[FEAT] AES 128 & 256 OPRF circuits

gnark/circuits/aesV2_oprf/aes128_test.go

@@ -43,7 +43,7 @@ func TestAES128(t *testing.T) {
 	d, err := toprf.PrepareTestData(secretStr, "reclaim")
 	assert.NoError(err)
 
-	pos := 128 - 62
+	pos := 1
 	Counter := 12345
 	plaintext := make([]byte, BLOCKS*16)
 	copy(plaintext[pos:], secretBytes)
@@ -80,22 +80,6 @@ func TestAES128(t *testing.T) {
 	fmt.Printf("constraints: %d\n", r1css.GetNbConstraints())
 }
 
-func StrToIntSlice(inputData string, hexRepresentation bool) []int {
-	var byteSlice []byte
-	if hexRepresentation {
-		hexBytes, _ := hex.DecodeString(inputData)
-		byteSlice = hexBytes
-	} else {
-		byteSlice = []byte(inputData)
-	}
-
-	var data []int
-	for i := 0; i < len(byteSlice); i++ {
-		data = append(data, int(byteSlice[i]))
-	}
-	return data
-}
-
 func mustHex(s string) []byte {
 	b, err := hex.DecodeString(s)
 	if err != nil {

gnark/circuits/aesV2_oprf/aes256_test.go

@@ -43,7 +43,7 @@ func TestAES256(t *testing.T) {
 	d, err := toprf.PrepareTestData(secretStr, "reclaim")
 	assert.NoError(err)
 
-	pos := 128 - 62
+	pos := 30
 	Counter := 12345
 	plaintext := make([]byte, BLOCKS*16)
 	copy(plaintext[pos:], secretBytes)

gnark/circuits/aesV2_oprf/common.go

@@ -10,7 +10,7 @@ import (
 	"github.com/consensys/gnark/std/math/cmp"
 )
 
-const BLOCKS = 4 * 2
+const BLOCKS = 4
 const BytesPerElement = 31
 
 type TOPRFData struct {
@@ -72,10 +72,6 @@ func NewAESGadget(api frontend.API) AESGadget {
 
 // aes128 encrypt function
 func (aes *AESGadget) SubBytes(state [16]frontend.Variable) (res [16]frontend.Variable) {
-	/*var newState [16]frontend.Variable
-	for i := 0; i < 16; i++ {
-		newState[i] = aes.Subw(aes.sbox, state[i])
-	}*/
 	t := aes.Subws(aes.sbox, state[:]...)
 	copy(res[:], t)
 	return res
@@ -185,9 +181,9 @@ func (circuit *AESWrapper) TOPRFVerify(api frontend.API) error {
 
 	api.AssertIsDifferent(circuit.Len, 0) // Len != 0
 
-	comparator := cmp.NewBoundedComparator(api, big.NewInt(int64(len(outBits)-BytesPerElement*8*2)), false) // max diff is 1024-496
-	comparator.AssertIsLessEq(totalBits, BytesPerElement*8*2)                                               // check that number of processed bits <= 62 bytes
-	api.AssertIsEqual(totalBits, api.Mul(circuit.Len, 8))                                                   // and that it corresponds to Len
+	comparator := cmp.NewBoundedComparator(api, big.NewInt(512), false) // max diff is 512-496
+	comparator.AssertIsLessEq(totalBits, BytesPerElement*8*2)           // check that number of processed bits <= 62 bytes
+	api.AssertIsEqual(totalBits, api.Mul(circuit.Len, 8))               // and that it corresponds to Len
 
 	// check that TOPRF output was created from secret data by a server with a specific public key
 	oprfData := &toprf.TOPRFParams{

gnark/circuits/chachaV3_oprf/circuit.go

@@ -128,9 +128,9 @@ func (c *ChachaTOPRFCircuit) Define(api frontend.API) error {
 
 	api.AssertIsDifferent(c.Len, 0) // Len != 0
 
-	comparator := cmp.NewBoundedComparator(api, big.NewInt(16*Blocks*BITS_PER_WORD-BytesPerElement*8*2), false) // max diff is 1024-496
-	comparator.AssertIsLessEq(totalBits, BytesPerElement*8*2)                                                   // check that number of processed bits <= 62 bytes
-	api.AssertIsEqual(totalBits, api.Mul(c.Len, 8))                                                             // and that it corresponds to Len
+	comparator := cmp.NewBoundedComparator(api, big.NewInt(16*Blocks*BITS_PER_WORD), false) // max diff is number of bits
+	comparator.AssertIsLessEq(totalBits, BytesPerElement*8*2)                               // check that number of processed bits <= 62 bytes
+	api.AssertIsEqual(totalBits, api.Mul(c.Len, 8))                                         // and that it corresponds to Len
 
 	// check that TOPRF output was created from secret data by a server with a specific public key
 	oprfData := &toprf.TOPRFParams{