Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

impl test for ghash, polyval #49

Merged
merged 22 commits into from
Aug 19, 2024
Merged

impl test for ghash, polyval #49

merged 22 commits into from
Aug 19, 2024

Conversation

thor314
Copy link
Contributor

@thor314 thor314 commented Aug 16, 2024

implement tests for ghash and polyval; see ref test vector in ietf spec. Tests should be both in terms of raw inputs to ghash/polyval, and testing implementations of polyval/ghash in terms of one another (relying on impl of mulx in #48)

that is, given code:

f ghash()
f polyval()

write tests:

# see spec for assertions
test ghash(input) -> output ...
test polyval(input) -> output ...

# see spec for how to impl ghash from polyval
test ghash_from_polyval {
  poly_out := polyval
  compute_ghash_from_polyval_using_mulx(...)
}
# repeat above for polyval_from_ghash

Closes #42
Closes #43

this pr does not implement ghash or polyval

@thor314 thor314 added the feature ⚡️ New feature or request label Aug 16, 2024
@thor314 thor314 self-assigned this Aug 16, 2024
@thor314
Copy link
Contributor Author

thor314 commented Aug 16, 2024

pausing for tonight. Status:

tasks: implement ghash

  • do: impl ghash using mulx
    • test bytereverse
    • impl bytereverse
    • tests for ghash
    • impl ghash
    • clean
  • do: polyval
    • tests for polyval
    • impl polyval
    • clean
  • comms
  • back
    • reduce repo unused codepaths - test/{gfmulint,ghash}
    • bug: ghash 256 bits returned

@devloper
Copy link
Contributor

🤯

@thor314 thor314 marked this pull request as draft August 16, 2024 19:22
let bits = hexToBitArray("01000000000000000000000000000000");
for (let i = 0; i < mulXTestVectors.length; i++) {
const expect = mulXTestVectors[i];
const _res = await circuit.compute({ in: bits }, ["out"]);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When working with @KaiGeffen we found that we can use circuit.expectPass({ in: TheInputVar }, { out: TheoutputVar });

to assert that the output is what we expect using the tools in curcomkit. This is nice because then you don't have to map the bits to the bigint like you do here

@thor314 thor314 changed the title ghash polyval impl test for ghash, polyval Aug 19, 2024
@thor314
Copy link
Contributor Author

thor314 commented Aug 19, 2024

Updating the remaining scope of this PR:

  • incorporate kai comments from 48 into 49
  • merge main
  • impl tests for polyval
  • impl tests for ghash/polyval in terms of one another, as spceified in ietf spec

next:

  • how should we impl galois field mul in circom <- the biggest focus for thor right now

@thor314 thor314 marked this pull request as ready for review August 19, 2024 23:18
@thor314 thor314 merged commit 96f3490 into main Aug 19, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature ⚡️ New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

test: polyval test: GHASH
4 participants