Add #[inline(always)] for -> Transcript methods

burdges · burdges · commit 52df8f70a100 · 2019-06-06T10:00:14.000+02:00
We declare methods `#[inline(always)]` if they return a 200 byte Transcript because rustc does not handle large returns as efficently as one might like. See rust-random/rand#817
diff --git a/src/context.rs b/src/context.rs
@@ -175,18 +175,24 @@ impl SigningTranscript for Transcript {
 /// You should use `merlin::Transcript`s directly if you must do
 /// anything more complex, like use signatures in larger zero-knoweldge
 /// protocols or sign several components but only reveal one later.
+///
+/// We declare these methods `#[inline(always)]` because rustc does
+/// not handle large returns as efficently as one might like.
+/// https://github.com/rust-random/rand/issues/817
 #[derive(Clone)] // Debug
 pub struct SigningContext(Transcript);
 
 /// Initialize a signing context from a static byte string that
 /// identifies the signature's role in the larger protocol.
+#[inline(always)]
 pub fn signing_context(context : &'static [u8]) -> SigningContext {
     SigningContext::new(context)
 }
 
 impl SigningContext {
     /// Initialize a signing context from a static byte string that
     /// identifies the signature's role in the larger protocol.
+    #[inline(always)]
     pub fn new(context : &'static [u8]) -> SigningContext {
         SigningContext(Transcript::new(context))
     }
@@ -196,13 +202,15 @@ impl SigningContext {
     /// Avoid this method when processing large slices because it
     /// calls `merlin::Transcript::append_message` directly and
     /// `merlin` is designed for domain seperation, not performance.
+    #[inline(always)]
     pub fn bytes(&self, bytes: &[u8]) -> Transcript {
         let mut t = self.0.clone();
         t.append_message(b"sign-bytes", bytes);
         t
     }
 
     /// Initalize an owned signing transcript on a message provided as a hash function with extensible output
+    #[inline(always)]
     pub fn xof<D: ExtendableOutput>(&self, h: D) -> Transcript {
         let mut prehash = [0u8; 32];
         h.xof_result().read(&mut prehash);
@@ -213,6 +221,7 @@ impl SigningContext {
 
     /// Initalize an owned signing transcript on a message provided as
     /// a hash function with 256 bit output.
+    #[inline(always)]
     pub fn hash256<D: FixedOutput<OutputSize=U32>>(&self, h: D) -> Transcript {
         let mut prehash = [0u8; 32];
         prehash.copy_from_slice(h.fixed_result().as_slice());
@@ -223,6 +232,7 @@ impl SigningContext {
 
     /// Initalize an owned signing transcript on a message provided as
     /// a hash function with 512 bit output, usually a gross over kill.
+    #[inline(always)]
     pub fn hash512<D: FixedOutput<OutputSize=U64>>(&self, h: D) -> Transcript {
         let mut prehash = [0u8; 64];
         prehash.copy_from_slice(h.fixed_result().as_slice());
@@ -267,6 +277,7 @@ where H: Input + ExtendableOutput + Clone
     /// We intentionally consume and never reexpose the hash function
     /// provided, so that our domain seperation works correctly even
     /// when using `&mut SimpleTranscript : SigningTranscript`.
+    #[inline(always)]
     pub fn new(h: H) -> SimpleTranscript<H> { SimpleTranscript(h) }
 }
 
diff --git a/src/musig.rs b/src/musig.rs
@@ -57,6 +57,7 @@ use crate::errors::MultiSignatureStage;
 /// run in the same sorted ordering as `BTreeMap::iter`/`keys`/etc.
 /// We avoided a context: &'static [u8] here and in callers becuase they
 /// seem irreevant to the security arguments in the MuSig paper.
+#[inline(always)]
 fn commit_public_keys<'a,I>(keys: I) -> Transcript
 where I: Iterator<Item=&'a PublicKey>
 {
diff --git a/src/vrf.rs b/src/vrf.rs
@@ -125,6 +125,7 @@ pub trait VRFSigningTranscript {
 
 impl<T> VRFSigningTranscript for T where T: SigningTranscript {
     type T = T;
+    #[inline(always)]
     fn transcript_with_malleability_addressed(mut self, publickey: &PublicKey) -> T {
         self.commit_point(b"vrf-nm-pk", publickey.as_compressed());        
         // publickey.make_transcript_nonmalleable(&mut self);
@@ -146,6 +147,7 @@ impl<T> VRFSigningTranscript for T where T: SigningTranscript {
 pub struct Malleable<T: SigningTranscript>(pub T);
 impl<T> VRFSigningTranscript for Malleable<T> where T: SigningTranscript {
     type T = T;
+    #[inline(always)]
     fn transcript_with_malleability_addressed(self, _publickey: &PublicKey) -> T { self.0 }
 }
 
@@ -347,6 +349,7 @@ impl VRFInOut {
     /// when considerable output is required, but it should reduce
     /// the final linked binary size slightly, and improves domain
     /// separation.
+    #[inline(always)]
     pub fn make_merlin_rng(&self, context: &'static [u8]) -> merlin::TranscriptRng {
         // Very insecure hack except for our commit_witness_bytes below
         struct ZeroFakeRng;

Original file line number	Diff line number	Diff line change
`@@ -57,6 +57,7 @@ use crate::errors::MultiSignatureStage;`
`57`	`57`	/// run in the same sorted ordering as `BTreeMap::iter`/`keys`/etc.
`58`	`58`	`/// We avoided a context: &'static [u8] here and in callers becuase they`
`59`	`59`	`/// seem irreevant to the security arguments in the MuSig paper.`
	`60`	`+#[inline(always)]`
`60`	`61`	`fn commit_public_keys<'a,I>(keys: I) -> Transcript`
`61`	`62`	`where I: Iterator<Item=&'a PublicKey>`
`62`	`63`	`{`