[FEAT] 5 block AES

gnark/circuits/aesV2/aes.go

@@ -7,7 +7,7 @@ import (
 	"github.com/consensys/gnark/std/lookup/logderivlookup"
 )
 
-const BLOCKS = 4
+const BLOCKS = 5
 const NB = 4
 
 type AESWrapper struct {

gnark/circuits/aesV2/aes128_test.go

@@ -18,7 +18,7 @@ func TestAES128(t *testing.T) {
 	assert := test.NewAssert(t)
 
 	key := "7E24067817FAE0D743D6CE1F32539163"
-	plaintext := "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+	plaintext := "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F000102030405060708090A0B0C0D0E0F101112131415161718191A10A0B0C0D0E0F10111213141516171819B1C1D1E1F"
 	// ciphertext := "5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28"
 	Nonce := "006CB6DBC0543B59DA48D90B"
 	Counter := 1

gnark/circuits/aesV2/aes256_test.go

@@ -18,7 +18,7 @@ func TestAES256(t *testing.T) {
 	assert := test.NewAssert(t)
 
 	key := "F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884"
-	plaintext := "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"
+	plaintext := "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F000102030405060708090A0B0C0D0E0F101112131415161718191A0A0B0C0D0E0F101112131415161718191B1C1D1E1F"
 	// ciphertext := "F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C"
 	Nonce := "00FAAC24C1585EF15A43D875"
 	Counter := 1

gnark/libraries/core_test.go

@@ -6,6 +6,7 @@ import (
 	"crypto/rand"
 	"encoding/binary"
 	"encoding/json"
+	aes_v2 "gnark-symmetric-crypto/circuits/aesV2"
 	aes_v2_oprf "gnark-symmetric-crypto/circuits/aesV2_oprf"
 	"gnark-symmetric-crypto/circuits/toprf"
 	prover "gnark-symmetric-crypto/libraries/prover/impl"
@@ -113,7 +114,7 @@ func TestFullAES256(t *testing.T) {
 	assert.True(prover.InitAlgorithm(prover.AES_256, aes256Key, aes256r1cs))
 	bKey := make([]byte, 32)
 	bNonce := make([]byte, 12)
-	bPt := make([]byte, 64)
+	bPt := make([]byte, aes_v2.BLOCKS*16)
 	tmp, _ := rand.Int(rand.Reader, big.NewInt(math.MaxUint32))
 	counter := uint32(tmp.Uint64())
 
@@ -157,7 +158,7 @@ func TestFullAES128(t *testing.T) {
 	assert.True(prover.InitAlgorithm(prover.AES_128, aes128Key, aes128r1cs))
 	bKey := make([]byte, 16)
 	bNonce := make([]byte, 12)
-	bPt := make([]byte, 64)
+	bPt := make([]byte, aes_v2.BLOCKS*16)
 	tmp, _ := rand.Int(rand.Reader, big.NewInt(math.MaxUint32))
 	counter := uint32(tmp.Uint64())
 

gnark/libraries/prover/impl/library.go

@@ -35,32 +35,32 @@ var algorithmNames = map[uint8]string{
 
 var provers = map[string]*ProverParams{
 	"chacha20": {
-		KeyHash:     "78ab307e3d5065d21b2c068824286054846724e5f1f868cd22ed273902b9c440",
+		KeyHash:     "bf4901012e00a7517a6da2e4c4d3922d90051609726c8488b2a6045b030e44eb",
 		CircuitHash: "4aa80775a6721404bf8f82fd2d78d335fabbdf517762b82a7d13e6d2446c49bf",
 		Prover:      &ChaChaProver{},
 	},
 	"aes-128-ctr": {
-		KeyHash:     "7f89cf1ef3476069ed1c107abbe02080d5eecd50ebd0ff3a858d9f557cf0ae7d",
-		CircuitHash: "e59bd07d4450f98663b62a2ef06b2d7de4044601c755c74da7dde3cb0a6e8893",
+		KeyHash:     "a3c41ab381f31a0820817a8d2e928f276487da3bf3e61285791689388af27017",
+		CircuitHash: "b1ee478f009fe81946e6e2768ef0b6d62ab266525f186baaa4e8dec61b6e3ea6",
 		Prover:      &AESProver{},
 	},
 	"aes-256-ctr": {
-		KeyHash:     "233d52d78ef5ff9f9e8d97d238524acdbaf007121d56bcd7b26b72df74488fc0",
-		CircuitHash: "32c0eeb1c59c45b05eeefa00f637a4d02b208990ae1ff33b62d85c8bcef73b2d",
+		KeyHash:     "94a9df9edad28462f1d523b191c9caf3aa07751ca5f5e4cf458614f1fc72c198",
+		CircuitHash: "e62f8e74b17cad4012513cf23971ddf58faa63a4a87676047bccd255021dee13",
 		Prover:      &AESProver{},
 	},
 	"chacha20-toprf": {
-		KeyHash:     "75386aa3fd0cb51a74d02df3e1a66b60edb11a8925a89a5bfd8d3333106f6ce0",
+		KeyHash:     "14ee5e7b36ce6b47ee4e344deafd7573a8dc9554f899f410328764a84c77f719",
 		CircuitHash: "b5fbd1900eabb8e3a12cf0896cfd7f5b2b6290d536e0f6bd7b9eb09caf9c0f7e",
 		Prover:      &ChaChaOPRFProver{},
 	},
 	"aes-128-ctr-toprf": {
-		KeyHash:     "c74414b5417a01d795a28d4cb78bc64f2597690a09bd35c333198636a558eab6",
+		KeyHash:     "a8171697bc39e84446f27652ccd6d2dfca1829e93833780068a8e0e16e44410a",
 		CircuitHash: "38dfce7e54a8872035c5b67e70cf74aaf6b2cc37a5ea2b7f86bea1191e7647b0",
 		Prover:      &AESOPRFProver{},
 	},
 	"aes-256-ctr-toprf": {
-		KeyHash:     "d8a32865925a2bbe85976a1ab44fb7bd78ded2998c277f051ce0859086e440dd",
+		KeyHash:     "e9259ca30016f85e4c9377aee4524ebaf8af8d54e045a1d4753b04ceada68c08",
 		CircuitHash: "182e1cfabfdddbf91bf475544f173e74b48d40debef1e85bcf02068ffee08c97",
 		Prover:      &AESOPRFProver{},
 	},

gnark/libraries/prover/impl/provers.go

@@ -152,8 +152,8 @@ func (ap *AESProver) Prove(params *InputParams) (proof []byte, output []uint8) {
 	if len(nonce) != 12 {
 		log.Panicf("nonce length must be 12: %d", len(nonce))
 	}
-	if len(input) != 64 {
-		log.Panicf("input length must be 64: %d", len(input))
+	if len(input) != aes_v2.BLOCKS*16 {
+		log.Panicf("input length must be %d: %d", aes_v2.BLOCKS*16, len(input))
 	}
 
 	block, err := aes.NewCipher(key)

gnark/libraries/verifier/impl/verifiers.go

@@ -5,6 +5,7 @@ import (
 	"encoding/binary"
 	"encoding/json"
 	"fmt"
+	aes_v2 "gnark-symmetric-crypto/circuits/aesV2"
 	aes_v2_oprf "gnark-symmetric-crypto/circuits/aesV2_oprf"
 	"gnark-symmetric-crypto/circuits/chachaV3"
 	"gnark-symmetric-crypto/circuits/chachaV3_oprf"
@@ -18,19 +19,6 @@ import (
 	"github.com/consensys/gnark/std/algebra/native/twistededwards"
 )
 
-const AES_BLOCKS = 4
-
-type AESWrapper struct {
-	Nonce   [12]frontend.Variable              `gnark:",public"`
-	Counter frontend.Variable                  `gnark:",public"`
-	In      [AES_BLOCKS * 16]frontend.Variable `gnark:",public"`
-	Out     [AES_BLOCKS * 16]frontend.Variable `gnark:",public"`
-}
-
-func (circuit *AESWrapper) Define(_ frontend.API) error {
-	return nil
-}
-
 type Verifier interface {
 	Verify(proof []byte, publicSignals []uint8) bool
 }
@@ -89,16 +77,20 @@ type AESVerifier struct {
 
 func (av *AESVerifier) Verify(bProof []byte, publicSignals []uint8) bool {
 
-	if len(publicSignals) != 128+12+4 { // plaintext, nonce, counter, ciphertext
+	bytesPerInput := aes_v2.BLOCKS * 16
+
+	if len(publicSignals) != bytesPerInput*2+12+4 { // plaintext, nonce, counter, ciphertext
 		return false
 	}
 
-	ciphertext := publicSignals[:64]
-	plaintext := publicSignals[64+12+4:]
-	nonce := publicSignals[64 : 64+12]
-	bCounter := publicSignals[64+12 : 64+12+4]
+	ciphertext := publicSignals[:bytesPerInput]
+	plaintext := publicSignals[bytesPerInput+12+4:]
+	nonce := publicSignals[bytesPerInput : bytesPerInput+12]
+	bCounter := publicSignals[bytesPerInput+12 : bytesPerInput+12+4]
 
-	witness := &AESWrapper{}
+	witness := &aes_v2.AESWrapper{
+		Key: make([]frontend.Variable, 1), // avoid warnings
+	}
 
 	for i := 0; i < len(plaintext); i++ {
 		witness.In[i] = plaintext[i]