From 85adaa5ee44cf8c2a68a3965ab895b57f07707b2 Mon Sep 17 00:00:00 2001 From: Jamie Date: Fri, 15 Nov 2024 16:49:46 +0800 Subject: [PATCH] chore: bump to bazel 7 and cleanup examples --- .bazelversion | 2 +- MODULE.bazel | 6 + MODULE.bazel.lock | 110 +++++++ WORKSPACE | 7 + bazel/repositories.bzl | 9 + examples/.bazelrc | 41 --- examples/.bazelversion | 1 - examples/BUILD.bazel | 13 - examples/WORKSPACE | 63 ---- examples/hesm2/BUILD.bazel | 40 --- examples/hesm2/README.md | 99 ------ examples/hesm2/ahesm2.cc | 374 ----------------------- examples/hesm2/ahesm2.h | 42 --- examples/hesm2/ciphertext.h | 35 --- examples/hesm2/config.cc | 74 ----- examples/hesm2/config.h | 39 --- examples/hesm2/main.cc | 72 ----- examples/hesm2/private_key.h | 54 ---- examples/hesm2/public_key.h | 39 --- examples/hesm2/t1.h | 160 ---------- examples/hesm2/t2.h | 118 ------- examples/psi/BUILD.bazel | 20 -- examples/psi/cpp/BUILD.bazel | 52 ---- examples/psi/cpp/ecdh_psi.cc | 73 ----- examples/psi/cpp/ecdh_psi.h | 72 ----- examples/psi/cpp/ecdh_psi_main.cc | 163 ---------- examples/psi/cpp/ecdh_psi_test.cc | 157 ---------- examples/psi/cpp/main_utils.h | 73 ----- examples/psi/data/data_a.csv | 11 - examples/psi/data/data_b.csv | 9 - examples/psi/java/BUILD.bazel | 76 ----- examples/psi/java/EcdhPsi.java | 61 ---- examples/psi/java/EcdhPsiTest.java | 72 ----- examples/psi/java/ecdh_psi_jni.cc | 101 ------ examples/psi/java/jni_wrappers.h | 81 ----- examples/psi/python/BUILD.bazel | 66 ---- examples/psi/python/ecdh_psi.py | 26 -- examples/psi/python/ecdh_psi_pybind.cc | 42 --- examples/psi/python/ecdh_psi_pybind.h | 85 ------ examples/psi/python/ecdh_psi_test.py | 46 --- examples/psi/python/exported_symbols.lds | 1 - examples/psi/python/version_script.lds | 9 - examples/psu/BUILD.bazel | 46 --- examples/psu/krtw19_psu.cc | 246 --------------- examples/psu/krtw19_psu.h | 52 ---- examples/psu/krtw19_psu_test.cc | 100 ------ examples/repositories.bzl | 48 --- examples/zkp/BUILD.bazel | 82 ----- examples/zkp/pedersen_commit.h | 108 ------- examples/zkp/pedersen_commit_test.cc | 66 ---- examples/zkp/sigma.cc | 302 ------------------ examples/zkp/sigma.h | 220 ------------- examples/zkp/sigma_config.cc | 144 --------- examples/zkp/sigma_config.h | 138 --------- examples/zkp/sigma_owh.cc | 114 ------- examples/zkp/sigma_owh.h | 46 --- examples/zkp/sigma_test.cc | 158 ---------- yacl/crypto/rand/drbg/openssl_factory.cc | 4 +- 58 files changed, 134 insertions(+), 4434 deletions(-) create mode 100644 MODULE.bazel create mode 100644 MODULE.bazel.lock delete mode 100644 examples/.bazelrc delete mode 100644 examples/.bazelversion delete mode 100644 examples/BUILD.bazel delete mode 100644 examples/WORKSPACE delete mode 100644 examples/hesm2/BUILD.bazel delete mode 100644 examples/hesm2/README.md delete mode 100644 examples/hesm2/ahesm2.cc delete mode 100644 examples/hesm2/ahesm2.h delete mode 100644 examples/hesm2/ciphertext.h delete mode 100644 examples/hesm2/config.cc delete mode 100644 examples/hesm2/config.h delete mode 100644 examples/hesm2/main.cc delete mode 100644 examples/hesm2/private_key.h delete mode 100644 examples/hesm2/public_key.h delete mode 100644 examples/hesm2/t1.h delete mode 100644 examples/hesm2/t2.h delete mode 100644 examples/psi/BUILD.bazel delete mode 100644 examples/psi/cpp/BUILD.bazel delete mode 100644 examples/psi/cpp/ecdh_psi.cc delete mode 100644 examples/psi/cpp/ecdh_psi.h delete mode 100644 examples/psi/cpp/ecdh_psi_main.cc delete mode 100644 examples/psi/cpp/ecdh_psi_test.cc delete mode 100644 examples/psi/cpp/main_utils.h delete mode 100644 examples/psi/data/data_a.csv delete mode 100644 examples/psi/data/data_b.csv delete mode 100644 examples/psi/java/BUILD.bazel delete mode 100644 examples/psi/java/EcdhPsi.java delete mode 100644 examples/psi/java/EcdhPsiTest.java delete mode 100644 examples/psi/java/ecdh_psi_jni.cc delete mode 100644 examples/psi/java/jni_wrappers.h delete mode 100644 examples/psi/python/BUILD.bazel delete mode 100644 examples/psi/python/ecdh_psi.py delete mode 100644 examples/psi/python/ecdh_psi_pybind.cc delete mode 100644 examples/psi/python/ecdh_psi_pybind.h delete mode 100644 examples/psi/python/ecdh_psi_test.py delete mode 100644 examples/psi/python/exported_symbols.lds delete mode 100644 examples/psi/python/version_script.lds delete mode 100644 examples/psu/BUILD.bazel delete mode 100644 examples/psu/krtw19_psu.cc delete mode 100644 examples/psu/krtw19_psu.h delete mode 100644 examples/psu/krtw19_psu_test.cc delete mode 100644 examples/repositories.bzl delete mode 100644 examples/zkp/BUILD.bazel delete mode 100644 examples/zkp/pedersen_commit.h delete mode 100644 examples/zkp/pedersen_commit_test.cc delete mode 100644 examples/zkp/sigma.cc delete mode 100644 examples/zkp/sigma.h delete mode 100644 examples/zkp/sigma_config.cc delete mode 100644 examples/zkp/sigma_config.h delete mode 100644 examples/zkp/sigma_owh.cc delete mode 100644 examples/zkp/sigma_owh.h delete mode 100644 examples/zkp/sigma_test.cc diff --git a/.bazelversion b/.bazelversion index f22d756..815da58 100644 --- a/.bazelversion +++ b/.bazelversion @@ -1 +1 @@ -6.5.0 +7.4.1 diff --git a/MODULE.bazel b/MODULE.bazel new file mode 100644 index 0000000..00bb183 --- /dev/null +++ b/MODULE.bazel @@ -0,0 +1,6 @@ +############################################################################### +# Bazel now uses Bzlmod by default to manage external dependencies. +# Please consider migrating your external dependencies from WORKSPACE to MODULE.bazel. +# +# For more details, please check https://github.com/bazelbuild/bazel/issues/18958 +############################################################################### diff --git a/MODULE.bazel.lock b/MODULE.bazel.lock new file mode 100644 index 0000000..d62a47c --- /dev/null +++ b/MODULE.bazel.lock @@ -0,0 +1,110 @@ +{ + "lockFileVersion": 11, + "registryFileHashes": { + "https://bcr.bazel.build/bazel_registry.json": "8a28e4aff06ee60aed2a8c281907fb8bcbf3b753c91fb5a5c57da3215d5b3497", + "https://bcr.bazel.build/modules/abseil-cpp/20210324.2/MODULE.bazel": "7cd0312e064fde87c8d1cd79ba06c876bd23630c83466e9500321be55c96ace2", + "https://bcr.bazel.build/modules/abseil-cpp/20211102.0/MODULE.bazel": "70390338f7a5106231d20620712f7cccb659cd0e9d073d1991c038eb9fc57589", + "https://bcr.bazel.build/modules/abseil-cpp/20211102.0/source.json": "7e3a9adf473e9af076ae485ed649d5641ad50ec5c11718103f34de03170d94ad", + "https://bcr.bazel.build/modules/apple_support/1.5.0/MODULE.bazel": "50341a62efbc483e8a2a6aec30994a58749bd7b885e18dd96aa8c33031e558ef", + "https://bcr.bazel.build/modules/apple_support/1.5.0/source.json": "eb98a7627c0bc486b57f598ad8da50f6625d974c8f723e9ea71bd39f709c9862", + "https://bcr.bazel.build/modules/bazel_features/1.11.0/MODULE.bazel": "f9382337dd5a474c3b7d334c2f83e50b6eaedc284253334cf823044a26de03e8", + "https://bcr.bazel.build/modules/bazel_features/1.11.0/source.json": "c9320aa53cd1c441d24bd6b716da087ad7e4ff0d9742a9884587596edfe53015", + "https://bcr.bazel.build/modules/bazel_skylib/1.0.3/MODULE.bazel": "bcb0fd896384802d1ad283b4e4eb4d718eebd8cb820b0a2c3a347fb971afd9d8", + "https://bcr.bazel.build/modules/bazel_skylib/1.2.1/MODULE.bazel": "f35baf9da0efe45fa3da1696ae906eea3d615ad41e2e3def4aeb4e8bc0ef9a7a", + "https://bcr.bazel.build/modules/bazel_skylib/1.3.0/MODULE.bazel": "20228b92868bf5cfc41bda7afc8a8ba2a543201851de39d990ec957b513579c5", + "https://bcr.bazel.build/modules/bazel_skylib/1.6.1/MODULE.bazel": "8fdee2dbaace6c252131c00e1de4b165dc65af02ea278476187765e1a617b917", + "https://bcr.bazel.build/modules/bazel_skylib/1.6.1/source.json": "082ed5f9837901fada8c68c2f3ddc958bb22b6d654f71dd73f3df30d45d4b749", + "https://bcr.bazel.build/modules/buildozer/7.1.2/MODULE.bazel": "2e8dd40ede9c454042645fd8d8d0cd1527966aa5c919de86661e62953cd73d84", + "https://bcr.bazel.build/modules/buildozer/7.1.2/source.json": "c9028a501d2db85793a6996205c8de120944f50a0d570438fcae0457a5f9d1f8", + "https://bcr.bazel.build/modules/googletest/1.11.0/MODULE.bazel": "3a83f095183f66345ca86aa13c58b59f9f94a2f81999c093d4eeaa2d262d12f4", + "https://bcr.bazel.build/modules/googletest/1.11.0/source.json": "c73d9ef4268c91bd0c1cd88f1f9dfa08e814b1dbe89b5f594a9f08ba0244d206", + "https://bcr.bazel.build/modules/platforms/0.0.4/MODULE.bazel": "9b328e31ee156f53f3c416a64f8491f7eb731742655a47c9eec4703a71644aee", + "https://bcr.bazel.build/modules/platforms/0.0.5/MODULE.bazel": "5733b54ea419d5eaf7997054bb55f6a1d0b5ff8aedf0176fef9eea44f3acda37", + "https://bcr.bazel.build/modules/platforms/0.0.6/MODULE.bazel": "ad6eeef431dc52aefd2d77ed20a4b353f8ebf0f4ecdd26a807d2da5aa8cd0615", + "https://bcr.bazel.build/modules/platforms/0.0.7/MODULE.bazel": "72fd4a0ede9ee5c021f6a8dd92b503e089f46c227ba2813ff183b71616034814", + "https://bcr.bazel.build/modules/platforms/0.0.9/MODULE.bazel": "4a87a60c927b56ddd67db50c89acaa62f4ce2a1d2149ccb63ffd871d5ce29ebc", + "https://bcr.bazel.build/modules/platforms/0.0.9/source.json": "cd74d854bf16a9e002fb2ca7b1a421f4403cda29f824a765acd3a8c56f8d43e6", + "https://bcr.bazel.build/modules/protobuf/21.7/MODULE.bazel": "a5a29bb89544f9b97edce05642fac225a808b5b7be74038ea3640fae2f8e66a7", + "https://bcr.bazel.build/modules/protobuf/21.7/source.json": "bbe500720421e582ff2d18b0802464205138c06056f443184de39fbb8187b09b", + "https://bcr.bazel.build/modules/protobuf/3.19.0/MODULE.bazel": "6b5fbb433f760a99a22b18b6850ed5784ef0e9928a72668b66e4d7ccd47db9b0", + "https://bcr.bazel.build/modules/protobuf/3.19.6/MODULE.bazel": "9233edc5e1f2ee276a60de3eaa47ac4132302ef9643238f23128fea53ea12858", + "https://bcr.bazel.build/modules/rules_cc/0.0.1/MODULE.bazel": "cb2aa0747f84c6c3a78dad4e2049c154f08ab9d166b1273835a8174940365647", + "https://bcr.bazel.build/modules/rules_cc/0.0.2/MODULE.bazel": "6915987c90970493ab97393024c156ea8fb9f3bea953b2f3ec05c34f19b5695c", + "https://bcr.bazel.build/modules/rules_cc/0.0.8/MODULE.bazel": "964c85c82cfeb6f3855e6a07054fdb159aced38e99a5eecf7bce9d53990afa3e", + "https://bcr.bazel.build/modules/rules_cc/0.0.9/MODULE.bazel": "836e76439f354b89afe6a911a7adf59a6b2518fafb174483ad78a2a2fde7b1c5", + "https://bcr.bazel.build/modules/rules_cc/0.0.9/source.json": "1f1ba6fea244b616de4a554a0f4983c91a9301640c8fe0dd1d410254115c8430", + "https://bcr.bazel.build/modules/rules_java/4.0.0/MODULE.bazel": "5a78a7ae82cd1a33cef56dc578c7d2a46ed0dca12643ee45edbb8417899e6f74", + "https://bcr.bazel.build/modules/rules_java/7.6.5/MODULE.bazel": "481164be5e02e4cab6e77a36927683263be56b7e36fef918b458d7a8a1ebadb1", + "https://bcr.bazel.build/modules/rules_java/7.6.5/source.json": "a805b889531d1690e3c72a7a7e47a870d00323186a9904b36af83aa3d053ee8d", + "https://bcr.bazel.build/modules/rules_jvm_external/4.4.2/MODULE.bazel": "a56b85e418c83eb1839819f0b515c431010160383306d13ec21959ac412d2fe7", + "https://bcr.bazel.build/modules/rules_jvm_external/4.4.2/source.json": "a075731e1b46bc8425098512d038d416e966ab19684a10a34f4741295642fc35", + "https://bcr.bazel.build/modules/rules_license/0.0.3/MODULE.bazel": "627e9ab0247f7d1e05736b59dbb1b6871373de5ad31c3011880b4133cafd4bd0", + "https://bcr.bazel.build/modules/rules_license/0.0.7/MODULE.bazel": "088fbeb0b6a419005b89cf93fe62d9517c0a2b8bb56af3244af65ecfe37e7d5d", + "https://bcr.bazel.build/modules/rules_license/0.0.7/source.json": "355cc5737a0f294e560d52b1b7a6492d4fff2caf0bef1a315df5a298fca2d34a", + "https://bcr.bazel.build/modules/rules_pkg/0.7.0/MODULE.bazel": "df99f03fc7934a4737122518bb87e667e62d780b610910f0447665a7e2be62dc", + "https://bcr.bazel.build/modules/rules_pkg/0.7.0/source.json": "c2557066e0c0342223ba592510ad3d812d4963b9024831f7f66fd0584dd8c66c", + "https://bcr.bazel.build/modules/rules_proto/4.0.0/MODULE.bazel": "a7a7b6ce9bee418c1a760b3d84f83a299ad6952f9903c67f19e4edd964894e06", + "https://bcr.bazel.build/modules/rules_proto/5.3.0-21.7/MODULE.bazel": "e8dff86b0971688790ae75528fe1813f71809b5afd57facb44dad9e8eca631b7", + "https://bcr.bazel.build/modules/rules_proto/5.3.0-21.7/source.json": "d57902c052424dfda0e71646cb12668d39c4620ee0544294d9d941e7d12bc3a9", + "https://bcr.bazel.build/modules/rules_python/0.10.2/MODULE.bazel": "cc82bc96f2997baa545ab3ce73f196d040ffb8756fd2d66125a530031cd90e5f", + "https://bcr.bazel.build/modules/rules_python/0.22.1/MODULE.bazel": "26114f0c0b5e93018c0c066d6673f1a2c3737c7e90af95eff30cfee38d0bbac7", + "https://bcr.bazel.build/modules/rules_python/0.22.1/source.json": "57226905e783bae7c37c2dd662be078728e48fa28ee4324a7eabcafb5a43d014", + "https://bcr.bazel.build/modules/rules_python/0.4.0/MODULE.bazel": "9208ee05fd48bf09ac60ed269791cf17fb343db56c8226a720fbb1cdf467166c", + "https://bcr.bazel.build/modules/stardoc/0.5.1/MODULE.bazel": "1a05d92974d0c122f5ccf09291442580317cdd859f07a8655f1db9a60374f9f8", + "https://bcr.bazel.build/modules/stardoc/0.5.1/source.json": "a96f95e02123320aa015b956f29c00cb818fa891ef823d55148e1a362caacf29", + "https://bcr.bazel.build/modules/upb/0.0.0-20220923-a547704/MODULE.bazel": "7298990c00040a0e2f121f6c32544bab27d4452f80d9ce51349b1a28f3005c43", + "https://bcr.bazel.build/modules/upb/0.0.0-20220923-a547704/source.json": "f1ef7d3f9e0e26d4b23d1c39b5f5de71f584dd7d1b4ef83d9bbba6ec7a6a6459", + "https://bcr.bazel.build/modules/zlib/1.2.11/MODULE.bazel": "07b389abc85fdbca459b69e2ec656ae5622873af3f845e1c9d80fe179f3effa0", + "https://bcr.bazel.build/modules/zlib/1.2.12/MODULE.bazel": "3b1a8834ada2a883674be8cbd36ede1b6ec481477ada359cd2d3ddc562340b27", + "https://bcr.bazel.build/modules/zlib/1.3.1.bcr.3/MODULE.bazel": "af322bc08976524477c79d1e45e241b6efbeb918c497e8840b8ab116802dda79", + "https://bcr.bazel.build/modules/zlib/1.3.1.bcr.3/source.json": "2be409ac3c7601245958cd4fcdff4288be79ed23bd690b4b951f500d54ee6e7d" + }, + "selectedYankedVersions": {}, + "moduleExtensions": { + "@@apple_support~//crosstool:setup.bzl%apple_cc_configure_extension": { + "general": { + "bzlTransitiveDigest": "PjIds3feoYE8SGbbIq2SFTZy3zmxeO2tQevJZNDo7iY=", + "usagesDigest": "+hz7IHWN6A1oVJJWNDB6yZRG+RYhF76wAYItpAeIUIg=", + "recordedFileInputs": {}, + "recordedDirentsInputs": {}, + "envVariables": {}, + "generatedRepoSpecs": { + "local_config_apple_cc_toolchains": { + "bzlFile": "@@apple_support~//crosstool:setup.bzl", + "ruleClassName": "_apple_cc_autoconf_toolchains", + "attributes": {} + }, + "local_config_apple_cc": { + "bzlFile": "@@apple_support~//crosstool:setup.bzl", + "ruleClassName": "_apple_cc_autoconf", + "attributes": {} + } + }, + "recordedRepoMappingEntries": [ + [ + "apple_support~", + "bazel_tools", + "bazel_tools" + ] + ] + } + }, + "@@platforms//host:extension.bzl%host_platform": { + "general": { + "bzlTransitiveDigest": "xelQcPZH8+tmuOHVjL9vDxMnnQNMlwj0SlvgoqBkm4U=", + "usagesDigest": "pCYpDQmqMbmiiPI1p2Kd3VLm5T48rRAht5WdW0X2GlA=", + "recordedFileInputs": {}, + "recordedDirentsInputs": {}, + "envVariables": {}, + "generatedRepoSpecs": { + "host_platform": { + "bzlFile": "@@platforms//host:extension.bzl", + "ruleClassName": "host_platform_repo", + "attributes": {} + } + }, + "recordedRepoMappingEntries": [] + } + } + } +} diff --git a/WORKSPACE b/WORKSPACE index 269d39c..f568448 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -35,6 +35,13 @@ rules_foreign_cc_dependencies( register_preinstalled_tools = True, ) +load( + "@build_bazel_apple_support//lib:repositories.bzl", + "apple_support_dependencies", +) + +apple_support_dependencies() + load("@bazel_features//:deps.bzl", "bazel_features_deps") bazel_features_deps() diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl index 9303e38..56f659f 100644 --- a/bazel/repositories.bzl +++ b/bazel/repositories.bzl @@ -20,6 +20,7 @@ def yacl_deps(): _rule_python() _rules_foreign_cc() _com_github_madler_zlib() + _build_bazel_apple_support() _com_google_protobuf() _com_github_gflags_gflags() _com_google_googletest() @@ -417,3 +418,11 @@ def _lib25519(): "https://lib25519.cr.yp.to/lib25519-20240321.tar.gz", ], ) + +def _build_bazel_apple_support(): + maybe( + http_archive, + name = "build_bazel_apple_support", + sha256 = "b53f6491e742549f13866628ddffcc75d1f3b2d6987dc4f14a16b242113c890b", + url = "https://github.com/bazelbuild/apple_support/releases/download/1.17.1/apple_support.1.17.1.tar.gz", + ) diff --git a/examples/.bazelrc b/examples/.bazelrc deleted file mode 100644 index 7dd7e03..0000000 --- a/examples/.bazelrc +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -common --experimental_repo_remote_exec -common --experimental_cc_shared_library - -build --incompatible_new_actions_api=false -build --copt=-fdiagnostics-color=always -build --enable_platform_specific_config - -build --cxxopt=-std=c++17 -build --host_cxxopt=-std=c++17 -build --linkopt -lm - -# Binary safety flags -build --host_copt=-fPIE -build --host_copt=-fstack-protector-strong -build:linux --host_copt=-Wl,-z,noexecstack -build:macos --host_copt=-Wa,--noexecstack - -# platform specific config -# Bazel will automatic pick platform config since we have enable_platform_specific_config set -build:macos --features=-supports_dynamic_linker -build:macos --copt=-Wno-unused-command-line-argument -build:macos --macos_minimum_os=13.0 -build:macos --host_macos_minimum_os=13.0 -build:macos --action_env MACOSX_DEPLOYMENT_TARGET=13.0 - -test --keep_going -test --test_output=errors diff --git a/examples/.bazelversion b/examples/.bazelversion deleted file mode 100644 index f22d756..0000000 --- a/examples/.bazelversion +++ /dev/null @@ -1 +0,0 @@ -6.5.0 diff --git a/examples/BUILD.bazel b/examples/BUILD.bazel deleted file mode 100644 index 8289c83..0000000 --- a/examples/BUILD.bazel +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. diff --git a/examples/WORKSPACE b/examples/WORKSPACE deleted file mode 100644 index 09bffb8..0000000 --- a/examples/WORKSPACE +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -workspace(name = "yacl-examples") - -new_local_repository( - name = "yacl", - build_file = "BUILD.bazel", - path = "..", -) - -load("//repositories.bzl", "example_deps") - -example_deps() - -load("@yacl//bazel:repositories.bzl", "yacl_deps") - -yacl_deps() - -load("@rules_python//python:repositories.bzl", "py_repositories") - -py_repositories() - -load("@pybind11_bazel//:python_configure.bzl", "python_configure") - -python_configure( - name = "local_config_python", - python_version = "3", -) - -load( - "@rules_foreign_cc//foreign_cc:repositories.bzl", - "rules_foreign_cc_dependencies", -) - -rules_foreign_cc_dependencies( - register_built_tools = False, - register_default_tools = False, - register_preinstalled_tools = True, -) - -load("@bazel_features//:deps.bzl", "bazel_features_deps") - -bazel_features_deps() - -load("@com_google_protobuf//:protobuf_deps.bzl", "protobuf_deps") - -protobuf_deps() - -load("@rules_jni//jni:repositories.bzl", "rules_jni_dependencies") - -rules_jni_dependencies() diff --git a/examples/hesm2/BUILD.bazel b/examples/hesm2/BUILD.bazel deleted file mode 100644 index 8df3342..0000000 --- a/examples/hesm2/BUILD.bazel +++ /dev/null @@ -1,40 +0,0 @@ -# Copyright 2024 Guowei Ling. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -load("@yacl//bazel:yacl.bzl", "yacl_cc_binary") - -package(default_visibility = ["//visibility:public"]) - -yacl_cc_binary( - name = "sm2_example", - srcs = [ - "ahesm2.cc", - "ahesm2.h", - "ciphertext.h", - "config.cc", - "config.h", - "main.cc", - "private_key.h", - "public_key.h", - "t1.h", - "t2.h", - ], - deps = [ - "@yacl//yacl/crypto/ecc:spi", - "@yacl//yacl/crypto/ecc/openssl", - "@yacl//yacl/math/mpint", - "@yacl//yacl/utils:cuckoo_index", # 添加 cuckoo_index 依赖 - "@yacl//yacl/utils/spi", - ], -) diff --git a/examples/hesm2/README.md b/examples/hesm2/README.md deleted file mode 100644 index 38709cf..0000000 --- a/examples/hesm2/README.md +++ /dev/null @@ -1,99 +0,0 @@ -# 加法同态SM2+FastECDLP - -本代码是SM2加法同态加密 ([密码学报 2022](http://www.jcr.cacrnet.org.cn/CN/10.13868/j.cnki.jcr.000532)) 结合FastECDLP([IEEE TIFS 2023](https://ieeexplore.ieee.org/document/10145804))。 - -注:本实现的SM2加法同态加密并非是标准SM2公钥加密算法。标准SM2公钥加密算法并不具备加同态性。 - -## 快速开始 - -首先,进入项目目录并构建示例: - -```bash -cd yacl - -bazel build --linkopt=-ldl //... - -bazel build --linkopt=-ldl //examples/hesm2:sm2_example - -cd bazel-bin/examples/hesm2 - -./sm2_example -``` - -**注:** 第一次使用需要生成预计算表,请等待几分钟。 - -## 示例代码 - -以下是一个简单的使用示例,展示了如何进行参数配置、加密、同态运算及解密操作。 - -```cpp -#include - -#include "hesm2/ahesm2.h" -#include "hesm2/config.h" -#include "hesm2/private_key.h" - -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/math/mpint/mp_int.h" - -using yacl::crypto::EcGroupFactory; -using namespace examples::hesm2; - -int main() { - // 参数配置并读取预计算表 - InitializeConfig(); - - // 生成SM2椭圆曲线群 - auto ec_group = - EcGroupFactory::Instance().Create("sm2", yacl::ArgLib = "openssl"); - if (!ec_group) { - std::cerr << "Failed to create SM2 curve using OpenSSL" << std::endl; - return 1; - } - - // 公私钥对生成 - PrivateKey private_key(std::move(ec_group)); - const auto& public_key = private_key.GetPublicKey(); - - // 指定明文 - auto m1 = yacl::math::MPInt(100); - auto m2 = yacl::math::MPInt(6); - - // 加密 - auto c1 = Encrypt(m1, public_key); - auto c2 = Encrypt(m2, public_key); - - // 标量乘,即密文乘明文 - auto c3 = HMul(c1, m2, public_key); - - // 同态加,即密文加密文 - auto c4 = HAdd(c1, c2, public_key); - - // 单线程解密 - auto res3 = Decrypt(c3, private_key); - - // 并发解密 - auto res4 = ParDecrypt(c4, private_key); - - // 打印结果 - std::cout << res3.m << std::endl; - std::cout << res4.m << std::endl; - - // 打印是否解密正确 - std::cout << res3.success << std::endl; - std::cout << res4.success << std::endl; - - return 0; -} -``` - -## 高阶使用 - -您可以通过修改config.cc中的以下两个参数修改明文空间。 - -```cpp -int Ilen = 12; // l2-1 -int Jlen = 20; // l1-1 -``` - -明文空间的绝对值大小为:(1< - -#include "hesm2/ciphertext.h" -#include "hesm2/config.h" -#include "hesm2/private_key.h" -#include "hesm2/t1.h" -#include "hesm2/t2.h" - -#include "yacl/crypto/ecc/ec_point.h" -#include "yacl/math/mpint/mp_int.h" - -namespace examples::hesm2 { - -Ciphertext Encrypt(const yacl::math::MPInt& message, const PublicKey& pk) { - YACL_ENFORCE(message.Abs() <= yacl::math::MPInt(Mmax)); - const auto& ec_group = pk.GetEcGroup(); - auto generator = ec_group->GetGenerator(); - yacl::math::MPInt r; - yacl::math::MPInt::RandomLtN(ec_group->GetOrder(), &r); - auto c1 = ec_group->MulBase(r); - const auto& pk_point = pk.GetPoint(); - auto mG = ec_group->MulBase(message); - auto rpk = ec_group->Mul(pk_point, r); - auto c2 = ec_group->Add(mG, rpk); - return Ciphertext{c1, c2}; -} - -bool CheckDec(const std::shared_ptr& ecgroup, - const yacl::crypto::EcPoint& m_g, const yacl::math::MPInt& m) { - yacl::crypto::EcPoint checkmG = ecgroup->MulBase(m); - return ecgroup->PointEqual(m_g, checkmG); -} - -DecryptResult Decrypt(const Ciphertext& ciphertext, const PrivateKey& sk) { - const auto& ec_group = sk.GetEcGroup(); - auto c1_sk = ec_group->Mul(ciphertext.GetC1(), sk.GetK()); - const auto& c2 = ciphertext.GetC2(); - if (ec_group->PointEqual(c1_sk, c2)) { - return {yacl::math::MPInt(0), true}; - } - auto mG = ec_group->Sub(c2, c1_sk); - auto affmG = ec_group->GetAffinePoint(mG); - auto affmGx = affmG.x; - const auto value = - t1_loaded.Op_search(affmGx.ToMagBytes(yacl::Endian::native)); - if (value.second) { - yacl::math::MPInt m(value.first); - if (CheckDec(ec_group, mG, m)) { - return {m, true}; - } else { - return {-(m), true}; - } - } - yacl::math::MPInt m; // Declare the variable 'm' - const auto& t2 = t2_loaded.GetVector(); - std::vector Z(Imax); - for (int i = 1; i <= Imax; ++i) { - yacl::math::MPInt difference = t2[i].x - affmGx; - Z[i - 1] = difference; - if (difference.IsZero()) { - m = yacl::math::MPInt(static_cast(L1) * static_cast(i)); - if (CheckDec(ec_group, mG, m)) { - return {m, true}; - } else { - return {-m, true}; - } - } - } - std::vector ZTree(Treelen); - for (int i = 0; i < Imax; i++) { - ZTree[i] = Z[i]; - } - int offset = Imax; - int treelen = Imax * 2 - 3; - yacl::math::MPInt P = ec_group->GetField(); - for (int i = 0; i < treelen; i += 2) { - yacl::math::MPInt product; - yacl::math::MPInt::Mul(ZTree[i], ZTree[i + 1], &product); - - ZTree[offset] = product.Mod(P); - offset = offset + 1; - } - yacl::math::MPInt treeroot_inv; - treeroot_inv.Set(ZTree[Treelen - 2]); - treeroot_inv = treeroot_inv.InvertMod(P); - std::vector ZinvTree(Treelen); - treelen = Imax * 2 - 2; - int prevfloorflag = treelen; - int prevfloornum = 1; - int thisfloorflag = treelen; - int thisfloornum; - int thisindex; - int ztreeindex; - ZinvTree[prevfloorflag] = treeroot_inv; - for (int i = 0; i < Ilen; i++) { - thisfloornum = prevfloornum * 2; - thisfloorflag = prevfloorflag - thisfloornum; - for (int f = 0; f < thisfloornum; f++) { - thisindex = f + thisfloorflag; - ztreeindex = thisindex ^ 1; - yacl::math::MPInt product; - yacl::math::MPInt::Mul(ZTree[ztreeindex], - ZinvTree[prevfloorflag + (f / 2)], &product); - ZinvTree[thisindex] = product.Mod(P); - } - prevfloorflag = thisfloorflag; - prevfloornum = prevfloornum * 2; - } - auto affmGy = affmG.y; - for (int j = 1; j <= Imax; j++) { - yacl::math::MPInt Qx; - yacl::math::MPInt Qxinv; - yacl::math::MPInt k; - yacl::math::MPInt::Add(affmGx, t2[j].x, &k); - k = k.Mod(P); - yacl::math::MPInt::Sub(t2[j].y, affmGy, &Qx); - Qx = Qx.MulMod(ZinvTree[j - 1], P); - Qx = Qx.MulMod(Qx, P); - Qx = Qx.SubMod(k, P); - const auto value = t1_loaded.Op_search(Qx.ToMagBytes(yacl::Endian::native)); - if (value.second) { - m = yacl::math::MPInt(static_cast(L1) * static_cast(j)); - yacl::math::MPInt m1; - yacl::math::MPInt m2; - auto jint = yacl::math::MPInt(value.first); - yacl::math::MPInt::Add(m, jint, &m1); - yacl::math::MPInt::Sub(m, jint, &m2); - if (CheckDec(ec_group, mG, m1)) { - return {m1, true}; - } else { - return {m2, true}; - } - } - yacl::math::MPInt::Sub(-t2[j].y, affmGy, &Qxinv); - Qxinv = Qxinv.MulMod(ZinvTree[j - 1], P); - Qxinv = Qxinv.MulMod(Qxinv, P); - Qxinv = Qxinv.SubMod(k, P); - const auto invvalue = - t1_loaded.Op_search(Qxinv.ToMagBytes(yacl::Endian::native)); - if (invvalue.second) { - m = yacl::math::MPInt(static_cast(-L1) * - static_cast(j)); - yacl::math::MPInt m1; - yacl::math::MPInt m2; - auto jint = yacl::math::MPInt(invvalue.first); - yacl::math::MPInt::Add(m, jint, &m1); - yacl::math::MPInt::Sub(m, jint, &m2); - if (CheckDec(ec_group, mG, m1)) { - return {m1, true}; - } else { - return {m2, true}; - } - } - } - SPDLOG_INFO("Decrypt failed. |m| should be <= {}", Mmax); - return {yacl::math::MPInt(0), false}; -} - -DecryptResult search(int start, int end, const yacl::math::MPInt& affm_gx, - const yacl::math::MPInt& affm_gy, - const std::vector& zinv_tree, - const yacl::math::MPInt& p, - const yacl::crypto::EcPoint& m_g, - const std::shared_ptr& ec_group, - std::atomic& found, std::mutex& mtx) { - const auto& t2 = t2_loaded.GetVector(); - for (int j = start; j < end && !found.load(); j++) { - yacl::math::MPInt Qx; - yacl::math::MPInt Qxinv; - yacl::math::MPInt k; - yacl::math::MPInt::Add(affm_gx, t2[j].x, &k); - k = k.Mod(p); - yacl::math::MPInt::Sub(t2[j].y, affm_gy, &Qx); - Qx = Qx.MulMod(zinv_tree[j - 1], p); - Qx = Qx.MulMod(Qx, p); - Qx = Qx.SubMod(k, p); - const auto value = t1_loaded.Op_search(Qx.ToMagBytes(yacl::Endian::native)); - if (value.second) { - yacl::math::MPInt m = - yacl::math::MPInt(static_cast(L1) * static_cast(j)); - yacl::math::MPInt m1; - yacl::math::MPInt m2; - auto jint = yacl::math::MPInt(value.first); - yacl::math::MPInt::Add(m, jint, &m1); - yacl::math::MPInt::Sub(m, jint, &m2); - if (CheckDec(ec_group, m_g, m1)) { - std::lock_guard lock(mtx); - found.store(true); - return {m1, true}; - } else { - std::lock_guard lock(mtx); - found.store(true); - return {m2, true}; - } - } - yacl::math::MPInt::Sub(-t2[j].y, affm_gy, &Qxinv); - Qxinv = Qxinv.MulMod(zinv_tree[j - 1], p); - Qxinv = Qxinv.MulMod(Qxinv, p); - Qxinv = Qxinv.SubMod(k, p); - const auto invvalue = - t1_loaded.Op_search(Qxinv.ToMagBytes(yacl::Endian::native)); - if (invvalue.second) { - yacl::math::MPInt m = yacl::math::MPInt(static_cast(-L1) * - static_cast(j)); - yacl::math::MPInt m1; - yacl::math::MPInt m2; - auto jint = yacl::math::MPInt(invvalue.first); - yacl::math::MPInt::Add(m, jint, &m1); - yacl::math::MPInt::Sub(m, jint, &m2); - if (CheckDec(ec_group, m_g, m1)) { - std::lock_guard lock(mtx); - found.store(true); - return {m1, true}; - } else { - std::lock_guard lock(mtx); - found.store(true); - return {m2, true}; - } - } - } - return {yacl::math::MPInt(), false}; // 返回一个无效的结果 -} - -DecryptResult ParDecrypt(const Ciphertext& ciphertext, const PrivateKey& sk) { - const auto& ec_group = sk.GetEcGroup(); - auto c1_sk = ec_group->Mul(ciphertext.GetC1(), sk.GetK()); - const auto& c2 = ciphertext.GetC2(); - if (ec_group->PointEqual(c1_sk, c2)) { - return {yacl::math::MPInt(0), true}; - } - auto mG = ec_group->Sub(c2, c1_sk); - auto affmG = ec_group->GetAffinePoint(mG); - auto affmGx = affmG.x; - yacl::math::MPInt m; - const auto value = - t1_loaded.Op_search(affmGx.ToMagBytes(yacl::Endian::native)); - if (value.second) { - m = yacl::math::MPInt(value.first); - if (CheckDec(ec_group, mG, m)) { - return {m, true}; - } else { - return {-(m), true}; - } - } - - const auto& t2 = t2_loaded.GetVector(); - - std::vector Z(Imax); - for (int j = 1; j <= Imax; ++j) { - yacl::math::MPInt difference = t2[j].x - affmGx; - Z[j - 1] = difference; - if (difference.IsZero()) { - m = yacl::math::MPInt(static_cast(L1) * static_cast(j)); - if (CheckDec(ec_group, mG, m)) { - return {m, true}; - } else { - return {-m, true}; - } - } - } - std::vector ZTree(Treelen); - for (int i = 0; i < Imax; i++) { - ZTree[i] = Z[i]; - } - int offset = Imax; - int treelen = Imax * 2 - 3; - yacl::math::MPInt P = ec_group->GetField(); - for (int i = 0; i < treelen; i += 2) { - yacl::math::MPInt product; - yacl::math::MPInt::Mul(ZTree[i], ZTree[i + 1], &product); - ZTree[offset] = product.Mod(P); - offset = offset + 1; - } - yacl::math::MPInt treeroot_inv; - treeroot_inv.Set(ZTree[Treelen - 2]); - treeroot_inv = treeroot_inv.InvertMod(P); - std::vector ZinvTree(Treelen); - treelen = Imax * 2 - 2; - int prevfloorflag = treelen; - int prevfloornum = 1; - int thisfloorflag = treelen; - int thisfloornum; - ZinvTree[prevfloorflag] = treeroot_inv; - for (int i = 0; i < Ilen; i++) { - thisfloornum = prevfloornum * 2; - thisfloorflag = prevfloorflag - thisfloornum; - yacl::parallel_for(0, thisfloornum, 1, [&](int64_t start, int64_t end) { - for (int f = start; f < end; f++) { - int thisindex = f + thisfloorflag; - int ztreeindex = thisindex ^ 1; - yacl::math::MPInt product; - yacl::math::MPInt::Mul(ZTree[ztreeindex], - ZinvTree[prevfloorflag + (f / 2)], &product); - ZinvTree[thisindex] = product.Mod(P); - } - }); - prevfloorflag = thisfloorflag; - prevfloornum = prevfloornum * 2; - } - auto affmGy = affmG.y; - const int num_threads = std::thread::hardware_concurrency(); - const int chunk_size = Imax / num_threads; - std::vector threads; - std::vector results(num_threads); - - std::atomic found(false); - std::mutex mtx; - std::atomic result_found(false); - DecryptResult final_result; - - for (int i = 0; i < num_threads; ++i) { - int start = i * chunk_size + 1; - int end = (i == num_threads - 1) ? (Imax + 1) : start + chunk_size; - threads.emplace_back([&, start, end]() { - DecryptResult result = search(start, end, affmGx, affmGy, ZinvTree, P, mG, - ec_group, found, mtx); - if (result.success && !result_found.exchange(true)) { - final_result = result; - found.store(true); - } - }); - } - - for (auto& thread : threads) { - thread.join(); - } - if (result_found) { - return final_result; - } else { - SPDLOG_INFO("Decrypt failed. |m| should be <= {}", Mmax); - return DecryptResult{yacl::math::MPInt(0), false}; - } -} - -Ciphertext HAdd(const Ciphertext& ciphertext1, const Ciphertext& ciphertext2, - const PublicKey& pk) { - const auto& ec_group = pk.GetEcGroup(); - auto c1 = ec_group->Add(ciphertext1.GetC1(), ciphertext2.GetC1()); - auto c2 = ec_group->Add(ciphertext1.GetC2(), ciphertext2.GetC2()); - return Ciphertext{c1, c2}; -} - -Ciphertext HSub(const Ciphertext& ciphertext1, const Ciphertext& ciphertext2, - const PublicKey& pk) { - const auto& ec_group = pk.GetEcGroup(); - auto c1 = ec_group->Sub(ciphertext1.GetC1(), ciphertext2.GetC1()); - auto c2 = ec_group->Sub(ciphertext1.GetC2(), ciphertext2.GetC2()); - return Ciphertext{c1, c2}; -} - -Ciphertext HMul(const Ciphertext& ciphertext1, const yacl::math::MPInt& scalar, - const PublicKey& pk) { - const auto& ec_group = pk.GetEcGroup(); - auto c1 = ec_group->Mul(ciphertext1.GetC1(), scalar); - auto c2 = ec_group->Mul(ciphertext1.GetC2(), scalar); - return Ciphertext{c1, c2}; -} -} // namespace examples::hesm2 diff --git a/examples/hesm2/ahesm2.h b/examples/hesm2/ahesm2.h deleted file mode 100644 index 4c02483..0000000 --- a/examples/hesm2/ahesm2.h +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include "hesm2/ciphertext.h" -#include "hesm2/private_key.h" - -namespace examples::hesm2 { - -struct DecryptResult { - yacl::math::MPInt m; - bool success; -}; - -Ciphertext Encrypt(const yacl::math::MPInt& message, const PublicKey& pk); - -DecryptResult Decrypt(const Ciphertext& ciphertext, const PrivateKey& sk); - -DecryptResult ParDecrypt(const Ciphertext& ciphertext, const PrivateKey& sk); - -Ciphertext HAdd(const Ciphertext& ciphertext1, const Ciphertext& ciphertext2, - const PublicKey& pk); - -Ciphertext HSub(const Ciphertext& ciphertext1, const Ciphertext& ciphertext2, - const PublicKey& pk); - -Ciphertext HMul(const Ciphertext& ciphertext1, const yacl::math::MPInt& scalar, - const PublicKey& pk); - -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/ciphertext.h b/examples/hesm2/ciphertext.h deleted file mode 100644 index 903f6db..0000000 --- a/examples/hesm2/ciphertext.h +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include - -#include "yacl/crypto/ecc/ec_point.h" - -namespace examples::hesm2 { - -class Ciphertext { - public: - Ciphertext(yacl::crypto::EcPoint c1, yacl::crypto::EcPoint c2) - : c1_(std::move(c1)), c2_(std::move(c2)) {} - - const yacl::crypto::EcPoint& GetC1() const { return c1_; } - const yacl::crypto::EcPoint& GetC2() const { return c2_; } - - private: - yacl::crypto::EcPoint c1_; - yacl::crypto::EcPoint c2_; -}; -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/config.cc b/examples/hesm2/config.cc deleted file mode 100644 index 861447c..0000000 --- a/examples/hesm2/config.cc +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "hesm2/config.h" - -#include "hesm2/t1.h" -#include "hesm2/t2.h" - -namespace examples::hesm2 { - -uint32_t GetSubBytesAsUint32(const yacl::Buffer& bytes, size_t start, - size_t end) { - uint32_t result = 0; - for (size_t i = start; i < end; ++i) { - result = (result << 8) | bytes.data()[i]; - } - return result; -} - -CuckooT1 t1_loaded(Jmax); -T2 t2_loaded(nullptr, false); - -void InitializeConfig() { - auto ec_group = yacl::crypto::EcGroupFactory::Instance().Create( - "sm2", yacl::ArgLib = "openssl"); - - // 检查是否成功创建 - if (!ec_group) { - std::cerr << "Failed to create SM2 curve using OpenSSL" << std::endl; - return; - } - // 检查文件是否存在,如果存在则从文件加载 - std::string filet1 = "cuckoo_t1.dat"; - std::ifstream ifs(filet1); - if (ifs.good()) { - t1_loaded.Deserialize(filet1); - SPDLOG_INFO("t1_loaded from file: {}", filet1); - } else { - SPDLOG_INFO("t1_loaded generated and serialized to file:{} ", filet1); - SPDLOG_INFO( - "The process might be slow; you may need to wait a few minutes..."); - t1_loaded.InitializeEcGroup(std::move(ec_group)); - t1_loaded.Initialize(); - t1_loaded.Serialize(filet1); - } - - auto ec_group_t2 = yacl::crypto::EcGroupFactory::Instance().Create( - "sm2", yacl::ArgLib = "openssl"); - std::string filet2 = "t2.dat"; - std::ifstream ifst2(filet2); - if (ifst2.good()) { - t2_loaded.Deserialize(filet2); - SPDLOG_INFO("t2_loaded from file: {}", filet2); - } else { - SPDLOG_INFO("t2_loaded generated and serialized to file:{} ", filet2); - t2_loaded.InitializeEcGroup(std::move(ec_group_t2)); - t2_loaded.InitializeVector(); - t2_loaded.Serialize(filet2); - t2_loaded.Deserialize(filet2); - } -} - -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/config.h b/examples/hesm2/config.h deleted file mode 100644 index f296e50..0000000 --- a/examples/hesm2/config.h +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include - -#include "yacl/base/buffer.h" - -namespace examples::hesm2 { - -void InitializeConfig(); - -uint32_t GetSubBytesAsUint32(const yacl::Buffer& bytes, size_t start, - size_t end); - -constexpr int Ilen = 12; // l2-1 -constexpr int Jlen = 20; // l1-1 -constexpr int Imax = 1 << Ilen; // 1<< Ilen -constexpr int Jmax = 1 << Jlen; // 1<(Jmax * 1.3); -constexpr uint64_t Mmax = - static_cast(Imax) * static_cast(L1) + Jmax; - -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/main.cc b/examples/hesm2/main.cc deleted file mode 100644 index 9362602..0000000 --- a/examples/hesm2/main.cc +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include - -#include "hesm2/ahesm2.h" -#include "hesm2/config.h" -#include "hesm2/private_key.h" - -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/math/mpint/mp_int.h" - -using yacl::crypto::EcGroupFactory; -using namespace examples::hesm2; - -int main() { - // 参数配置并读取预计算表 - InitializeConfig(); - - // 生成SM2椭圆曲线群 - auto ec_group = - EcGroupFactory::Instance().Create("sm2", yacl::ArgLib = "openssl"); - if (!ec_group) { - std::cerr << "Failed to create SM2 curve using OpenSSL" << std::endl; - return 1; - } - - // 公私钥对生成 - PrivateKey private_key(std::move(ec_group)); - const auto& public_key = private_key.GetPublicKey(); - - // 指定明文 - auto m1 = yacl::math::MPInt(100); - auto m2 = yacl::math::MPInt(6); - - // 加密 - auto c1 = Encrypt(m1, public_key); - auto c2 = Encrypt(m2, public_key); - - // 标量乘,即密文乘明文 - auto c3 = HMul(c1, m2, public_key); - - // 同态加,即密文加密文 - auto c4 = HAdd(c1, c2, public_key); - - // 单线程解密 - auto res3 = Decrypt(c3, private_key); - - // 并发解密 - auto res4 = ParDecrypt(c4, private_key); - - // 打印结果 - std::cout << res3.m << std::endl; - std::cout << res4.m << std::endl; - - // 打印是否解密正确 - std::cout << res3.success << std::endl; - std::cout << res4.success << std::endl; - - return 0; -} diff --git a/examples/hesm2/private_key.h b/examples/hesm2/private_key.h deleted file mode 100644 index 1bcc304..0000000 --- a/examples/hesm2/private_key.h +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include "hesm2/public_key.h" - -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/math/mpint/mp_int.h" - -namespace examples::hesm2 { - -class PrivateKey { - public: - explicit PrivateKey(std::shared_ptr ec_group) - : ec_group_(ec_group), public_key_(ec_group_->GetGenerator(), ec_group_) { - Initialize(); - } - - const yacl::math::MPInt& GetK() const { return k_; } - const PublicKey& GetPublicKey() const { return public_key_; } - std::shared_ptr GetEcGroup() const { - return ec_group_; - } - - private: - void Initialize() { - yacl::math::MPInt k; - yacl::math::MPInt::RandomLtN(ec_group_->GetOrder(), &k); - public_key_ = GeneratePublicKey(); - } - - PublicKey GeneratePublicKey() const { - auto generator = ec_group_->GetGenerator(); - auto point = ec_group_->Mul(generator, k_); - return {point, ec_group_}; - } - - std::shared_ptr ec_group_; - yacl::math::MPInt k_; - PublicKey public_key_; -}; -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/public_key.h b/examples/hesm2/public_key.h deleted file mode 100644 index 1b651c4..0000000 --- a/examples/hesm2/public_key.h +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include - -#include "yacl/crypto/ecc/ecc_spi.h" - -namespace examples::hesm2 { - -class PublicKey { - public: - PublicKey(yacl::crypto::EcPoint point, - std::shared_ptr ec_group) - : point_(point), ec_group_(std::move(ec_group)) {} - - const yacl::crypto::EcPoint& GetPoint() const { return point_; } - std::shared_ptr GetEcGroup() const { - return ec_group_; - } - - private: - yacl::crypto::EcPoint point_; - std::shared_ptr ec_group_; -}; - -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/t1.h b/examples/hesm2/t1.h deleted file mode 100644 index 25ced4f..0000000 --- a/examples/hesm2/t1.h +++ /dev/null @@ -1,160 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include -#include -#include -#include -#include -#include - -#include "hesm2/config.h" - -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/math/mpint/mp_int.h" -#include "yacl/utils/parallel.h" - -namespace examples::hesm2 { - -class CuckooT1 { - public: - explicit CuckooT1(int jmax) - : jmax_(jmax), cuckoolen_(static_cast(jmax * 1.3)) { - if (jmax_ <= 0) { - throw std::invalid_argument("jmax must be positive"); - } - table_v_.resize(cuckoolen_, 0); // 初始化值为0 - table_k_.resize(cuckoolen_, 0); // 初始化值为0 - } - - void Initialize() { - std::vector XS(jmax_); - constexpr int64_t batch_size = 1 << 10; // 可以根据需要调整批处理大小 - if (!ec_group_) { - throw std::runtime_error("EcGroup not initialized"); - } - yacl::parallel_for(1, Jmax + 1, batch_size, [&](int64_t beg, int64_t end) { - for (int64_t i = beg; i < end; ++i) { - yacl::math::MPInt value(i); - auto point = ec_group_->MulBase(value); - // 获取横坐标作为键 - auto affine_point = ec_group_->GetAffinePoint(point); - auto key = affine_point.x.ToMagBytes(yacl::Endian::native); - XS[i - 1] = key; - } - }); - Insert(XS); - } - - void Insert(std::vector data) { - std::vector hash_index_; - hash_index_.resize(cuckoolen_, 0); - for (int i = 0; i < Jmax; ++i) { - int v = i + 1; - uint8_t old_hash_id = 1; - int j = 0; - for (; j < maxiter_; ++j) { - const auto& X = data[v - 1]; - size_t start = (old_hash_id - 1) * 8; - size_t end = start + 4; - uint32_t x = GetSubBytesAsUint32(X, end, end + 4); - uint32_t x_key = x; - uint32_t h = GetSubBytesAsUint32(X, start, end) % cuckoolen_; - uint8_t* hash_id_address = &hash_index_[h]; - int* key_index_address = &table_v_[h]; - uint32_t* key_address = &table_k_[h]; - - if (*hash_id_address == empty_) { - *hash_id_address = old_hash_id; - *key_index_address = v; - *key_address = x_key; - break; - } else { - std::swap(v, *key_index_address); - std::swap(old_hash_id, *hash_id_address); - std::swap(x_key, *key_address); - old_hash_id = old_hash_id % 3 + 1; - } - } - if (j == maxiter_) { - SPDLOG_INFO("insert failed, ", i); - throw std::runtime_error("insert failed, " + std::to_string(i)); - } - } - } - - std::pair Op_search(const yacl::Buffer& xbytes) const { - for (int i = 0; i < 3; ++i) { - size_t start = i * 8; - size_t end = start + 4; - uint32_t x = GetSubBytesAsUint32(xbytes, end, end + 4); - uint32_t x_key = x; - uint32_t h = GetSubBytesAsUint32(xbytes, start, end) % cuckoolen_; - if (table_k_[h] == x_key) { - return {table_v_[h], true}; - } - } - return {0, false}; - } - - void Serialize(const std::string& filename) const { - std::ofstream ofs(filename, std::ios::binary); - if (!ofs) { - throw std::runtime_error("Failed to open file for writing: " + filename); - } - - ofs.write(reinterpret_cast(&jmax_), sizeof(jmax_)); - ofs.write(reinterpret_cast(&cuckoolen_), sizeof(cuckoolen_)); - ofs.write(reinterpret_cast(table_v_.data()), - table_v_.size() * sizeof(uint32_t)); - ofs.write(reinterpret_cast(table_k_.data()), - table_k_.size() * sizeof(uint32_t)); - } - - void Deserialize(const std::string& filename) { - std::ifstream ifs(filename, std::ios::binary); - if (!ifs) { - throw std::runtime_error("Failed to open file for reading: " + filename); - } - - ifs.read(reinterpret_cast(&jmax_), sizeof(jmax_)); - ifs.read(reinterpret_cast(&cuckoolen_), sizeof(cuckoolen_)); - table_v_.resize(cuckoolen_); - table_k_.resize(cuckoolen_); - ifs.read(reinterpret_cast(table_v_.data()), - table_v_.size() * sizeof(uint32_t)); - ifs.read(reinterpret_cast(table_k_.data()), - table_k_.size() * sizeof(uint32_t)); - } - - void InitializeEcGroup(std::shared_ptr ec_group) { - ec_group_ = std::move(ec_group); - } - - private: - int jmax_; - uint32_t cuckoolen_; - std::shared_ptr ec_group_; - std::vector table_v_; - std::vector table_k_; - const uint8_t empty_ = 0; - const int maxiter_ = 500; - mutable std::shared_mutex mutex_; -}; - -extern CuckooT1 t1_loaded; - -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/hesm2/t2.h b/examples/hesm2/t2.h deleted file mode 100644 index 8cc8da3..0000000 --- a/examples/hesm2/t2.h +++ /dev/null @@ -1,118 +0,0 @@ -// Copyright 2024 Guowei Ling. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include -#include -#include -#include -#include - -#include "hesm2/config.h" - -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/math/mpint/mp_int.h" - -namespace examples::hesm2 { - -class T2 { - public: - explicit T2(std::shared_ptr ec_group, - bool initialize = true) - : ec_group_(std::move(ec_group)) { - if (initialize) { - InitializeVector(); - } - } - const yacl::crypto::AffinePoint& GetValue(size_t index) const { - return vec_.at(index); - } - const std::vector& GetVector() const { - return vec_; - } - void Serialize(const std::string& filename) const { - std::shared_lock lock(mutex_); - std::ofstream ofs(filename, std::ios::binary); - if (!ofs) { - throw std::runtime_error("Failed to open file for writing: " + filename); - } - size_t vec_size = vec_.size(); - ofs.write(reinterpret_cast(&vec_size), sizeof(vec_size)); - for (const auto& point : vec_) { - auto x_bytes = point.x.ToMagBytes(yacl::Endian::native); - auto y_bytes = point.y.ToMagBytes(yacl::Endian::native); - size_t x_size = x_bytes.size(); - size_t y_size = y_bytes.size(); - ofs.write(reinterpret_cast(&x_size), sizeof(x_size)); - ofs.write(reinterpret_cast(x_bytes.data()), x_size); - ofs.write(reinterpret_cast(&y_size), sizeof(y_size)); - ofs.write(reinterpret_cast(y_bytes.data()), y_size); - } - } - void Deserialize(const std::string& filename) { - std::unique_lock lock(mutex_); - std::ifstream ifs(filename, std::ios::binary); - if (!ifs) { - throw std::runtime_error("Failed to open file for reading: " + filename); - } - size_t vec_size; - ifs.read(reinterpret_cast(&vec_size), sizeof(vec_size)); - vec_.resize(vec_size); - for (size_t i = 0; i < vec_size; ++i) { - size_t x_size; - size_t y_size; - ifs.read(reinterpret_cast(&x_size), sizeof(x_size)); - yacl::Buffer x_bytes(x_size); - ifs.read(reinterpret_cast(x_bytes.data()), x_size); - yacl::math::MPInt x; - x.FromMagBytes(x_bytes, yacl::Endian::native); - - ifs.read(reinterpret_cast(&y_size), sizeof(y_size)); - yacl::Buffer y_bytes(y_size); - ifs.read(reinterpret_cast(y_bytes.data()), y_size); - yacl::math::MPInt y; - y.FromMagBytes(y_bytes, yacl::Endian::native); - - vec_[i] = yacl::crypto::AffinePoint{x, y}; - } - } - - void InitializeVector() { - vec_.resize(Imax + 1); - auto G = ec_group_->GetGenerator(); - yacl::math::MPInt Jmax_val(Jmax); - yacl::math::MPInt two(2); - yacl::math::MPInt factor = Jmax_val * two; // Correcting the multiplication - auto T2basepoint = ec_group_->MulBase(factor); - for (int i = 0; i <= Imax; ++i) { - yacl::math::MPInt value(-i); - auto point = ec_group_->Mul(T2basepoint, value); - vec_[i] = ec_group_->GetAffinePoint(point); - } - } - - void InitializeEcGroup(std::shared_ptr ec_group) { - ec_group_ = std::move(ec_group); - } - - private: - std::shared_ptr ec_group_; - std::vector vec_; - mutable std::shared_mutex mutex_; -}; - -extern T2 t2_loaded; - -} // namespace examples::hesm2 \ No newline at end of file diff --git a/examples/psi/BUILD.bazel b/examples/psi/BUILD.bazel deleted file mode 100644 index 67173a7..0000000 --- a/examples/psi/BUILD.bazel +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -package(default_visibility = ["//visibility:public"]) - -filegroup( - name = "psi_data", - srcs = glob(["data/*"]), -) diff --git a/examples/psi/cpp/BUILD.bazel b/examples/psi/cpp/BUILD.bazel deleted file mode 100644 index 97e681e..0000000 --- a/examples/psi/cpp/BUILD.bazel +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -load("@yacl//bazel:yacl.bzl", "yacl_cc_binary", "yacl_cc_library", "yacl_cc_test") - -package(default_visibility = ["//visibility:public"]) - -yacl_cc_library( - name = "ecdh_psi", - srcs = [ - "ecdh_psi.cc", - ], - hdrs = [ - "ecdh_psi.h", - ], - deps = [ - "@yacl//yacl/crypto/ecc", - "@yacl//yacl/link", - ], -) - -yacl_cc_test( - name = "ecdh_psi_test", - srcs = ["ecdh_psi_test.cc"], - deps = [":ecdh_psi"], -) - -yacl_cc_binary( - name = "ecdh_psi_main", - srcs = [ - "ecdh_psi_main.cc", - "main_utils.h", - ], - data = [ - "//psi:psi_data", - ], - deps = [ - ":ecdh_psi", - "@yacl//yacl/io/rw:csv_reader", - ], -) diff --git a/examples/psi/cpp/ecdh_psi.cc b/examples/psi/cpp/ecdh_psi.cc deleted file mode 100644 index 9f28a12..0000000 --- a/examples/psi/cpp/ecdh_psi.cc +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "psi/cpp/ecdh_psi.h" - -#include -#include - -#include "yacl/crypto/ecc/ec_point.h" -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/crypto/hash/hash_utils.h" -#include "yacl/link/link.h" -#include "yacl/secparam.h" - -namespace yc = yacl::crypto; - -namespace examples::psi { - -void EcdhPsi::MaskStrings(absl::Span in, - absl::Span out) const { - YACL_ENFORCE(!in.empty()); - YACL_ENFORCE(in.size() == out.size()); - for (size_t i = 0; i < in.size(); ++i) { - out[i] = ec_->HashToCurve(yc::HashToCurveStrategy::Autonomous, in[i]); - ec_->MulInplace(&out[i], sk_); - } -} - -void EcdhPsi::MaskEcPointsAndHashToU128(absl::Span in, - absl::Span out) const { - YACL_ENFORCE(!in.empty()); - YACL_ENFORCE(in.size() == out.size()); - for (size_t i = 0; i < in.size(); ++i) { - out[i] = yc::Blake3_128(ec_->SerializePoint(ec_->Mul(in[i], sk_))); - } -} - -// Mask input strings with secret key, and outputs the EcPoint results -std::vector EcdhPsi::MaskStringsEx( - std::vector in) const { - YACL_ENFORCE(!in.empty()); - std::vector out(in.size()); - for (size_t i = 0; i < in.size(); ++i) { - auto temp = ec_->HashToCurve(yc::HashToCurveStrategy::Autonomous, in[i]); - ec_->MulInplace(&temp, sk_); - out[i] = ec_->SerializePoint(temp); - } - return out; -} - -// Mask input strings with secret key, and outputs the EcPoint results -std::vector EcdhPsi::MaskEcPointsAndHashToU128Ex( - std::vector in) const { - YACL_ENFORCE(!in.empty()); - std::vector out(in.size()); - for (size_t i = 0; i < in.size(); ++i) { - auto temp = ec_->DeserializePoint(in[i]); - out[i] = yc::Blake3_128(ec_->SerializePoint(ec_->Mul(temp, sk_))); - } - return out; -} -} // namespace examples::psi diff --git a/examples/psi/cpp/ecdh_psi.h b/examples/psi/cpp/ecdh_psi.h deleted file mode 100644 index 41c61ec..0000000 --- a/examples/psi/cpp/ecdh_psi.h +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include -#include - -#include "yacl/crypto/ecc/ec_point.h" -#include "yacl/crypto/ecc/ecc_spi.h" - -namespace examples::psi { - -// An example of PSI protocol -// -// NOTE: this PSI protocol is designed solely for demonstation and is not ready, -// or designed for production use, please do not use this in production. -// -// NOTE: we recommend user to use https://github.com/secretflow/psi -// -class EcdhPsi { - public: - EcdhPsi() { - // Use FourQ curve - ec_ = yacl::crypto::EcGroupFactory::Instance().Create( - /* curve name */ "FourQ"); - - // Generate random key - yacl::crypto::MPInt::RandomLtN(ec_->GetOrder(), &sk_); - } - - explicit EcdhPsi(const yacl::crypto::MPInt& sk) { sk_ = sk; } - - // Mask input strings with secret key, and outputs the EcPoint results - void MaskStrings(absl::Span in, - absl::Span out) const; - - // Mask input EcPoints with secret key, and outputs the serialized - // EcPoint strings - void MaskEcPointsAndHashToU128(absl::Span in, - absl::Span out) const; - - // ---------------------------- - // Extra functions (for Python) - // ---------------------------- - - // Mask input strings with secret key, and outputs the EcPoint results - std::vector MaskStringsEx(std::vector in) const; - - // Mask input strings with secret key, and outputs the EcPoint results - std::vector MaskEcPointsAndHashToU128Ex( - std::vector in) const; - - std::shared_ptr GetGroup() const { return ec_; } - - private: - yacl::crypto::MPInt sk_; // secret key - std::shared_ptr ec_; // ec group -}; - -} // namespace examples::psi diff --git a/examples/psi/cpp/ecdh_psi_main.cc b/examples/psi/cpp/ecdh_psi_main.cc deleted file mode 100644 index d79c11c..0000000 --- a/examples/psi/cpp/ecdh_psi_main.cc +++ /dev/null @@ -1,163 +0,0 @@ -// Copyright 2024 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include -#include - -#include "gflags/gflags.h" -#include "psi/cpp/ecdh_psi.h" -#include "psi/cpp/main_utils.h" - -#include "yacl/link/context.h" -#include "yacl/utils/serialize.h" - -DEFINE_int32(rank, -1, "rank of the party: 0/1"); -DEFINE_string(path, "", "path to the input csv file"); - -// Declare alias -namespace yc = yacl::crypto; -using LCTX = std::unique_ptr; - -std::vector ProcessPeerData(const LCTX& lctx, - const examples::psi::EcdhPsi& protocol, - size_t peer_size) { - std::vector peer_points(peer_size); - std::vector peer_final(peer_size); - - // Receiving all peer's data - size_t recv_count = 0; - while (recv_count < peer_size) { - auto buf = lctx->Recv( - lctx->NextRank(), - fmt::format("[{}]: Recving peer masked values", lctx->Rank())); - peer_points[recv_count] = protocol.GetGroup()->DeserializePoint(buf); - recv_count++; - } - - YACL_ENFORCE_EQ(recv_count, peer_size); - - // Mask all peer's points - protocol.MaskEcPointsAndHashToU128(absl::MakeSpan(peer_points), - absl::MakeSpan(peer_final)); - - // Send back all informations - for (const auto& u128 : peer_final) { - lctx->Send( - lctx->NextRank(), yacl::SerializeUint128(u128), - fmt::format("[{}]: Sending peer double-masked values", lctx->Rank())); - } - - return peer_final; -} - -std::vector ProcessSelfData(const LCTX& lctx, - const examples::psi::EcdhPsi& protocol, - absl::Span self_data) { - size_t self_size = self_data.size(); - std::vector self_points(self_size); - std::vector self_final(self_size); - - // Mask self data - protocol.MaskStrings(absl::MakeSpan(self_data), absl::MakeSpan(self_points)); - - // Send masked self data - for (const auto& point : self_points) { - lctx->Send(lctx->NextRank(), protocol.GetGroup()->SerializePoint(point), - fmt::format("[{}]: Sending self masked values", lctx->Rank())); - } - - // Receiving double-masked self-data - size_t recv_count = 0; - while (recv_count < self_size) { - auto buf = lctx->Recv( - lctx->NextRank(), - fmt::format("[{}]: Recving peer masked values", lctx->Rank())); - self_final[recv_count] = yacl::DeserializeUint128(buf); - recv_count++; - } - YACL_ENFORCE_EQ(recv_count, self_size); - - return self_final; -} - -void StartPsi(int rank, const std::string& file_path) { - YACL_ENFORCE(rank == 0 || rank == 1, "Invalid Arguemnts: rank"); - YACL_ENFORCE(!file_path.empty()); - auto data_str = LoadCsv(file_path); - - // NOTE link::Context is not thread-safe - auto lctx = SetupLink(rank); - auto self_lctx = lctx->Spawn(fmt::format("{}", lctx->Rank())); - auto peer_lctx = lctx->Spawn(fmt::format("{}", lctx->NextRank())); - SPDLOG_INFO("Phase 0: Setup network, data, and everything else ... done"); - - // Phase 0.5: Exchange metadata - SPDLOG_INFO("Phase 0.5: Exchange metadata ... "); - lctx->SendAsync(lctx->NextRank(), yacl::SerializeUint128(data_str.size()), - fmt::format("[{}]: Data num = {}", rank, data_str.size())); - - auto peer_size = yacl::DeserializeInt128( - lctx->Recv(lctx->NextRank(), - fmt::format("[{}]: Data num = {}", rank, data_str.size()))); - SPDLOG_INFO("Phase 0.5: Exchange metadata ... done, got self={}, peer={}", - data_str.size(), peer_size); - - // Phase 1: Init protocol and start self and peer process (async) - SPDLOG_INFO("Phase 1: Init protocol and start peer process (async) ..."); - examples::psi::EcdhPsi protocol; - - auto peer_data_process = std::async( - [&]() { return ProcessPeerData(peer_lctx, protocol, peer_size); }); - - auto self_final = - ProcessSelfData(self_lctx, protocol, absl::MakeSpan(data_str)); - - auto peer_final = peer_data_process.get(); - - SPDLOG_INFO( - "Phase 1: Init protocol and start peer process (async) ... " - "done"); - - // Phase 2: Final comparison - SPDLOG_INFO("Phase 2: Trying to calculate the intersection locally ... "); - std::vector out; - std::set_intersection(self_final.begin(), self_final.end(), - peer_final.begin(), peer_final.end(), - std::back_inserter(out)); - SPDLOG_INFO( - "Phase 2: Trying to calculate the intersection locally ... done, got " - "intersection size = {}", - out.size()); - - lctx->WaitLinkTaskFinish(); - - SPDLOG_INFO("ECDH-PSI finished"); -} - -int main(int argc, char* argv[]) { - google::ParseCommandLineFlags(&argc, &argv, true); - - // Phase 0: Setup network, data, and everything else - SPDLOG_INFO("Phase 0: Setup network, data, and everything else ..."); - YACL_ENFORCE(FLAGS_rank == 0 || FLAGS_rank == 1, "Invalid Arguemnts: rank"); - - std::string file_path = - FLAGS_path.empty() ? fmt::format("{}/examples/psi/data_{}.csv", - std::filesystem::current_path().string(), - FLAGS_rank == 0 ? "a" : "b") - : FLAGS_path; - StartPsi(FLAGS_rank, file_path); - - return 0; -} diff --git a/examples/psi/cpp/ecdh_psi_test.cc b/examples/psi/cpp/ecdh_psi_test.cc deleted file mode 100644 index ad89ec0..0000000 --- a/examples/psi/cpp/ecdh_psi_test.cc +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "psi/cpp/ecdh_psi.h" - -#include - -#include "gtest/gtest.h" - -#include "yacl/crypto/hash/hash_utils.h" - -namespace yc = yacl::crypto; - -namespace examples::psi { - -namespace { -std::vector CreateRangeItems(size_t begin, size_t size) { - std::vector ret; - for (size_t i = 0; i < size; i++) { - ret.push_back(std::to_string(begin + i)); - } - return ret; -} - -template -inline std::vector GetIntersectionIdx(const std::vector &x, - const std::vector &y) { - std::set set(x.begin(), x.end()); - std::vector ret; - for (size_t i = 0; i < y.size(); ++i) { - if (set.count(y[i]) != 0) { - ret.push_back(i); - } - } - return ret; -} -} // namespace - -TEST(PsiTest, Works) { - size_t n = 4; - auto x = CreateRangeItems(0, n); - auto y = CreateRangeItems(3, n); - - EcdhPsi alice; - EcdhPsi bob; - - // ------------------- - // Step 1 - // ------------------- - std::vector x_points(n); - // x_points = H(x) ^ {alice_sk} - alice.MaskStrings(absl::MakeSpan(x), absl::MakeSpan(x_points)); - - std::vector y_points(n); - // y_points = H(y) ^ {bob_sk} - bob.MaskStrings(absl::MakeSpan(y), absl::MakeSpan(y_points)); - - // ------------------- - // Step 2 - // ------------------- - // - // Alice send x_points to bob, and bob send y_points to alice - // - // ... code here (omitted) ... - // - // You may mannually send the EcPoints through yacl::link::Context, which - // handles an RPC channel, see: yacl/link/context.h. You may also use any - // method that you like to let Alice talk to Bob. Remember the communication - // channel needs to be a secure P2P channel. - // - // Since most of communication methods only accept strings or bytes, you may - // serialize EcPoints by calling ec_->SerializePoint(/* ec points here */). - // see: yacl/ecc/ecc_spi.h for more details. - - // ------------------- - // Step 3 - // ------------------- - std::vector y_final(n); - // y_str = y_points ^ {alice_sk} - alice.MaskEcPointsAndHashToU128(absl::MakeSpan(y_points), - absl::MakeSpan(y_final)); - - std::vector x_final(n); - // x_str = x_points ^ {bob_sk} - bob.MaskEcPointsAndHashToU128(absl::MakeSpan(x_points), - absl::MakeSpan(x_final)); - - /* check results */ - auto compare = GetIntersectionIdx(x, y); // result - auto z = GetIntersectionIdx(x_final, y_final); - - EXPECT_EQ(compare.size(), z.size()); - - for (size_t i = 0; i < z.size(); ++i) { - EXPECT_EQ(compare[i], z[i]); - } -} - -TEST(PsiExTest, Works) { - size_t n = 4; - auto x = CreateRangeItems(0, n); - auto y = CreateRangeItems(3, n); - - EcdhPsi alice; - EcdhPsi bob; - - // ------------------- - // Step 1 - // ------------------- - std::vector x_points = alice.MaskStringsEx(x); - std::vector y_points = bob.MaskStringsEx(y); - - // ------------------- - // Step 2 - // ------------------- - // - // Alice send x_points to bob, and bob send y_points to alice - // - // ... code here (omitted) ... - // - // You may mannually send the EcPoints through yacl::link::Context, which - // handles an RPC channel, see: yacl/link/context.h. You may also use any - // method that you like to let Alice talk to Bob. Remember the communication - // channel needs to be a secure P2P channel. - // - // Since most of communication methods only accept strings or bytes, you may - // serialize EcPoints by calling ec_->SerializePoint(/* ec points here */). - // see: yacl/ecc/ecc_spi.h for more details. - - // ------------------- - // Step 3 - // ------------------- - std::vector y_final = alice.MaskEcPointsAndHashToU128Ex(y_points); - std::vector x_final = bob.MaskEcPointsAndHashToU128Ex(x_points); - - /* check results */ - auto compare = GetIntersectionIdx(x, y); // result - auto z = GetIntersectionIdx(x_final, y_final); - - EXPECT_EQ(compare.size(), z.size()); - - for (size_t i = 0; i < z.size(); ++i) { - EXPECT_EQ(compare[i], z[i]); - } -} -} // namespace examples::psi diff --git a/examples/psi/cpp/main_utils.h b/examples/psi/cpp/main_utils.h deleted file mode 100644 index 6253a48..0000000 --- a/examples/psi/cpp/main_utils.h +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2024 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include -#include -#include - -#include "yacl/base/exception.h" -#include "yacl/io/rw/csv_reader.h" -#include "yacl/io/rw/schema.h" -#include "yacl/io/stream/file_io.h" -#include "yacl/io/stream/interface.h" -#include "yacl/link/context.h" -#include "yacl/link/factory.h" - -inline std::vector LoadCsv(const std::string& file_path) { - // File input stream - auto in = std::unique_ptr( - new yacl::io::FileInputStream(file_path)); - - // Read csv file - yacl::io::ReaderOptions reader_ops; - - // We only want to read the "ID" column - reader_ops.file_schema = {{/* target colum type */ yacl::io::Schema::STRING}, - {/* target column */ "ID"}}; - auto csv_reader = yacl::io::CsvReader(reader_ops, std::move(in)); - csv_reader.Init(); - - // Read in batch - std::vector out; - yacl::io::ColumnVectorBatch col_batch; - while (csv_reader.Next(&col_batch)) { - auto target_column = col_batch.Pop(0); - out.insert(out.end(), target_column.begin(), target_column.end()); - } - col_batch.Clear(); - - return out; -} -inline std::vector LoadCsv(int rank) { - YACL_ENFORCE(rank == 0 || rank == 1); - std::string file_path = fmt::format("{}/examples/psi/data_{}.csv", - std::filesystem::current_path().string(), - rank == 0 ? "a" : "b"); - return LoadCsv(file_path); -} - -inline std::shared_ptr SetupLink(int my_rank) { - size_t world_size = 2; - yacl::link::ContextDesc ctx_desc; - - for (size_t rank = 0; rank < world_size; rank++) { - const auto id = fmt::format("id-{}", rank); - const auto host = fmt::format("127.0.0.1:{}", 10086 + rank); - ctx_desc.parties.emplace_back(id, host); - } - auto lctx = yacl::link::FactoryBrpc().CreateContext(ctx_desc, my_rank); - lctx->ConnectToMesh(); - - return lctx; -} diff --git a/examples/psi/data/data_a.csv b/examples/psi/data/data_a.csv deleted file mode 100644 index 705cd1f..0000000 --- a/examples/psi/data/data_a.csv +++ /dev/null @@ -1,11 +0,0 @@ -ID, VALUE -1, meaningless-values -2, meaningless-values -3, meaningless-values -4, meaningless-values -5, meaningless-values -6, meaningless-values -7, meaningless-values -8, meaningless-values -9, meaningless-values -10, meaningless-values diff --git a/examples/psi/data/data_b.csv b/examples/psi/data/data_b.csv deleted file mode 100644 index 1f6137b..0000000 --- a/examples/psi/data/data_b.csv +++ /dev/null @@ -1,9 +0,0 @@ -ID, VALUE -6, meaningless-values -7, meaningless-values -8, meaningless-values -9, meaningless-values -10, meaningless-values -11, meaningless-values -12, meaningless-values -13, meaningless-values diff --git a/examples/psi/java/BUILD.bazel b/examples/psi/java/BUILD.bazel deleted file mode 100644 index 91118a3..0000000 --- a/examples/psi/java/BUILD.bazel +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 2023 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# -# NOTE Before running the following examples, please make sure you have -# correctly setup java developement environment. -# -# Example: -# export JAVA_HOME="$(dirname $(dirname $(realpath $(which javac))))" -# - -load("@rules_jni//jni:cc_jni_library.bzl", "cc_jni_library") -load("@rules_jni//jni:java_jni_library.bzl", "java_jni_library") - -package(default_visibility = ["//visibility:public"]) - -java_jni_library( - name = "EcdhPsi", - srcs = [ - "EcdhPsi.java", - ], - native_libs = [":ecdh_psi_jni"], -) - -java_test( - name = "EcdhPsiTest", - srcs = [ - "EcdhPsiTest.java", - ], - deps = [":EcdhPsi"], -) - -cc_library( - name = "jni_wrappers", - hdrs = ["jni_wrappers.h"], - deps = [ - "@yacl//yacl/base:exception", - "@yacl//yacl/base:int128", - "@yacl//yacl/crypto/hash:hash_utils", - "@yacl//yacl/math/mpint", - ], -) - -cc_jni_library( - name = "ecdh_psi_jni", - srcs = [ - "ecdh_psi_jni.cc", - ], - deps = [ - ":EcdhPsi.hdrs", # the generated headers - ":jni_wrappers", - "//psi/cpp:ecdh_psi", - "@yacl//yacl/utils:serialize", - ], -) - -# To generate a LibEcdhPsi_deploy.jar, simply call -# ------------------------------------------------ -# bazel build //examples/psi/java:LibEcdhPsi_deploy.jar -# -# Then the generated jar file should be located in bazel-out/... -java_binary( - name = "LibEcdhPsi", - runtime_deps = [":EcdhPsi"], -) diff --git a/examples/psi/java/EcdhPsi.java b/examples/psi/java/EcdhPsi.java deleted file mode 100644 index 957cf9d..0000000 --- a/examples/psi/java/EcdhPsi.java +++ /dev/null @@ -1,61 +0,0 @@ -// Copyright 2024 Ant Group Co., Ltd. # -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import com.github.fmeum.rules_jni.RulesJni; -import java.lang.annotation.Native; - -public class EcdhPsi { - static { - RulesJni.loadLibrary("ecdh_psi_jni", EcdhPsi.class); - } - - // Constructor - EcdhPsi() { - ec_key_ = jni_ecc_keygen(); - inited_ = true; - } - - public byte[][] MaskStrings(String[] in) { - if (!this.inited_) { - throw new IllegalArgumentException("EcdhPsi instance has not been inited"); - } - return jni_mask_strings(in, this.GetEcKey()); - } - - public byte[][] MaskEcPointAndHashTo128(byte[][] in) { - if (!this.inited_) { - throw new IllegalArgumentException("EcdhPsi instance has not been inited"); - } - return jni_mask_ec_point_and_hash_to_u128(in, this.GetEcKey()); - } - - byte[] GetEcKey() { - return ec_key_; - } - - private byte[] ec_key_; - private boolean inited_ = false; - - // ---------------------------- - // Native Functions Declaration - // ---------------------------- - // - // NOTE the gerenated c header (*.h) file could be found at - // bazel-bin/examples/psi/java/EcdhPsi.hdrs.h/EcdhPsi.h - - public static native byte[] jni_ecc_keygen(); - - public static native byte[][] jni_mask_strings(String[] in, byte[] ec_key); - - public static native byte[][] jni_mask_ec_point_and_hash_to_u128(byte[][] in, byte[] ec_key); -} diff --git a/examples/psi/java/EcdhPsiTest.java b/examples/psi/java/EcdhPsiTest.java deleted file mode 100644 index f0ca784..0000000 --- a/examples/psi/java/EcdhPsiTest.java +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. # -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import static org.junit.Assert.*; - -import java.util.Arrays; -import org.junit.Test; - -public class EcdhPsiTest { - @Test - public void load_test() { - new EcdhPsi(); // should not throw any error - } - - @Test - public void ecdh_psi_test() { - EcdhPsi alice = new EcdhPsi(); - EcdhPsi bob = new EcdhPsi(); - - // the generated ec keys by two difference instances should not be the same - assertEquals(alice.GetEcKey().length, bob.GetEcKey().length); - assertFalse(Arrays.equals(alice.GetEcKey(), bob.GetEcKey())); - - int n = 4; - assertTrue(n > 3); // at least one intersection - String[] x = create_range_items(0, n); // alice's data - String[] y = create_range_items(3, n); // bob's data - - // ------------------- - // Protocol execution - // ------------------- - byte[][] x_mask = alice.MaskStrings(x); // x_points = H(x) ^ {alice_sk} - byte[][] y_mask = bob.MaskStrings(y); // y_points = H(y) ^ {bob_sk} - - byte[][] x_final = bob.MaskEcPointAndHashTo128(x_mask); - byte[][] y_final = alice.MaskEcPointAndHashTo128(y_mask); - - // ------------------- - // Check - // ------------------- - for (int i = 0; i < n - 3; ++i) { - assertTrue(bytes_to_hex_string(x_final[3 + i]).equals(bytes_to_hex_string(y_final[i]))); - } - } - - private String bytes_to_hex_string(byte[] in) { - StringBuilder sb = new StringBuilder(); - for (byte b : in) { - sb.append(String.format("%02x", b)); - } - return sb.toString(); - } - - private String[] create_range_items(int begin, int size) { - String[] ret = new String[size]; - - for (int i = 0; i < size; i++) { - ret[i] = Integer.toString(begin + i); - } - return ret; - } -} diff --git a/examples/psi/java/ecdh_psi_jni.cc b/examples/psi/java/ecdh_psi_jni.cc deleted file mode 100644 index 267fe30..0000000 --- a/examples/psi/java/ecdh_psi_jni.cc +++ /dev/null @@ -1,101 +0,0 @@ -// Copyright 2024 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "psi/cpp/ecdh_psi.h" -#include "psi/java/EcdhPsi.hdrs.h/EcdhPsi.h" -#include "psi/java/jni_wrappers.h" - -#include "yacl/math/mpint/mp_int.h" -#include "yacl/utils/serialize.h" - -namespace yc = yacl::crypto; - -/* - * Class: EcdhPsi - * Method: jni_ecc_keygen - * Signature: ()[B - */ -JNIEXPORT jbyteArray JNICALL Java_EcdhPsi_jni_1ecc_1keygen(JNIEnv *env, - jclass java_class) { - yacl::math::MPInt sk; - auto ec = yc::EcGroupFactory::Instance().Create("FourQ"); - yc::MPInt::RandomLtN(ec->GetOrder(), &sk); - auto buf = sk.Serialize(); - return jni::buffer_to_jbyteArrary(env, sk.Serialize()); -} - -/* - * Class: EcdhPsi - * Method: jni_mask_strings - * Signature: ([Ljava/lang/String;[B)[Ljava/lang/String; - */ -JNIEXPORT jobjectArray JNICALL -Java_EcdhPsi_jni_1mask_1strings(JNIEnv *env, jclass java_class, - jobjectArray in_bytes, jbyteArray sk_bytes) { - // Setup - int len = env->GetArrayLength(in_bytes); - auto ec = yc::EcGroupFactory::Instance().Create("FourQ"); - yacl::math::MPInt sk; - sk.Deserialize(jni::jbyteArray_to_bytes(env, sk_bytes)); - - // Declare the output jobjectArray - jclass bytearray_class = env->FindClass("[B"); - jobjectArray out = env->NewObjectArray(len, bytearray_class, NULL); - - // For each input jstring, hash to curve and mul - for (int i = 0; i < len; i++) { - auto temp_in = jni::jstring_to_string( - env, (jstring)env->GetObjectArrayElement(in_bytes, i)); - auto temp_out = - ec->HashToCurve(yc::HashToCurveStrategy::Autonomous, temp_in); - ec->MulInplace(&temp_out, sk); - auto buffer = ec->SerializePoint(temp_out); - env->SetObjectArrayElement(out, i, jni::buffer_to_jbyteArrary(env, buffer)); - } - return out; -} - -/* - * Class: EcdhPsi - * Method: jni_mask_ec_point_and_hash_to_u128 - * Signature: ([Ljava/lang/String;[B)[Ljava/lang/String; - */ -JNIEXPORT jobjectArray JNICALL -Java_EcdhPsi_jni_1mask_1ec_1point_1and_1hash_1to_1u128(JNIEnv *env, - jclass java_class, - jobjectArray in_bytes, - jbyteArray sk_bytes) { - // Setup - int len = env->GetArrayLength(in_bytes); - auto ec = yc::EcGroupFactory::Instance().Create("FourQ"); - yacl::math::MPInt sk; - sk.Deserialize(jni::jbyteArray_to_bytes(env, sk_bytes)); - - // Declare the output jobjectArray - jclass bytearray_class = env->FindClass("[B"); - jobjectArray out = env->NewObjectArray(len, bytearray_class, NULL); - - // For each input jstring, hash to curve and mul - for (int i = 0; i < len; i++) { - auto temp_in = ec->DeserializePoint(jni::jbyteArray_to_bytes( - env, (jbyteArray)env->GetObjectArrayElement(in_bytes, i))); - auto temp_out = - yacl::crypto::Blake3_128(ec->SerializePoint(ec->Mul(temp_in, sk))); - - yacl::Buffer buf(sizeof(uint128_t)); - memcpy(buf.data(), &temp_out, buf.size()); - env->SetObjectArrayElement(out, i, jni::buffer_to_jbyteArrary(env, buf)); - } - return out; -} diff --git a/examples/psi/java/jni_wrappers.h b/examples/psi/java/jni_wrappers.h deleted file mode 100644 index 4ad447a..0000000 --- a/examples/psi/java/jni_wrappers.h +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include - -#include - -#include "yacl/base/byte_container_view.h" -#include "yacl/base/exception.h" -#include "yacl/base/int128.h" -#include "yacl/crypto/hash/hash_utils.h" -#include "yacl/math/mpint/mp_int.h" - -namespace jni { - -inline jbyteArray buffer_to_jbyteArrary(JNIEnv *env, - yacl::ByteContainerView in) { - const auto *by = reinterpret_cast(in.data()); - jbyteArray ret = env->NewByteArray(in.size()); - env->SetByteArrayRegion(ret, 0, in.size(), by); - return ret; -} - -inline std::vector jbyteArray_to_bytes(JNIEnv *env, jbyteArray in) { - jbyte *in_ptr = env->GetByteArrayElements(in, nullptr); - uint64_t in_len = (uint64_t)env->GetArrayLength(in); - std::vector ret(in_len); - std::memcpy(ret.data(), in_ptr, in_len); - env->ReleaseByteArrayElements(in, in_ptr, 0); - return ret; -} - -inline uint128_t jbyteArray_to_uint128(JNIEnv *env, jbyteArray in) { - jbyte *in_ptr = env->GetByteArrayElements(in, nullptr); - size_t in_len = env->GetArrayLength(in); - YACL_ENFORCE(in_len >= 16); - - uint128_t ret = 0; - for (int i = 0; i < 16; i++) { - // Shifting previous value 8 bits to right and - // add it with next value - char b = *(in_ptr + i); - ret = (ret << 8) + (b & 255); - } - env->ReleaseByteArrayElements(in, in_ptr, 0); - return ret; -} - -inline std::vector jlongArray_to_longs(JNIEnv *env, jlongArray in) { - jlong *in_ptr = env->GetLongArrayElements(in, nullptr); - uint64_t in_len = (uint64_t)env->GetArrayLength(in); - std::vector ret; - for (uint64_t i = 0; i < in_len; i++) { - ret.emplace_back(static_cast(in_ptr[i])); - } - env->ReleaseLongArrayElements(in, in_ptr, 0); - return ret; -} - -inline std::string jstring_to_string(JNIEnv *env, jstring in) { - jboolean isCopy; - const char *convertedValue = (env)->GetStringUTFChars(in, &isCopy); - std::string ret = convertedValue; - env->ReleaseStringUTFChars(in, convertedValue); - return ret; -} - -} // namespace jni \ No newline at end of file diff --git a/examples/psi/python/BUILD.bazel b/examples/psi/python/BUILD.bazel deleted file mode 100644 index a29d56d..0000000 --- a/examples/psi/python/BUILD.bazel +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright 2021 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -load("@pybind11_bazel//:build_defs.bzl", "pybind_extension") -load("@rules_python//python:defs.bzl", "py_library", "py_test") - -package(default_visibility = ["//visibility:public"]) - -exports_files( - [ - "exported_symbols.lds", - "version_script.lds", - ], - visibility = ["//visibility:private"], -) - -pybind_extension( - name = "ecdh_psi_pybind", - srcs = [ - "ecdh_psi_pybind.cc", - "ecdh_psi_pybind.h", - ], - linkopts = select({ - "@bazel_tools//src/conditions:darwin": [ - "-Wl,-exported_symbols_list,$(location //psi/python:exported_symbols.lds)", - ], - "//conditions:default": [ - "-Wl,--version-script,$(location //psi/python:version_script.lds)", - ], - }), - deps = [ - ":exported_symbols.lds", - ":version_script.lds", - "@yacl//yacl/crypto/ecc", - "@yacl//yacl/crypto/hash:hash_utils", - ], -) - -py_library( - name = "ecdh_psi", - srcs = [ - "ecdh_psi.py", - ], - data = [":ecdh_psi_pybind.so"], - imports = ["."], # see: https://stackoverflow.com/questions/62372725/bazel-test-importerror-relative-import -) - -py_test( - name = "ecdh_psi_test", - srcs = [ - "ecdh_psi_test.py", - ], - imports = ["."], # see: https://stackoverflow.com/questions/62372725/bazel-test-importerror-relative-import - deps = [":ecdh_psi"], -) diff --git a/examples/psi/python/ecdh_psi.py b/examples/psi/python/ecdh_psi.py deleted file mode 100644 index 079031a..0000000 --- a/examples/psi/python/ecdh_psi.py +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from ecdh_psi_pybind.libs import EcdhPsiCC - -class EcdhPsi: - - def __init__(self): - self.cc_impl = EcdhPsiCC() - - def mask_strs(self, x): - return self.cc_impl.MaskStrings(x); - - def mask_ec_points_and_hash_to_u128(self, x): - return self.cc_impl.MaskEcPointsAndHashToU128(x); diff --git a/examples/psi/python/ecdh_psi_pybind.cc b/examples/psi/python/ecdh_psi_pybind.cc deleted file mode 100644 index ed8bd62..0000000 --- a/examples/psi/python/ecdh_psi_pybind.cc +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2024 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "psi/python/ecdh_psi_pybind.h" - -#include "pybind11/complex.h" -#include "pybind11/functional.h" -#include "pybind11/pybind11.h" -#include "pybind11/stl.h" - -#define NO_GIL py::call_guard() - -namespace examples::psi { - -void BindLibs(py::module& m) { - // see: - // https://pybind11.readthedocs.io/en/stable/advanced/cast/strings.html#returning-c-strings-to-python - // NOTE When a C++ function returns a std::string or char* to a Python caller, - // pybind11 will assume that the string is valid UTF-8 - py::class_(m, "EcdhPsiCC", "The ECDH PSI protocol class") - .def(py::init<>()) - .def("MaskStrings", &EcdhPsiPy::MaskStrings) - .def("MaskEcPointsAndHashToU128", &EcdhPsiPy::MaskEcPointsAndHashToU128); -} - -PYBIND11_MODULE(ecdh_psi_pybind, m) { - py::module libs_m = m.def_submodule("libs"); - BindLibs(libs_m); -} - -} // namespace examples::psi diff --git a/examples/psi/python/ecdh_psi_pybind.h b/examples/psi/python/ecdh_psi_pybind.h deleted file mode 100644 index b812512..0000000 --- a/examples/psi/python/ecdh_psi_pybind.h +++ /dev/null @@ -1,85 +0,0 @@ -// Copyright 2024 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include -#include - -#include "pybind11/complex.h" -#include "pybind11/functional.h" -#include "pybind11/pybind11.h" -#include "pybind11/stl.h" -#include "pybind11/typing.h" - -#include "yacl/crypto/ecc/ec_point.h" -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/crypto/hash/hash_utils.h" - -namespace py = pybind11; -namespace yc = yacl::crypto; - -namespace examples::psi { - -// An example of PSI protocol -// -// NOTE: this PSI protocol is designed solely for demonstation and is not -// ready, or designed for production use, please do not use this in -// production. -// -// NOTE: we recommend user to use https://github.com/secretflow/psi -// -class EcdhPsiPy { - public: - EcdhPsiPy() { - // Use FourQ curve - ec_ = yacl::crypto::EcGroupFactory::Instance().Create( - /* curve name */ "FourQ"); - - // Generate random key - yacl::crypto::MPInt::RandomLtN(ec_->GetOrder(), &sk_); - } - - explicit EcdhPsiPy(const yacl::crypto::MPInt& sk) { sk_ = sk; } - - // Mask input strings with secret key, and outputs the EcPoint results - std::vector MaskStrings(std::vector in) const { - YACL_ENFORCE(!in.empty()); - std::vector out(in.size()); - for (size_t i = 0; i < in.size(); ++i) { - auto temp = ec_->HashToCurve(yc::HashToCurveStrategy::Autonomous, in[i]); - ec_->MulInplace(&temp, sk_); - out[i] = py::bytes(std::string(ec_->SerializePoint(temp))); - } - return out; - } - - // Mask input strings with secret key, and outputs the EcPoint results - std::vector MaskEcPointsAndHashToU128( - std::vector in) const { - YACL_ENFORCE(!in.empty()); - std::vector out(in.size()); - for (size_t i = 0; i < in.size(); ++i) { - auto temp = ec_->DeserializePoint(in[i]); - out[i] = yc::Blake3_128(ec_->SerializePoint(ec_->Mul(temp, sk_))); - } - return out; - } - - private: - yacl::crypto::MPInt sk_; // secret key - std::shared_ptr ec_; // ec group -}; - -} // namespace examples::psi diff --git a/examples/psi/python/ecdh_psi_test.py b/examples/psi/python/ecdh_psi_test.py deleted file mode 100644 index f5b86e3..0000000 --- a/examples/psi/python/ecdh_psi_test.py +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -from ecdh_psi import EcdhPsi -import unittest - -def intersection_idx(lst1, lst2): - ret_list = [] - for item in list(set(lst1) & set(lst2)): - ret_list.append(lst1.index(item)) - return ret_list - -class EcdhTest(unittest.TestCase): - - def test_full(self): - alice = EcdhPsi() - bob = EcdhPsi() - - alice_data = [str(i) for i in range(0, 4)] - bob_data = [str(i) for i in range(3, 7)] - - alice_masked_data = alice.mask_strs(alice_data) - bob_masked_data = bob.mask_strs(bob_data) - - bob_final_data = alice.mask_ec_points_and_hash_to_u128(bob_masked_data) - alice_final_data = bob.mask_ec_points_and_hash_to_u128(alice_masked_data) - - check = intersection_idx(alice_data, bob_data) - result = intersection_idx(alice_final_data, bob_final_data) - - for i in range(len(check)): - self.assertTrue(check[i] == result[i]) - -if __name__ == "__main__": - unittest.main() diff --git a/examples/psi/python/exported_symbols.lds b/examples/psi/python/exported_symbols.lds deleted file mode 100644 index 2637585..0000000 --- a/examples/psi/python/exported_symbols.lds +++ /dev/null @@ -1 +0,0 @@ -_PyInit_* \ No newline at end of file diff --git a/examples/psi/python/version_script.lds b/examples/psi/python/version_script.lds deleted file mode 100644 index a7e3bc0..0000000 --- a/examples/psi/python/version_script.lds +++ /dev/null @@ -1,9 +0,0 @@ -VERS_1.0 { - # Export symbols in pybind. - global: - PyInit_*; - - # Hide everything else. - local: - *; -}; diff --git a/examples/psu/BUILD.bazel b/examples/psu/BUILD.bazel deleted file mode 100644 index 5f73b2c..0000000 --- a/examples/psu/BUILD.bazel +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 2024 zhangwfjh -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -load("@yacl//bazel:yacl.bzl", "AES_COPT_FLAGS", "yacl_cc_library", "yacl_cc_test") - -package(default_visibility = ["//visibility:public"]) - -yacl_cc_library( - name = "krtw19_psu", - srcs = [ - "krtw19_psu.cc", - ], - hdrs = [ - "krtw19_psu.h", - ], - copts = AES_COPT_FLAGS, - deps = [ - "@com_google_absl//absl/types:span", - "@yacl//yacl/base:exception", - "@yacl//yacl/base:int128", - "@yacl//yacl/crypto/hash:hash_utils", - "@yacl//yacl/crypto/rand", - "@yacl//yacl/kernel/algorithms:base_ot", - "@yacl//yacl/kernel/algorithms:kkrt_ote", - "@yacl//yacl/kernel/algorithms:softspoken_ote", - "@yacl//yacl/link", - "@yacl//yacl/math/galois_field:gf_intrinsic", - ], -) - -yacl_cc_test( - name = "krtw19_psu_test", - srcs = ["krtw19_psu_test.cc"], - deps = [":krtw19_psu"], -) diff --git a/examples/psu/krtw19_psu.cc b/examples/psu/krtw19_psu.cc deleted file mode 100644 index bac16dd..0000000 --- a/examples/psu/krtw19_psu.cc +++ /dev/null @@ -1,246 +0,0 @@ -// Copyright 2024 zhangwfjh -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "psu/krtw19_psu.h" - -#include -#include -#include -#include - -#include "yacl/utils/serialize.h" - -namespace examples::psu { - -namespace { - -// reference: https://eprint.iacr.org/2019/1234.pdf (Figure 2) -constexpr float kZeta{0.06f}; -constexpr size_t kBinSize{64ul}; // m+1 -constexpr uint128_t kBot{0}; -constexpr size_t kNumBinsPerBatch{16ul}; -constexpr size_t kBatchSize{kNumBinsPerBatch * kBinSize}; -constexpr size_t kNumInkpOT{512ul}; - -static auto HashToSizeT = [](const uint128_t& x) { - auto hash = yacl::crypto::Blake3_128({&x, sizeof(x)}); - size_t ret; - std::memcpy(&ret, &hash, sizeof(ret)); - return ret; -}; - -auto HashInputs(const std::vector& elem_hashes, size_t count) { - size_t num_bins = std::ceil(count * kZeta); - std::vector> hashing(num_bins); - for (const auto& elem : elem_hashes) { - auto hash = HashToSizeT(elem); - hashing[hash % num_bins].emplace_back(elem); - } - return hashing; -} - -} // namespace - -uint64_t Evaluate(const std::vector& coeffs, uint64_t x) { - uint64_t y = coeffs.back(); - for (auto it = std::next(coeffs.rbegin()); it != coeffs.rend(); ++it) { - y = yacl::math::Gf64Mul(y, x) ^ *it; - } - return y; -} - -std::vector Interpolate(const std::vector& xs, - const std::vector& ys) { - YACL_ENFORCE(xs.size() == ys.size()); - auto size = xs.size(); - auto poly = std::vector(size + 1, 0); - - // Compute poly = (x - x0)(x - x1) ... (x - xn) - poly[0] = 1; - for (size_t j = 0; j < size; ++j) { - uint64_t sum = 0; - for (size_t k = 0; k <= j + 1; ++k) { - sum = std::exchange(poly[k], yacl::math::Gf64Mul(poly[k], xs[j]) ^ sum); - } - } - - auto coeffs = std::vector(size, 0); // result - - for (size_t i = 0; i < size; ++i) { - // subpoly = poly / (x - xi) - auto subpoly = std::vector(size, 0); - uint64_t xi = xs[i]; - subpoly[size - 1] = 1; - for (int32_t k = size - 2; k >= 0; --k) { - subpoly[k] = poly[k + 1] ^ yacl::math::Gf64Mul(subpoly[k + 1], xi); - } - - auto prod = - yacl::math::Gf64Mul(ys[i], yacl::math::Gf64Inv(Evaluate(subpoly, xi))); - // update coeff - for (size_t k = 0; k < size; ++k) { - coeffs[k] = coeffs[k] ^ yacl::math::Gf64Mul(subpoly[k], prod); - } - } - - return coeffs; -} - -void KrtwPsuSend(const std::shared_ptr& ctx, - const std::vector& elem_hashes) { - ctx->SendAsync(ctx->NextRank(), yacl::SerializeUint128(elem_hashes.size()), - "Send set size"); - size_t peer_count = - DeserializeUint128(ctx->Recv(ctx->PrevRank(), "Receive set size")); - auto count = std::max(elem_hashes.size(), peer_count); - if (count == 0) { - return; - } - // Step 1. Hashes inputs - auto hashing = HashInputs(elem_hashes, count); - - // Step 2. Prepares OPRF - yacl::crypto::KkrtOtExtReceiver receiver; - const size_t num_ot = hashing.size() * kBinSize; - auto ss_sender = yacl::crypto::SoftspokenOtExtSender(); - auto store = ss_sender.GenRot(ctx, kNumInkpOT); - - receiver.Init(ctx, store, num_ot); - receiver.SetBatchSize(kBatchSize); - - std::vector elems; - elems.reserve(num_ot); - size_t oprf_idx = 0; - for (size_t bin_idx = 0; bin_idx != hashing.size(); ++bin_idx) { - hashing[bin_idx].resize(kBinSize); - std::sort(hashing[bin_idx].begin(), hashing[bin_idx].end()); - std::vector evals(kBinSize); - - // Encode inputs before SendCorrection - // More details could be found in `yacl/kernel/algorithms/kkrt_ote_test.cc` - std::transform(hashing[bin_idx].cbegin(), hashing[bin_idx].cend(), - evals.begin(), [&](uint128_t input) { - uint64_t result; - receiver.Encode( - oprf_idx, HashToSizeT(input), - {reinterpret_cast(&result), sizeof(result)}); - oprf_idx++; - return result; - }); - receiver.SendCorrection(ctx, kBinSize); - - // Step 3. For each bin element, invokes PSU(1, m+1) - for (size_t i = 0; i < hashing[bin_idx].size(); ++i) { - auto elem = hashing[bin_idx][i]; - elems.emplace_back(elem); - uint64_t eval = evals[i]; - std::vector coeffs(kBinSize); - auto buf = ctx->Recv(ctx->PrevRank(), "Receive coefficients"); - - YACL_ENFORCE(buf.size() == kBinSize * sizeof(uint64_t)); - std::memcpy(coeffs.data(), buf.data(), buf.size()); - - auto y = Evaluate(coeffs, HashToSizeT(elem)) ^ eval; - ctx->SendAsync(ctx->NextRank(), - yacl::SerializeUint128(yacl::MakeUint128(0, y)), - "Send evaluation"); - } - } - - // Step 4. Sends new elements through OT - auto keys = ss_sender.GenRot(ctx, num_ot); - std::vector ciphers(num_ot); - for (size_t i = 0; i != num_ot; ++i) { - ciphers[i] = elems[i] ^ keys.GetBlock(i, 0); - } - ctx->SendAsync(ctx->NextRank(), - yacl::ByteContainerView(ciphers.data(), - ciphers.size() * sizeof(uint128_t)), - "Send ciphertexts"); -} - -std::vector KrtwPsuRecv( - const std::shared_ptr& ctx, - const std::vector& elem_hashes) { - size_t peer_count = - DeserializeUint128(ctx->Recv(ctx->PrevRank(), "Receive set size")); - ctx->SendAsync(ctx->NextRank(), yacl::SerializeUint128(elem_hashes.size()), - "Send set size"); - auto count = std::max(elem_hashes.size(), peer_count); - if (count == 0) { - return {}; - } - // Step 1. Hashes inputs - auto hashing = HashInputs(elem_hashes, count); - - // Step 2. Prepares OPRF - const size_t num_ot = hashing.size() * kBinSize; - auto ss_receiver = yacl::crypto::SoftspokenOtExtReceiver(); - auto store = ss_receiver.GenRot(ctx, kNumInkpOT); - - yacl::crypto::KkrtOtExtSender sender; - sender.Init(ctx, store, num_ot); - sender.SetBatchSize(kBatchSize); - auto oprf = sender.GetOprf(); - - yacl::dynamic_bitset ot_choice(num_ot); - size_t oprf_idx = 0; - // Step 3. For each bin, invokes PSU(1, m+1) - for (size_t bin_idx = 0; bin_idx != hashing.size(); ++bin_idx) { - sender.RecvCorrection(ctx, kBinSize); - - auto bin_size = hashing[bin_idx].size(); - for (size_t elem_idx = 0; elem_idx != kBinSize; ++elem_idx, ++oprf_idx) { - auto seed = yacl::crypto::FastRandU64(); - std::vector xs(kBinSize), ys(kBinSize); - for (size_t i = 0; i != kBinSize; ++i) { - xs[i] = (i < bin_size ? HashToSizeT(hashing[bin_idx][i]) - : i > bin_size ? yacl::crypto::FastRandU64() - : kBot); - oprf->Eval(oprf_idx, xs[i], reinterpret_cast(&ys[i]), - sizeof(ys[i])); - ys[i] ^= seed; - } - std::vector coeffs = Interpolate(xs, ys); - ctx->SendAsync(ctx->NextRank(), - yacl::ByteContainerView(coeffs.data(), - coeffs.size() * sizeof(uint64_t)), - "Send coefficients"); - auto eval = yacl::DeserializeUint128( - ctx->Recv(ctx->PrevRank(), "Receive evaluation")); - ot_choice[oprf_idx] = (eval == yacl::MakeUint128(0, seed)); - } - } - - // Step 4. Receives new elements through OT - auto keys = ss_receiver.GenRot(ctx, ot_choice); - std::vector ciphers(num_ot); - auto buf = ctx->Recv(ctx->PrevRank(), "Receive ciphertexts"); - YACL_ENFORCE(buf.size() == int64_t(num_ot * sizeof(uint128_t))); - std::memcpy(ciphers.data(), buf.data(), buf.size()); - - std::set set_union(elem_hashes.begin(), elem_hashes.end()); - - for (size_t i = 0; i != num_ot; ++i) { - if (!ot_choice[i]) { - auto new_elem = ciphers[i] ^ keys.GetBlock(i); - if (new_elem != kBot) { - set_union.emplace(new_elem); - } - } - } - return std::vector(set_union.begin(), set_union.end()); -} - -} // namespace examples::psu diff --git a/examples/psu/krtw19_psu.h b/examples/psu/krtw19_psu.h deleted file mode 100644 index 4c02f4b..0000000 --- a/examples/psu/krtw19_psu.h +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2024 zhangwfjh -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include -#include - -#include "yacl/base/int128.h" -#include "yacl/link/link.h" -#include "yacl/math/galois_field/gf_intrinsic.h" -#include "yacl/secparam.h" - -/* submodules */ -#include "yacl/crypto/hash/hash_utils.h" -#include "yacl/crypto/rand/rand.h" -#include "yacl/kernel/algorithms/base_ot.h" -#include "yacl/kernel/algorithms/kkrt_ote.h" -#include "yacl/kernel/algorithms/softspoken_ote.h" - -/* security parameter declaration */ -YACL_MODULE_DECLARE("krtw_psu", SecParam::C::k128, SecParam::S::k40); - -namespace examples::psu { - -uint64_t Evaluate(const std::vector& coeffs, uint64_t x); - -std::vector Interpolate(const std::vector& xs, - const std::vector& ys); - -// Scalable Private Set Union from Symmetric-Key Techniques -// https://eprint.iacr.org/2019/776.pdf (Figure 10) - -void KrtwPsuSend(const std::shared_ptr& ctx, - const std::vector& elem_hashes); - -std::vector KrtwPsuRecv( - const std::shared_ptr& ctx, - const std::vector& elem_hashes); - -} // namespace examples::psu diff --git a/examples/psu/krtw19_psu_test.cc b/examples/psu/krtw19_psu_test.cc deleted file mode 100644 index 92e1ac5..0000000 --- a/examples/psu/krtw19_psu_test.cc +++ /dev/null @@ -1,100 +0,0 @@ -// Copyright 2024 zhangwfjh -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "psu/krtw19_psu.h" - -#include -#include -#include -#include -#include - -#include "gtest/gtest.h" - -#include "yacl/base/exception.h" -#include "yacl/crypto/hash/hash_utils.h" -#include "yacl/link/test_util.h" -#include "yacl/secparam.h" - -struct TestParams { - std::vector items_a; - std::vector items_b; -}; - -namespace examples::psu { - -class PolyTest : public testing ::TestWithParam {}; - -TEST_P(PolyTest, Works) { - auto size = GetParam(); - auto xs = yacl::crypto::RandVec(size); - auto ys = yacl::crypto::RandVec(size); - - auto ceof = Interpolate(xs, ys); - EXPECT_EQ(ceof.size(), size); - for (size_t i = 0; i < size; ++i) { - EXPECT_EQ(ys[i], Evaluate(ceof, xs[i])); - } -} - -INSTANTIATE_TEST_SUITE_P(Works_Instances, PolyTest, - testing::Values(10, 100, 1000, 10000)); - -class KrtwPsuTest : public testing::TestWithParam {}; - -TEST_P(KrtwPsuTest, Works) { - auto params = GetParam(); - const int kWorldSize = 2; - auto contexts = yacl::link::test::SetupWorld(kWorldSize); - - std::future krtwpsu_sender = - std::async([&] { return KrtwPsuSend(contexts[0], params.items_a); }); - std::future> krtwpsu_receiver = - std::async([&] { return KrtwPsuRecv(contexts[1], params.items_b); }); - - krtwpsu_sender.get(); - auto psu_result = krtwpsu_receiver.get(); - std::sort(psu_result.begin(), psu_result.end()); - - std::set union_set; - union_set.insert(params.items_a.begin(), params.items_a.end()); - union_set.insert(params.items_b.begin(), params.items_b.end()); - std::vector union_vec(union_set.begin(), union_set.end()); - - EXPECT_EQ(psu_result, union_vec); -} - -std::vector CreateRangeItems(size_t begin, size_t size) { - std::vector ret; - for (size_t i = 0; i < size; i++) { - ret.push_back(yacl::crypto::Blake3_128(std::to_string(begin + i))); - } - return ret; -} - -INSTANTIATE_TEST_SUITE_P( - Works_Instances, KrtwPsuTest, - testing::Values( - TestParams{{}, {}}, // - TestParams{{}, {yacl::crypto::Blake3_128("a")}}, // - TestParams{{yacl::crypto::Blake3_128("a")}, {}}, // - // No overlap - TestParams{CreateRangeItems(0, 1024), CreateRangeItems(1024, 1024)}, // - // Partial overlap - TestParams{CreateRangeItems(0, 1024), CreateRangeItems(512, 1024)}, // - // Complete overlap - TestParams{CreateRangeItems(0, 1024), CreateRangeItems(0, 1024)} // - )); - -} // namespace examples::psu diff --git a/examples/repositories.bzl b/examples/repositories.bzl deleted file mode 100644 index 5fd03cb..0000000 --- a/examples/repositories.bzl +++ /dev/null @@ -1,48 +0,0 @@ -# Copyright 2024 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") -load("@bazel_tools//tools/build_defs/repo:utils.bzl", "maybe") - -def example_deps(): - maybe( - http_archive, - name = "rules_jni", - sha256 = "a84863992f425220e1b5e7dfd4663ef1f7c69d63aff6e09a154880744ce0bab0", - strip_prefix = "rules_jni-0.10.1", - urls = [ - "https://github.com/fmeum/rules_jni/archive/refs/tags/v0.10.1.tar.gz", - ], - ) - - maybe( - http_archive, - name = "pybind11_bazel", - sha256 = "dc4882b23a617575d0fd822aba88aa4a14133c3d428b5a8fb83d81d03444a475", - strip_prefix = "pybind11_bazel-8889d39b2b925b2a47519ae09402a96f00ccf2b4", - urls = [ - "https://github.com/pybind/pybind11_bazel/archive/8889d39b2b925b2a47519ae09402a96f00ccf2b4.zip", - ], - ) - - maybe( - http_archive, - name = "pybind11", - build_file = "@pybind11_bazel//:pybind11.BUILD", - sha256 = "bf8f242abd1abcd375d516a7067490fb71abd79519a282d22b6e4d19282185a7", - strip_prefix = "pybind11-2.12.0", - urls = [ - "https://github.com/pybind/pybind11/archive/refs/tags/v2.12.0.tar.gz", - ], - ) diff --git a/examples/zkp/BUILD.bazel b/examples/zkp/BUILD.bazel deleted file mode 100644 index a2be626..0000000 --- a/examples/zkp/BUILD.bazel +++ /dev/null @@ -1,82 +0,0 @@ -# Copyright 2022 Ant Group Co., Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -load("@yacl//bazel:yacl.bzl", "yacl_cc_library", "yacl_cc_test") - -package(default_visibility = ["//visibility:public"]) - -yacl_cc_library( - name = "pedersen_commit", - hdrs = [ - "pedersen_commit.h", - ], - deps = [ - ":sigma_owh", - "@yacl//yacl/crypto/hash:hash_utils", - ], -) - -yacl_cc_test( - name = "pedersen_commit_test", - srcs = ["pedersen_commit_test.cc"], - deps = [ - ":pedersen_commit", - ], -) - -yacl_cc_library( - name = "sigma", - srcs = ["sigma.cc"], - hdrs = [ - "sigma.h", - ], - deps = [ - ":sigma_owh", - "@yacl//yacl/crypto/tools:ro", - "@yacl//yacl/utils:parallel", - ], -) - -yacl_cc_test( - name = "sigma_test", - srcs = ["sigma_test.cc"], - deps = [ - ":sigma", - "@yacl//yacl/crypto/rand", - ], -) - -yacl_cc_library( - name = "sigma_config", - srcs = ["sigma_config.cc"], - hdrs = [ - "sigma_config.h", - ], - deps = [ - "@yacl//yacl/crypto/ecc", - "@yacl//yacl/crypto/hash:hash_interface", - ], -) - -yacl_cc_library( - name = "sigma_owh", - srcs = ["sigma_owh.cc"], - hdrs = [ - "sigma_owh.h", - ], - deps = [ - ":sigma_config", - "@yacl//yacl/crypto/rand", - ], -) diff --git a/examples/zkp/pedersen_commit.h b/examples/zkp/pedersen_commit.h deleted file mode 100644 index 0ac839f..0000000 --- a/examples/zkp/pedersen_commit.h +++ /dev/null @@ -1,108 +0,0 @@ -// Copyright 2022 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include "zkp/sigma_owh.h" - -#include "yacl/crypto/hash/hash_utils.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -// This is an implementation of Pedersen commitment scheme depended on the -// `SigmaOWH`. -// -// Papers: -// - Pedersen92, Non-Interactive and Information-Theoretic Secure Verifiable -// Secret Sharing, http://link.springer.com/10.1007/3-540-46766-1_9 -// -// Pedersen commitment (perfectly hiding, computationally binding)[Pedersen92]: -// ------------------------------------------------------------ -// (x) -// prover verifier -// random z, c=g^x·h^z c(commit) -// -----------------------> -// x,r(open) -// -----------------------> -// check if g^x·h^z ?= c -// ------------------------------------------------------------ -// -// [Warning] g and h should be generators of EC group such that nobody knows -// math.log(h, g) (log of h base g)[See -// https://crypto.stackexchange.com/questions/94956/what-does-it-mean-for-g-and-h-to-be-indendent-in-pedersen-commitments]. -// So we adapt `HashToCurve` method to generate random generators, which -// meets above requirement. -// -class PedersenCommit { - public: - explicit PedersenCommit( - const std::shared_ptr &group, uint128_t seed = SecureRandU128(), - HashToCurveStrategy strategy = HashToCurveStrategy::Autonomous) - : group_ref_(group), - generators_(SigmaOWH::MakeGenerators( - GetSigmaConfig(SigmaType::Pedersen), group_ref_, seed, strategy)) {} - - // Generate a Pedersen commitment - EcPoint Commit(const MPInt &input, const MPInt &blind) const { - return SigmaOWH::ToStatement(GetSigmaConfig(SigmaType::Pedersen), - group_ref_, generators_, - Witness{input, blind})[0]; - } - - // Open(Verify) a Pedersen commitment - bool Open(const EcPoint &commit, const MPInt &input, - const MPInt &blind) const { - auto commit_check = Commit(input, blind); - return group_ref_->PointEqual(commit, commit_check); - } - - // - // utility functions - // - static MPInt HashInput(yacl::ByteContainerView input) { - auto hashed_input = Sha256(input); - MPInt input_bn; - input_bn.Deserialize(hashed_input); - return input_bn; - } - - static PedersenCommit &GetDefault() { - static std::shared_ptr group = EcGroupFactory::Instance().Create( - kSigmaEcName, yacl::ArgLib = kSigmaEcLib); - static PedersenCommit ctx(group); - return ctx; - } - - private: - const std::shared_ptr group_ref_; - SigmaGenerator generators_; -}; - -inline EcPoint PedersenHashAndCommit(const yacl::ByteContainerView &input, - const MPInt &blind) { - return PedersenCommit::GetDefault().Commit(PedersenCommit::HashInput(input), - blind); -} - -inline bool PedersenHashAndOpen(const EcPoint &commit, - const yacl::ByteContainerView &input, - const MPInt &blind) { - auto input_bn = PedersenCommit::HashInput(input); - return PedersenCommit::GetDefault().Open(commit, input_bn, blind); -} - -} // namespace examples::zkp diff --git a/examples/zkp/pedersen_commit_test.cc b/examples/zkp/pedersen_commit_test.cc deleted file mode 100644 index 566e27b..0000000 --- a/examples/zkp/pedersen_commit_test.cc +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2022 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "zkp/pedersen_commit.h" - -#include "gtest/gtest.h" - -#include "yacl/crypto/rand/rand.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -TEST(PedersenCommit, OpenTest) { - MPInt blind1; - MPInt blind2; - MPInt::RandomRoundDown(256, &blind1); - MPInt::RandomRoundDown(256, &blind2); - - auto value1 = RandBytes(123); - auto value2 = RandBytes(123); - - auto res1 = PedersenHashAndCommit(value1, blind1); - - EXPECT_EQ(true, PedersenHashAndOpen(res1, value1, blind1)); - EXPECT_EQ(false, PedersenHashAndOpen(res1, value2, blind1)); - EXPECT_EQ(false, PedersenHashAndOpen(res1, value1, blind2)); - EXPECT_EQ(false, PedersenHashAndOpen(res1, value2, blind2)); -} - -TEST(PedersenCommit, PedersenCommitTest) { - std::shared_ptr group = EcGroupFactory::Instance().Create( - kSigmaEcName, yacl::ArgLib = kSigmaEcLib); - - auto rnd_seed1 = RandBytes(32); - auto rnd_seed2 = RandBytes(32); - PedersenCommit ctx(group, 12345, HashToCurveStrategy::Autonomous); - - MPInt input; - MPInt blind; - MPInt input2; - MPInt blind2; - MPInt::RandomExactBits(256, &input); - MPInt::RandomExactBits(256, &blind); - MPInt::RandomExactBits(256, &input2); - MPInt::RandomExactBits(256, &blind2); - - auto commit = ctx.Commit(input, blind); - - EXPECT_TRUE(ctx.Open(commit, input, blind)); - EXPECT_FALSE(ctx.Open(commit, input2, blind2)); -} - -} // namespace examples::zkp diff --git a/examples/zkp/sigma.cc b/examples/zkp/sigma.cc deleted file mode 100644 index d63ea93..0000000 --- a/examples/zkp/sigma.cc +++ /dev/null @@ -1,302 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "zkp/sigma.h" - -#include "yacl/crypto/tools/ro.h" -#include "yacl/utils/parallel.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -SigmaProtocol::SigmaProtocol(SigmaType type, - const std::shared_ptr& group, - uint128_t seed, HashToCurveStrategy strategy) - : SigmaProtocol(GetSigmaConfig(type), group, seed, strategy) {} - -SigmaProtocol::SigmaProtocol(const SigmaConfig& config, - const std::shared_ptr& group, - uint128_t seed, HashToCurveStrategy strategy) - : SigmaProtocol(config, group, - SigmaOWH::MakeGenerators(config, group, seed, strategy)) {} - -SigmaProtocol::SigmaProtocol(SigmaType type, - const std::shared_ptr& group, - const SigmaGenerator& generators) - : SigmaProtocol(GetSigmaConfig(type), group, generators) {} - -SigmaProtocol::SigmaProtocol(const SigmaConfig& config, - const std::shared_ptr& group, - const SigmaGenerator& generators) - : config_(config), group_ref_(group), generators_(generators) { - CheckParms(); -} - -SigmaProtocol::SigmaProtocol(SigmaType type, - const std::shared_ptr& group, - yacl::ByteContainerView serialized_generators) - : SigmaProtocol(GetSigmaConfig(type), group, serialized_generators) {} - -SigmaProtocol::SigmaProtocol(const SigmaConfig& config, - const std::shared_ptr& group, - yacl::ByteContainerView serialized_generators) - : config_(config), group_ref_(group) { - CheckParms(); - const auto kGroupLen = group_ref_->GetSerializeLength(); - YACL_ENFORCE(serialized_generators.size() % kGroupLen == 0); - const auto n = serialized_generators.size() / kGroupLen; - for (uint64_t i = 0; i < n; i++) { - auto tmp = group_ref_->DeserializePoint( - {serialized_generators.data() + kGroupLen * i, kGroupLen}); - YACL_ENFORCE( - !group_ref_->IsInfinity(tmp), - "Generator should not be 1(identity elements)=infinity in ECC group!"); - generators_.emplace_back(tmp); - } -} - -void SigmaProtocol::CheckParms() const { - YACL_ENFORCE(config_.IsQualified()); - YACL_ENFORCE(group_ref_->GetFieldType() == FieldType::Prime, - "ECC-based Sigma proof systems should be implemented over " - "prime-order groups!"); - switch (config_.type) { - case SigmaType::Dlog: - case SigmaType::Pedersen: - case SigmaType::Representation: - case SigmaType::SeveralDlog: - case SigmaType::DlogEq: - case SigmaType::SeveralDlogEq: - case SigmaType::DHTripple: - break; - default: - YACL_THROW( - "yacl/zkp/sigma only supports Dlog, Pedersen, Representation, " - "SeveralDlog, DlogEq, SeveralDlogEq, DHTripple types now!"); - } -} - -SigmaStatement SigmaProtocol::ToStatement(const Witness& witness) const { - return SigmaOWH::ToStatement(config_, group_ref_, generators_, witness); -} - -SigmaStatement SigmaProtocol::RandStm(const Witness& rnd_witness) const { - return ToStatement(rnd_witness); -} - -SigmaProof SigmaProtocol::Prove(const Witness& witness, - const Witness& rnd_witness, - const Challenge& challenge) const { - return Prove(config_, witness, rnd_witness, challenge, - group_ref_->GetOrder()); -} - -bool SigmaProtocol::Verify(const SigmaStatement& statement, - const SigmaStatement& rnd_statement, - const Challenge& challenge, - const SigmaProof& proof) const { - YACL_ENFORCE(statement.size() == config_.num_statement && - rnd_statement.size() == config_.num_statement); - - auto p_stm = ToStatement(proof); - - // num_statement means the number of statements should be checked - for (size_t i = 0; i < config_.num_statement; i++) { - if (!group_ref_->PointEqual( - VerifyOp(group_ref_, statement[i], p_stm[i], challenge), - rnd_statement[i])) { - return false; - } - } - return true; -} - -SigmaBatchProof SigmaProtocol::ProveBatchable( - const SigmaStatement& statement, const std::vector& witness, - const std::vector& rnd_witness, - yacl::ByteContainerView other_info) const { - SigmaBatchProof ret_proof; - // compute first message : rnd_statement - ret_proof.rnd_statement = ToStatement(rnd_witness); - // get challenge: RO(generators||statement||rnd_statement||other_info) - MPInt challenge = - GenChallenge(generators_, statement, ret_proof.rnd_statement, other_info); - // compute second message : proof - ret_proof.proof = Prove(witness, rnd_witness, challenge); - - return ret_proof; -} - -bool SigmaProtocol::VerifyBatchable(const SigmaStatement& statement, - const SigmaBatchProof& proof, - yacl::ByteContainerView other_info) const { - MPInt challenge = - GenChallenge(generators_, statement, proof.rnd_statement, other_info); - return Verify(statement, proof.rnd_statement, challenge, proof.proof); -} - -SigmaShortProof SigmaProtocol::ProveCompact( - const SigmaStatement& statement, const std::vector& witness, - const std::vector& rnd_witness, - yacl::ByteContainerView other_info) const { - SigmaShortProof ret_proof; - std::vector rnd_statement; - - rnd_statement = ToStatement(rnd_witness); - // get challenge: RO(generators||statement||rnd_statement||other_info) - ret_proof.challenge = - GenChallenge(generators_, statement, rnd_statement, other_info); - ret_proof.proof = Prove(witness, rnd_witness, ret_proof.challenge); - - return ret_proof; -} - -bool SigmaProtocol::VerifyCompact(const std::vector& statement, - const SigmaShortProof& proof, - yacl::ByteContainerView other_info) const { - YACL_ENFORCE(statement.size() == config_.num_statement); - - // Check if we could re-generate a same challenge by - // generators||statement||rnd_statement||other_info - auto p_stm = ToStatement(proof.proof); - // Compute rnd_statement - auto rnd_stm = VerifyOp(group_ref_, statement, p_stm, proof.challenge); - // compute challenge - MPInt challenge = GenChallenge(generators_, statement, rnd_stm, other_info); - return challenge == proof.challenge; -} - -Witness SigmaProtocol::GenRandomWitness() const { - Witness ret; - for (size_t i = 0; i < config_.num_rnd_witness; i++) { - MPInt temp; - MPInt::RandomLtN(group_ref_->GetOrder(), &temp); - ret.emplace_back(temp); - } - return ret; -} - -SigmaGenerator SigmaProtocol::GetGenerators() const { return generators_; } - -yacl::Buffer SigmaProtocol::GeneratorsSerialize() const { - const auto kGroupLen = group_ref_->GetSerializeLength(); - yacl::Buffer buf(kGroupLen * generators_.size()); - std::memset(buf.data(), 0, buf.size()); - for (uint64_t i = 0; i < generators_.size(); i++) { - group_ref_->SerializePoint(generators_[i], - buf.data() + i * kGroupLen, kGroupLen); - } - return buf; -} - -Challenge SigmaProtocol::GenChallenge() const { - Challenge ret; - MPInt::RandomLtN(group_ref_->GetOrder(), &ret); - return ret; -} - -MPInt SigmaProtocol::GenChallenge(const SigmaGenerator& generators, - const std::vector& statement, - const std::vector& rnd_statement, - yacl::ByteContainerView other_info) const { - return GenChallenge(group_ref_, generators, statement, rnd_statement, - other_info, config_.ro_type, config_.point_format); -} - -MPInt SigmaProtocol::GenChallenge( - const std::shared_ptr& group, yacl::ByteContainerView prefix, - const SigmaGenerator& generators, const std::vector& statement, - const std::vector& rnd_statement, - yacl::ByteContainerView other_info, HashAlgorithm ro_type, - PointOctetFormat point_format, yacl::Endian endianness) { - auto order = group->GetOrder(); - RandomOracle ro(ro_type, (order.BitCount() + 7) / 8); - std::string buf_str; - if (!prefix.empty()) { - buf_str.append(std::begin(prefix), std::end(prefix)); - } - for (uint32_t i = 0; i < generators.size(); i++) { - buf_str.append(group->SerializePoint(generators[i], point_format)); - } - for (uint32_t i = 0; i < statement.size(); i++) { - buf_str.append(group->SerializePoint(statement[i], point_format)); - } - for (uint32_t i = 0; i < rnd_statement.size(); i++) { - buf_str.append(group->SerializePoint(rnd_statement[i], point_format)); - } - buf_str.append(other_info); - - // RO(prefix||gens||statements||rnd_statements||other_info) - auto out = ro.Gen(buf_str); - - MPInt ret; - ret.FromMagBytes(out, endianness); - return ret % order; -} - -SigmaProof SigmaProtocol::Prove(const SigmaConfig& config, - const Witness& witness, - const Witness& rnd_witness, - const Challenge& challenge, - const MPInt& order) { - YACL_ENFORCE(witness.size() == config.num_witness); - YACL_ENFORCE(rnd_witness.size() == config.num_rnd_witness); - - return ProofOp(witness, rnd_witness, challenge, order); -} - -MPInt SigmaProtocol::ProofOp(const MPInt& witness, const MPInt& rnd_witness, - const Challenge& challenge, const MPInt& order) { - return rnd_witness.SubMod(challenge.MulMod(witness, order), order); -} - -std::vector SigmaProtocol::ProofOp(const std::vector& witness, - const std::vector& rnd_witness, - const Challenge& challenge, - const MPInt& order) { - YACL_ENFORCE(witness.size() == rnd_witness.size()); - std::vector result(witness.size()); - yacl::parallel_for(0, witness.size(), [&](int64_t beg, int64_t end) { - for (auto i = beg; i < end; i++) { - result[i] = (rnd_witness[i] - (challenge * witness[i] % order)) % order; - } - }); - return result; -} - -EcPoint SigmaProtocol::VerifyOp(const std::shared_ptr& group, - const EcPoint& stm, const EcPoint& proof_stm, - const Challenge& challenge) { - auto ret = group->Mul(stm, challenge); - group->AddInplace(&ret, proof_stm); - return ret; -} - -std::vector SigmaProtocol::VerifyOp( - const std::shared_ptr& group, const std::vector& stm, - const std::vector& proof_stm, const Challenge& challenge) { - YACL_ENFORCE(proof_stm.size() == stm.size()); - - std::vector rtm(stm.size()); - yacl::parallel_for(0, stm.size(), [&](int64_t beg, int64_t end) { - for (auto i = beg; i < end; i++) { - rtm[i] = group->Add(group->Mul(stm[i], challenge), proof_stm[i]); - } - }); - return rtm; -} - -} // namespace examples::zkp diff --git a/examples/zkp/sigma.h b/examples/zkp/sigma.h deleted file mode 100644 index f94a3de..0000000 --- a/examples/zkp/sigma.h +++ /dev/null @@ -1,220 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include "zkp/sigma_config.h" -#include "zkp/sigma_owh.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -// We abide an unifying view to implment the common Sigma-type zero-knowledge -// proof (ZKP) schemes, in which we view the ZKP schemes as proof of knowledge -// of a pre-image of a one-way group homomorphism(OWH) and a specific group -// homomorphism would determine a specific scheme [Mau09]. -// In other words, the prover wants to convince the verifier that he knows the -// witness(pre-image) of the statement(OWH and the result of OWH taking input by -// the witness). -// -// Consider two groups (G, +), (H, *), a challenge space N and an one-way -// group homomorphism(f) G -> H : x -> z = f(x) -// ----------------------------------------------------------------- -// prover verifier -// knows x z=f(x) -// -// RandStm: -// k <-(random)- G -// t = f(k) t -// -----------------> GenChallenge: -// c challenge c <-(random)- N -// Proof: <----------------- -// r = k + x^c r -// -----------------> Verify: -// check if f(r) ?= t * z^c -// ----------------------------------------------------------------- -// -// For example, -// - if we take the group homomorphism [·]: x -> z as z=[x]=h^x, then the -// proof system is the known Schnorr protocol [Sch89] for proving knowledge of -// discrete logarithm problem. -// - if we take the group homomorphism [·]: x,r -> z as z=[x,r]=h_1^x·h_2^r, -// then the proof the known ZKP scheme for proving knowledge of opening value -// of Pedersen commitment [Oka92]. -// -// Note, we also provide non-interactive proof methods in two ways [KO21]: -// - compact (proof contents: challenge, response) -// - batchable form (proof contents: commitment, response) -// -// Papers: -// - [Mau09] Unifying Zero-Knowledge Proofs of Knowledge -// - [Sch89] Efficient signature generation by smart cards -// - [Oka92] Provably Secure and Practical Identification Schemes and -// Corresponding Signature Schemes, -// - [KO21] Proposal: Σ-protocols, -// https://docs.zkproof.org/pages/standards/accepted-workshop4/proposal-sigma.pdf -// -class SigmaProtocol { - public: - // seed, use to generate group generators by HashToCurve Method - explicit SigmaProtocol( - SigmaType type, const std::shared_ptr& group, - uint128_t seed = SecureRandU128(), - HashToCurveStrategy strategy = HashToCurveStrategy::Autonomous); - explicit SigmaProtocol( - const SigmaConfig& config, const std::shared_ptr& group, - uint128_t seed = SecureRandU128(), - HashToCurveStrategy strategy = HashToCurveStrategy::Autonomous); - - explicit SigmaProtocol(SigmaType type, const std::shared_ptr& group, - const SigmaGenerator& generators); - explicit SigmaProtocol(const SigmaConfig& config, - const std::shared_ptr& group, - const SigmaGenerator& generators); - - explicit SigmaProtocol(SigmaType type, const std::shared_ptr& group, - yacl::ByteContainerView serialized_generators); - explicit SigmaProtocol(const SigmaConfig& config, - const std::shared_ptr& group, - yacl::ByteContainerView serialized_generators); - - SigmaStatement ToStatement(const Witness& witness) const; - - // - // 3-round Interactive version - // - // Round1: Prover, generate random statement - // Start Interactive proof - SigmaStatement RandStm(const Witness& rnd_witness) const; - - // Round2: Verifier, send a random challenge to prover, suggest use - // GenChallenge() - - // round3: Prover, generate proof by witness, rnd_witness and challenge. - SigmaProof Prove(const Witness& witness, const Witness& rnd_witness, - const Challenge& challenge) const; - static SigmaProof Prove(const SigmaConfig& config, const Witness& witness, - const Witness& rnd_witness, - const Challenge& challenge, const MPInt& order); - // round3: Verifier, verify the proof - bool Verify(const SigmaStatement& statement, - const SigmaStatement& rnd_statement, const Challenge& challenge, - const SigmaProof& proof) const; - - // - // Non-interactive version, Batchable - // - // other_info for generation of challenge as H(...||other_info) - // rnd_witness is the same number of random stuffs for proof - SigmaBatchProof ProveBatchable(const SigmaStatement& statement, - const std::vector& witness, - const std::vector& rnd_witness, - yacl::ByteContainerView other_info = {}) const; - bool VerifyBatchable(const SigmaStatement& statement, - const SigmaBatchProof& proof, - yacl::ByteContainerView other_info = {}) const; - - // - // Non-interactive version, Compact - // - SigmaShortProof ProveCompact(const SigmaStatement& statement, - const std::vector& witness, - const std::vector& rnd_witness, - yacl::ByteContainerView other_info = {}) const; - bool VerifyCompact(const std::vector& statement, - const SigmaShortProof& proof, - yacl::ByteContainerView other_info = {}) const; - - // - // Tool Functions - // - Challenge GenChallenge() const; - Witness GenRandomWitness() const; - SigmaGenerator GetGenerators() const; - yacl::Buffer GeneratorsSerialize() const; - - // ro_type, the Random Oracle instance - // point_format, Group Point Serialization Mode - // endianness, Scalar Deserialization Mode to generate the final challenge - // Return the challenge AS: - // DeserScalar(endianness, - // RO( - // ro_type, - // prefix - // ||SerPoints(point_format, generators) - // ||SerPoints(point_format,statement) - // ||SerPoints(point_format, rnd_statement) - // ||other_info - // ) - // ) - static MPInt GenChallenge( - const std::shared_ptr& group, yacl::ByteContainerView prefix, - const SigmaGenerator& generators, const std::vector& statement, - const std::vector& rnd_statement, - yacl::ByteContainerView other_info = {}, - HashAlgorithm ro_type = HashAlgorithm::BLAKE3, - PointOctetFormat point_format = PointOctetFormat::Autonomous, - yacl::Endian endianness = yacl::Endian::big); - static MPInt GenChallenge( - const std::shared_ptr& group, const SigmaGenerator& generators, - const std::vector& statement, - const std::vector& rnd_statement, - yacl::ByteContainerView other_info = {}, - HashAlgorithm ro_type = HashAlgorithm::BLAKE3, - PointOctetFormat point_format = PointOctetFormat::Autonomous, - yacl::Endian endianness = yacl::Endian::big) { - return GenChallenge(group, "", generators, statement, rnd_statement, - other_info, ro_type, point_format, endianness); - } - static MPInt GenChallenge( - const std::shared_ptr& group, yacl::ByteContainerView prefix, - const std::vector& statement, - yacl::ByteContainerView other_info = {}, - HashAlgorithm ro_type = HashAlgorithm::BLAKE3, - PointOctetFormat point_format = PointOctetFormat::Autonomous, - yacl::Endian endianness = yacl::Endian::big) { - return GenChallenge(group, prefix, statement, {}, {}, other_info, ro_type, - point_format, endianness); - } - // rnd_witness - challenge * witness - static MPInt ProofOp(const MPInt& witness, const MPInt& rnd_witness, - const Challenge& challenge, const MPInt& order); - static std::vector ProofOp(const std::vector& witness, - const std::vector& rnd_witness, - const Challenge& challenge, - const MPInt& order); - // proof_stm( = g^proof) + statement * challenge - static EcPoint VerifyOp(const std::shared_ptr& group, - const EcPoint& stm, const EcPoint& proof_stm, - const Challenge& challenge); - static std::vector VerifyOp(const std::shared_ptr& group, - const std::vector& stm, - const std::vector& proof_stm, - const Challenge& challenge); - - private: - MPInt GenChallenge(const SigmaGenerator& generators, - const std::vector& statement, - const std::vector& rnd_statement, - yacl::ByteContainerView other_info = {}) const; - void CheckParms() const; - - SigmaConfig config_; - std::shared_ptr group_ref_; - SigmaGenerator generators_; -}; - -} // namespace examples::zkp diff --git a/examples/zkp/sigma_config.cc b/examples/zkp/sigma_config.cc deleted file mode 100644 index b458f6e..0000000 --- a/examples/zkp/sigma_config.cc +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "zkp/sigma_config.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -// 0 means n, user should assign these to actual numbers -const std::vector kSigmaConfig = { - // type, witness, rnd_witness, generator, statement - {SigmaType::Dlog, 1, 1, 1, 1}, - {SigmaType::Pedersen, 2, 2, 2, 1}, - {SigmaType::DlogEq, 1, 1, 2, 2}, - {SigmaType::DHTripple, 1, 1, 2, 2}, - // number of witness, random witness and generators should be the same and - // at least 1 - {SigmaType::Representation, 0, 0, 0, 1, true}, - // number of witness, random witness, generators, challenges and statements - // should be the same and at least 1 - {SigmaType::SeveralDlog, 0, 0, 0, 0, true}, - // number of generators, statements should be the same and at least 2 - {SigmaType::SeveralDlogEq, 1, 1, 0, 0, true}, - {SigmaType::PedersenMult, 5, 5, 2, 3}, - {SigmaType::PedersenMultOpenOne, 5, 5, 2, 3}, -}; - -bool SigmaConfig::IsQualified() const { - if (!dyn_size_flag) { - return Equals(GetSigmaConfig(type)); - } - // check varied size sigma config(values of varied attrs may are setted by - // called SigmaConfig.SetXXX(), or default 0) - switch (type) { - case SigmaType::Representation: - // number of witness and generator should be the same and as least 1, - // number of challenge and statement should be 1. - return num_statement == 1 && num_witness > 0 && - num_witness == num_rnd_witness && num_witness == num_generator; - case SigmaType::SeveralDlog: - // number of witness should be as least 1 - // number of witness, challenge, generator and num_statement should be - // the same - return num_witness > 0 && num_witness == num_rnd_witness && - num_witness == num_generator && num_witness == num_statement; - case SigmaType::SeveralDlogEq: - // number of witness should be 1 - // number of generator should as least 2 - // number of generator and num_statement should be the same - return num_witness == 1 && num_rnd_witness == 1 && num_generator >= 2 && - num_generator == num_statement; - default: - return false; - } -} - -SigmaConfig SigmaConfig::SetDynNum(uint32_t n) { - YACL_ENFORCE(dyn_size_flag, - "The config could not set num because it has no dynamic attr!"); - switch (type) { - case SigmaType::Representation: { - this->num_witness = n; - this->num_rnd_witness = n; - this->num_generator = n; - break; - } - case SigmaType::SeveralDlog: { - this->num_witness = n; - this->num_rnd_witness = n; - this->num_generator = n; - this->num_statement = n; - break; - } - case SigmaType::SeveralDlogEq: { - this->num_generator = n; - this->num_statement = n; - break; - } - default: - YACL_THROW("Not supported type(having dynamic attrs)!"); - } - YACL_ENFORCE(IsQualified()); - return *this; -} - -bool SigmaConfig::Equals(SigmaConfig rhs) const { - return std::tie(type, num_witness, num_rnd_witness, num_generator, - num_statement, dyn_size_flag, ro_type, point_format) == - std::tie(rhs.type, rhs.num_witness, rhs.num_rnd_witness, - rhs.num_generator, rhs.num_statement, rhs.dyn_size_flag, - rhs.ro_type, rhs.point_format); -} - -std::map BuildSigmaMap() { - std::map res; - auto insert = [&res](SigmaType type, const SigmaConfig& config) { - auto it = res.find(type); - if (it == res.end()) { - res.insert({type, config}); - } else { - // TODO: type to string?, so could ("... {}", type) - YACL_ENFORCE(it->second.Equals(config), "Duplicate sigma type!"); - } - }; - - for (const auto& s : kSigmaConfig) { - insert(s.type, s); - } - return res; -} - -SigmaConfig GetSigmaConfig(SigmaType type) { - static auto sigma_map = BuildSigmaMap(); - auto it = sigma_map.find(type); - YACL_ENFORCE(it != sigma_map.end(), "Unsupported sigma type!"); - return it->second; -} - -SigmaConfig GetRepresentation(uint64_t num) { - return GetSigmaConfig(SigmaType::Representation).SetDynNum(num); -} - -SigmaConfig GetSeveralDlogEq(uint64_t num) { - return GetSigmaConfig(SigmaType::SeveralDlogEq).SetDynNum(num); -} - -SigmaConfig GetSeveralDlog(uint64_t num) { - return GetSigmaConfig(SigmaType::SeveralDlog).SetDynNum(num); -} - -} // namespace examples::zkp diff --git a/examples/zkp/sigma_config.h b/examples/zkp/sigma_config.h deleted file mode 100644 index 99f173a..0000000 --- a/examples/zkp/sigma_config.h +++ /dev/null @@ -1,138 +0,0 @@ -// Copyright 2022 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include "yacl/crypto/ecc/ecc_spi.h" -#include "yacl/crypto/hash/hash_interface.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -// EC-based Sigma proof systems should be implemented over prime-order ecc -// groups. -const CurveName kSigmaEcName = "secp256k1"; -const std::string kSigmaEcLib = "OpenSSL"; - -// Sigma proof type for different group homomorphisms(GH) f: (G, +) -> (H, ^). -// Generators of group H: h1, h2, h3, ..., hn. Note that we should determine a -// (secure) generation method of generators of group H before running the proof -// system. -enum class SigmaType { - // Description: know the result of discrete logarithm. - // f : x -> h1^x (1 1 1, 1 elements in G, 1 Generator and 1 elements in H). - // Secret: x (in group G). - // Statement: z = h1^x (in group H). - Dlog, - // Description: know the opening of Pedersen commitment. - // f : (x1, x2) -> h1^x1·h2^x2 (2 2 1), - // Secret: x1, x2, - // Statement: z = h1^x1·h2^x2. - Pedersen, - // Description: know the representation over generators h1, ..., hn. - // f : (x1, x2, ..., xn) -> h1^x1·h2^x2·...·hn^xn (n n 1), - // Secret: x1, x2, ..., xn, - // Statement: z = h1^x1·h2^x2·...·hn^xn. - Representation, - // Description: know results of several discrete logarithm. - // f : (x1, x2, ..., xn) -> (h1^x1, h2^x2, ..., hn^xn) (n n n), - // Secret: x1, x2, ..., xn, - // Statement: z = (h1^x1, h2^x2, ..., hn^xn). - SeveralDlog, - // Description: know equality of two discrete logarithm. - // f : x -> h1^x, h2^x (1 2 2), - // Secret: x, - // Statement: z1 = h1^x, z2 = h2^x. - DlogEq, - // Description: know equality of several discrete logarithm. - // f : x -> h1^x, h2^x2, ..., hn^xn (1 n n), - // Secret: x, - // Statement: z1 = h1^x, z2 = h2^x, ..., zn = hn^x. - SeveralDlogEq, - // Description: know correctness of Diffie-Hellman Keys. (1 2 2) - // f : It's underlying homomorphism is DlogEq. - // Secret: x1, - // Statement: z1 = h1^x1, z2 = h1^x2, z3 = h1^{x1·x2} = z2^x1, - // Generators define & transform: h1 = h1, h2 = z2, - // Transformed statement: z1 = h1^x1, z3 = h2^x1 (Actually DlogEq). - DHTripple, - // Description: know the multiplication relation of three Pedersen commitments - // (z1, z2, z3) with x3 = x1 · x2. (5 2 3) - // f : It's underlying homomorphism is Pedersen. We don't count x3 as a - // secret below, cause it's a derived secret from x1, x2. - // Secret: x1, r1, x2, r2, x3 (= x1·x2 is a derived witness), r3 - // Statement: - // z1 = h1^x1·h2^r1, - // z2 = h1^x2·h2^r2, - // z3 = h1^x3·h2^r3, - // and, x3 = x1 * x2, - // Generators define & transform: h1 = h1, h2 = h2, h3 = z1 - // Transformed statement: - // z1 = h1^x1·h2^r1, - // z2 = h1^x2·h2^r2, - // z3 = h3^x2·h2^(r3-x2·r1) (implying z3 has x3 = x1 * x2), - PedersenMult, // Not impl now! - // Description: know underlying multiplication relation of three Pedersen - // commitments, but here we could choose to open a pair (x, r). - // f : It's underlying homomorphism is Pedersen. - // Secret: x1, r1, (x2, r2), x3, r3 [Choose open x2, r2] - PedersenMultOpenOne, // Not impl now! -}; - -struct SigmaConfig { - SigmaType type; // sigma proof type - uint32_t num_witness; // number of witness (in group G),0 means varied size - uint32_t num_rnd_witness; // number of random witness - uint32_t num_generator; // number of generator - uint32_t num_statement; // number of statement (in group H) - bool dyn_size_flag = - false; // true for any meta has dynamic attrs, default set to false - HashAlgorithm ro_type = - HashAlgorithm::BLAKE3; // hash type for non-interactive proof - PointOctetFormat point_format = - PointOctetFormat::Autonomous; // Ec point serialization mod - - SigmaConfig SetDynNum(uint32_t n); - - bool Equals(SigmaConfig rhs) const; - bool IsQualified() const; -}; - -SigmaConfig GetSigmaConfig(SigmaType type); -SigmaConfig GetRepresentation(uint64_t num); -SigmaConfig GetSeveralDlogEq(uint64_t num); -SigmaConfig GetSeveralDlog(uint64_t num); - -// -// Alias for sigma proof systems -// -using Witness = std::vector; -using Challenge = MPInt; -using SigmaProof = std::vector; -using SigmaGenerator = std::vector; -using SigmaStatement = std::vector; - -struct SigmaBatchProof { - SigmaProof proof; - SigmaStatement rnd_statement; -}; - -struct SigmaShortProof { - SigmaProof proof; - Challenge challenge; -}; - -} // namespace examples::zkp diff --git a/examples/zkp/sigma_owh.cc b/examples/zkp/sigma_owh.cc deleted file mode 100644 index 1f8c47e..0000000 --- a/examples/zkp/sigma_owh.cc +++ /dev/null @@ -1,114 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "zkp/sigma_owh.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -const std::string kSigmaDefaultSeedPrefix = "YACL-SIGMA-PROOF-SEED"; - -SigmaGenerator SigmaOWH::MakeGenerators(const SigmaConfig& config, - const std::shared_ptr& group, - uint128_t seed, - HashToCurveStrategy strategy) { - SigmaGenerator ret; - for (size_t i = 0; i < config.num_generator; i++) { - auto temp = group->HashToCurve( - strategy, fmt::format("{}-{}-{}-{}", kSigmaDefaultSeedPrefix, - int(config.type), seed, i)); - YACL_ENFORCE( - !group->IsInfinity(temp), - "Generator should not be 1(identity elements)=infinity in ECC group!"); - ret.emplace_back(temp); - } - return ret; -} - -namespace { -// num_witness = n -// num_generator = n -// to 1 statement -SigmaStatement EcStatementNN1(const SigmaConfig& config, - const std::shared_ptr& group, - const Witness& witness, - const SigmaGenerator& generators) { - auto p = group->Mul(generators[0], witness[0]); - for (uint64_t i = 1; i < config.num_witness; i++) { - auto temp = group->Mul(generators[i], witness[i]); - group->AddInplace(&p, temp); - } - return {p}; -} - -// num_witness = n -// num_generator = n -// to n(=num_statement) statement -SigmaStatement EcStatementNNN(const SigmaConfig& config, - const std::shared_ptr& group, - const Witness& witness, - const SigmaGenerator& generators) { - SigmaStatement ret; - for (uint64_t i = 0; i < config.num_statement; i++) { - ret.emplace_back(group->Mul(generators[i], witness[i])); - } - return ret; -} - -// num_witness = 1 -// num_generator = n -// to n(=num_statement) statement -SigmaStatement EcStatement1NN(const SigmaConfig& config, - const std::shared_ptr& group, - const Witness& witness, - const SigmaGenerator& generators) { - SigmaStatement ret; - for (uint64_t i = 0; i < config.num_statement; i++) { - ret.emplace_back(group->Mul(generators[i], witness[0])); - } - return ret; -} -} // namespace - -SigmaStatement SigmaOWH::ToStatement(const SigmaConfig& config, - const std::shared_ptr& group, - const SigmaGenerator& generators, - const Witness& witness) { - YACL_ENFORCE(config.IsQualified(), "Sigma config is not right!"); - YACL_ENFORCE(witness.size() == config.num_witness, - "Witness size is {}, it should be {}", witness.size(), - config.num_witness); - YACL_ENFORCE(generators.size() >= config.num_generator, - "Generator size is {}, it should be {}", generators.size(), - config.num_generator); - - switch (config.type) { - case SigmaType::Dlog: - case SigmaType::Pedersen: - case SigmaType::Representation: - return EcStatementNN1(config, group, witness, generators); - case SigmaType::SeveralDlog: - return EcStatementNNN(config, group, witness, generators); - case SigmaType::DlogEq: - case SigmaType::DHTripple: - case SigmaType::SeveralDlogEq: - return EcStatement1NN(config, group, witness, generators); - default: - YACL_THROW("Not supported Sigma proof type!"); - } -} - -} // namespace examples::zkp diff --git a/examples/zkp/sigma_owh.h b/examples/zkp/sigma_owh.h deleted file mode 100644 index 546d080..0000000 --- a/examples/zkp/sigma_owh.h +++ /dev/null @@ -1,46 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#pragma once - -#include "zkp/sigma_config.h" - -#include "yacl/crypto/ecc/group_sketch.h" -#include "yacl/crypto/rand/rand.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -// As we abide an unifying view to implement the Sigma-type zero-knowledge -// proof (ZKP) schemes, in which a one-way group homomorphism(OWH) would -// determine a specific scheme. Here we implement the OWH function in class -// `SigmaOWH::ToStatement(...)`. -// More info, please see class `SigmaProtocol`. -class SigmaOWH { - public: - // use seeds to generate group generators - static SigmaGenerator MakeGenerators( - const SigmaConfig& config, const std::shared_ptr& group, - uint128_t seed = SecureRandU128(), - HashToCurveStrategy strategy = HashToCurveStrategy::Autonomous); - - static SigmaStatement ToStatement(const SigmaConfig& config, - const std::shared_ptr& group, - const SigmaGenerator& generators, - const Witness& witness); -}; - -} // namespace examples::zkp diff --git a/examples/zkp/sigma_test.cc b/examples/zkp/sigma_test.cc deleted file mode 100644 index 22e452d..0000000 --- a/examples/zkp/sigma_test.cc +++ /dev/null @@ -1,158 +0,0 @@ -// Copyright 2023 Ant Group Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "zkp/sigma.h" - -#include "gtest/gtest.h" - -#include "yacl/crypto/rand/rand.h" - -namespace examples::zkp { - -using namespace yacl::crypto; -using namespace yacl::math; - -namespace { - -Witness GenRandomWitness(const std::shared_ptr& group, uint32_t num) { - Witness ret; - auto order = group->GetOrder(); // [0,group order-1] as witness space - for (size_t i = 0; i < num; i++) { - MPInt temp; - MPInt::RandomLtN(order, &temp); - YACL_ENFORCE(temp < order); - ret.emplace_back(temp); - } - return ret; -} -} // namespace - -class SigmaTest - : public ::testing::TestWithParam> { - protected: - SigmaConfig config_; - std::shared_ptr group_; - - void TestSigmaOWH() { - Witness witness = GenRandomWitness(group_, config_.num_witness); - Witness witness2 = GenRandomWitness(group_, config_.num_witness); - - // Using default seeds - auto generators = SigmaOWH::MakeGenerators(config_, group_); - auto stm = SigmaOWH::ToStatement(config_, group_, generators, witness); - auto stm2 = SigmaOWH::ToStatement(config_, group_, generators, witness2); - - EXPECT_TRUE(stm.size() == config_.num_statement); - EXPECT_TRUE(stm2.size() == config_.num_statement); - for (uint32_t i = 0; i < config_.num_statement; i++) { - EXPECT_FALSE(group_->PointEqual(stm[i], stm2[i])); - } - } - - void TestSigmaInstance() { - { - SigmaProtocol sigma(config_, group_); - - SigmaProtocol sigma_from_ser(config_, group_, - sigma.GeneratorsSerialize()); - - auto msg_gens = sigma.GetGenerators(); - auto msg_gens_from_ser = sigma_from_ser.GetGenerators(); - for (uint64_t i = 0; i < config_.num_generator; i++) { - EXPECT_TRUE(group_->PointEqual(msg_gens[i], msg_gens_from_ser[i])); - } - } - { - // length of seeds should be > config_.num_generator - SigmaProtocol sigma(config_, group_, 12345); - SigmaProtocol sigma_from_ser(config_, group_, - sigma.GeneratorsSerialize()); - auto msg_gens = sigma.GetGenerators(); - auto msg_gens_from_ser = sigma_from_ser.GetGenerators(); - for (uint64_t i = 0; i < config_.num_generator; i++) { - EXPECT_TRUE(group_->PointEqual(msg_gens[i], msg_gens_from_ser[i])); - } - } - } - - void TestSigma() { - SigmaProtocol sigma(config_, group_); - // displayed as true witness - auto witness = sigma.GenRandomWitness(); - // displayed as random witness for one-time proof - auto rnd_witness = sigma.GenRandomWitness(); - auto stm = sigma.ToStatement(witness); - - // start 3-round Interactive proof knowledge of stm - auto rnd_stm = sigma.RandStm(rnd_witness); - auto challenge = sigma.GenChallenge(); - auto proof = sigma.Prove(witness, rnd_witness, challenge); - EXPECT_TRUE(sigma.Verify(stm, rnd_stm, challenge, proof)); - - // Non-interactive without other info - { - // start Non-interactive(Batchable version) proof knowledge of stm - auto bat_proof = sigma.ProveBatchable(stm, witness, rnd_witness); - EXPECT_TRUE(sigma.VerifyBatchable(stm, bat_proof)); - - // start Non-interactive(Compact version) proof knowledge of stm - auto com_proof = sigma.ProveCompact(stm, witness, rnd_witness); - EXPECT_TRUE(sigma.VerifyCompact(stm, com_proof)); - } - // Non-interactive with other info - { - std::string other_info = "123test"; - // start Non-interactive(Batchable version) proof knowledge of stm - auto bat_proof = - sigma.ProveBatchable(stm, witness, rnd_witness, other_info); - EXPECT_TRUE(sigma.VerifyBatchable(stm, bat_proof, other_info)); - - // start Non-interactive(Compact version) proof knowledge of stm - auto com_proof = - sigma.ProveCompact(stm, witness, rnd_witness, other_info); - EXPECT_TRUE(sigma.VerifyCompact(stm, com_proof, other_info)); - } - } -}; - -class Secp256k1SigmaTest : public SigmaTest { - protected: - void SetUp() override { - std::string lib_name; - std::tie(lib_name, config_) = GetParam(); - group_ = EcGroupFactory::Instance().Create(kSigmaEcName, - yacl::ArgLib = lib_name); - } -}; - -INSTANTIATE_TEST_SUITE_P( - Secp256k1SigmaOWHTest, Secp256k1SigmaTest, - ::testing::Combine( - // ::testing::ValuesIn(EcGroupFactory::ListEcLibraries(kSigmaEcName)) - ::testing::Values("openssl"), - ::testing::Values( - GetSigmaConfig(SigmaType::Dlog), - GetSigmaConfig(SigmaType::Pedersen), - GetSigmaConfig(SigmaType::DlogEq), - GetSigmaConfig(SigmaType::DHTripple), - GetSigmaConfig(SigmaType::SeveralDlog).SetDynNum(11), - GetSigmaConfig(SigmaType::SeveralDlogEq).SetDynNum(11), - GetSigmaConfig(SigmaType::Representation).SetDynNum(11)))); - -TEST_P(Secp256k1SigmaTest, SigmaOWH) { - TestSigmaOWH(); - TestSigma(); -} - -} // namespace examples::zkp diff --git a/yacl/crypto/rand/drbg/openssl_factory.cc b/yacl/crypto/rand/drbg/openssl_factory.cc index 910c84a..5d51354 100644 --- a/yacl/crypto/rand/drbg/openssl_factory.cc +++ b/yacl/crypto/rand/drbg/openssl_factory.cc @@ -80,9 +80,7 @@ OpensslDrbg::OpensslDrbg(std::string type, // instantiate the es_ctx OSSL_RET_1(EVP_RAND_instantiate(es_ctx.get(), 128, 0, nullptr, 0, nullptr)); } else { - SPDLOG_DEBUG( - "Yacl has been configured to use Yacl's entropy source, but unable " - "to find one. Fallback to use openssl's default entropy srouce"); + SPDLOG_WARN("Yacl is using openssl's default entropy srouce for randomness"); } // fetch rand (drbg with the specified type) algorithm from OpenSSL's default