mithril_stm/bls_multi_signature/
helper.rs

1pub(crate) mod unsafe_helpers {
2    use crate::bls_multi_signature::{ProofOfPossession, VerificationKey};
3    use crate::error::MultiSignatureError;
4    use crate::error::MultiSignatureError::SerializationError;
5    use blst::min_sig::{PublicKey as BlstVk, SecretKey as BlstSk, Signature as BlstSig};
6    use blst::{
7        blst_fp12, blst_fp12_finalverify, blst_p1, blst_p1_affine, blst_p1_affine_generator,
8        blst_p1_compress, blst_p1_from_affine, blst_p1_to_affine, blst_p1_uncompress, blst_p2,
9        blst_p2_affine, blst_p2_affine_generator, blst_p2_from_affine, blst_p2_to_affine,
10        blst_scalar, blst_sk_to_pk_in_g1,
11    };
12
13    /// Check manually if the pairing `e(g1,mvk) = e(k2,g2)` holds.
14    pub(crate) fn verify_pairing(vk: &VerificationKey, pop: &ProofOfPossession) -> bool {
15        unsafe {
16            let g1_p = *blst_p1_affine_generator();
17            let mvk_p = std::mem::transmute::<BlstVk, blst_p2_affine>(vk.to_blst_vk());
18            let ml_lhs = blst_fp12::miller_loop(&mvk_p, &g1_p);
19
20            let mut k2_p = blst_p1_affine::default();
21            blst_p1_to_affine(&mut k2_p, &pop.to_k2());
22            let g2_p = *blst_p2_affine_generator();
23            let ml_rhs = blst_fp12::miller_loop(&g2_p, &k2_p);
24
25            blst_fp12_finalverify(&ml_lhs, &ml_rhs)
26        }
27    }
28
29    pub(crate) fn compress_p1(k2: &blst_p1) -> [u8; 48] {
30        let mut bytes = [0u8; 48];
31        unsafe { blst_p1_compress(bytes.as_mut_ptr(), k2) }
32        bytes
33    }
34
35    pub(crate) fn uncompress_p1(bytes: &[u8]) -> Result<blst_p1, MultiSignatureError> {
36        unsafe {
37            if bytes.len() == 48 {
38                let mut point = blst_p1_affine::default();
39                let mut out = blst_p1::default();
40                blst_p1_uncompress(&mut point, bytes.as_ptr());
41                blst_p1_from_affine(&mut out, &point);
42                Ok(out)
43            } else {
44                Err(SerializationError)
45            }
46        }
47    }
48
49    pub(crate) fn scalar_to_pk_in_g1(sk: &BlstSk) -> blst_p1 {
50        unsafe {
51            let sk_scalar = std::mem::transmute::<&BlstSk, &blst_scalar>(sk);
52            let mut out = blst_p1::default();
53            blst_sk_to_pk_in_g1(&mut out, sk_scalar);
54            out
55        }
56    }
57
58    pub(crate) fn vk_from_p2_affine(vk: &VerificationKey) -> blst_p2 {
59        unsafe {
60            let mut projective_p2 = blst_p2::default();
61            blst_p2_from_affine(
62                &mut projective_p2,
63                &std::mem::transmute::<BlstVk, blst_p2_affine>(vk.to_blst_vk()),
64            );
65            projective_p2
66        }
67    }
68
69    pub(crate) fn sig_to_p1(sig: &BlstSig) -> blst_p1 {
70        unsafe {
71            let mut projective_p1 = blst_p1::default();
72            blst_p1_from_affine(
73                &mut projective_p1,
74                &std::mem::transmute::<BlstSig, blst_p1_affine>(*sig),
75            );
76            projective_p1
77        }
78    }
79
80    pub(crate) fn p2_affine_to_vk(grouped_vks: &blst_p2) -> BlstVk {
81        unsafe {
82            let mut affine_p2 = blst_p2_affine::default();
83            blst_p2_to_affine(&mut affine_p2, grouped_vks);
84            std::mem::transmute::<blst_p2_affine, BlstVk>(affine_p2)
85        }
86    }
87
88    pub(crate) fn p1_affine_to_sig(grouped_sigs: &blst_p1) -> BlstSig {
89        unsafe {
90            let mut affine_p1 = blst_p1_affine::default();
91            blst_p1_to_affine(&mut affine_p1, grouped_sigs);
92            std::mem::transmute::<blst_p1_affine, BlstSig>(affine_p1)
93        }
94    }
95}