diff --git a/Cargo.lock b/Cargo.lock index 49b66c0f..8cdb636c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1795,8 +1795,7 @@ dependencies = [ [[package]] name = "zcash_note_encryption" version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b4580cd6cee12e44421dac43169be8d23791650816bdb34e6ddfa70ac89c1c5" +source = "git+https://github.com/QED-it/zcash_note_encryption?branch=zsa1#58384553aab76b2ee6d6eb328cf2187fa824ec9a" dependencies = [ "chacha20", "chacha20poly1305", diff --git a/Cargo.toml b/Cargo.toml index 0732624f..83a8b92e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -102,3 +102,6 @@ harness = false [[bench]] name = "pedersen_hash" harness = false + +[patch.crates-io] +zcash_note_encryption = { version = "0.4", git = "https://github.com/QED-it/zcash_note_encryption", branch = "zsa1" } diff --git a/src/builder.rs b/src/builder.rs index 80dcf814..b3e1fa6d 100644 --- a/src/builder.rs +++ b/src/builder.rs @@ -387,7 +387,7 @@ impl PreparedOutputInfo { cv, cmu, epk.to_bytes(), - enc_ciphertext, + enc_ciphertext.0, out_ciphertext, zkproof, ) diff --git a/src/bundle.rs b/src/bundle.rs index c8fedbbc..ea82a060 100644 --- a/src/bundle.rs +++ b/src/bundle.rs @@ -5,7 +5,8 @@ use memuse::DynamicUsage; use redjubjub::{Binding, SpendAuth}; use zcash_note_encryption::{ - EphemeralKeyBytes, ShieldedOutput, COMPACT_NOTE_SIZE, ENC_CIPHERTEXT_SIZE, OUT_CIPHERTEXT_SIZE, + note_bytes::NoteBytesData, Domain, EphemeralKeyBytes, ShieldedOutput, COMPACT_NOTE_SIZE, + ENC_CIPHERTEXT_SIZE, OUT_CIPHERTEXT_SIZE, }; use crate::{ @@ -404,7 +405,7 @@ impl DynamicUsage for OutputDescription { } } -impl ShieldedOutput for OutputDescription { +impl ShieldedOutput for OutputDescription { fn ephemeral_key(&self) -> EphemeralKeyBytes { self.ephemeral_key.clone() } @@ -413,8 +414,12 @@ impl ShieldedOutput for OutputDescription self.cmu.to_bytes() } - fn enc_ciphertext(&self) -> &[u8; ENC_CIPHERTEXT_SIZE] { - &self.enc_ciphertext + fn enc_ciphertext(&self) -> Option<::NoteCiphertextBytes> { + Some(NoteBytesData(self.enc_ciphertext)) + } + + fn enc_ciphertext_compact(&self) -> ::CompactNoteCiphertextBytes { + unimplemented!("This function is not required for sapling") } } diff --git a/src/note_encryption.rs b/src/note_encryption.rs index 48f03afa..2276025f 100644 --- a/src/note_encryption.rs +++ b/src/note_encryption.rs @@ -9,10 +9,11 @@ use memuse::DynamicUsage; use rand_core::RngCore; use zcash_note_encryption::{ + note_bytes::{NoteBytes, NoteBytesData}, try_compact_note_decryption, try_note_decryption, try_output_recovery_with_ock, try_output_recovery_with_ovk, BatchDomain, Domain, EphemeralKeyBytes, NoteEncryption, - NotePlaintextBytes, OutPlaintextBytes, OutgoingCipherKey, ShieldedOutput, COMPACT_NOTE_SIZE, - ENC_CIPHERTEXT_SIZE, NOTE_PLAINTEXT_SIZE, OUT_PLAINTEXT_SIZE, + OutPlaintextBytes, OutgoingCipherKey, ShieldedOutput, COMPACT_NOTE_SIZE, ENC_CIPHERTEXT_SIZE, + NOTE_PLAINTEXT_SIZE, OUT_PLAINTEXT_SIZE, }; use crate::{ @@ -144,6 +145,11 @@ impl Domain for SaplingDomain { type ExtractedCommitmentBytes = [u8; 32]; type Memo = [u8; 512]; + type NotePlaintextBytes = NoteBytesData<{ NOTE_PLAINTEXT_SIZE }>; + type NoteCiphertextBytes = NoteBytesData<{ ENC_CIPHERTEXT_SIZE }>; + type CompactNotePlaintextBytes = NoteBytesData<{ COMPACT_NOTE_SIZE }>; + type CompactNoteCiphertextBytes = NoteBytesData<{ COMPACT_NOTE_SIZE }>; + fn derive_esk(note: &Self::Note) -> Option { note.derive_esk() } @@ -184,7 +190,7 @@ impl Domain for SaplingDomain { dhsecret.kdf_sapling(epk) } - fn note_plaintext_bytes(note: &Self::Note, memo: &Self::Memo) -> NotePlaintextBytes { + fn note_plaintext_bytes(note: &Self::Note, memo: &Self::Memo) -> Self::NotePlaintextBytes { // Note plaintext encoding is defined in section 5.5 of the Zcash Protocol // Specification. let mut input = [0; NOTE_PLAINTEXT_SIZE]; @@ -208,7 +214,7 @@ impl Domain for SaplingDomain { input[COMPACT_NOTE_SIZE..NOTE_PLAINTEXT_SIZE].copy_from_slice(&memo[..]); - NotePlaintextBytes(input) + Self::NotePlaintextBytes::from_slice(input.as_ref()).unwrap() } fn derive_ock( @@ -245,9 +251,9 @@ impl Domain for SaplingDomain { fn parse_note_plaintext_without_memo_ivk( &self, ivk: &Self::IncomingViewingKey, - plaintext: &[u8], + plaintext: &Self::CompactNotePlaintextBytes, ) -> Option<(Self::Note, Self::Recipient)> { - sapling_parse_note_plaintext_without_memo(self, plaintext, |diversifier| { + sapling_parse_note_plaintext_without_memo(self, plaintext.as_ref(), |diversifier| { DiversifiedTransmissionKey::derive(ivk, diversifier) }) } @@ -255,7 +261,7 @@ impl Domain for SaplingDomain { fn parse_note_plaintext_without_memo_ovk( &self, pk_d: &Self::DiversifiedTransmissionKey, - plaintext: &NotePlaintextBytes, + plaintext: &Self::CompactNotePlaintextBytes, ) -> Option<(Self::Note, Self::Recipient)> { sapling_parse_note_plaintext_without_memo(self, &plaintext.0, |diversifier| { diversifier.g_d().map(|_| *pk_d) @@ -282,10 +288,15 @@ impl Domain for SaplingDomain { .into() } - fn extract_memo(&self, plaintext: &NotePlaintextBytes) -> Self::Memo { - plaintext.0[COMPACT_NOTE_SIZE..NOTE_PLAINTEXT_SIZE] - .try_into() - .expect("correct length") + fn split_plaintext_at_memo( + &self, + plaintext: &Self::NotePlaintextBytes, + ) -> Option<(Self::CompactNotePlaintextBytes, Self::Memo)> { + let (compact, memo) = plaintext.0.split_at(COMPACT_NOTE_SIZE); + Some(( + Self::parse_compact_note_plaintext_bytes(compact)?, + memo.try_into().ok()?, + )) } } @@ -331,7 +342,7 @@ pub struct CompactOutputDescription { memuse::impl_no_dynamic_usage!(CompactOutputDescription); -impl ShieldedOutput for CompactOutputDescription { +impl ShieldedOutput for CompactOutputDescription { fn ephemeral_key(&self) -> EphemeralKeyBytes { self.ephemeral_key.clone() } @@ -340,8 +351,12 @@ impl ShieldedOutput for CompactOutputDescripti self.cmu.to_bytes() } - fn enc_ciphertext(&self) -> &[u8; COMPACT_NOTE_SIZE] { - &self.enc_ciphertext + fn enc_ciphertext(&self) -> Option<::NoteCiphertextBytes> { + None + } + + fn enc_ciphertext_compact(&self) -> ::CompactNoteCiphertextBytes { + NoteBytesData::from_slice(self.enc_ciphertext.as_ref()).unwrap() } } @@ -406,7 +421,7 @@ pub fn plaintext_version_is_valid(zip212_enforcement: Zip212Enforcement, leadbyt } } -pub fn try_sapling_note_decryption>( +pub fn try_sapling_note_decryption>( ivk: &PreparedIncomingViewingKey, output: &Output, zip212_enforcement: Zip212Enforcement, @@ -415,9 +430,7 @@ pub fn try_sapling_note_decryption, ->( +pub fn try_sapling_compact_note_decryption>( ivk: &PreparedIncomingViewingKey, output: &Output, zip212_enforcement: Zip212Enforcement, @@ -560,7 +573,7 @@ mod tests { cv, cmu, epk.to_bytes(), - ne.encrypt_note_plaintext(), + ne.encrypt_note_plaintext().0, out_ciphertext, [0u8; GROTH_PROOF_SIZE], );