctSig genRctSimple(const key & message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const std::vector & inamounts, const std::vector & outamounts, const keyV &amount_keys, xmr_amount txnFee, unsigned int mixin, const RCTConfig &rct_config, hw::device &hwdev); @@ -135,8 +135,6 @@ namespace rct { static inline bool verRctSimple(const rctSig & rv) { return verRctSemanticsSimple(rv) && verRctNonSemanticsSimple(rv); } xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask, hw::device &hwdev); xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, hw::device &hwdev); - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key & mask, hw::device &hwdev); - xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, hw::device &hwdev); key get_pre_mlsag_hash(const rctSig &rv, hw::device &hwdev); } #endif /* RCTSIGS_H */ diff --git a/src/wallet/wallet2.cpp b/src/wallet/wallet2.cpp index d80dd578d..e7b8b817a 100644 --- a/src/wallet/wallet2.cpp +++ b/src/wallet/wallet2.cpp @@ -2186,13 +2186,12 @@ static uint64_t decodeRct(const rct::rctSig & rv, const crypto::key_derivation & { switch (rv.type) { + case rct::RCTTypeFull: case rct::RCTTypeSimple: case rct::RCTTypeBulletproof: case rct::RCTTypeBulletproof2: case rct::RCTTypeCLSAG: case rct::RCTTypeBulletproofPlus: - return rct::decodeRctSimple(rv, rct::sk2rct(scalar1), i, mask, hwdev); - case rct::RCTTypeFull: return rct::decodeRct(rv, rct::sk2rct(scalar1), i, mask, hwdev); default: LOG_ERROR("Unsupported rct type: " << rv.type); diff --git a/tests/core_tests/bulletproof_plus.cpp b/tests/core_tests/bulletproof_plus.cpp index b829bcf06..513cd5c2d 100644 --- a/tests/core_tests/bulletproof_plus.cpp +++ b/tests/core_tests/bulletproof_plus.cpp @@ -157,11 +157,7 @@ bool gen_bpp_tx_validation_base::generate_with(std::vector& ev crypto::secret_key amount_key; crypto::derivation_to_scalar(derivation, o, amount_key); rct::key rct_tx_mask; - const uint8_t type = rct_txes.back().rct_signatures.type; - if (rct::is_rct_simple(type)) - rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); - else - rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); + rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); } while (amounts_paid[0] != (size_t)-1) diff --git a/tests/core_tests/bulletproofs.cpp b/tests/core_tests/bulletproofs.cpp index 784580541..841ec3a29 100644 --- a/tests/core_tests/bulletproofs.cpp +++ b/tests/core_tests/bulletproofs.cpp @@ -157,11 +157,7 @@ bool gen_bp_tx_validation_base::generate_with(std::vector& eve crypto::secret_key amount_key; crypto::derivation_to_scalar(derivation, o, amount_key); rct::key rct_tx_mask; - const uint8_t type = rct_txes.back().rct_signatures.type; - if (rct::is_rct_simple(type)) - rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); - else - rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); + rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); } while (amounts_paid[0] != (size_t)-1) diff --git a/tests/core_tests/rct.cpp b/tests/core_tests/rct.cpp index ed9584aa1..5e68d1c6c 100644 --- a/tests/core_tests/rct.cpp +++ b/tests/core_tests/rct.cpp @@ -134,11 +134,7 @@ bool gen_rct_tx_validation_base::generate_with_full(std::vector& e crypto::secret_key amount_key; crypto::derivation_to_scalar(derivation, o, amount_key); rct::key rct_tx_mask; - const uint8_t type = rct_txes.back().rct_signatures.type; - if (rct::is_rct_simple(type)) - rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); - else - rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); + rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default")); } while (amounts_paid[0] != (size_t)-1) diff --git a/tests/unit_tests/bulletproofs.cpp b/tests/unit_tests/bulletproofs.cpp index 12d8fd131..5d8d4d38a 100644 --- a/tests/unit_tests/bulletproofs.cpp +++ b/tests/unit_tests/bulletproofs.cpp @@ -138,7 +138,7 @@ TEST(bulletproofs, multi_splitting) for (size_t i = 0; i < n_outputs; ++i) { rct::key mask; - rct::decodeRctSimple(s, amount_keys[i], i, mask, hw::get_device("default")); + rct::decodeRct(s, amount_keys[i], i, mask, hw::get_device("default")); ASSERT_TRUE(mask == outSk[i].mask); } } diff --git a/tests/unit_tests/ringct.cpp b/tests/unit_tests/ringct.cpp index e2476f4dc..f82b5371f 100644 --- a/tests/unit_tests/ringct.cpp +++ b/tests/unit_tests/ringct.cpp @@ -351,7 +351,7 @@ TEST(ringct, range_proofs) ASSERT_TRUE(verRctSimple(s)); //decode received amount - decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default")); + decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default")); // Ring CT with failing MG sig part should not verify! // Since sum of inputs != outputs @@ -368,7 +368,7 @@ TEST(ringct, range_proofs) ASSERT_FALSE(verRctSimple(s)); //decode received amount - decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default")); + decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default")); } TEST(ringct, range_proofs_with_fee) @@ -416,7 +416,7 @@ TEST(ringct, range_proofs_with_fee) ASSERT_TRUE(verRctSimple(s)); //decode received amount - decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default")); + decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default")); // Ring CT with failing MG sig part should not verify! // Since sum of inputs != outputs @@ -433,7 +433,7 @@ TEST(ringct, range_proofs_with_fee) ASSERT_FALSE(verRctSimple(s)); //decode received amount - decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default")); + decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default")); } TEST(ringct, simple) @@ -492,7 +492,7 @@ TEST(ringct, simple) ASSERT_TRUE(verRctSimple(s)); //decode received amount corresponding to output pubkey index 1 - decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default")); + decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default")); } static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], bool last_is_fee)