Skip to content

Commit

Permalink
Add NullRng tests and documentation
Browse files Browse the repository at this point in the history
  • Loading branch information
@AaronFeickert
AaronFeickert committed Jan 12, 2024
1 parent f55bbd3 commit 64bc84e
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 7 deletions.
6 changes: 3 additions & 3 deletions src/proof.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ use snafu::prelude::*;
use subtle::{ConditionallySelectable, ConstantTimeEq};
use zeroize::Zeroizing;

use crate::{gray::GrayIterator, statement::Statement, util::DangerousRng, witness::Witness};
use crate::{gray::GrayIterator, statement::Statement, util::NullRng, witness::Witness};

// Proof version flag
const VERSION: u64 = 0;
Expand Down Expand Up @@ -514,13 +514,13 @@ impl Proof {
transcript.append_message("z_A".as_bytes(), proof.z_A.as_bytes());
transcript.append_message("z_C".as_bytes(), proof.z_C.as_bytes());
transcript.append_message("z".as_bytes(), proof.z.as_bytes());
let mut transcript_rng = transcript.build_rng().finalize(&mut DangerousRng);
let mut transcript_rng = transcript.build_rng().finalize(&mut NullRng);

transcript_weights.append_u64("proof".as_bytes(), transcript_rng.as_rngcore().next_u64());
}

// Finalize the weighting transcript into a pseudorandom number generator
let mut transcript_weights_rng = transcript_weights.build_rng().finalize(&mut DangerousRng);
let mut transcript_weights_rng = transcript_weights.build_rng().finalize(&mut NullRng);

// Process each proof
for (proof, xi_powers) in proofs.iter().zip(xi_powers_all.iter()) {
Expand Down
38 changes: 34 additions & 4 deletions src/util.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,12 @@ use rand_core::{
};
use zeroize::Zeroize;

/// A "null" random number generator that exists only for deterministic transcript-based weight generation.
/// A null random number generator that exists only for deterministic transcript-based weight generation.
/// It only produces zero.
/// This is DANGEROUS in general, and you almost certainly should not use it elsewhere!
pub(crate) struct DangerousRng;
pub(crate) struct NullRng;

impl RngCore for DangerousRng {
impl RngCore for NullRng {
#[allow(unused_variables)]
fn fill_bytes(&mut self, dest: &mut [u8]) {
dest.zeroize();
Expand All @@ -31,4 +32,33 @@ impl RngCore for DangerousRng {
}
}

impl CryptoRng for DangerousRng {}
// This isn't really cryptographically secure!
// We only do this so `NullRng` can be used with `TranscriptRng` due to a trait bound.
impl CryptoRng for NullRng {}

#[cfg(test)]
mod test {
use rand_core::RngCore;

use super::NullRng;

#[test]
fn test_null_rng() {
// Ensure that the null RNG supplies only zero
let mut rng = NullRng;

assert_eq!(rng.next_u32(), 0);
assert_eq!(rng.next_u64(), 0);

// Ensure that buffers are filled with only zero
const BUFFER_SIZE: usize = 128;

let mut buffer = [1u8; BUFFER_SIZE]; // start with nonzero
rng.fill_bytes(&mut buffer);
assert_eq!(buffer, [0u8; BUFFER_SIZE]);

let mut buffer = [1u8; BUFFER_SIZE]; // start with nonzero
rng.try_fill_bytes(&mut buffer).unwrap();
assert_eq!(buffer, [0u8; BUFFER_SIZE]);
}
}

0 comments on commit 64bc84e

Please sign in to comment.