Skip to content

Commit c96b1e8

Browse files
author
Alex E
committed
[FIX] Better errors
1 parent f67bb5c commit c96b1e8

File tree

1 file changed

+12
-9
lines changed

1 file changed

+12
-9
lines changed

gnark/utils/oprf.go

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import (
44
"crypto/rand"
55
"errors"
66
"fmt"
7+
78
"math/big"
89

910
_ "github.com/consensys/gnark-crypto/ecc/bn254/fr/mimc"
@@ -15,6 +16,8 @@ import (
1516

1617
var TNBCurveOrder = func() *big.Int { order := twistededwards.GetEdwardsCurve().Order; return &order }()
1718

19+
const BytesPerElement = 31
20+
1821
type OPRFRequest struct {
1922
Mask *big.Int `json:"mask"`
2023
MaskedData *twistededwards.PointAffine
@@ -28,27 +31,27 @@ type OPRFResponse struct {
2831
}
2932

3033
func OPRFGenerateRequest(secretBytes []byte, domainSeparator string) (*OPRFRequest, error) {
31-
if len(secretBytes) > 31*2 {
32-
return nil, errors.New("secret data too big")
34+
if len(secretBytes) > BytesPerElement*2 {
35+
return nil, fmt.Errorf("secret data too big: %d, max %d bytes is allowed", len(secretBytes), BytesPerElement*2)
3336
}
3437
domainBytes := []byte(domainSeparator)
35-
if len(domainBytes) > 31 {
36-
return nil, errors.New("domain separator too big")
38+
if len(domainBytes) > BytesPerElement {
39+
return nil, fmt.Errorf("domain separator is %d bytes, max %d bytes is allowed", len(domainBytes), BytesPerElement)
3740
}
3841

3942
var secretElements [2]*big.Int
4043

41-
if len(secretBytes) > 31 {
42-
secretElements[0] = new(big.Int).SetBytes(BEtoLE(secretBytes[:31]))
43-
secretElements[1] = new(big.Int).SetBytes(BEtoLE(secretBytes[31:]))
44+
if len(secretBytes) > BytesPerElement {
45+
secretElements[0] = new(big.Int).SetBytes(BEtoLE(secretBytes[:BytesPerElement]))
46+
secretElements[1] = new(big.Int).SetBytes(BEtoLE(secretBytes[BytesPerElement:]))
4447
} else {
4548
secretElements[0] = new(big.Int).SetBytes(BEtoLE(secretBytes))
4649
secretElements[1] = big.NewInt(0)
4750
}
4851

4952
H := HashToCurve(secretElements[0].Bytes(), secretElements[1].Bytes(), domainBytes) // H
5053
if !H.IsOnCurve() {
51-
return nil, fmt.Errorf("point is not on curve")
54+
return nil, errors.New("point is not on curve")
5255
}
5356

5457
// random mask
@@ -162,7 +165,7 @@ func SetBitmask(bits []frontend.Variable, pos, length uint32) {
162165
l := length * 8
163166

164167
if (p + l) > uint32(len(bits)) {
165-
panic("invalid pos & len, out of bounds")
168+
panic(fmt.Sprintf("invalid pos and length, out of bounds. pos %d, length %d", p, l))
166169
}
167170

168171
for i := uint32(0); i < uint32(len(bits)); i++ {

0 commit comments

Comments
 (0)