@reclaimprotocol/zk-symmetric-crypto
Version:
JS Wrappers for Various ZK Snark Circuits
449 lines (422 loc) • 16.2 kB
JavaScript
/* @ts-self-types="./s2circuits.d.ts" */
/**
* Debug: compute ChaCha20 keystream and return it (for debugging WASM issues).
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @returns {string}
*/
function debug_chacha20_keystream(key, nonce, counter) {
let deferred3_0;
let deferred3_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ret = wasm.debug_chacha20_keystream(ptr0, len0, ptr1, len1, counter);
deferred3_0 = ret[0];
deferred3_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred3_0, deferred3_1, 1);
}
}
exports.debug_chacha20_keystream = debug_chacha20_keystream;
/**
* Generate AES-128-CTR proof and return it serialized (base64).
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function generate_aes128_ctr_proof(key, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.generate_aes128_ctr_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.generate_aes128_ctr_proof = generate_aes128_ctr_proof;
/**
* Generate AES-256-CTR proof and return it serialized (base64).
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function generate_aes256_ctr_proof(key, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.generate_aes256_ctr_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.generate_aes256_ctr_proof = generate_aes256_ctr_proof;
/**
* Generate ChaCha20 proof and return it serialized (base64).
* Use verify_chacha20_proof() to verify the proof separately.
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function generate_chacha20_proof(key, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.generate_chacha20_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.generate_chacha20_proof = generate_chacha20_proof;
/**
* Get circuit information as JSON.
* @returns {string}
*/
function get_circuits_info() {
let deferred1_0;
let deferred1_1;
try {
const ret = wasm.get_circuits_info();
deferred1_0 = ret[0];
deferred1_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred1_0, deferred1_1, 1);
}
}
exports.get_circuits_info = get_circuits_info;
/**
* Prove AES-128-CTR encryption.
*
* # Arguments
* * `key` - 16-byte key (Uint8Array) - PRIVATE
* * `nonce` - 12-byte nonce (Uint8Array) - PUBLIC
* * `counter` - Starting counter value - PUBLIC
* * `plaintext` - Plaintext bytes (Uint8Array, must be multiple of 16) - PUBLIC
* * `ciphertext` - Ciphertext bytes (Uint8Array, same length as plaintext) - PUBLIC
*
* # Returns
* JSON string: {"success": true, "blocks": N} or {"error": "..."}
*
* # What the proof demonstrates
* "I know a secret key K such that AES-128-CTR(K, nonce, counter, plaintext) = ciphertext"
* The key remains private - the verifier learns nothing about it.
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function prove_aes128_ctr_encrypt(key, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.prove_aes128_ctr_encrypt(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.prove_aes128_ctr_encrypt = prove_aes128_ctr_encrypt;
/**
* Prove AES-256-CTR encryption.
*
* # Arguments
* * `key` - 32-byte key (Uint8Array) - PRIVATE
* * `nonce` - 12-byte nonce (Uint8Array) - PUBLIC
* * `counter` - Starting counter value - PUBLIC
* * `plaintext` - Plaintext bytes (Uint8Array, must be multiple of 16) - PUBLIC
* * `ciphertext` - Ciphertext bytes (Uint8Array, same length as plaintext) - PUBLIC
*
* # Returns
* JSON string: {"success": true, "blocks": N} or {"error": "..."}
*
* # What the proof demonstrates
* "I know a secret key K such that AES-256-CTR(K, nonce, counter, plaintext) = ciphertext"
* The key remains private - the verifier learns nothing about it.
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function prove_aes256_ctr_encrypt(key, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.prove_aes256_ctr_encrypt(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.prove_aes256_ctr_encrypt = prove_aes256_ctr_encrypt;
/**
* Prove ChaCha20 encryption.
*
* # Arguments
* * `key` - 32-byte key (Uint8Array) - PRIVATE
* * `nonce` - 12-byte nonce (Uint8Array) - PUBLIC
* * `counter` - Starting counter value - PUBLIC
* * `plaintext` - Plaintext bytes (Uint8Array, must be multiple of 64) - PUBLIC
* * `ciphertext` - Ciphertext bytes (Uint8Array, same length as plaintext) - PUBLIC
*
* # Returns
* JSON string: {"success": true, "blocks": N} or {"error": "..."}
*
* # What the proof demonstrates
* "I know a secret key K such that ChaCha20(K, nonce, counter, plaintext) = ciphertext"
* The key remains private - the verifier learns nothing about it.
* @param {Uint8Array} key
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function prove_chacha20_encrypt(key, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passArray8ToWasm0(key, wasm.__wbindgen_malloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.prove_chacha20_encrypt(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.prove_chacha20_encrypt = prove_chacha20_encrypt;
/**
* Verify an AES-CTR proof (base64-encoded) against verifier-supplied public inputs.
* Works for both AES-128 and AES-256.
*
* The verifier must provide the expected nonce, counter, plaintext, and ciphertext.
* Verification fails if the proof was generated for different data.
* @param {string} proof_b64
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function verify_aes_ctr_proof(proof_b64, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passStringToWasm0(proof_b64, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.verify_aes_ctr_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.verify_aes_ctr_proof = verify_aes_ctr_proof;
/**
* Verify a ChaCha20 proof (base64-encoded) against verifier-supplied public inputs.
*
* The verifier must provide the expected nonce, counter, plaintext, and ciphertext.
* Verification fails if the proof was generated for different data.
* @param {string} proof_b64
* @param {Uint8Array} nonce
* @param {number} counter
* @param {Uint8Array} plaintext
* @param {Uint8Array} ciphertext
* @returns {string}
*/
function verify_chacha20_proof(proof_b64, nonce, counter, plaintext, ciphertext) {
let deferred5_0;
let deferred5_1;
try {
const ptr0 = passStringToWasm0(proof_b64, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc);
const len0 = WASM_VECTOR_LEN;
const ptr1 = passArray8ToWasm0(nonce, wasm.__wbindgen_malloc);
const len1 = WASM_VECTOR_LEN;
const ptr2 = passArray8ToWasm0(plaintext, wasm.__wbindgen_malloc);
const len2 = WASM_VECTOR_LEN;
const ptr3 = passArray8ToWasm0(ciphertext, wasm.__wbindgen_malloc);
const len3 = WASM_VECTOR_LEN;
const ret = wasm.verify_chacha20_proof(ptr0, len0, ptr1, len1, counter, ptr2, len2, ptr3, len3);
deferred5_0 = ret[0];
deferred5_1 = ret[1];
return getStringFromWasm0(ret[0], ret[1]);
} finally {
wasm.__wbindgen_free(deferred5_0, deferred5_1, 1);
}
}
exports.verify_chacha20_proof = verify_chacha20_proof;
function __wbg_get_imports() {
const import0 = {
__proto__: null,
__wbg___wbindgen_throw_6ddd609b62940d55: function(arg0, arg1) {
throw new Error(getStringFromWasm0(arg0, arg1));
},
__wbindgen_init_externref_table: function() {
const table = wasm.__wbindgen_externrefs;
const offset = table.grow(4);
table.set(0, undefined);
table.set(offset + 0, undefined);
table.set(offset + 1, null);
table.set(offset + 2, true);
table.set(offset + 3, false);
},
};
return {
__proto__: null,
"./s2circuits_bg.js": import0,
};
}
function getStringFromWasm0(ptr, len) {
ptr = ptr >>> 0;
return decodeText(ptr, len);
}
let cachedUint8ArrayMemory0 = null;
function getUint8ArrayMemory0() {
if (cachedUint8ArrayMemory0 === null || cachedUint8ArrayMemory0.byteLength === 0) {
cachedUint8ArrayMemory0 = new Uint8Array(wasm.memory.buffer);
}
return cachedUint8ArrayMemory0;
}
function passArray8ToWasm0(arg, malloc) {
const ptr = malloc(arg.length * 1, 1) >>> 0;
getUint8ArrayMemory0().set(arg, ptr / 1);
WASM_VECTOR_LEN = arg.length;
return ptr;
}
function passStringToWasm0(arg, malloc, realloc) {
if (realloc === undefined) {
const buf = cachedTextEncoder.encode(arg);
const ptr = malloc(buf.length, 1) >>> 0;
getUint8ArrayMemory0().subarray(ptr, ptr + buf.length).set(buf);
WASM_VECTOR_LEN = buf.length;
return ptr;
}
let len = arg.length;
let ptr = malloc(len, 1) >>> 0;
const mem = getUint8ArrayMemory0();
let offset = 0;
for (; offset < len; offset++) {
const code = arg.charCodeAt(offset);
if (code > 0x7F) break;
mem[ptr + offset] = code;
}
if (offset !== len) {
if (offset !== 0) {
arg = arg.slice(offset);
}
ptr = realloc(ptr, len, len = offset + arg.length * 3, 1) >>> 0;
const view = getUint8ArrayMemory0().subarray(ptr + offset, ptr + len);
const ret = cachedTextEncoder.encodeInto(arg, view);
offset += ret.written;
ptr = realloc(ptr, len, offset, 1) >>> 0;
}
WASM_VECTOR_LEN = offset;
return ptr;
}
let cachedTextDecoder = new TextDecoder('utf-8', { ignoreBOM: true, fatal: true });
cachedTextDecoder.decode();
function decodeText(ptr, len) {
return cachedTextDecoder.decode(getUint8ArrayMemory0().subarray(ptr, ptr + len));
}
const cachedTextEncoder = new TextEncoder();
if (!('encodeInto' in cachedTextEncoder)) {
cachedTextEncoder.encodeInto = function (arg, view) {
const buf = cachedTextEncoder.encode(arg);
view.set(buf);
return {
read: arg.length,
written: buf.length
};
};
}
let WASM_VECTOR_LEN = 0;
const wasmPath = `${__dirname}/s2circuits_bg.wasm`;
const wasmBytes = require('fs').readFileSync(wasmPath);
const wasmModule = new WebAssembly.Module(wasmBytes);
let wasm = new WebAssembly.Instance(wasmModule, __wbg_get_imports()).exports;
wasm.__wbindgen_start();