11//! Computes some hashes of the PRF locally.
22
3+ use std:: collections:: VecDeque ;
4+
35use crate :: { hmac:: hmac_sha256, sha256, state_to_bytes, PrfError } ;
46use mpz_core:: bitvec:: BitVec ;
57use mpz_hash:: sha256:: Sha256 ;
@@ -19,8 +21,8 @@ pub(crate) struct PrfFunction {
1921 start_seed_label : Vec < u8 > ,
2022 iterations : usize ,
2123 state : PrfState ,
22- a : Vec < PHash > ,
23- p : Vec < PHash > ,
24+ a : VecDeque < AHash > ,
25+ p : VecDeque < PHash > ,
2426}
2527
2628#[ derive( Debug ) ]
@@ -38,7 +40,7 @@ enum PrfState {
3840 inner_partial : [ u32 ; 8 ] ,
3941 a_output : DecodeFutureTyped < BitVec , [ u8 ; 32 ] > ,
4042 } ,
41- ComputeLastP ,
43+ FinishLastP ,
4244 Done ,
4345}
4446
@@ -95,7 +97,7 @@ impl PrfFunction {
9597 } ;
9698
9799 self . state = PrfState :: ComputeA {
98- iter : 0 ,
100+ iter : 1 ,
99101 inner_partial,
100102 msg : self . start_seed_label . clone ( ) ,
101103 } ;
@@ -106,14 +108,13 @@ impl PrfFunction {
106108 inner_partial,
107109 msg,
108110 } => {
109- let a = & self . a [ * iter ] ;
111+ let a = self . a . pop_front ( ) . expect ( "Prf AHash should be present" ) ;
110112 assign_inner_local ( vm, a. inner_local , * inner_partial, msg) ?;
111113
112- let a_output = vm. decode ( a. output ) . map_err ( PrfError :: vm) ?;
113114 self . state = PrfState :: ComputeP {
114115 iter : * iter,
115116 inner_partial : * inner_partial,
116- a_output,
117+ a_output : a . output ,
117118 } ;
118119 }
119120 PrfState :: ComputeP {
@@ -124,15 +125,15 @@ impl PrfFunction {
124125 let Some ( output) = a_output. try_recv ( ) . map_err ( PrfError :: vm) ? else {
125126 return Ok ( ( ) ) ;
126127 } ;
127- let p = & self . p [ * iter ] ;
128+ let p = self . p . pop_front ( ) . expect ( "Prf PHash should be present" ) ;
128129
129130 let mut msg = output. to_vec ( ) ;
130131 msg. extend_from_slice ( & self . start_seed_label ) ;
131132
132133 assign_inner_local ( vm, p. inner_local , * inner_partial, & msg) ?;
133134
134135 if * iter == self . iterations {
135- self . state = PrfState :: ComputeLastP ;
136+ self . state = PrfState :: FinishLastP ;
136137 } else {
137138 self . state = PrfState :: ComputeA {
138139 iter : * iter + 1 ,
@@ -141,7 +142,7 @@ impl PrfFunction {
141142 }
142143 } ;
143144 }
144- PrfState :: ComputeLastP => self . state = PrfState :: Done ,
145+ PrfState :: FinishLastP => self . state = PrfState :: Done ,
145146 _ => ( ) ,
146147 }
147148
@@ -178,22 +179,24 @@ impl PrfFunction {
178179 let mut prf = Self {
179180 label,
180181 start_seed_label : vec ! [ ] ,
181- // used for indexing, so we need to subtract one here
182- iterations : iterations - 1 ,
182+ iterations,
183183 state : PrfState :: InnerPartial { inner_partial } ,
184- a : vec ! [ ] ,
185- p : vec ! [ ] ,
184+ a : VecDeque :: new ( ) ,
185+ p : VecDeque :: new ( ) ,
186186 } ;
187187
188188 for _ in 0 ..iterations {
189189 // setup A[i]
190190 let inner_local: Array < U8 , 32 > = vm. alloc ( ) . map_err ( PrfError :: vm) ?;
191191 let output = hmac_sha256 ( vm, outer_partial. clone ( ) , inner_local) ?;
192- let p_hash = PHash {
192+
193+ let output = vm. decode ( output) . map_err ( PrfError :: vm) ?;
194+ let a_hash = AHash {
193195 inner_local,
194196 output,
195197 } ;
196- prf. a . push ( p_hash) ;
198+
199+ prf. a . push_front ( a_hash) ;
197200
198201 // setup P[i]
199202 let inner_local: Array < U8 , 32 > = vm. alloc ( ) . map_err ( PrfError :: vm) ?;
@@ -202,7 +205,7 @@ impl PrfFunction {
202205 inner_local,
203206 output,
204207 } ;
205- prf. p . push ( p_hash) ;
208+ prf. p . push_front ( p_hash) ;
206209 }
207210
208211 Ok ( prf)
@@ -225,6 +228,14 @@ fn assign_inner_local(
225228 Ok ( ( ) )
226229}
227230
231+ /// Like PHash but stores the output as the decoding future because in the reduced Prf we need to
232+ /// decode this output.
233+ #[ derive( Debug ) ]
234+ struct AHash {
235+ inner_local : Array < U8 , 32 > ,
236+ output : DecodeFutureTyped < BitVec , [ u8 ; 32 ] > ,
237+ }
238+
228239#[ derive( Debug , Clone , Copy ) ]
229240struct PHash {
230241 inner_local : Array < U8 , 32 > ,
0 commit comments