mirror of
https://github.com/monero-project/monero.git
synced 2026-06-12 11:01:34 -07:00
ringct: merge decodeRct and decodeRctSimple
This commit is contained in:
jeffro256
+2
-45
@@ -1541,18 +1541,9 @@ namespace rct {
|
||||
}
|
||||
}
|
||||
|
||||
//RingCT protocol
|
||||
//genRct:
|
||||
// creates an rctSig with all data necessary to verify the rangeProofs and that the signer owns one of the
|
||||
// columns that are claimed as inputs, and that the sum of inputs = sum of outputs.
|
||||
// Also contains masked "amount" and "mask" so the receiver can see how much they received
|
||||
//verRct:
|
||||
// verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct
|
||||
//decodeRct: (c.f. https://eprint.iacr.org/2015/1098 section 5.1.1)
|
||||
// uses the attached ecdh info to find the amounts represented by each output commitment
|
||||
// must know the destination private key to find the correct amount, else will return a random number
|
||||
xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask, hw::device &hwdev) {
|
||||
CHECK_AND_ASSERT_MES(rv.type == RCTTypeFull, false, "decodeRct called on non-full rctSig");
|
||||
CHECK_AND_ASSERT_MES(rv.type != RCTTypeNull && rv.type <= RCTTypeBulletproofPlus,
|
||||
false, "decodeRct called on unrecognized rctSig type");
|
||||
CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index");
|
||||
CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.ecdhInfo.size(), "Mismatched sizes of rv.outPk and rv.ecdhInfo");
|
||||
|
||||
@@ -1583,38 +1574,4 @@ namespace rct {
|
||||
key mask;
|
||||
return decodeRct(rv, sk, i, mask, hwdev);
|
||||
}
|
||||
|
||||
xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key &mask, hw::device &hwdev) {
|
||||
CHECK_AND_ASSERT_MES(rv.type == RCTTypeSimple || rv.type == RCTTypeBulletproof || rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus,
|
||||
false, "decodeRct called on non simple rctSig");
|
||||
CHECK_AND_ASSERT_THROW_MES(i < rv.ecdhInfo.size(), "Bad index");
|
||||
CHECK_AND_ASSERT_THROW_MES(rv.outPk.size() == rv.ecdhInfo.size(), "Mismatched sizes of rv.outPk and rv.ecdhInfo");
|
||||
|
||||
//mask amount and mask
|
||||
ecdhTuple ecdh_info = rv.ecdhInfo[i];
|
||||
hwdev.ecdhDecode(ecdh_info, sk, rv.type == RCTTypeBulletproof2 || rv.type == RCTTypeCLSAG || rv.type == RCTTypeBulletproofPlus);
|
||||
mask = ecdh_info.mask;
|
||||
key amount = ecdh_info.amount;
|
||||
key C = rv.outPk[i].mask;
|
||||
DP("C");
|
||||
DP(C);
|
||||
key Ctmp;
|
||||
CHECK_AND_ASSERT_THROW_MES(sc_check(mask.bytes) == 0, "warning, bad ECDH mask");
|
||||
CHECK_AND_ASSERT_THROW_MES(sc_check(amount.bytes) == 0, "warning, bad ECDH amount");
|
||||
addKeys2(Ctmp, mask, amount, H);
|
||||
DP("Ctmp");
|
||||
DP(Ctmp);
|
||||
if (equalKeys(C, Ctmp) == false) {
|
||||
CHECK_AND_ASSERT_THROW_MES(false, "warning, amount decoded incorrectly, will be unable to spend");
|
||||
}
|
||||
rct::xmr_amount amount_8;
|
||||
CHECK_AND_ASSERT_THROW_MES(h2d(amount_8, amount),
|
||||
"long decoded amount contains superfluous data");
|
||||
return amount_8;
|
||||
}
|
||||
|
||||
xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, hw::device &hwdev) {
|
||||
key mask;
|
||||
return decodeRctSimple(rv, sk, i, mask, hwdev);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -122,7 +122,7 @@ namespace rct {
|
||||
// verifies that all signatures (rangeProogs, MG sig, sum inputs = outputs) are correct
|
||||
//decodeRct: (c.f. https://eprint.iacr.org/2015/1098 section 5.1.1)
|
||||
// uses the attached ecdh info to find the amounts represented by each output commitment
|
||||
// must know the destination private key to find the correct amount, else will return a random number
|
||||
// must know the destination private key to find the correct amount, else will throw
|
||||
rctSig genRct(const key &message, const ctkeyV & inSk, const keyV & destinations, const std::vector<xmr_amount> & amounts, const ctkeyM &mixRing, const keyV &amount_keys, unsigned int index, ctkeyV &outSk, const RCTConfig &rct_config, hw::device &hwdev);
|
||||
rctSig genRct(const key &message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const std::vector<xmr_amount> & amounts, const keyV &amount_keys, const int mixin, const RCTConfig &rct_config, hw::device &hwdev);
|
||||
rctSig genRctSimple(const key & message, const ctkeyV & inSk, const ctkeyV & inPk, const keyV & destinations, const std::vector<xmr_amount> & inamounts, const std::vector<xmr_amount> & outamounts, const keyV &amount_keys, xmr_amount txnFee, unsigned int mixin, const RCTConfig &rct_config, hw::device &hwdev);
|
||||
@@ -135,8 +135,6 @@ namespace rct {
|
||||
static inline bool verRctSimple(const rctSig & rv) { return verRctSemanticsSimple(rv) && verRctNonSemanticsSimple(rv); }
|
||||
xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, key & mask, hw::device &hwdev);
|
||||
xmr_amount decodeRct(const rctSig & rv, const key & sk, unsigned int i, hw::device &hwdev);
|
||||
xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, key & mask, hw::device &hwdev);
|
||||
xmr_amount decodeRctSimple(const rctSig & rv, const key & sk, unsigned int i, hw::device &hwdev);
|
||||
key get_pre_mlsag_hash(const rctSig &rv, hw::device &hwdev);
|
||||
}
|
||||
#endif /* RCTSIGS_H */
|
||||
|
||||
@@ -2186,13 +2186,12 @@ static uint64_t decodeRct(const rct::rctSig & rv, const crypto::key_derivation &
|
||||
{
|
||||
switch (rv.type)
|
||||
{
|
||||
case rct::RCTTypeFull:
|
||||
case rct::RCTTypeSimple:
|
||||
case rct::RCTTypeBulletproof:
|
||||
case rct::RCTTypeBulletproof2:
|
||||
case rct::RCTTypeCLSAG:
|
||||
case rct::RCTTypeBulletproofPlus:
|
||||
return rct::decodeRctSimple(rv, rct::sk2rct(scalar1), i, mask, hwdev);
|
||||
case rct::RCTTypeFull:
|
||||
return rct::decodeRct(rv, rct::sk2rct(scalar1), i, mask, hwdev);
|
||||
default:
|
||||
LOG_ERROR("Unsupported rct type: " << rv.type);
|
||||
|
||||
@@ -157,11 +157,7 @@ bool gen_bpp_tx_validation_base::generate_with(std::vector<test_event_entry>& ev
|
||||
crypto::secret_key amount_key;
|
||||
crypto::derivation_to_scalar(derivation, o, amount_key);
|
||||
rct::key rct_tx_mask;
|
||||
const uint8_t type = rct_txes.back().rct_signatures.type;
|
||||
if (rct::is_rct_simple(type))
|
||||
rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
else
|
||||
rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
}
|
||||
|
||||
while (amounts_paid[0] != (size_t)-1)
|
||||
|
||||
@@ -157,11 +157,7 @@ bool gen_bp_tx_validation_base::generate_with(std::vector<test_event_entry>& eve
|
||||
crypto::secret_key amount_key;
|
||||
crypto::derivation_to_scalar(derivation, o, amount_key);
|
||||
rct::key rct_tx_mask;
|
||||
const uint8_t type = rct_txes.back().rct_signatures.type;
|
||||
if (rct::is_rct_simple(type))
|
||||
rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
else
|
||||
rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
}
|
||||
|
||||
while (amounts_paid[0] != (size_t)-1)
|
||||
|
||||
@@ -134,11 +134,7 @@ bool gen_rct_tx_validation_base::generate_with_full(std::vector<test_event_entry
|
||||
CHECK_AND_ASSERT_MES(r, false, "Failed to generate key derivation");
|
||||
crypto::secret_key amount_key;
|
||||
crypto::derivation_to_scalar(derivation, o, amount_key);
|
||||
const uint8_t type = rct_txes[n].rct_signatures.type;
|
||||
if (rct::is_rct_simple(type))
|
||||
rct::decodeRctSimple(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4], hw::get_device("default"));
|
||||
else
|
||||
rct::decodeRct(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4], hw::get_device("default"));
|
||||
rct::decodeRct(rct_txes[n].rct_signatures, rct::sk2rct(amount_key), o, rct_tx_masks[o+n*4], hw::get_device("default"));
|
||||
}
|
||||
|
||||
uint64_t fee = 0;
|
||||
|
||||
@@ -157,11 +157,7 @@ bool gen_rct2_tx_validation_base::generate_with(std::vector<test_event_entry>& e
|
||||
crypto::secret_key amount_key;
|
||||
crypto::derivation_to_scalar(derivation, o, amount_key);
|
||||
rct::key rct_tx_mask;
|
||||
const uint8_t type = rct_txes.back().rct_signatures.type;
|
||||
if (rct::is_rct_simple(type))
|
||||
rct::decodeRctSimple(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
else
|
||||
rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
rct::decodeRct(rct_txes.back().rct_signatures, rct::sk2rct(amount_key), o, rct_tx_mask, hw::get_device("default"));
|
||||
}
|
||||
|
||||
while (amounts_paid[0] != (size_t)-1)
|
||||
|
||||
@@ -138,7 +138,7 @@ TEST(bulletproofs, multi_splitting)
|
||||
for (size_t i = 0; i < n_outputs; ++i)
|
||||
{
|
||||
rct::key mask;
|
||||
rct::decodeRctSimple(s, amount_keys[i], i, mask, hw::get_device("default"));
|
||||
rct::decodeRct(s, amount_keys[i], i, mask, hw::get_device("default"));
|
||||
ASSERT_TRUE(mask == outSk[i].mask);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -351,7 +351,7 @@ TEST(ringct, range_proofs)
|
||||
ASSERT_TRUE(verRctSimple(s));
|
||||
|
||||
//decode received amount
|
||||
decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
|
||||
// Ring CT with failing MG sig part should not verify!
|
||||
// Since sum of inputs != outputs
|
||||
@@ -368,7 +368,7 @@ TEST(ringct, range_proofs)
|
||||
ASSERT_FALSE(verRctSimple(s));
|
||||
|
||||
//decode received amount
|
||||
decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
}
|
||||
|
||||
TEST(ringct, range_proofs_with_fee)
|
||||
@@ -416,7 +416,7 @@ TEST(ringct, range_proofs_with_fee)
|
||||
ASSERT_TRUE(verRctSimple(s));
|
||||
|
||||
//decode received amount
|
||||
decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
|
||||
// Ring CT with failing MG sig part should not verify!
|
||||
// Since sum of inputs != outputs
|
||||
@@ -433,7 +433,7 @@ TEST(ringct, range_proofs_with_fee)
|
||||
ASSERT_FALSE(verRctSimple(s));
|
||||
|
||||
//decode received amount
|
||||
decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
}
|
||||
|
||||
TEST(ringct, simple)
|
||||
@@ -492,7 +492,7 @@ TEST(ringct, simple)
|
||||
ASSERT_TRUE(verRctSimple(s));
|
||||
|
||||
//decode received amount corresponding to output pubkey index 1
|
||||
decodeRctSimple(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
decodeRct(s, amount_keys[1], 1, mask, hw::get_device("default"));
|
||||
}
|
||||
|
||||
static rct::rctSig make_sample_rct_sig(int n_inputs, const uint64_t input_amounts[], int n_outputs, const uint64_t output_amounts[], bool last_is_fee)
|
||||
|
||||
Reference in New Issue
Block a user