Skip to content

Commit

Permalink
fix: tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@Autoparallel
Autoparallel committed Nov 1, 2024
1 parent ea59a6d commit e116729
Show file tree
Hide file tree
Showing 4 changed files with 67 additions and 51 deletions.
16 changes: 9 additions & 7 deletions circuits/aes-gcm/nivc/aes-gctr-nivc.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
// step_in[DATA_BYTES_LEN*2..DATA_BYTES*2+4] => accumulate counter
signal input step_in[TOTAL_BYTES_ACROSS_NIVC];
signal output step_out[TOTAL_BYTES_ACROSS_NIVC];
signal counter;


// We extract the number from the 4 byte word counter
component last_counter_bits = BytesToBits(4);
Expand All @@ -37,10 +37,10 @@ template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
for (var i = 0; i< 32; i++){
last_counter_num.in[i] <== last_counter_bits.out[31 - i];
}
signal index <== last_counter_num.out - 1;

counter <== last_counter_num.out;
// TODO (Colin): We can probably make a template that writes to two multiple arrays at once that saves us even more constraints here instead of just using the `WriteToIndex` twice

// TODO (Colin): We can't call this `WriteToIndex` array this many times, it is too expensive.
// write new plain text block.
signal prevAccumulatedPlaintext[DATA_BYTES];
for(var i = 0 ; i < DATA_BYTES ; i++) {
Expand All @@ -50,8 +50,8 @@ template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
component writeToIndex = WriteToIndex(DATA_BYTES, 16);
writeToIndex.array_to_write_to <== prevAccumulatedPlaintext;
writeToIndex.array_to_write_at_index <== plainText;
writeToIndex.index <== counter * 16;
writeToIndex.out ==> nextAccumulatedPlaintext;
writeToIndex.index <== index * 16;
nextAccumulatedPlaintext <== writeToIndex.out;

// folds one block
component aes = AESGCTRFOLDABLE();
Expand All @@ -73,8 +73,8 @@ template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
component writeCipherText = WriteToIndex(DATA_BYTES, 16);
writeCipherText.array_to_write_to <== prevAccumulatedCiphertext;
writeCipherText.array_to_write_at_index <== aes.cipherText;
writeCipherText.index <== counter * 16;
writeCipherText.out ==> nextAccumulatedCiphertext;
writeCipherText.index <== index * 16;
nextAccumulatedCiphertext <== writeCipherText.out;

for(var i = 0 ; i < TOTAL_BYTES_ACROSS_NIVC ; i++) {
if(i < DATA_BYTES) {
Expand All @@ -83,6 +83,8 @@ template AESGCTRFOLD(DATA_BYTES, MAX_STACK_HEIGHT) {
step_out[i] <== nextAccumulatedCiphertext[i - DATA_BYTES];
} else if(i < 2 * DATA_BYTES + 4) {
step_out[i] <== aes.counter[i - (2 * DATA_BYTES)];
} else {
step_out[i] <== 0;
}
}
}
2 changes: 1 addition & 1 deletion circuits/aes-gctr-nivc.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@ pragma circom 2.1.9;
include "aes-gcm/nivc/aes-gctr-nivc.circom";

// the circomkit tests become unhappy when there is a main.
component main { public [step_in] } = AESGCTRFOLD(48);
component main { public [step_in] } = AESGCTRFOLD(1024, 5);
86 changes: 50 additions & 36 deletions circuits/test/aes-gcm/nivc/aes-gctr-nivc.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,26 +2,36 @@ import { assert } from "chai";
import { WitnessTester } from "circomkit";
import { circomkit } from "../../common";

const MAX_STACK_HEIGHT = 0;

describe("aes-gctr-nivc", () => {
let circuit_one_block: WitnessTester<["key", "iv", "plainText", "aad", "step_in"], ["step_out"]>;


const DATA_BYTES_0 = 16;
const TOTAL_BYTES_ACROSS_NIVC_0 = DATA_BYTES_0 * (MAX_STACK_HEIGHT + 2 + 1) + 1;

it("all correct for self generated single zero pt block case", async () => {
circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", {
file: "aes-gcm/nivc/aes-gctr-nivc",
template: "AESGCTRFOLD",
params: [16], // input len is 16 bytes
params: [DATA_BYTES_0, MAX_STACK_HEIGHT], // input len is 16 bytes
});

let key = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let key = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let plainText = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let iv = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct = [0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78];
let iv = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct = [0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78];

const counter = [0x00, 0x00, 0x00, 0x01];
const step_in = new Array(32).fill(0x00).concat(counter);
const counter = [0x00, 0x00, 0x00, 0x01];
const step_in = new Array(TOTAL_BYTES_ACROSS_NIVC_0).fill(0x00);
counter.forEach((value, index) => {
step_in[2 * DATA_BYTES_0 + index] = value;
});

let expected = plainText.concat(ct).concat([0x00, 0x00, 0x00, 0x02]);
expected = expected.concat(new Array(TOTAL_BYTES_ACROSS_NIVC_0 - expected.length).fill(0));
const witness = await circuit_one_block.compute({ key: key, iv: iv, plainText: plainText, aad: aad, step_in: step_in }, ["step_out"])
assert.deepEqual(witness.step_out, expected.map(BigInt));
});
Expand All @@ -30,45 +40,55 @@ describe("aes-gctr-nivc", () => {
circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", {
file: "aes-gcm/nivc/aes-gctr-nivc",
template: "AESGCTRFOLD",
params: [16], // input len is 16 bytes
params: [DATA_BYTES_0, MAX_STACK_HEIGHT], // input len is 16 bytes
});
let key = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];

let key = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let plainText = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let iv = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct = [0x29, 0x29, 0xd2, 0xbb, 0x1a, 0xe9, 0x48, 0x04, 0x40, 0x2b, 0x8e, 0x77, 0x6e, 0x0d, 0x33, 0x56];
let iv = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct = [0x29, 0x29, 0xd2, 0xbb, 0x1a, 0xe9, 0x48, 0x04, 0x40, 0x2b, 0x8e, 0x77, 0x6e, 0x0d, 0x33, 0x56];

const counter = [0x00, 0x00, 0x00, 0x01];
const step_in = new Array(32).fill(0x00).concat(counter);
const step_in = new Array(TOTAL_BYTES_ACROSS_NIVC_0).fill(0x00);
counter.forEach((value, index) => {
step_in[2 * DATA_BYTES_0 + index] = value;
});

let expected = plainText.concat(ct).concat([0x00, 0x00, 0x00, 0x02]);
expected = expected.concat(new Array(TOTAL_BYTES_ACROSS_NIVC_0 - expected.length).fill(0));

const witness = await circuit_one_block.compute({ key: key, iv: iv, plainText: plainText, aad: aad, step_in: step_in }, ["step_out"])
assert.deepEqual(witness.step_out, expected.map(BigInt));
});

const DATA_BYTES_1 = 32;
const TOTAL_BYTES_ACROSS_NIVC_1 = DATA_BYTES_1 * (MAX_STACK_HEIGHT + 2 + 1) + 1;


let zero_block = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let key = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let plainText1 = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let plainText2 = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let iv = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct_part1 = [0x29, 0x29, 0xd2, 0xbb, 0x1a, 0xe9, 0x48, 0x04, 0x40, 0x2b, 0x8e, 0x77, 0x6e, 0x0d, 0x33, 0x56];
let ct_part2 = [0x26, 0x75, 0x65, 0x30, 0x71, 0x3e, 0x4c, 0x06, 0x5a, 0xf1, 0xd3, 0xc4, 0xf5, 0x6e, 0x02, 0x04];

it("all correct for self generated two block case first fold", async () => {
circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", {
file: "aes-gcm/nivc/aes-gctr-nivc",
template: "AESGCTRFOLD",
params: [32], // input len is 32 bytes
params: [DATA_BYTES_1, MAX_STACK_HEIGHT], // input len is 32 bytes
});

let zero_block = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let key = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let plainText1 = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let plainText2 = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let iv = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct_part1 = [0x29, 0x29, 0xd2, 0xbb, 0x1a, 0xe9, 0x48, 0x04, 0x40, 0x2b, 0x8e, 0x77, 0x6e, 0x0d, 0x33, 0x56];
let ct_part2 = [0x26, 0x75, 0x65, 0x30, 0x71, 0x3e, 0x4c, 0x06, 0x5a, 0xf1, 0xd3, 0xc4, 0xf5, 0x6e, 0x02, 0x04];

const counter = [0x00, 0x00, 0x00, 0x01];
const step_in = new Array(64).fill(0x00).concat(counter);
const step_in = new Array(TOTAL_BYTES_ACROSS_NIVC_1).fill(0x00);
counter.forEach((value, index) => {
step_in[2 * DATA_BYTES_1 + index] = value;
});
let expected = plainText1.concat(zero_block).concat(ct_part1).concat(zero_block).concat([0x00, 0x00, 0x00, 0x02]);
expected = expected.concat(new Array(TOTAL_BYTES_ACROSS_NIVC_1 - expected.length).fill(0));

const witness = await circuit_one_block.compute({ key: key, iv: iv, plainText: plainText1, aad: aad, step_in: step_in }, ["step_out"])
assert.deepEqual(witness.step_out, expected.map(BigInt));
Expand All @@ -78,21 +98,15 @@ describe("aes-gctr-nivc", () => {
circuit_one_block = await circomkit.WitnessTester("aes-gcm-fold", {
file: "aes-gcm/nivc/aes-gctr-nivc",
template: "AESGCTRFOLD",
params: [32], // input len is 32 bytes
params: [DATA_BYTES_1, MAX_STACK_HEIGHT], // input len is 32 bytes
});

let zero_block = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let key = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let plainText1 = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let plainText2 = [0x74, 0x65, 0x73, 0x74, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30];
let iv = [0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31];
let aad = [0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00];
let ct_part1 = [0x29, 0x29, 0xd2, 0xbb, 0x1a, 0xe9, 0x48, 0x04, 0x40, 0x2b, 0x8e, 0x77, 0x6e, 0x0d, 0x33, 0x56];
let ct_part2 = [0x26, 0x75, 0x65, 0x30, 0x71, 0x3e, 0x4c, 0x06, 0x5a, 0xf1, 0xd3, 0xc4, 0xf5, 0x6e, 0x02, 0x04];

const counter = [0x00, 0x00, 0x00, 0x02];
const step_in = plainText1.concat(zero_block).concat(ct_part1).concat(zero_block).concat(counter);
let step_in = plainText1.concat(zero_block).concat(ct_part1).concat(zero_block).concat(counter);
step_in = step_in.concat(new Array(TOTAL_BYTES_ACROSS_NIVC_1 - step_in.length).fill(0));

let expected = plainText1.concat(plainText2).concat(ct_part1).concat(ct_part2).concat([0x00, 0x00, 0x00, 0x03]);
expected = expected.concat(new Array(TOTAL_BYTES_ACROSS_NIVC_1 - expected.length).fill(0));

const witness = await circuit_one_block.compute({ key: key, iv: iv, plainText: plainText2, aad: aad, step_in: step_in }, ["step_out"])
assert.deepEqual(witness.step_out, expected.map(BigInt));
Expand Down
14 changes: 7 additions & 7 deletions circuits/test/full/full.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ describe("NIVC_FULL", async () => {
});


let headerName = toByte("content-type");
let headerName = toByte("content-type")
let headerValue = toByte("application/json; charset=utf-8");

let headerNamePadded = headerName.concat(Array(MAX_HEADER_NAME_LENGTH - headerName.length).fill(0));
Expand All @@ -99,21 +99,21 @@ describe("NIVC_FULL", async () => {
it("NIVC_CHAIN", async () => {
// fold 16 bytes at a time
let aes_gcm: CircuitSignals = { step_out: [] };
console.log("DATA_BYTES", DATA_BYTES);
// console.log("DATA_BYTES", DATA_BYTES);

// Run the 0th chunk of plaintext
const init_nivc_input = Array(TOTAL_BYTES_ACROSS_NIVC).fill(0); // Blank array to write chunks to and pass through NIVC chain
const counter = [0x00, 0x00, 0x00, 0x01];
const init_nivc_input = new Array(TOTAL_BYTES_ACROSS_NIVC).fill(0x00);
counter.forEach((value, index) => {
init_nivc_input[2 * DATA_BYTES + index] = value;
});
let pt = http_response_plaintext.slice(0, 16);
console.log("pt", pt);
aes_gcm = await aesCircuit.compute({ key: Array(16).fill(0), iv: Array(12).fill(0), plainText: pt, aad: Array(16).fill(0), step_in: init_nivc_input }, ["step_out"]);
for (let i = 1; i < (DATA_BYTES / 16); i++) {
// off by one here
let pt = http_response_plaintext.slice(i * 16, i * 16 + 16);
console.log("pt", pt);
aes_gcm = await aesCircuit.compute({ key: Array(16).fill(0), iv: Array(12).fill(0), plainText: pt, aad: Array(16).fill(0), step_in: aes_gcm.step_out }, ["step_out"]);
}
let out = aes_gcm.step_out as number[];
console.log(JSON.stringify(out));
let extendedJsonInput = out.slice(0, DATA_BYTES).concat(Array(Math.max(0, TOTAL_BYTES_ACROSS_NIVC - http_response_plaintext.length)).fill(0));
let parseAndLockStartLine = await httpParseAndLockStartLineCircuit.compute({ step_in: extendedJsonInput, beginning: beginningPadded, beginning_length: beginning.length, middle: middlePadded, middle_length: middle.length, final: finalPadded, final_length: final.length }, ["step_out"]);

Expand Down

0 comments on commit e116729

Please sign in to comment.