diff --git a/configure.ac b/configure.ac index 2ba2d749..2874c79c 100644 --- a/configure.ac +++ b/configure.ac @@ -174,6 +174,11 @@ AC_ARG_ENABLE(module_surjectionproof, [enable_module_surjectionproof=$enableval], [enable_module_surjectionproof=no]) +AC_ARG_ENABLE(reduced_surjection_proof_size, + AS_HELP_STRING([--enable-reduced-surjection-proof-size],[use reduced surjection proof size (disabling parsing and verification) [default=no]]), + [use_reduced_surjection_proof_size=$enableval], + [use_reduced_surjection_proof_size=no]) + AC_ARG_WITH([field], [AS_HELP_STRING([--with-field=64bit|32bit|auto], [finite field implementation to use [default=auto]])],[req_field=$withval], [req_field=auto]) @@ -568,6 +573,10 @@ if test x"$use_external_default_callbacks" = x"yes"; then AC_DEFINE(USE_EXTERNAL_DEFAULT_CALLBACKS, 1, [Define this symbol if an external implementation of the default callbacks is used]) fi +if test x"$use_reduced_surjection_proof_size" = x"yes"; then + AC_DEFINE(USE_REDUCED_SURJECTION_PROOF_SIZE, 1, [Define this symbol to reduce SECP256K1_SURJECTIONPROOF_MAX_N_INPUTS to 16, disabling parsing and verification]) +fi + if test x"$enable_experimental" = x"yes"; then AC_MSG_NOTICE([******]) AC_MSG_NOTICE([WARNING: experimental build]) @@ -652,6 +661,7 @@ AM_CONDITIONAL([USE_JNI], [test x"$use_jni" = x"yes"]) AM_CONDITIONAL([USE_EXTERNAL_ASM], [test x"$use_external_asm" = x"yes"]) AM_CONDITIONAL([USE_ASM_ARM], [test x"$set_asm" = x"arm"]) AM_CONDITIONAL([ENABLE_MODULE_SURJECTIONPROOF], [test x"$enable_module_surjectionproof" = x"yes"]) +AM_CONDITIONAL([USE_REDUCED_SURJECTION_PROOF_SIZE], [test x"$use_reduced_surjection_proof_size" = x"yes"]) dnl make sure nothing new is exported so that we don't break the cache PKGCONFIG_PATH_TEMP="$PKG_CONFIG_PATH" diff --git a/include/secp256k1_surjectionproof.h b/include/secp256k1_surjectionproof.h index 4f83458d..ab7a4a9e 100644 --- a/include/secp256k1_surjectionproof.h +++ b/include/secp256k1_surjectionproof.h @@ -12,7 +12,7 @@ extern "C" { #define SECP256K1_SURJECTIONPROOF_MAX_N_INPUTS 256 /** Maximum number of inputs that may be used in a surjection proof */ -#define SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS 16 +#define SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS 256 /** Number of bytes a serialized surjection proof requires given the * number of inputs and the number of used inputs. @@ -52,6 +52,7 @@ typedef struct { unsigned char data[32 * (1 + SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS)]; } secp256k1_surjectionproof; +#ifndef USE_REDUCED_SURJECTION_PROOF_SIZE /** Parse a surjection proof * * Returns: 1 when the proof could be parsed, 0 otherwise. @@ -73,6 +74,7 @@ SECP256K1_API int secp256k1_surjectionproof_parse( const unsigned char *input, size_t inputlen ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3); +#endif /** Serialize a surjection proof * @@ -241,6 +243,7 @@ SECP256K1_API SECP256K1_WARN_UNUSED_RESULT int secp256k1_surjectionproof_generat ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(5) SECP256K1_ARG_NONNULL(7) SECP256K1_ARG_NONNULL(8); +#ifndef USE_REDUCED_SURJECTION_PROOF_SIZE /** Surjection proof verification function * Returns 0: proof was invalid * 1: proof was valid @@ -258,6 +261,7 @@ SECP256K1_API int secp256k1_surjectionproof_verify( size_t n_ephemeral_input_tags, const secp256k1_generator* ephemeral_output_tag ) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3) SECP256K1_ARG_NONNULL(5); +#endif #ifdef __cplusplus } diff --git a/src/modules/surjection/main_impl.h b/src/modules/surjection/main_impl.h index 832377bc..e76ebbf9 100644 --- a/src/modules/surjection/main_impl.h +++ b/src/modules/surjection/main_impl.h @@ -9,13 +9,21 @@ #include #include +#if defined HAVE_CONFIG_H +#include "libsecp256k1-config.h" +#endif + #include "include/secp256k1_rangeproof.h" #include "include/secp256k1_surjectionproof.h" - #include "modules/rangeproof/borromean.h" #include "modules/surjection/surjection_impl.h" #include "hash.h" +#ifdef USE_REDUCED_SURJECTION_PROOF_SIZE +#undef SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS +#define SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS 16 +#endif + static size_t secp256k1_count_bits_set(const unsigned char* data, size_t count) { size_t ret = 0; size_t i; @@ -36,6 +44,9 @@ static size_t secp256k1_count_bits_set(const unsigned char* data, size_t count) return ret; } +#ifdef USE_REDUCED_SURJECTION_PROOF_SIZE +static +#endif int secp256k1_surjectionproof_parse(const secp256k1_context* ctx, secp256k1_surjectionproof *proof, const unsigned char *input, size_t inputlen) { size_t n_inputs; size_t signature_len; @@ -214,6 +225,7 @@ int secp256k1_surjectionproof_initialize(const secp256k1_context* ctx, secp256k1 ARG_CHECK(fixed_output_tag != NULL); ARG_CHECK(random_seed32 != NULL); ARG_CHECK(n_input_tags <= SECP256K1_SURJECTIONPROOF_MAX_N_INPUTS); + ARG_CHECK(n_input_tags_to_use <= SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS); ARG_CHECK(n_input_tags_to_use <= n_input_tags); (void) ctx; @@ -336,6 +348,9 @@ int secp256k1_surjectionproof_generate(const secp256k1_context* ctx, secp256k1_s return 1; } +#ifdef USE_REDUCED_SURJECTION_PROOF_SIZE +static +#endif int secp256k1_surjectionproof_verify(const secp256k1_context* ctx, const secp256k1_surjectionproof* proof, const secp256k1_generator* ephemeral_input_tags, size_t n_ephemeral_input_tags, const secp256k1_generator* ephemeral_output_tag) { size_t rsizes[1]; /* array needed for borromean sig API */ size_t i; diff --git a/src/modules/surjection/tests_impl.h b/src/modules/surjection/tests_impl.h index dbab9576..4885a8e8 100644 --- a/src/modules/surjection/tests_impl.h +++ b/src/modules/surjection/tests_impl.h @@ -666,8 +666,7 @@ void run_surjection_tests(void) { test_input_selection(0); test_input_selection(1); test_input_selection(5); - test_input_selection(100); - test_input_selection(SECP256K1_SURJECTIONPROOF_MAX_N_INPUTS); + test_input_selection(SECP256K1_SURJECTIONPROOF_MAX_USED_INPUTS); test_input_selection_distribution(); test_gen_verify(10, 3);