mithril_stm/bls_multi_signature/
helper.rs

1pub(crate) mod unsafe_helpers {
2    use blst::{
3        blst_fp12, blst_fp12_finalverify, blst_p1, blst_p1_affine, blst_p1_affine_generator,
4        blst_p1_compress, blst_p1_from_affine, blst_p1_to_affine, blst_p1_uncompress, blst_p2,
5        blst_p2_affine, blst_p2_affine_generator, blst_p2_from_affine, blst_p2_to_affine,
6        blst_scalar, blst_sk_to_pk_in_g1,
7        min_sig::{PublicKey as BlstVk, SecretKey as BlstSk, Signature as BlstSig},
8    };
9
10    use crate::bls_multi_signature::{BlsProofOfPossession, BlsVerificationKey};
11    use crate::error::{MultiSignatureError, MultiSignatureError::SerializationError};
12
13    /// Check manually if the pairing `e(g1,mvk) = e(k2,g2)` holds.
14    pub(crate) fn verify_pairing(vk: &BlsVerificationKey, pop: &BlsProofOfPossession) -> bool {
15        unsafe {
16            let g1_p = *blst_p1_affine_generator();
17            let mvk_p =
18                std::mem::transmute::<BlstVk, blst_p2_affine>(vk.to_blst_verification_key());
19            let ml_lhs = blst_fp12::miller_loop(&mvk_p, &g1_p);
20
21            let mut k2_p = blst_p1_affine::default();
22            blst_p1_to_affine(&mut k2_p, &pop.get_k2());
23            let g2_p = *blst_p2_affine_generator();
24            let ml_rhs = blst_fp12::miller_loop(&g2_p, &k2_p);
25
26            blst_fp12_finalverify(&ml_lhs, &ml_rhs)
27        }
28    }
29
30    pub(crate) fn compress_p1(k2: &blst_p1) -> [u8; 48] {
31        let mut bytes = [0u8; 48];
32        unsafe { blst_p1_compress(bytes.as_mut_ptr(), k2) }
33        bytes
34    }
35
36    pub(crate) fn uncompress_p1(bytes: &[u8]) -> Result<blst_p1, MultiSignatureError> {
37        unsafe {
38            if bytes.len() == 48 {
39                let mut point = blst_p1_affine::default();
40                let mut out = blst_p1::default();
41                blst_p1_uncompress(&mut point, bytes.as_ptr());
42                blst_p1_from_affine(&mut out, &point);
43                Ok(out)
44            } else {
45                Err(SerializationError)
46            }
47        }
48    }
49
50    pub(crate) fn scalar_to_pk_in_g1(sk: &BlstSk) -> blst_p1 {
51        unsafe {
52            let sk_scalar = std::mem::transmute::<&BlstSk, &blst_scalar>(sk);
53            let mut out = blst_p1::default();
54            blst_sk_to_pk_in_g1(&mut out, sk_scalar);
55            out
56        }
57    }
58
59    pub(crate) fn vk_from_p2_affine(vk: &BlsVerificationKey) -> blst_p2 {
60        unsafe {
61            let mut projective_p2 = blst_p2::default();
62            blst_p2_from_affine(
63                &mut projective_p2,
64                &std::mem::transmute::<BlstVk, blst_p2_affine>(vk.to_blst_verification_key()),
65            );
66            projective_p2
67        }
68    }
69
70    pub(crate) fn sig_to_p1(sig: &BlstSig) -> blst_p1 {
71        unsafe {
72            let mut projective_p1 = blst_p1::default();
73            blst_p1_from_affine(
74                &mut projective_p1,
75                &std::mem::transmute::<BlstSig, blst_p1_affine>(*sig),
76            );
77            projective_p1
78        }
79    }
80
81    pub(crate) fn p2_affine_to_vk(grouped_vks: &blst_p2) -> BlstVk {
82        unsafe {
83            let mut affine_p2 = blst_p2_affine::default();
84            blst_p2_to_affine(&mut affine_p2, grouped_vks);
85            std::mem::transmute::<blst_p2_affine, BlstVk>(affine_p2)
86        }
87    }
88
89    pub(crate) fn p1_affine_to_sig(grouped_sigs: &blst_p1) -> BlstSig {
90        unsafe {
91            let mut affine_p1 = blst_p1_affine::default();
92            blst_p1_to_affine(&mut affine_p1, grouped_sigs);
93            std::mem::transmute::<blst_p1_affine, BlstSig>(affine_p1)
94        }
95    }
96}