UNPKG

@reclaimprotocol/zk-symmetric-crypto

Version:
449 lines (422 loc) 16.2 kB
/* @ts-self-types="./s2circuits.d.ts" */ /** * Debug: compute ChaCha20 keystream and return it (for debugging WASM issues). * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @returns {string} */ function debug_chacha20_keystream(key, nonce, counter) { let deferred3_0; let deferred3_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ret = wasm.debug_chacha20_keystream(ptr0, len0, ptr1, len1, counter); deferred3_0 = ret[0]; deferred3_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred3_0, deferred3_1, 1); } } exports.debug_chacha20_keystream = debug_chacha20_keystream; /** * Generate AES-128-CTR proof and return it serialized (base64). * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function generate_aes128_ctr_proof(key, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.generate_aes128_ctr_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.generate_aes128_ctr_proof = generate_aes128_ctr_proof; /** * Generate AES-256-CTR proof and return it serialized (base64). * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function generate_aes256_ctr_proof(key, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.generate_aes256_ctr_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.generate_aes256_ctr_proof = generate_aes256_ctr_proof; /** * Generate ChaCha20 proof and return it serialized (base64). * Use verify_chacha20_proof() to verify the proof separately. * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function generate_chacha20_proof(key, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.generate_chacha20_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.generate_chacha20_proof = generate_chacha20_proof; /** * Get circuit information as JSON. * @returns {string} */ function get_circuits_info() { let deferred1_0; let deferred1_1; try { const ret = wasm.get_circuits_info(); deferred1_0 = ret[0]; deferred1_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred1_0, deferred1_1, 1); } } exports.get_circuits_info = get_circuits_info; /** * Prove AES-128-CTR encryption. * * # Arguments * * `key` - 16-byte key (Uint8Array) - PRIVATE * * `nonce` - 12-byte nonce (Uint8Array) - PUBLIC * * `counter` - Starting counter value - PUBLIC * * `plaintext` - Plaintext bytes (Uint8Array, must be multiple of 16) - PUBLIC * * `ciphertext` - Ciphertext bytes (Uint8Array, same length as plaintext) - PUBLIC * * # Returns * JSON string: {"success": true, "blocks": N} or {"error": "..."} * * # What the proof demonstrates * "I know a secret key K such that AES-128-CTR(K, nonce, counter, plaintext) = ciphertext" * The key remains private - the verifier learns nothing about it. * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function prove_aes128_ctr_encrypt(key, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.prove_aes128_ctr_encrypt(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.prove_aes128_ctr_encrypt = prove_aes128_ctr_encrypt; /** * Prove AES-256-CTR encryption. * * # Arguments * * `key` - 32-byte key (Uint8Array) - PRIVATE * * `nonce` - 12-byte nonce (Uint8Array) - PUBLIC * * `counter` - Starting counter value - PUBLIC * * `plaintext` - Plaintext bytes (Uint8Array, must be multiple of 16) - PUBLIC * * `ciphertext` - Ciphertext bytes (Uint8Array, same length as plaintext) - PUBLIC * * # Returns * JSON string: {"success": true, "blocks": N} or {"error": "..."} * * # What the proof demonstrates * "I know a secret key K such that AES-256-CTR(K, nonce, counter, plaintext) = ciphertext" * The key remains private - the verifier learns nothing about it. * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function prove_aes256_ctr_encrypt(key, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.prove_aes256_ctr_encrypt(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.prove_aes256_ctr_encrypt = prove_aes256_ctr_encrypt; /** * Prove ChaCha20 encryption. * * # Arguments * * `key` - 32-byte key (Uint8Array) - PRIVATE * * `nonce` - 12-byte nonce (Uint8Array) - PUBLIC * * `counter` - Starting counter value - PUBLIC * * `plaintext` - Plaintext bytes (Uint8Array, must be multiple of 64) - PUBLIC * * `ciphertext` - Ciphertext bytes (Uint8Array, same length as plaintext) - PUBLIC * * # Returns * JSON string: {"success": true, "blocks": N} or {"error": "..."} * * # What the proof demonstrates * "I know a secret key K such that ChaCha20(K, nonce, counter, plaintext) = ciphertext" * The key remains private - the verifier learns nothing about it. * @param {Uint8Array} key * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function prove_chacha20_encrypt(key, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.prove_chacha20_encrypt(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.prove_chacha20_encrypt = prove_chacha20_encrypt; /** * Verify an AES-CTR proof (base64-encoded) against verifier-supplied public inputs. * Works for both AES-128 and AES-256. * * The verifier must provide the expected nonce, counter, plaintext, and ciphertext. * Verification fails if the proof was generated for different data. * @param {string} proof_b64 * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function verify_aes_ctr_proof(proof_b64, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passStringToWasm0(proof_b64, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.verify_aes_ctr_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.verify_aes_ctr_proof = verify_aes_ctr_proof; /** * Verify a ChaCha20 proof (base64-encoded) against verifier-supplied public inputs. * * The verifier must provide the expected nonce, counter, plaintext, and ciphertext. * Verification fails if the proof was generated for different data. * @param {string} proof_b64 * @param {Uint8Array} nonce * @param {number} counter * @param {Uint8Array} plaintext * @param {Uint8Array} ciphertext * @returns {string} */ function verify_chacha20_proof(proof_b64, nonce, counter, plaintext, ciphertext) { let deferred5_0; let deferred5_1; try { const ptr0 = passStringToWasm0(proof_b64, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); const len0 = WASM_VECTOR_LEN; const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc); const len1 = WASM_VECTOR_LEN; const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc); const len2 = WASM_VECTOR_LEN; const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc); const len3 = WASM_VECTOR_LEN; const ret = wasm.verify_chacha20_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3); deferred5_0 = ret[0]; deferred5_1 = ret[1]; return getStringFromWasm0(ret[0], ret[1]); } finally { wasm.__wbindgen_free(deferred5_0, deferred5_1, 1); } } exports.verify_chacha20_proof = verify_chacha20_proof; function __wbg_get_imports() { const import0 = { __proto__: null, __wbg___wbindgen_throw_6ddd609b62940d55: function(arg0, arg1) { throw new Error(getStringFromWasm0(arg0, arg1)); }, __wbindgen_init_externref_table: function() { const table = wasm.__wbindgen_externrefs; const offset = table.grow(4); table.set(0, undefined); table.set(offset + 0, undefined); table.set(offset + 1, null); table.set(offset + 2, true); table.set(offset + 3, false); }, }; return { __proto__: null, "./s2circuits_bg.js": import0, }; } function getStringFromWasm0(ptr, len) { ptr = ptr >>> 0; return decodeText(ptr, len); } let cachedUint8ArrayMemory0 = null; function getUint8ArrayMemory0() { if (cachedUint8ArrayMemory0 === null || cachedUint8ArrayMemory0.byteLength === 0) { cachedUint8ArrayMemory0 = new Uint8Array(wasm.memory.buffer); } return cachedUint8ArrayMemory0; } function passArray8ToWasm0(arg, malloc) { const ptr = malloc(arg.length * 1, 1) >>> 0; getUint8ArrayMemory0().set(arg, ptr / 1); WASM_VECTOR_LEN = arg.length; return ptr; } function passStringToWasm0(arg, malloc, realloc) { if (realloc === undefined) { const buf = cachedTextEncoder.encode(arg); const ptr = malloc(buf.length, 1) >>> 0; getUint8ArrayMemory0().subarray(ptr, ptr + buf.length).set(buf); WASM_VECTOR_LEN = buf.length; return ptr; } let len = arg.length; let ptr = malloc(len, 1) >>> 0; const mem = getUint8ArrayMemory0(); let offset = 0; for (; offset < len; offset++) { const code = arg.charCodeAt(offset); if (code > 0x7F) break; mem[ptr + offset] = code; } if (offset !== len) { if (offset !== 0) { arg = arg.slice(offset); } ptr = realloc(ptr, len, len = offset + arg.length * 3, 1) >>> 0; const view = getUint8ArrayMemory0().subarray(ptr + offset, ptr + len); const ret = cachedTextEncoder.encodeInto(arg, view); offset += ret.written; ptr = realloc(ptr, len, offset, 1) >>> 0; } WASM_VECTOR_LEN = offset; return ptr; } let cachedTextDecoder = new TextDecoder('utf-8', { ignoreBOM: true, fatal: true }); cachedTextDecoder.decode(); function decodeText(ptr, len) { return cachedTextDecoder.decode(getUint8ArrayMemory0().subarray(ptr, ptr + len)); } const cachedTextEncoder = new TextEncoder(); if (!('encodeInto' in cachedTextEncoder)) { cachedTextEncoder.encodeInto = function (arg, view) { const buf = cachedTextEncoder.encode(arg); view.set(buf); return { read: arg.length, written: buf.length }; }; } let WASM_VECTOR_LEN = 0; const wasmPath = `${__dirname}/s2circuits_bg.wasm`; const wasmBytes = require('fs').readFileSync(wasmPath); const wasmModule = new WebAssembly.Module(wasmBytes); let wasm = new WebAssembly.Instance(wasmModule, __wbg_get_imports()).exports; wasm.__wbindgen_start();