more commnets and test

Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>

Author: adecaro

token/core/zkatdlog/nogh/v1/crypto/common/array.go

@@ -4,6 +4,8 @@ Copyright IBM Corp. All Rights Reserved.
 SPDX-License-Identifier: Apache-2.0
 */
 
+// Package common provides utility helpers used by the zkatdlog no-GH
+// crypto implementation (serialization and hashing helpers for math.G1 elements).
 package common
 
 import (
@@ -14,28 +16,46 @@ import (
 	"github.com/hyperledger-labs/fabric-token-sdk/token/core/common/crypto"
 )
 
-// Separator is used to delimit to end an array of bytes.
-// The bytes are the bytes of hex-encoded string.
+// Separator is used to delimit the end of an array of bytes.
+// The bytes are the bytes of a hex-encoded string.
 const Separator = "||"
 
-// G1Array is an array of G1 elements
+// G1Array is an array of G1 elements.
 type G1Array []*math.G1
 
-// Bytes serialize an array of G1 elements
-func (a G1Array) Bytes() ([]byte, error) {
-	raw := make([][]byte, len([]*math.G1(a)))
-	for i, e := range []*math.G1(a) {
+// Bytes returns the serialization of the G1Array as a byte slice.
+// It returns an error if any element cannot be marshaled.
+func (a *G1Array) Bytes() ([]byte, error) {
+	raw := make([][]byte, len([]*math.G1(*a)))
+	for i, e := range []*math.G1(*a) {
+		if e == nil {
+			return nil, errors.Errorf("failed to marshal array of G1")
+		}
+		raw[i] = e.Bytes()
+	}
+	return crypto.AppendFixed32([]byte{}, raw), nil
+}
+
+// BytesTo writes the serialization of the G1Array into the provided buffer b
+// and returns the extended slice. The provided buffer b is cleared before use.
+// It returns an error if any element cannot be marshaled.
+func (a *G1Array) BytesTo(b []byte) ([]byte, error) {
+	raw := make([][]byte, len([]*math.G1(*a)))
+	for i, e := range []*math.G1(*a) {
 		if e == nil {
 			return nil, errors.Errorf("failed to marshal array of G1")
 		}
 		st := hex.EncodeToString(e.Bytes())
 		raw[i] = []byte(st)
 	}
-	clear(b)
+	// clear the provided buffer and reuse its capacity
+	if len(b) != 0 {
+		b = b[:0]
+	}
 	return crypto.AppendFixed32(b, raw), nil
 }
 
-// GetG1Array takes a series of G1 elements and returns the corresponding array
+// GetG1Array takes multiple slices of *math.G1 and concatenates them into a single *G1Array.
 func GetG1Array(elements ...[]*math.G1) G1Array {
 	// compute length
 	length := 0
@@ -49,6 +69,8 @@ func GetG1Array(elements ...[]*math.G1) G1Array {
 	return s
 }
 
+// HashG1Array computes and returns the digest of the provided G1 elements
+// using the supplied hash.Hash. The hash is reset before use.
 func HashG1Array(h hash.Hash, elements ...*math.G1) []byte {
 	h.Reset()
 

token/core/zkatdlog/nogh/v1/crypto/common/array_test.go

@@ -0,0 +1,95 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package common
+
+import (
+	"crypto/sha256"
+	"testing"
+
+	math "github.com/IBM/mathlib"
+	"github.com/stretchr/testify/require"
+
+	"github.com/hyperledger-labs/fabric-token-sdk/token/core/common/crypto"
+)
+
+func randomG1(t *testing.T, c *math.Curve) *math.G1 {
+	randReader, err := c.Rand()
+	require.NoError(t, err)
+
+	zr := c.NewRandomZr(randReader)
+	g := c.NewG1()
+	g.Add(c.GenG1.Mul(zr))
+	return g
+}
+
+func TestGetG1ArrayAndBytes(t *testing.T) {
+	require.Greater(t, len(math.Curves), 0)
+	curve := math.Curves[0]
+
+	g1 := randomG1(t, curve)
+	g2 := randomG1(t, curve)
+
+	a := GetG1Array([]*math.G1{g1}, []*math.G1{g2})
+	b, err := a.Bytes()
+	require.NoError(t, err)
+
+	raw := [][]byte{g1.Bytes(), g2.Bytes()}
+	expected := crypto.AppendFixed32([]byte{}, raw)
+	require.Equal(t, expected, b)
+}
+
+func TestBytesToAndReuseBuffer(t *testing.T) {
+	require.Greater(t, len(math.Curves), 0)
+	curve := math.Curves[0]
+
+	g1 := randomG1(t, curve)
+	g2 := randomG1(t, curve)
+	a := GetG1Array([]*math.G1{g1, g2})
+
+	// produce canonical bytes
+	canonical, err := a.Bytes()
+	require.NoError(t, err)
+
+	// provide a non-empty buffer (should be cleared by BytesTo)
+	buf := []byte("prefix-data")
+	out, err := a.BytesTo(buf)
+	require.NoError(t, err)
+	require.Equal(t, canonical, out)
+}
+
+func TestBytesWithNilElementErrors(t *testing.T) {
+	require.Greater(t, len(math.Curves), 0)
+	curve := math.Curves[0]
+
+	g1 := randomG1(t, curve)
+	a := GetG1Array([]*math.G1{g1, nil})
+	_, err := a.Bytes()
+	require.Error(t, err)
+
+	_, err = a.BytesTo(nil)
+	require.Error(t, err)
+}
+
+func TestHashG1Array(t *testing.T) {
+	require.Greater(t, len(math.Curves), 0)
+	curve := math.Curves[0]
+
+	g1 := randomG1(t, curve)
+	g2 := randomG1(t, curve)
+
+	h := sha256.New()
+	hRes := HashG1Array(h, g1, g2)
+
+	// compute expected by hand
+	h2 := sha256.New()
+	h2.Reset()
+	h2.Write(g1.Bytes())
+	h2.Write(g2.Bytes())
+	exp := h2.Sum(nil)
+	require.Equal(t, exp, hRes)
+}
+

token/core/zkatdlog/nogh/v1/crypto/rp/bulletproof_test.go

@@ -33,7 +33,7 @@ type bfSetup struct {
 	curve     *math.Curve
 }
 
-func NewBfSetup(curveID math.CurveID) (*bfSetup, error) {
+func newBfSetup(curveID math.CurveID) (*bfSetup, error) {
 	curve := math.Curves[curveID]
 	l := uint64(64)
 	nr := 63 - uint64(bits.LeadingZeros64(l))
@@ -73,7 +73,7 @@ func NewBfSetup(curveID math.CurveID) (*bfSetup, error) {
 }
 
 func TestBFProofVerify(t *testing.T) {
-	setup, err := NewBfSetup(math.BLS12_381_BBS_GURVY)
+	setup, err := newBfSetup(math.BLS12_381_BBS_GURVY)
 	require.NoError(t, err)
 
 	prover := rp.NewRangeProver(
@@ -115,7 +115,7 @@ func BenchmarkBFProver(b *testing.B) {
 	defer pp.Stop()
 	envs := make([]*bfSetup, 0, 128)
 	for i := 0; i < 128; i++ {
-		setup, err := NewBfSetup(math.BLS12_381_BBS_GURVY)
+		setup, err := newBfSetup(math.BLS12_381_BBS_GURVY)
 		require.NoError(b, err)
 		envs = append(envs, setup)
 	}

token/core/zkatdlog/nogh/v1/crypto/rp/ipa_test.go

@@ -30,7 +30,7 @@ type ipaSetup struct {
 	nr        uint64
 }
 
-func NewIpaSetup(curveID math.CurveID) (*ipaSetup, error) {
+func newIpaSetup(curveID math.CurveID) (*ipaSetup, error) {
 	curve := math.Curves[curveID]
 	l := uint64(64)
 	nr := 63 - uint64(bits.LeadingZeros64(l))
@@ -66,7 +66,7 @@ func NewIpaSetup(curveID math.CurveID) (*ipaSetup, error) {
 }
 
 func TestIPAProofVerify(t *testing.T) {
-	setup, err := NewIpaSetup(math.BLS12_381_BBS_GURVY)
+	setup, err := newIpaSetup(math.BLS12_381_BBS_GURVY)
 	require.NoError(t, err)
 
 	prover := rp.NewIPAProver(
@@ -104,7 +104,7 @@ func BenchmarkIPAProver(b *testing.B) {
 	defer pp.Stop()
 	envs := make([]*ipaSetup, 0, 128)
 	for i := 0; i < 128; i++ {
-		setup, err := NewIpaSetup(math.BLS12_381_BBS_GURVY)
+		setup, err := newIpaSetup(math.BLS12_381_BBS_GURVY)
 		require.NoError(b, err)
 		envs = append(envs, setup)
 	}