diff --git a/circuits/aes-gcm/nivc/aes-gctr-nivc.circom b/circuits/aes-gcm/nivc/aes-gctr-nivc.circom index 995fe9e..9a0892a 100644 --- a/circuits/aes-gcm/nivc/aes-gctr-nivc.circom +++ b/circuits/aes-gcm/nivc/aes-gctr-nivc.circom @@ -6,26 +6,26 @@ include "../../utils/array.circom"; // Compute AES-GCTR template AESGCTRFOLD(DATA_BYTES) { - // Length of plaintext - var INPUT_LEN = (DATA_BYTES - 4) / 2; - assert(INPUT_LEN % 16 == 0); - + + assert(DATA_BYTES % 16 == 0); + var TOTAL_BYTES_ACROSS_NIVC = (DATA_BYTES * 2) + 4; + signal input key[16]; signal input iv[12]; signal input aad[16]; signal input plainText[16]; - // step_in[0..INPUT_LEN] => accumulate plaintext blocks - // step_in[INPUT_LEN..INPUT_LEN*2] => accumulate ciphertext blocks - // step_in[INPUT_LEN*2..INPUT_LEN*2+4] => accumulate counter - signal input step_in[DATA_BYTES]; - signal output step_out[DATA_BYTES]; + // step_in[0..DATA_BYTES] => accumulate plaintext blocks + // step_in[DATA_BYTES..DATA_BYTES*2] => accumulate ciphertext blocks + // step_in[DATA_BYTES_LEN*2..DATA_BYTES*2+4] => accumulate counter + signal input step_in[TOTAL_BYTES_ACROSS_NIVC]; + signal output step_out[TOTAL_BYTES_ACROSS_NIVC]; signal counter; // We extract the number from the 4 byte word counter component last_counter_bits = BytesToBits(4); for(var i = 0; i < 4; i ++) { - last_counter_bits.in[i] <== step_in[INPUT_LEN*2 + i]; + last_counter_bits.in[i] <== step_in[DATA_BYTES*2 + i]; } component last_counter_num = Bits2Num(32); // pass in reverse order @@ -36,8 +36,8 @@ template AESGCTRFOLD(DATA_BYTES) { counter <== last_counter_num.out - 1; // write new plain text block. - signal plainTextAccumulator[DATA_BYTES]; - component writeToIndex = WriteToIndex(DATA_BYTES, 16); + signal plainTextAccumulator[TOTAL_BYTES_ACROSS_NIVC]; + component writeToIndex = WriteToIndex(TOTAL_BYTES_ACROSS_NIVC, 16); writeToIndex.array_to_write_to <== step_in; writeToIndex.array_to_write_at_index <== plainText; writeToIndex.index <== counter * 16; @@ -51,22 +51,22 @@ template AESGCTRFOLD(DATA_BYTES) { aes.plainText <== plainText; for(var i = 0; i < 4; i++) { - aes.lastCounter[i] <== step_in[INPUT_LEN*2 + i]; + aes.lastCounter[i] <== step_in[DATA_BYTES*2 + i]; } // accumulate cipher text - signal cipherTextAccumulator[DATA_BYTES]; - component writeCipherText = WriteToIndex(DATA_BYTES, 16); + signal cipherTextAccumulator[TOTAL_BYTES_ACROSS_NIVC]; + component writeCipherText = WriteToIndex(TOTAL_BYTES_ACROSS_NIVC, 16); writeCipherText.array_to_write_to <== plainTextAccumulator; writeCipherText.array_to_write_at_index <== aes.cipherText; - writeCipherText.index <== INPUT_LEN + counter * 16; + writeCipherText.index <== DATA_BYTES + counter * 16; writeCipherText.out ==> cipherTextAccumulator; // get counter - signal counterAccumulator[DATA_BYTES]; - component writeCounter = WriteToIndex(DATA_BYTES, 4); + signal counterAccumulator[TOTAL_BYTES_ACROSS_NIVC]; + component writeCounter = WriteToIndex(TOTAL_BYTES_ACROSS_NIVC, 4); writeCounter.array_to_write_to <== cipherTextAccumulator; writeCounter.array_to_write_at_index <== aes.counter; - writeCounter.index <== INPUT_LEN*2; + writeCounter.index <== DATA_BYTES*2; writeCounter.out ==> step_out; } \ No newline at end of file diff --git a/circuits/test/aes-gcm/nivc/aes-gctr-nivc.test.ts b/circuits/test/aes-gcm/nivc/aes-gctr-nivc.test.ts index 75de5dd..4b63918 100644 --- a/circuits/test/aes-gcm/nivc/aes-gctr-nivc.test.ts +++ b/circuits/test/aes-gcm/nivc/aes-gctr-nivc.test.ts @@ -9,7 +9,7 @@ describe("aes-gctr-nivc", () => { circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", { file: "aes-gcm/nivc/aes-gctr-nivc", template: "AESGCTRFOLD", - params: [36], // input len is 16 bytes + params: [16], // input len is 16 bytes }); let key = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; @@ -30,7 +30,7 @@ describe("aes-gctr-nivc", () => { circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", { file: "aes-gcm/nivc/aes-gctr-nivc", template: "AESGCTRFOLD", - params: [36], // input len is 16 bytes + params: [16], // input len is 16 bytes }); let key = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31]; @@ -54,7 +54,7 @@ describe("aes-gctr-nivc", () => { circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", { file: "aes-gcm/nivc/aes-gctr-nivc", template: "AESGCTRFOLD", - params: [68], // input len is 32 bytes + params: [32], // input len is 32 bytes }); let zero_block = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; @@ -78,7 +78,7 @@ describe("aes-gctr-nivc", () => { circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", { file: "aes-gcm/nivc/aes-gctr-nivc", template: "AESGCTRFOLD", - params: [68], // input len is 32 bytes + params: [32], // input len is 32 bytes }); let zero_block = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00]; diff --git a/circuits/web_proof.circom b/circuits/web_proof.circom index 7b37db9..a637c71 100644 --- a/circuits/web_proof.circom +++ b/circuits/web_proof.circom @@ -44,33 +44,44 @@ template WEPPROOF(DATA_BYTES) { component http_parse = ParseAndLockStartLine(DATA_BYTES, 16, 10, 3, 2); http_parse.step_in <== aes_gctr_nivc.step_out; - - // First three bytes are "GET", then zero's for third parameter - 3 bytes - // in this case 4 so we add one zero byte - http_parse.beginning <== [0x47, 0x45, 0x54, 0x00]; - http_parse.beginning_length <== MAX_BEGINNING_LENGTH; - http_parse.middle[MAX_MIDDLE_LENGTH]; - http_parse.middle_length; - http_parse.final[MAX_FINAL_LENGTH]; - http_parse.final_length; - + http_parse.beginning <== beginning; + http_parse.beginning_length <== beginning_length; + http_parse.middle <== middle; + http_parse.middle_length <== middle_length; + http_parse.final <== final; + http_parse.final_length <== final_length; // template LockHeader(DATA_BYTES, MAX_STACK_HEIGHT, MAX_HEADER_NAME_LENGTH, MAX_HEADER_VALUE_LENGTH) component http_lock_header = LockHeader(DATA_BYTES, 16, 12, 16); + + signal input header; + signal input headerNameLength; + signal input value; + signal input headerValueLength; + + http_lock_header.step_in <== http_parse.step_out; + http_lock_header.header <== header; + http_lock_header.headerNameLength <== headerNameLength; + http_lock_header.value <== value; + http_lock_header.headerValueLength <== headerValueLength; + // template HTTPMaskBodyNIVC(DATA_BYTES, MAX_STACK_HEIGHT) component http_body_mask = HTTPMaskBodyNIVC(DATA_BYTES, 16); + http_body_mask.step_in <== http_lock_header.step_out; + // JsonParseNIVC(DATA_BYTES, MAX_STACK_HEIGHT) component json_parse = JsonParseNIVC(DATA_BYTES, 16); - // need logic to specif which json type - // object or array - // template JsonMaskObjectNIVC(DATA_BYTES, MAX_STACK_HEIGHT, MAX_KEY_LENGTH) - component json_mask_object = JsonMaskObjectNIVC(DATA_BYTES, 16, 4); + json_parse.step_in <== http_body_mask.step_out; + + // // template JsonMaskObjectNIVC(DATA_BYTES, MAX_STACK_HEIGHT, MAX_KEY_LENGTH) + // component json_mask_object = JsonMaskObjectNIVC(DATA_BYTES, 16, 4); // template JsonMaskArrayIndexNIVC(DATA_BYTES, MAX_STACK_HEIGHT) component json_mask_array = JsonMaskArrayIndexNIVC(DATA_BYTES, 16); + json_mask_array.step_in <== json_parse.step_out; // template MaskExtractFinal(DATA_BYTES, MAX_STACK_HEIGHT, MAX_VALUE_LENGTH) component extract_value = MaskExtractFinal(DATA_BYTES, 32, 32);