Skip to content

Commit

Permalink
tests for zupdate, array multiplexer, and blockxor
Browse files Browse the repository at this point in the history
  • Loading branch information
0xJepsen committed Sep 19, 2024
1 parent 4c1bb1f commit d262ebb
Show file tree
Hide file tree
Showing 2 changed files with 104 additions and 24 deletions.
45 changes: 24 additions & 21 deletions circuits/aes-gcm/nistgmul.circom
Original file line number Diff line number Diff line change
Expand Up @@ -101,19 +101,6 @@ template NistGMulBit() {
out <== Z;
}

template ArrayMux(n) {
signal input a[n]; // First input array
signal input b[n]; // Second input array
signal input sel; // Selector signal (0 or 1)
signal output out[n]; // Output array

for (var i = 0; i < n; i++) {
// If sel = 0, out[i] = b[i]
// If sel = 1, out[i] = a[i]
out[i] <== (a[i] - b[i]) * sel + b[i];
}
}

template NistGMulByte() {

signal input X[16];
Expand Down Expand Up @@ -152,23 +139,39 @@ template NistGMulByte() {

}

// TODO: Write a test for this
template z_i_update(bit_val) {
// if bit value is 0, then Z_new = Z
// if bit value is 1, then Z_new = Z xor V
template Z_I_UPDATE() {
signal input Z[16];
signal input V[16];
signal input bit_val;
signal output Z_new[16];

component mulx = Mulx();
mulx.s <== bit_val;
mulx.c[0] <== Z;
component mux = ArrayMux(16);
mux.sel <== bit_val;
mux.a <== Z;
component xorBlock = XORBLOCK();
xorBlock.a <== Z;
xorBlock.b <== V;
mulx.c[1] <== xorBlock.out;
Z_new <== mulx.out;
mux.b <== xorBlock.out;
Z_new <== mux.out;
}

// multiplexer for arrays of length n
template ArrayMux(n) {
signal input a[n]; // First input array
signal input b[n]; // Second input array
signal input sel; // Selector signal (0 or 1)
signal output out[n]; // Output array

for (var i = 0; i < n; i++) {
// If sel = 0, out[i] = a[i]
// If sel = 1, out[i] = b[i]
out[i] <== (b[i] - a[i]) * sel + a[i];
}
}

// TODO: Write a test for this
// XOR 16 bytes
template XORBLOCK(){
signal input a[16];
signal input b[16];
Expand Down
83 changes: 80 additions & 3 deletions circuits/test/gfmulint/nistgfmul.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -152,12 +152,12 @@ describe("BlockRightShift", () => {
it("Should Compute BlockRightShift Correctly", async () => {
let input = [0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
const expected = [0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
const _res = await circuit.expectPass({ in: input }, { out: expected, msb: 0 });
await circuit.expectPass({ in: input }, { out: expected, msb: 0 });
});
it("Should Compute BlockRightShift Correctly", async () => {
let input = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
const expected = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
const _res = await circuit.expectPass({ in: input }, { out: expected, msb: 1 });
await circuit.expectPass({ in: input }, { out: expected, msb: 1 });
});
});

Expand All @@ -175,6 +175,83 @@ describe("Mulx", () => {
it("Should Compute Mulx Correctly", async () => {
let input = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
const expected = [0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
const _res = await circuit.expectPass({ in: input }, { out: expected });
await circuit.expectPass({ in: input }, { out: expected });
});
});

describe("XORBLOCK", () => {
let circuit: WitnessTester<["a", "b"], ["out"]>;

before(async () => {
circuit = await circomkit.WitnessTester("XORBLOCK", {
file: "aes-gcm/nistgmul",
template: "XORBLOCK",
});
console.log("#constraints:", await circuit.getConstraintCount());
});
// msb is 1 so we xor the first byte with 0xE1
it("Should Compute block XOR Correctly", async () => {
let inputa = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let inputb = [0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
const expected = [0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
await circuit.expectPass({ a: inputa, b: inputb }, { out: expected });
});
});
describe("ArrayMux", () => {
let circuit: WitnessTester<["a", "b", "sel"], ["out"]>;

before(async () => {
circuit = await circomkit.WitnessTester("XORBLOCK", {
file: "aes-gcm/nistgmul",
template: "ArrayMux",
params: [16]
});
console.log("#constraints:", await circuit.getConstraintCount());
});
// msb is 1 so we xor the first byte with 0xE1
it("Should Compute selector mux Correctly", async () => {
let a= [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let b = [0xE1, 0xE1, 0xE1, 0xE1, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
let sel = 0x00;
let expected= [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
await circuit.expectPass({ a: a, b: b, sel: sel }, { out: expected });
});

it("Should Compute block XOR Correctly", async () => {
let a= [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let b = [0xE1, 0xE1, 0xE1, 0xE1, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
let sel = 0x01;
let expected= [0xE1, 0xE1, 0xE1, 0xE1, 0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
await circuit.expectPass({ a: a, b: b, sel: sel }, { out: expected });
});

});


describe("Z_I_UPDATE", () => {
let circuit: WitnessTester<["Z", "V", "bit_val"], ["Z_new"]>;

before(async () => {
circuit = await circomkit.WitnessTester("XORBLOCK", {
file: "aes-gcm/nistgmul",
template: "Z_I_UPDATE",
});
console.log("#constraints:", await circuit.getConstraintCount());
});
// msb is 1 so we xor the first byte with 0xE1
it("Should Compute block XOR Correctly", async () => {
let inputZ= [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let inputV = [0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
let inputc = 0x00;
let expected= [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
await circuit.expectPass({ Z: inputZ, V: inputV, bit_val: inputc }, { Z_new: expected });
});

it("Should Compute block XOR Correctly", async () => {
let inputa = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let inputb = [0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
let inputc = 0x01;
const expected = [0xE1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01];
await circuit.expectPass({ Z: inputa, V: inputb, bit_val: inputc }, { Z_new: expected });
});
});

0 comments on commit d262ebb

Please sign in to comment.