diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr index be847797a8b..64a8e09dc6d 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/header.nr @@ -5,7 +5,7 @@ use dep::protocol_types::{ scalar::Scalar, }; -use crate::keys::point_to_symmetric_key::point_to_symmetric_key; +use crate::keys::secret_derivation::derive_aes_secret; use std::aes128::aes128_encrypt; @@ -22,7 +22,7 @@ impl EncryptedLogHeader { where T: ToPoint, { - let full_key = point_to_symmetric_key(secret, pk.to_point()); + let full_key = derive_aes_secret(secret, pk.to_point()); let mut sym_key = [0; 16]; let mut iv = [0; 16]; diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr index 56d14f341bc..751d3c2d718 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/payload.nr @@ -14,7 +14,7 @@ use std::{ use crate::{ encrypted_logs::header::EncryptedLogHeader, - keys::point_to_symmetric_key::point_to_symmetric_key, + keys::secret_derivation::derive_aes_secret, oracle::{ notes::{get_app_tag_as_sender, increment_app_tagging_secret_index_as_sender}, random::random, @@ -208,7 +208,7 @@ pub fn compute_incoming_body_ciphertext( eph_sk: Scalar, address_point: AddressPoint, ) -> [u8] { - let full_key = point_to_symmetric_key(eph_sk, address_point.to_point()); + let full_key = derive_aes_secret(eph_sk, address_point.to_point()); let mut sym_key = [0; 16]; let mut iv = [0; 16]; diff --git a/noir-projects/aztec-nr/aztec/src/keys/mod.nr b/noir-projects/aztec-nr/aztec/src/keys/mod.nr index 41c1537855c..300d385ff49 100644 --- a/noir-projects/aztec-nr/aztec/src/keys/mod.nr +++ b/noir-projects/aztec-nr/aztec/src/keys/mod.nr @@ -1,3 +1,3 @@ pub mod constants; pub mod getters; -pub mod point_to_symmetric_key; +pub mod secret_derivation; diff --git a/noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr b/noir-projects/aztec-nr/aztec/src/keys/secret_derivation.nr similarity index 78% rename from noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr rename to noir-projects/aztec-nr/aztec/src/keys/secret_derivation.nr index 5f2fbfb911e..b49fa90a783 100644 --- a/noir-projects/aztec-nr/aztec/src/keys/point_to_symmetric_key.nr +++ b/noir-projects/aztec-nr/aztec/src/keys/secret_derivation.nr @@ -2,9 +2,7 @@ use crate::utils::point::point_to_bytes; use dep::protocol_types::{constants::GENERATOR_INDEX__SYMMETRIC_KEY, point::Point, scalar::Scalar}; use std::{embedded_curve_ops::multi_scalar_mul, hash::sha256}; -// TODO(#5726): This function is called deriveAESSecret in TS. I don't like point_to_symmetric_key name much since -// point is not the only input of the function. Unify naming with TS once we have a better name. -pub fn point_to_symmetric_key(secret: Scalar, point: Point) -> [u8; 32] { +pub fn derive_aes_secret(secret: Scalar, point: Point) -> [u8; 32] { let shared_secret = point_to_bytes(multi_scalar_mul([point], [secret])); let mut shared_secret_bytes_with_separator: [u8; 33] = std::mem::zeroed(); @@ -18,7 +16,7 @@ pub fn point_to_symmetric_key(secret: Scalar, point: Point) -> [u8; 32] { } #[test] -unconstrained fn test_point_to_symmetric_key_matches_noir() { +unconstrained fn test_derive_aes_secret_matches_noir() { // Value taken from "derive shared secret" test in encrypt_buffer.test.ts let secret = Scalar { lo: 0x00000000000000000000000000000000649e7ca01d9de27b21624098b897babd, @@ -30,7 +28,7 @@ unconstrained fn test_point_to_symmetric_key_matches_noir() { is_infinite: false, }; - let key = point_to_symmetric_key(secret, point); + let key = derive_aes_secret(secret, point); // The following value was generated by `encrypt_buffer.test.ts`. // --> Run the test with AZTEC_GENERATE_TEST_DATA=1 flag to update test data. diff --git a/yarn-project/circuit-types/src/logs/l1_payload/encryption_util.ts b/yarn-project/circuit-types/src/logs/l1_payload/encryption_util.ts index ed10ad06ff0..f8e447a6773 100644 --- a/yarn-project/circuit-types/src/logs/l1_payload/encryption_util.ts +++ b/yarn-project/circuit-types/src/logs/l1_payload/encryption_util.ts @@ -1,7 +1,7 @@ import { type GrumpkinScalar, type PublicKey } from '@aztec/circuits.js'; import { Aes128 } from '@aztec/circuits.js/barretenberg'; -import { deriveDiffieHellmanAESSecret } from './shared_secret_derivation.js'; +import { deriveAESSecret } from './shared_secret_derivation.js'; /** * Encrypts the plaintext using the secret key and public key @@ -16,7 +16,7 @@ export function encrypt( plaintext: Buffer, secret: GrumpkinScalar, publicKey: PublicKey, - deriveSecret: (secret: GrumpkinScalar, publicKey: PublicKey) => Buffer = deriveDiffieHellmanAESSecret, + deriveSecret: (secret: GrumpkinScalar, publicKey: PublicKey) => Buffer = deriveAESSecret, ): Buffer { const aesSecret = deriveSecret(secret, publicKey); const key = aesSecret.subarray(0, 16); @@ -38,7 +38,7 @@ export function decrypt( ciphertext: Buffer, secret: GrumpkinScalar, publicKey: PublicKey, - deriveSecret: (secret: GrumpkinScalar, publicKey: PublicKey) => Buffer = deriveDiffieHellmanAESSecret, + deriveSecret: (secret: GrumpkinScalar, publicKey: PublicKey) => Buffer = deriveAESSecret, ): Buffer { const aesSecret = deriveSecret(secret, publicKey); const key = aesSecret.subarray(0, 16); diff --git a/yarn-project/circuit-types/src/logs/l1_payload/shared_secret_derivation.ts b/yarn-project/circuit-types/src/logs/l1_payload/shared_secret_derivation.ts index f6714cfda09..00903bf43ba 100644 --- a/yarn-project/circuit-types/src/logs/l1_payload/shared_secret_derivation.ts +++ b/yarn-project/circuit-types/src/logs/l1_payload/shared_secret_derivation.ts @@ -13,10 +13,8 @@ import { numToUInt8 } from '@aztec/foundation/serialize'; * @param publicKey - The public key used to derive shared secret. * @returns A derived AES secret key. * @throws If the public key is zero. - * TODO(#5726): This function is called point_to_symmetric_key in Noir. I don't like that name much since point is not - * the only input of the function. Unify naming once we have a better name. */ -export function deriveDiffieHellmanAESSecret(secretKey: GrumpkinScalar, publicKey: PublicKey): Buffer { +export function deriveAESSecret(secretKey: GrumpkinScalar, publicKey: PublicKey): Buffer { if (publicKey.isZero()) { throw new Error( `Attempting to derive AES secret with a zero public key. You have probably passed a zero public key in your Noir code somewhere thinking that the note won't broadcasted... but it was.`,