Squash

firoorg · Feb 19, 2022 · 960c380 · 960c380
1 parent d73a892
commit 960c380
Show file tree

Hide file tree

Showing 44 changed files with 4,832 additions and 2 deletions.
diff --git a/src/Makefile.am b/src/Makefile.am
@@ -55,6 +55,7 @@ LIBBITCOIN_CONSENSUS=libbitcoin_consensus.a
 LIBBITCOIN_CLI=libbitcoin_cli.a
 LIBBITCOIN_UTIL=libbitcoin_util.a
 LIBLELANTUS=liblelantus.a
+LIBSPARK=libspark.a
 LIBBITCOIN_CRYPTO=crypto/libbitcoin_crypto.a
 LIBBITCOINQT=qt/libfiroqt.a
 LIBSECP256K1=secp256k1/libsecp256k1.la
@@ -86,7 +87,8 @@ EXTRA_LIBRARIES += \
   $(LIBBITCOIN_WALLET) \
   $(LIBBITCOIN_ZMQ) \
   $(LIBFIRO_SIGMA) \
-  $(LIBLELANTUS)
+  $(LIBLELANTUS) \
+  $(LIBSPARK)
 
 lib_LTLIBRARIES = $(LIBBITCOINCONSENSUS)
 
@@ -625,6 +627,42 @@ libbitcoin_util_a_SOURCES = \
   crypto/MerkleTreeProof/merkle-tree.cpp \
   $(BITCOIN_CORE_H)
 
+libspark_a_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
+libspark_a_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
+libspark_a_SOURCES = \
+  libspark/transcript.h \
+  libspark/transcript.cpp \
+  libspark/params.h \
+  libspark/params.cpp \
+  libspark/schnorr_proof.h \
+  libspark/schnorr.h \
+  libspark/schnorr.cpp \
+  libspark/chaum_proof.h \
+  libspark/chaum.h \
+  libspark/chaum.cpp \
+  libspark/coin.h \
+  libspark/coin.cpp \
+  libspark/bpplus_proof.h \
+  libspark/bpplus.h \
+  libspark/bpplus.cpp \
+  libspark/grootle_proof.h \
+  libspark/grootle.h \
+  libspark/grootle.cpp \
+  libspark/keys.h \
+  libspark/keys.cpp \
+  libspark/util.h \
+  libspark/util.cpp \
+  libspark/aead.h \
+  libspark/aead.cpp \
+  libspark/kdf.h \
+  libspark/kdf.cpp \
+  libspark/hash.h \
+  libspark/hash.cpp \
+  libspark/mint_transaction.h \
+  libspark/mint_transaction.cpp \
+  libspark/spend_transaction.h \
+  libspark/spend_transaction.cpp
+
 liblelantus_a_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES)
 liblelantus_a_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 liblelantus_a_SOURCES = \
@@ -729,6 +767,7 @@ firod_LDADD = \
   $(LIBBITCOIN_WALLET) \
   $(LIBFIRO_SIGMA) \
   $(LIBLELANTUS) \
+  $(LIBSPARK) \
   $(LIBBITCOIN_ZMQ) \
   $(LIBBITCOIN_CONSENSUS) \
   $(LIBBITCOIN_CRYPTO) \

diff --git a/src/Makefile.test.include b/src/Makefile.test.include
@@ -90,6 +90,16 @@ BITCOIN_TESTS = \
   liblelantus/test/schnorr_test.cpp \
   liblelantus/test/serialize_test.cpp \
   liblelantus/test/sigma_extended_test.cpp \
+  libspark/test/transcript_test.cpp \
+  libspark/test/schnorr_test.cpp \
+  libspark/test/chaum_test.cpp \
+  libspark/test/bpplus_test.cpp \
+  libspark/test/grootle_test.cpp \
+  libspark/test/aead_test.cpp \
+  libspark/test/encrypt_test.cpp \
+  libspark/test/coin_test.cpp \
+  libspark/test/mint_transaction_test.cpp \
+  libspark/test/spend_transaction_test.cpp \
   sigma/test/coin_spend_tests.cpp \
   sigma/test/coin_tests.cpp \
   sigma/test/primitives_tests.cpp \
@@ -199,7 +209,7 @@ test_test_bitcoin_LDADD = $(LIBBITCOIN_SERVER) -ltor
 
 test_test_bitcoin_SOURCES = $(BITCOIN_TESTS) $(JSON_TEST_FILES) $(RAW_TEST_FILES)
 test_test_bitcoin_CPPFLAGS = $(AM_CPPFLAGS) $(BITCOIN_INCLUDES) -I$(builddir)/test/ $(TESTDEFS) $(EVENT_CFLAGS)
-test_test_bitcoin_LDADD += $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CONSENSUS) $(LIBBITCOIN_CRYPTO) $(LIBFIRO_SIGMA) $(LIBLELANTUS) $(LIBUNIVALUE) $(LIBLEVELDB) $(LIBLEVELDB_SSE42) $(LIBMEMENV) \
+test_test_bitcoin_LDADD += $(LIBBITCOIN_CLI) $(LIBBITCOIN_COMMON) $(LIBBITCOIN_UTIL) $(LIBBITCOIN_CONSENSUS) $(LIBBITCOIN_CRYPTO) $(LIBFIRO_SIGMA) $(LIBLELANTUS) $(LIBSPARK) $(LIBUNIVALUE) $(LIBLEVELDB) $(LIBLEVELDB_SSE42) $(LIBMEMENV) \
   $(BACKTRACE_LIB) $(BOOST_LIBS) $(BOOST_UNIT_TEST_FRAMEWORK_LIB) $(LIBSECP256K1) $(EVENT_PTHREADS_LIBS) $(ZMQ_LIBS) $(ZLIB_LIBS)
 test_test_bitcoin_CXXFLAGS = $(AM_CXXFLAGS) $(PIE_FLAGS)
 if ENABLE_WALLET
@@ -226,6 +236,7 @@ test_test_bitcoin_fuzzy_LDADD = \
   $(LIBUNIVALUE) \
   $(LIBBITCOIN_SERVER) \
   $(LIBLELANTUS) \
+  $(LIBSPARK) \
   $(LIBBITCOIN_COMMON) \
   $(LIBBITCOIN_UTIL) \
   $(LIBBITCOIN_CONSENSUS) \

diff --git a/src/libspark/aead.cpp b/src/libspark/aead.cpp
@@ -0,0 +1,89 @@
+#include "aead.h"
+
+namespace spark {
+
+// Perform authenticated encryption with ChaCha20-Poly1305
+AEADEncryptedData AEAD::encrypt(const std::vector<unsigned char>& key, const std::string additional_data, CDataStream& data) {
+	// Check key size
+	if (key.size() != AEAD_KEY_SIZE) {
+		throw std::invalid_argument("Bad AEAD key size");
+	}
+
+	// Set up the result structure
+	AEADEncryptedData result;
+
+	// Internal size tracker; we know the size of the data already, and can ignore
+	int TEMP;
+
+	// For our application, we can safely use a zero nonce since keys are never reused
+	std::vector<unsigned char> iv;
+	iv.resize(AEAD_IV_SIZE);
+
+	// Set up the cipher
+	EVP_CIPHER_CTX* ctx;
+	ctx = EVP_CIPHER_CTX_new();
+	EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key.data(), iv.data());
+
+	// Include the associated data
+	std::vector<unsigned char> additional_data_bytes(additional_data.begin(), additional_data.end());
+	EVP_EncryptUpdate(ctx, NULL, &TEMP, additional_data_bytes.data(), additional_data_bytes.size());
+
+	// Encrypt the plaintext
+	result.ciphertext.resize(data.size());
+	EVP_EncryptUpdate(ctx, result.ciphertext.data(), &TEMP, reinterpret_cast<unsigned char *>(data.data()), data.size());
+	EVP_EncryptFinal_ex(ctx, NULL, &TEMP);
+
+	// Get the tag
+	result.tag.resize(AEAD_TAG_SIZE);
+	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, AEAD_TAG_SIZE, result.tag.data());
+
+	// Clean up
+	EVP_CIPHER_CTX_free(ctx);
+
+	return result;
+}
+
+// Perform authenticated decryption with ChaCha20-Poly1305
+CDataStream AEAD::decrypt_and_verify(const std::vector<unsigned char>& key, const std::string additional_data, AEADEncryptedData& data) {
+	// Check key size
+	if (key.size() != AEAD_KEY_SIZE) {
+		throw std::invalid_argument("Bad AEAD key size");
+	}
+
+	// Set up the result
+	CDataStream result(SER_NETWORK, PROTOCOL_VERSION);
+
+	// Internal size tracker; we know the size of the data already, and can ignore
+	int TEMP;
+
+	// For our application, we can safely use a zero nonce since keys are never reused
+	std::vector<unsigned char> iv;
+	iv.resize(AEAD_IV_SIZE);
+
+	// Set up the cipher
+	EVP_CIPHER_CTX* ctx;
+	ctx = EVP_CIPHER_CTX_new();
+	EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key.data(), iv.data());
+
+	// Include the associated data
+	std::vector<unsigned char> additional_data_bytes(additional_data.begin(), additional_data.end());
+	EVP_DecryptUpdate(ctx, NULL, &TEMP, additional_data_bytes.data(), additional_data_bytes.size());
+
+	// Decrypt the ciphertext
+	result.resize(data.ciphertext.size());
+	EVP_DecryptUpdate(ctx, reinterpret_cast<unsigned char *>(result.data()), &TEMP, data.ciphertext.data(), data.ciphertext.size());
+
+	// Set the expected tag
+	EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, AEAD_TAG_SIZE, data.tag.data());
+
+	// Decrypt and clean up
+	int ret = EVP_DecryptFinal_ex(ctx, NULL, &TEMP);
+	EVP_CIPHER_CTX_free(ctx);
+	if (ret != 1) {
+		throw std::runtime_error("Bad AEAD authentication");
+	}
+
+	return result;
+}
+
+}
diff --git a/src/libspark/aead.h b/src/libspark/aead.h
@@ -0,0 +1,29 @@
+#ifndef FIRO_SPARK_AEAD_H
+#define FIRO_SPARK_AEAD_H
+#include <openssl/evp.h>
+#include "util.h"
+
+namespace spark {
+
+struct AEADEncryptedData {
+	std::vector<unsigned char> ciphertext;
+	std::vector<unsigned char> tag;
+
+	ADD_SERIALIZE_METHODS;
+
+	template <typename Stream, typename Operation>
+    inline void SerializationOp(Stream& s, Operation ser_action) {
+        READWRITE(ciphertext);
+		READWRITE(tag);
+    }
+};
+
+class AEAD {
+public:
+	static AEADEncryptedData encrypt(const std::vector<unsigned char>& key, const std::string additional_data, CDataStream& data);
+	static CDataStream decrypt_and_verify(const std::vector<unsigned char>& key, const std::string associated_data, AEADEncryptedData& data);
+};
+
+}
+
+#endif