General code improvements (#87)

* Better memory management in compute_challenges() * Forgotten retval check in compute_aggregated_poly_...() * General niceties around the code
2023-01-26 23:43:17 +01:00 · 2023-01-26 23:43:17 +01:00 · d46544dd2e
parent 877e6a43d3
commit d46544dd2e
1 changed files with 37 additions and 28 deletions
--- a/src/c_kzg_4844.c
+++ b/src/c_kzg_4844.c
@ -502,7 +502,7 @@ static void bytes_from_bls_field(Bytes32 *out, const fr_t *in) {
 * @param[out] out An 8-byte array to store the serialized integer
 * @param[in]  n   The integer to be serialized
 */
-static void bytes_of_uint64(uint8_t out[8], uint64_t n) {
+static void bytes_from_uint64(uint8_t out[8], uint64_t n) {
    for (int i = 0; i < 8; i++) {
        out[i] = n & 0xFF;
        n >>= 8;
@ -643,13 +643,15 @@ static C_KZG_RET validate_kzg_g1(g1_t *out, const Bytes48 *b) {
        return C_KZG_BADARGS;
    blst_p1_from_affine(out, &p1_affine);
-    /* Check if it's the point at infinity */
+    /* The point at infinity is accepted! */
    if (blst_p1_is_inf(out))
        return C_KZG_OK;
-    /* Key validation */
+    /* The point must be on the curve */
    if (!blst_p1_on_curve(out))
        return C_KZG_BADARGS;
    /* The point must be on the right subgroup */
    if (!blst_p1_in_g1(out))
        return C_KZG_BADARGS;
@ -717,30 +719,40 @@ static C_KZG_RET compute_challenges(fr_t *eval_challenge_out, fr_t *r_powers_out
                                    const Polynomial *polys, const g1_t *comms, uint64_t n) {
    size_t i;
    uint64_t j;
    const size_t ni = 32; // len(FIAT_SHAMIR_PROTOCOL_DOMAIN) + 8 + 8
    const size_t np = ni + n * BYTES_PER_BLOB;
    const size_t nb = np + n * 48;
-    uint8_t* bytes = calloc(nb, sizeof(uint8_t));
+    // len(FIAT_SHAMIR_PROTOCOL_DOMAIN) + 8 + 8 + n blobs + n commitments
    size_t input_size = 32 + (n * BYTES_PER_BLOB) + (n * 48);
    uint8_t *bytes = calloc(input_size, sizeof(uint8_t));
    if (bytes == NULL) return C_KZG_MALLOC;
    /* Pointer tracking `bytes` for writing on top of it */
    uint8_t *offset = bytes;
    /* Copy domain separator */
-    memcpy(bytes, FIAT_SHAMIR_PROTOCOL_DOMAIN, 16);
+    memcpy(offset, FIAT_SHAMIR_PROTOCOL_DOMAIN, 16);
-    bytes_of_uint64(&bytes[16], FIELD_ELEMENTS_PER_BLOB);
+    offset += 16;
-    bytes_of_uint64(&bytes[16 + 8], n);
+    bytes_from_uint64(offset, FIELD_ELEMENTS_PER_BLOB);
    offset += 8;
    bytes_from_uint64(offset, n);
    offset += 8;
    /* Copy polynomials */
-    for (i = 0; i < n; i++)
+    for (i = 0; i < n; i++) {
-        for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++)
+      for (j = 0; j < FIELD_ELEMENTS_PER_BLOB; j++) {
-            bytes_from_bls_field((Bytes32 *)&bytes[ni + BYTES_PER_FIELD_ELEMENT * (i * FIELD_ELEMENTS_PER_BLOB + j)], &polys[i].evals[j]);
+        bytes_from_bls_field((Bytes32 *)offset, &polys[i].evals[j]);
        offset += BYTES_PER_FIELD_ELEMENT;
      }
    }
    /* Copy commitments */
-    for (i = 0; i < n; i++)
+    for (i = 0; i < n; i++) {
-        bytes_from_g1((Bytes48 *)&bytes[np + i * 48], &comms[i]);
+        bytes_from_g1((Bytes48 *)offset, &comms[i]);
        offset += BYTES_PER_COMMITMENT;
    }
    /* Now let's create challenges! */
    uint8_t hashed_data[32] = {0};
-    blst_sha256(hashed_data, bytes, nb);
+    blst_sha256(hashed_data, bytes, input_size);
    /* We will use hash_input in the computation of both challenges */
    uint8_t hash_input[33];
@ -1163,7 +1175,7 @@ static C_KZG_RET compute_aggregated_poly_and_commitment(Polynomial *poly_out, g1
        const g1_t *kzg_commitments,
        size_t n) {
    fr_t* r_powers = calloc(n, sizeof(fr_t));
-    if (0 < n && r_powers == NULL) return C_KZG_MALLOC;
+    if (n > 0 && r_powers == NULL) return C_KZG_MALLOC;
    C_KZG_RET ret;
    ret = compute_challenges(chal_out, r_powers, polys, kzg_commitments, n);
@ -1172,10 +1184,11 @@ static C_KZG_RET compute_aggregated_poly_and_commitment(Polynomial *poly_out, g1
    poly_lincomb(poly_out, polys, r_powers, n);
    ret = g1_lincomb(comm_out, kzg_commitments, r_powers, n);
    if (ret != C_KZG_OK) goto out;
 out:
    free(r_powers);
-    return C_KZG_OK;
+    return ret;
 }
 /**
@ -1195,19 +1208,17 @@ C_KZG_RET compute_aggregate_kzg_proof(KZGProof *out,
                                      const Blob *blobs,
                                      size_t n,
                                      const KZGSettings *s) {
-    C_KZG_RET ret;
+    C_KZG_RET ret = C_KZG_MALLOC;
    Polynomial* polys = NULL;
    g1_t* commitments = NULL;
    commitments = calloc(n, sizeof(g1_t));
-    if (0 < n && commitments == NULL) {
+    if (n > 0 && commitments == NULL) {
        ret = C_KZG_MALLOC;
        goto out;
    }
    polys = calloc(n, sizeof(Polynomial));
-    if (0 < n && polys == NULL) {
+    if (n > 0 && polys == NULL) {
        ret = C_KZG_MALLOC;
        goto out;
    }
@ -1250,7 +1261,7 @@ C_KZG_RET verify_aggregate_kzg_proof(bool *out,
                                     size_t n,
                                     const Bytes48 *aggregated_proof_bytes,
                                     const KZGSettings *s) {
-    C_KZG_RET ret;
+    C_KZG_RET ret = C_KZG_MALLOC;
    g1_t* commitments = NULL;
    Polynomial* polys = NULL;
@ -1259,14 +1270,12 @@ C_KZG_RET verify_aggregate_kzg_proof(bool *out,
    if (ret != C_KZG_OK) goto out;
    commitments = calloc(n, sizeof(g1_t));
-    if (0 < n && commitments == NULL) {
+    if (n > 0 && commitments == NULL) {
        ret = C_KZG_MALLOC;
        goto out;
    }
    polys = calloc(n, sizeof(Polynomial));
-    if (0 < n && polys == NULL) {
+    if (n > 0 && polys == NULL) {
        ret = C_KZG_MALLOC;
        goto out;
    }