Skip to content

Commit

Permalink
put aes back in full test
Browse files Browse the repository at this point in the history
  • Loading branch information
0xJepsen committed Nov 20, 2024
1 parent 2729827 commit f0dc7e4
Show file tree
Hide file tree
Showing 2 changed files with 86 additions and 8 deletions.
92 changes: 85 additions & 7 deletions circuits/test/full/full.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ const http_response_plaintext = [
10, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 32, 125, 13, 10, 32, 32, 32, 32, 32, 32, 32, 93, 13,
10, 32, 32, 32, 125, 13, 10, 125];

const http_response_ciphertext = [
const chacha20_http_response_ciphertext = [
2,125,219,141,140,93,49,129,95,178,135,109,48,36,194,46,239,155,160,70,208,147,37,212,17,195,149,
190,38,215,23,241,84,204,167,184,179,172,187,145,38,75,123,96,81,6,149,36,135,227,226,254,177,90,
241,159,0,230,183,163,210,88,133,176,9,122,225,83,171,157,185,85,122,4,110,52,2,90,36,189,145,63,
Expand All @@ -55,6 +55,29 @@ const http_response_ciphertext = [
131,230,161,217,29,229,251,33,220,230,102,131,245,27,141,220,67,16,26
];

const aes_http_response_ciphertext = [
75, 220, 142, 158, 79, 135, 141, 163, 211, 26, 242, 137, 81, 253, 181, 117,
253, 246, 197, 197, 61, 46, 55, 87, 218, 137, 240, 143, 241, 177, 225, 129,
80, 114, 125, 72, 45, 18, 224, 179, 79, 231, 153, 198, 163, 252, 197, 219,
233, 46, 202, 120, 99, 253, 76, 9, 70, 11, 200, 218, 228, 251, 133, 248,
233, 177, 19, 241, 205, 128, 65, 76, 10, 31, 71, 198, 177, 78, 108, 246,
175, 152, 42, 97, 255, 182, 157, 245, 123, 95, 130, 101, 129, 138, 236, 146,
47, 22, 22, 13, 125, 1, 109, 158, 189, 131, 44, 43, 203, 118, 79, 181,
86, 33, 235, 186, 75, 20, 7, 147, 102, 75, 90, 222, 255, 140, 94, 52,
191, 145, 192, 71, 239, 245, 247, 175, 117, 136, 173, 235, 250, 189, 74, 155,
103, 25, 164, 187, 22, 26, 39, 37, 113, 248, 170, 146, 73, 75, 45, 208,
125, 49, 101, 11, 120, 215, 93, 160, 14, 147, 129, 181, 150, 59, 167, 197,
230, 122, 77, 245, 247, 215, 136, 98, 1, 180, 213, 30, 214, 88, 83, 42,
33, 112, 61, 4, 197, 75, 134, 149, 22, 228, 24, 95, 131, 35, 44, 181,
135, 31, 173, 36, 23, 192, 177, 127, 156, 199, 167, 212, 66, 235, 194, 102,
61, 144, 121, 59, 187, 179, 212, 34, 117, 47, 96, 3, 169, 73, 204, 88,
36, 48, 158, 220, 237, 198, 180, 105, 7, 188, 109, 24, 201, 217, 186, 191,
232, 63, 93, 153, 118, 214, 157, 167, 15, 216, 191, 152, 41, 106, 24, 127,
8, 144, 78, 218, 133, 125, 89, 97, 10, 246, 8, 244, 112, 169, 190, 206,
14, 217, 109, 147, 130, 61, 214, 237, 143, 77, 14, 14, 70, 56, 94, 97,
207, 214, 106, 249, 37, 7, 186, 95, 174, 146, 203, 148, 173, 172, 13, 113
]

const http_start_line = [
72, 84, 84, 80, 47, 49, 46, 49, 32, 50, 48, 48, 32, 79, 75, 13, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
Expand Down Expand Up @@ -206,6 +229,7 @@ const json_key3_mask = [
const json_key3_mask_hash = DataHasher(json_key3_mask);

describe("NIVC_FULL", async () => {
let aesCircuit: WitnessTester<["key", "iv", "aad", "ctr", "plainText", "cipherText", "step_in"], ["step_out"]>;
let chacha20Circuit: WitnessTester<["key", "nonce", "counter", "plainText", "cipherText", "step_in"], ["step_out"]>;
let httpCircuit: WitnessTester<["step_in", "data", "start_line_hash", "header_hashes", "body_hash"], ["step_out"]>;
let json_mask_object_circuit: WitnessTester<["step_in", "data", "key", "keyLen"], ["step_out"]>;
Expand All @@ -221,6 +245,13 @@ describe("NIVC_FULL", async () => {
const MAX_VALUE_LENGTH = 32;

before(async () => {
aesCircuit = await circomkit.WitnessTester("AESGCTRFOLD", {
file: "aes-gcm/nivc/aes-gctr-nivc",
template: "AESGCTRFOLD",
params: [1]
});
console.log("#constraints (AES):", await aesCircuit.getConstraintCount());

chacha20Circuit = await circomkit.WitnessTester("CHACHA20", {
file: "chacha20/nivc/chacha20_nivc",
template: "ChaCha20_NIVC",
Expand Down Expand Up @@ -258,16 +289,36 @@ describe("NIVC_FULL", async () => {
});

it("NIVC_CHAIN", async () => {
// Run ChaCha20
const init_nivc_input = 0;

// This tests both AES and ChaCha20 right now but we will only one in practice.
// Run AES chain
let ctr = [0x00, 0x00, 0x00, 0x01];
let pt = http_response_plaintext.slice(0, 16);
let ct = aes_http_response_ciphertext.slice(0, 16);
let aes_gcm = await aesCircuit.compute({ key: Array(16).fill(0), iv: Array(12).fill(0), ctr: ctr, plainText: pt, aad: Array(16).fill(0), cipherText: ct, step_in: init_nivc_input }, ["step_out"]);
let i = 0;
console.log("AES `step_out[", i, "]`: ", aes_gcm.step_out);
for (i = 1; i < (DATA_BYTES / 16); i++) {
ctr[3] += 1; // This will work since we don't run a test that overlows a byte
let pt = http_response_plaintext.slice(i * 16, i * 16 + 16);
let ct = aes_http_response_ciphertext.slice(i * 16, i * 16 + 16);
aes_gcm = await aesCircuit.compute({ key: Array(16).fill(0), iv: Array(12).fill(0), ctr: ctr, plainText: pt, aad: Array(16).fill(0), cipherText: ct, step_in: aes_gcm.step_out }, ["step_out"]);
console.log("AES `step_out[", i, "]`: ", aes_gcm.step_out);
}
assert.deepEqual(http_response_hash, aes_gcm.step_out);

// Run ChaCha20
const counterBits = uintArray32ToBits([1])[0]
const ptIn = toInput(Buffer.from(http_response_plaintext));
const ctIn = toInput(Buffer.from(http_response_ciphertext));
const ctIn = toInput(Buffer.from(chacha20_http_response_ciphertext));
const keyIn = toInput(Buffer.from(Array(32).fill(0)));
const nonceIn = toInput(Buffer.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4a, 0x00, 0x00, 0x00, 0x00]));
let chacha20 = await chacha20Circuit.compute({ key: keyIn, nonce: nonceIn, counter: counterBits, plainText: ptIn, cipherText: ctIn, step_in: init_nivc_input }, ["step_out"]);
console.log("ChaCha20 `step_out`:", chacha20.step_out);
assert.deepEqual(DataHasher(http_response_plaintext), chacha20.step_out);
assert.deepEqual(http_response_hash, chacha20.step_out);

assert.deepEqual(chacha20.step_out, aes_gcm.step_out);

let http = await httpCircuit.compute({ step_in: chacha20.step_out, data: http_response_plaintext, start_line_hash: http_start_line_hash, header_hashes: [http_header_0_hash, http_header_1_hash], body_hash: http_body_mask_hash }, ["step_out"]);
console.log("HttpNIVC `step_out`:", http.step_out);
Expand Down Expand Up @@ -313,6 +364,7 @@ describe("NIVC_FULL", async () => {


describe("NIVC_FULL_2", async () => {
let aesCircuit: WitnessTester<["key", "iv", "aad", "ctr", "plainText", "cipherText", "step_in"], ["step_out"]>;
let chacha20Circuit: WitnessTester<["key", "nonce", "counter", "plainText", "cipherText", "step_in"], ["step_out"]>;
let httpCircuit: WitnessTester<["step_in", "data", "start_line_hash", "header_hashes", "body_hash"], ["step_out"]>;
let json_mask_object_circuit: WitnessTester<["step_in", "data", "key", "keyLen"], ["step_out"]>;
Expand All @@ -328,6 +380,13 @@ describe("NIVC_FULL_2", async () => {
const MAX_VALUE_LENGTH = 32;

before(async () => {
aesCircuit = await circomkit.WitnessTester("AESGCTRFOLD", {
file: "aes-gcm/nivc/aes-gctr-nivc",
template: "AESGCTRFOLD",
params: [2]
});
console.log("#constraints (AES):", await aesCircuit.getConstraintCount());

chacha20Circuit = await circomkit.WitnessTester("CHACHA20", {
file: "chacha20/nivc/chacha20_nivc",
template: "ChaCha20_NIVC",
Expand Down Expand Up @@ -365,17 +424,36 @@ describe("NIVC_FULL_2", async () => {
});

it("NIVC_CHAIN_2", async () => {
// Run ChaCha20
const init_nivc_input = 0;

// Run AES chain
let ctr = [0x00, 0x00, 0x00, 0x01];
let pt = [http_response_plaintext.slice(0, 16), http_response_plaintext.slice(16, 32)];
let ct = [aes_http_response_ciphertext.slice(0, 16), aes_http_response_ciphertext.slice(16, 32)];
let aes_gcm = await aesCircuit.compute({ key: Array(16).fill(0), iv: Array(12).fill(0), ctr: ctr, plainText: pt, aad: Array(16).fill(0), cipherText: ct, step_in: init_nivc_input }, ["step_out"]);
let i = 0;
console.log("AES `step_out[", i, "]`: ", aes_gcm.step_out);
for (i = 1; i < (DATA_BYTES / (16 * 2)); i++) {
ctr[3] += 2; // This will work since we don't run a test that overlows a byte
let pt = [http_response_plaintext.slice(i * 32, i * 32 + 16), http_response_plaintext.slice(i * 32 + 16, i * 32 + 32)];
let ct = [aes_http_response_ciphertext.slice(i * 32, i * 32 + 16), aes_http_response_ciphertext.slice(i * 32 + 16, i * 32 + 32)];
aes_gcm = await aesCircuit.compute({ key: Array(16).fill(0), iv: Array(12).fill(0), ctr: ctr, plainText: pt, aad: Array(16).fill(0), cipherText: ct, step_in: aes_gcm.step_out }, ["step_out"]);
console.log("AES `step_out[", i, "]`: ", aes_gcm.step_out);
}
assert.deepEqual(http_response_hash, aes_gcm.step_out);

// Run ChaCha20
const counterBits = uintArray32ToBits([1])[0]
const ptIn = toInput(Buffer.from(http_response_plaintext));
const ctIn = toInput(Buffer.from(http_response_ciphertext));
const ctIn = toInput(Buffer.from(chacha20_http_response_ciphertext));
const keyIn = toInput(Buffer.from(Array(32).fill(0)));
const nonceIn = toInput(Buffer.from([0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4a, 0x00, 0x00, 0x00, 0x00]));

let chacha20 = await chacha20Circuit.compute({ key: keyIn, nonce: nonceIn, counter: counterBits, plainText: ptIn, cipherText: ctIn, step_in: init_nivc_input }, ["step_out"]);
console.log("ChaCha20 `step_out`:", chacha20.step_out);
assert.deepEqual(DataHasher(http_response_plaintext), chacha20.step_out);
assert.deepEqual(http_response_hash, chacha20.step_out);

assert.deepEqual(chacha20.step_out, aes_gcm.step_out);

let http = await httpCircuit.compute({ step_in: chacha20.step_out, data: http_response_plaintext, start_line_hash: http_start_line_hash, header_hashes: [http_header_0_hash, http_header_1_hash], body_hash: http_body_mask_hash }, ["step_out"]);
console.log("HttpNIVC `step_out`:", http.step_out);
Expand Down
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "web-prover-circuits",
"description": "ZK Circuits for WebProofs",
"version": "0.5.5",
"version": "0.5.6",
"license": "Apache-2.0",
"repository": {
"type": "git",
Expand Down

0 comments on commit f0dc7e4

Please sign in to comment.