-
Notifications
You must be signed in to change notification settings - Fork 3
/
evaluation.go
150 lines (120 loc) · 3.31 KB
/
evaluation.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
// SPDX-License-Identifier: MIT
//
// Copyright (C) 2024 Daniel Bourdrez. All Rights Reserved.
//
// This source code is licensed under the MIT license found in the
// LICENSE file in the root directory of this source tree or at
// https://spdx.org/licenses/MIT.html
package voprf
import (
"fmt"
group "github.com/bytemare/crypto"
)
// Evaluation holds the serialized evaluated elements and serialized proof.
type Evaluation struct {
// Elements represents the unique serialization of Elements
Elements [][]byte `json:"e"`
// Proofs
ProofC []byte `json:"c,omitempty"`
ProofS []byte `json:"s,omitempty"`
}
// Serialize returns a compact encoding of the Evaluation.
func (e *Evaluation) Serialize() []byte {
ne := len(e.Elements)
lp := len(e.Elements[0])
s := make([]byte, 0, 2+2+ne*lp)
s = append(s, i2osp2(ne)...)
s = append(s, i2osp2(lp)...)
for _, el := range e.Elements {
s = append(s, el...)
}
if e.ProofC != nil && e.ProofS != nil {
s = append(s, e.ProofC...)
s = append(s, e.ProofS...)
}
return s
}
// Deserialize decodes the input into the Evaluation.
func (e *Evaluation) Deserialize(input []byte) error {
length := len(input)
if length < 4 {
return errEvalSerDeMin
}
ne := int(uint16(input[1]) | uint16(input[0])<<8)
lp := int(uint16(input[3]) | uint16(input[2])<<8)
if length < 4+ne*lp {
return errEvalSerDeElements
}
e.Elements = make([][]byte, ne)
offset := 4
for i := 0; i < ne; i++ {
e.Elements[i] = make([]byte, lp)
copy(e.Elements[i], input[offset:offset+lp])
offset += lp
}
// if there's more than elements, there might be proof
if offset < length {
proof := input[offset:]
if len(proof)&1 == 1 {
return errEvalSerDeProofLen
}
offset = len(proof) / 2
e.ProofC = make([]byte, offset)
copy(e.ProofC, proof[:offset])
e.ProofS = make([]byte, offset)
copy(e.ProofS, proof[offset:])
}
return nil
}
// deserialize returns a structure with the internal representations of the evaluated elements and proofs.
func (e *Evaluation) deserialize(g group.Group) (*evaluation, error) {
eval := &evaluation{
proofC: nil,
proofS: nil,
elements: make([]*group.Element, len(e.Elements)),
}
for i, el := range e.Elements {
elm := g.NewElement()
if err := elm.Decode(el); err != nil {
return nil, fmt.Errorf("could not decode element : %w", err)
}
eval.elements[i] = elm
}
if len(e.ProofC) != 0 {
eval.proofC = g.NewScalar()
if err := eval.proofC.Decode(e.ProofC); err != nil {
return nil, fmt.Errorf("invalid c scalar proof: %w", err)
}
}
if len(e.ProofS) != 0 {
eval.proofS = g.NewScalar()
if err := eval.proofS.Decode(e.ProofS); err != nil {
return nil, fmt.Errorf("invalid c scalar proof: %w", err)
}
}
return eval, nil
}
// evaluation holds the evaluated elements and proofs in their internal representations.
type evaluation struct {
proofC *group.Scalar
proofS *group.Scalar
elements []*group.Element
}
// serialize the components of the evaluation into byte arrays to be exposed in API.
func (e *evaluation) serialize() *Evaluation {
ev := &Evaluation{
Elements: make([][]byte, len(e.elements)),
ProofC: nil,
ProofS: nil,
}
for i, el := range e.elements {
ev.Elements[i] = el.Encode()
}
if e.proofC != nil {
ev.ProofC = e.proofC.Encode()
}
if e.proofS != nil {
ev.ProofS = e.proofS.Encode()
}
return ev
}