Merge branch 'master' of https://github.com/multiparty/jigg

Author: wyatt-howe

src/evaluate.js

@@ -7,7 +7,6 @@
 
 const label = require('./data/label');
 const gate = require('./data/gate');
-const circuit = require('./data/circuit');
 const assignment = require('./data/assignment');
 const crypto = require('./util/crypto');
 
@@ -57,7 +56,7 @@ function processMessages(circuit, messages) {
  * @param {Object} gateGarbled - Garbled gate to evaluate
  * @param {Object} wireToLabels - Mapping from each wire index to two labels
  */
-function evaluateGate(gate, gateGarbled, wireToLabels) {
+function evaluateGate(gate_id, gate, gateGarbled, wireToLabels) {
   const i = gate.wire_in_index[0];
   const j = (gate.wire_in_index.length === 2) ? gate.wire_in_index[1] : i;
   const k = (gate.wire_out_index != null) ? gate.wire_out_index[0] : 0; // If null, just return decrypted.
@@ -68,27 +67,12 @@ function evaluateGate(gate, gateGarbled, wireToLabels) {
   } else if (gate.operation === 'not') {
     wireToLabels.set(k, [wireToLabels.get(i)[0]]);  // Already inverted.
   } else if (gate.operation === 'and') {
-    wireToLabels.set(k, [crypto.decrypt(wireToLabels.get(i)[0], wireToLabels.get(j)[0], k, label.Label(gateGarbled.get(l)))]);
+    wireToLabels.set(k, [crypto.decrypt(wireToLabels.get(i)[0], wireToLabels.get(j)[0], gate_id, label.Label(gateGarbled.get(l)))]);
   }
 }
 
-/**
- * Evaluate all the gates (stateless version).
- * @param {Object} circuit - Circuit in which to garble the gates
- * @param {Object} gatesGarbled - Ordered collection of garbled gates
- * @param {Object} wireToLabels - Labeled wire data structure
- * @returns {Object} Mapping from each wire index to two labels
- */
-function evaluateGates(circuit, gatesGarbled, wireToLabels) {
-  for (var i = 0; i < circuit.gate_count; i++) {
-    this.evaluateGate(circuit.gate[i], gatesGarbled.get(i), wireToLabels);
-  }
-  return wireToLabels;
-}
-
 module.exports = {
   receiveMessages: receiveMessages,
   processMessages: processMessages,
   evaluateGate: evaluateGate,
-  evaluateGates: evaluateGates
 };

src/garble.js

@@ -70,7 +70,7 @@ function generateWireToLabelsMap(circuit) {
  * @param {Object} wToLs - Mapping from each wire index to two labels
  * @returns {Object} Garbled gate
  */
-function garbleGate(gateFromCircuit, wToLs) {
+function garbleGate(gate_id, gateFromCircuit, wToLs) {
   const i = gateFromCircuit.wire_in_index[0];
   const j = (gateFromCircuit.wire_in_index.length === 2) ? gateFromCircuit.wire_in_index[1] : i;
   const k = gateFromCircuit.wire_out_index[0];
@@ -82,16 +82,16 @@ function garbleGate(gateFromCircuit, wToLs) {
   } else if (gateFromCircuit.operation === 'and') {
     var t = [0,0,0,1];
     var values = [
-      [crypto.encrypt(wToLs.get(i)[0], wToLs.get(j)[0], k, wToLs.get(k)[t[0]])
+      [crypto.encrypt(wToLs.get(i)[0], wToLs.get(j)[0], gate_id, wToLs.get(k)[t[0]])
         .toJSON(),
       (2 * wToLs.get(i)[0].pointer()) + wToLs.get(j)[0].pointer()],
-      [crypto.encrypt(wToLs.get(i)[0], wToLs.get(j)[1], k, wToLs.get(k)[t[1]])
+      [crypto.encrypt(wToLs.get(i)[0], wToLs.get(j)[1], gate_id, wToLs.get(k)[t[1]])
         .toJSON(),
       (2 * wToLs.get(i)[0].pointer()) + wToLs.get(j)[1].pointer()],
-      [crypto.encrypt(wToLs.get(i)[1], wToLs.get(j)[0], k, wToLs.get(k)[t[2]])
+      [crypto.encrypt(wToLs.get(i)[1], wToLs.get(j)[0], gate_id, wToLs.get(k)[t[2]])
         .toJSON(),
       (2 * wToLs.get(i)[1].pointer()) + wToLs.get(j)[0].pointer()],
-      [crypto.encrypt(wToLs.get(i)[1], wToLs.get(j)[1], k, wToLs.get(k)[t[3]])
+      [crypto.encrypt(wToLs.get(i)[1], wToLs.get(j)[1], gate_id, wToLs.get(k)[t[3]])
         .toJSON(),
       (2 * wToLs.get(i)[1].pointer()) + wToLs.get(j)[1].pointer()]
     ];
@@ -105,20 +105,6 @@ function garbleGate(gateFromCircuit, wToLs) {
   // Define cases for any other gate operations here.
 }
 
-/**
- * Garble all the gates (stateless version).
- * @param {Object} circuit - Circuit in which to garble the gates
- * @param {Object} wireToLabels - Mapping from each wire index to two labels
- * @returns {Object} Ordered collection of garbled gates
- */
-function garbleGates(circuit, wireToLabels) {
-  var gatesGarbled = new gate.GatesGarbled();
-  for (var i = 0; i < circuit.gate_count; i++) {
-    gatesGarbled.set(i, garbleGate(circuit.gate[i], wireToLabels));
-  }
-  return gatesGarbled;
-}
-
 /**
  * Send mapping from input wires to their label pairs.
  * @param {Object} channel - Communication channel to use
@@ -176,7 +162,6 @@ function outputLabelsToBits(circuit, wireToLabels, outputWireToLabels) {
 module.exports = {
   generateWireToLabelsMap: generateWireToLabelsMap,
   garbleGate: garbleGate,
-  garbleGates: garbleGates,
   sendInputWireToLabelsMap: sendInputWireToLabelsMap,
   outputLabelsToBits: outputLabelsToBits
 };

src/jigg.js

@@ -99,19 +99,19 @@ Agent.prototype.loadCircuit = function () {
  */
 Agent.prototype.gatesThrottled = function (circuit, gatesGarbled, wireToLabels, index) {
   for (var i = index; i < index + this.parallel && i < circuit.gate_count; i++) {
-    if (this.role == 'Garbler')
-      gatesGarbled.set(i, garble.garbleGate(circuit.gate[i], wireToLabels));
-    else if (this.role == 'Evaluator')
-      evaluate.evaluateGate(circuit.gate[i], gatesGarbled.get(i), wireToLabels);
+    if (this.role === 'Garbler')
+      gatesGarbled.set(i, garble.garbleGate(i, circuit.gate[i], wireToLabels));
+    else if (this.role === 'Evaluator')
+      evaluate.evaluateGate(i, circuit.gate[i], gatesGarbled.get(i), wireToLabels);
   }
 
   index += this.parallel;
   this.progress(Math.min(index, circuit.gate_count), circuit.gate_count);
 
   if (index >= circuit.gate_count) {
-    if (this.role == 'Garbler')
+    if (this.role === 'Garbler')
       this.finishGarbler(circuit, gatesGarbled, wireToLabels);
-    else if (this.role == 'Evaluator')
+    else if (this.role === 'Evaluator')
       this.finishEvaluator(circuit, wireToLabels);
     return;
   }

src/util/crypto.js

@@ -24,16 +24,29 @@ function encrypt(a, b, t, m) {
   return m.xor(k).xor(randomOracle(k, t));
 }
 
+function longToByteArray(long) {
+  // we want to represent the input as a 8-bytes array
+  var byteArray = new Uint8Array(sodium.crypto_secretbox_NONCEBYTES);
+
+  for ( var index = 0; index < byteArray.length; index ++ ) {
+    var byte = long & 0xff;
+    byteArray [ index ] = byte;
+    long = (long - byte) / 256 ;
+  }
+
+  return byteArray;
+}
+
 /**
  * Fixed-key 1-block cipher as the Random Oracle.
  * @param {string} m - Message
  * @param {string} t - Tweak
  * @returns {string} Pseudorandom bytes for ephemeral OTP key
  */
 function randomOracle(m, t = 0) {
-  return sodium.crypto_secretbox_easy(
+    return sodium.crypto_secretbox_easy(
     m,
-    new Uint8Array(24).fill(t),  // Nonce 24 bytes because this sodium uses 192 bit blocks.
+    longToByteArray(t),  // Nonce 24 bytes because this sodium uses 192 bit blocks.
     sodium.from_hex('da5698be17b9b46962335799779fbeca8ce5d491c0d26243bafef9ea1837a9d8')  // SHA(0).
   ).subarray(0, bytes+1);  // Prune back to the correct number of bytes.
 }