From 1eaa3e8040ec02a5eb4b3832f8aac56325b88d28 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sat, 8 Oct 2016 18:53:31 +0100 Subject: [PATCH 1/4] tests: add performance tests for rct signatures --- tests/performance_tests/CMakeLists.txt | 2 +- ..._ring_signature.h => check_tx_signature.h} | 25 ++++++-- tests/performance_tests/construct_tx.h | 6 +- tests/performance_tests/main.cpp | 60 ++++++++++++------- tests/performance_tests/multi_tx_test_base.h | 3 +- tests/performance_tests/performance_tests.h | 1 + 6 files changed, 65 insertions(+), 32 deletions(-) rename tests/performance_tests/{check_ring_signature.h => check_tx_signature.h} (74%) diff --git a/tests/performance_tests/CMakeLists.txt b/tests/performance_tests/CMakeLists.txt index 37accb393..36dfd5952 100644 --- a/tests/performance_tests/CMakeLists.txt +++ b/tests/performance_tests/CMakeLists.txt @@ -30,7 +30,7 @@ set(performance_tests_sources main.cpp) set(performance_tests_headers - check_ring_signature.h + check_tx_signature.h cn_slow_hash.h construct_tx.h derive_public_key.h diff --git a/tests/performance_tests/check_ring_signature.h b/tests/performance_tests/check_tx_signature.h similarity index 74% rename from tests/performance_tests/check_ring_signature.h rename to tests/performance_tests/check_tx_signature.h index a55849742..fe595a4da 100644 --- a/tests/performance_tests/check_ring_signature.h +++ b/tests/performance_tests/check_tx_signature.h @@ -36,17 +36,19 @@ #include "cryptonote_core/cryptonote_basic.h" #include "cryptonote_core/cryptonote_format_utils.h" #include "crypto/crypto.h" +#include "ringct/rctSigs.h" #include "multi_tx_test_base.h" -template -class test_check_ring_signature : private multi_tx_test_base +template +class test_check_tx_signature : private multi_tx_test_base { static_assert(0 < a_ring_size, "ring_size must be greater than 0"); public: - static const size_t loop_count = a_ring_size < 100 ? 100 : 10; + static const size_t loop_count = a_rct ? 10 : a_ring_size < 100 ? 100 : 10; static const size_t ring_size = a_ring_size; + static const bool rct = a_rct; typedef multi_tx_test_base base_class; @@ -62,7 +64,8 @@ public: std::vector destinations; destinations.push_back(tx_destination_entry(this->m_source_amount, m_alice.get_keys().m_account_address)); - if (!construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, std::vector(), m_tx, 0)) + crypto::secret_key tx_key; + if (!construct_tx_and_get_tx_key(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, std::vector(), m_tx, 0, tx_key, rct)) return false; get_transaction_prefix_hash(m_tx, m_tx_prefix_hash); @@ -72,8 +75,18 @@ public: bool test() { - const cryptonote::txin_to_key& txin = boost::get(m_tx.vin[0]); - return crypto::check_ring_signature(m_tx_prefix_hash, txin.k_image, this->m_public_key_ptrs, ring_size, m_tx.signatures[0].data()); + if (rct) + { + if (m_tx.rct_signatures.type == rct::RCTTypeFull) + return rct::verRct(m_tx.rct_signatures); + else + return rct::verRctSimple(m_tx.rct_signatures); + } + else + { + const cryptonote::txin_to_key& txin = boost::get(m_tx.vin[0]); + return crypto::check_ring_signature(m_tx_prefix_hash, txin.k_image, this->m_public_key_ptrs, ring_size, m_tx.signatures[0].data()); + } } private: diff --git a/tests/performance_tests/construct_tx.h b/tests/performance_tests/construct_tx.h index d3409c0f3..aef455eaa 100644 --- a/tests/performance_tests/construct_tx.h +++ b/tests/performance_tests/construct_tx.h @@ -36,7 +36,7 @@ #include "multi_tx_test_base.h" -template +template class test_construct_tx : private multi_tx_test_base { static_assert(0 < a_in_count, "in_count must be greater than 0"); @@ -46,6 +46,7 @@ public: static const size_t loop_count = (a_in_count + a_out_count < 100) ? 100 : 10; static const size_t in_count = a_in_count; static const size_t out_count = a_out_count; + static const bool rct = a_rct; typedef multi_tx_test_base base_class; @@ -68,7 +69,8 @@ public: bool test() { - return cryptonote::construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, m_destinations, std::vector(), m_tx, 0); + crypto::secret_key tx_key; + return cryptonote::construct_tx_and_get_tx_key(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, m_destinations, std::vector(), m_tx, 0, tx_key, rct); } private: diff --git a/tests/performance_tests/main.cpp b/tests/performance_tests/main.cpp index 84a51aa96..4de0fac54 100644 --- a/tests/performance_tests/main.cpp +++ b/tests/performance_tests/main.cpp @@ -33,7 +33,7 @@ // tests #include "construct_tx.h" -#include "check_ring_signature.h" +#include "check_tx_signature.h" #include "cn_slow_hash.h" #include "derive_public_key.h" #include "derive_secret_key.h" @@ -50,31 +50,47 @@ int main(int argc, char** argv) performance_timer timer; timer.start(); - TEST_PERFORMANCE2(test_construct_tx, 1, 1); - TEST_PERFORMANCE2(test_construct_tx, 1, 2); - TEST_PERFORMANCE2(test_construct_tx, 1, 10); - TEST_PERFORMANCE2(test_construct_tx, 1, 100); - TEST_PERFORMANCE2(test_construct_tx, 1, 1000); + TEST_PERFORMANCE3(test_construct_tx, 1, 1, false); + TEST_PERFORMANCE3(test_construct_tx, 1, 2, false); + TEST_PERFORMANCE3(test_construct_tx, 1, 10, false); + TEST_PERFORMANCE3(test_construct_tx, 1, 100, false); + TEST_PERFORMANCE3(test_construct_tx, 1, 1000, false); - TEST_PERFORMANCE2(test_construct_tx, 2, 1); - TEST_PERFORMANCE2(test_construct_tx, 2, 2); - TEST_PERFORMANCE2(test_construct_tx, 2, 10); - TEST_PERFORMANCE2(test_construct_tx, 2, 100); + TEST_PERFORMANCE3(test_construct_tx, 2, 1, false); + TEST_PERFORMANCE3(test_construct_tx, 2, 2, false); + TEST_PERFORMANCE3(test_construct_tx, 2, 10, false); + TEST_PERFORMANCE3(test_construct_tx, 2, 100, false); - TEST_PERFORMANCE2(test_construct_tx, 10, 1); - TEST_PERFORMANCE2(test_construct_tx, 10, 2); - TEST_PERFORMANCE2(test_construct_tx, 10, 10); - TEST_PERFORMANCE2(test_construct_tx, 10, 100); + TEST_PERFORMANCE3(test_construct_tx, 10, 1, false); + TEST_PERFORMANCE3(test_construct_tx, 10, 2, false); + TEST_PERFORMANCE3(test_construct_tx, 10, 10, false); + TEST_PERFORMANCE3(test_construct_tx, 10, 100, false); - TEST_PERFORMANCE2(test_construct_tx, 100, 1); - TEST_PERFORMANCE2(test_construct_tx, 100, 2); - TEST_PERFORMANCE2(test_construct_tx, 100, 10); - TEST_PERFORMANCE2(test_construct_tx, 100, 100); + TEST_PERFORMANCE3(test_construct_tx, 100, 1, false); + TEST_PERFORMANCE3(test_construct_tx, 100, 2, false); + TEST_PERFORMANCE3(test_construct_tx, 100, 10, false); + TEST_PERFORMANCE3(test_construct_tx, 100, 100, false); - TEST_PERFORMANCE1(test_check_ring_signature, 1); - TEST_PERFORMANCE1(test_check_ring_signature, 2); - TEST_PERFORMANCE1(test_check_ring_signature, 10); - TEST_PERFORMANCE1(test_check_ring_signature, 100); + TEST_PERFORMANCE3(test_construct_tx, 2, 1, true); + TEST_PERFORMANCE3(test_construct_tx, 2, 2, true); + TEST_PERFORMANCE3(test_construct_tx, 2, 10, true); + + TEST_PERFORMANCE3(test_construct_tx, 10, 1, true); + TEST_PERFORMANCE3(test_construct_tx, 10, 2, true); + TEST_PERFORMANCE3(test_construct_tx, 10, 10, true); + + TEST_PERFORMANCE3(test_construct_tx, 100, 1, true); + TEST_PERFORMANCE3(test_construct_tx, 100, 2, true); + TEST_PERFORMANCE3(test_construct_tx, 100, 10, true); + + TEST_PERFORMANCE2(test_check_tx_signature, 1, false); + TEST_PERFORMANCE2(test_check_tx_signature, 2, false); + TEST_PERFORMANCE2(test_check_tx_signature, 10, false); + TEST_PERFORMANCE2(test_check_tx_signature, 100, false); + + TEST_PERFORMANCE2(test_check_tx_signature, 2, true); + TEST_PERFORMANCE2(test_check_tx_signature, 10, true); + TEST_PERFORMANCE2(test_check_tx_signature, 100, true); TEST_PERFORMANCE0(test_is_out_to_acc); TEST_PERFORMANCE0(test_generate_key_image_helper); diff --git a/tests/performance_tests/multi_tx_test_base.h b/tests/performance_tests/multi_tx_test_base.h index d8898b60d..feabab022 100644 --- a/tests/performance_tests/multi_tx_test_base.h +++ b/tests/performance_tests/multi_tx_test_base.h @@ -59,7 +59,7 @@ public: return false; txout_to_key tx_out = boost::get(m_miner_txs[i].vout[0].target); - output_entries.push_back(std::make_pair(i, rct::ctkey({rct::pk2rct(tx_out.key), rct::identity()}))); + output_entries.push_back(std::make_pair(i, rct::ctkey({rct::pk2rct(tx_out.key), rct::zeroCommit(m_miner_txs[i].vout[0].amount)}))); m_public_keys[i] = tx_out.key; m_public_key_ptrs[i] = &m_public_keys[i]; } @@ -72,6 +72,7 @@ public: source_entry.real_output_in_tx_index = 0; source_entry.outputs.swap(output_entries); source_entry.real_output = real_source_idx; + source_entry.mask = rct::identity(); source_entry.rct = false; m_sources.push_back(source_entry); diff --git a/tests/performance_tests/performance_tests.h b/tests/performance_tests/performance_tests.h index 9781349bf..77707148b 100644 --- a/tests/performance_tests/performance_tests.h +++ b/tests/performance_tests/performance_tests.h @@ -142,3 +142,4 @@ void run_test(const char* test_name) #define TEST_PERFORMANCE0(test_class) run_test< test_class >(QUOTEME(test_class)) #define TEST_PERFORMANCE1(test_class, a0) run_test< test_class >(QUOTEME(test_class)) #define TEST_PERFORMANCE2(test_class, a0, a1) run_test< test_class >(QUOTEME(test_class) "<" QUOTEME(a0) ", " QUOTEME(a1) ">") +#define TEST_PERFORMANCE3(test_class, a0, a1, a2) run_test< test_class >(QUOTEME(test_class) "<" QUOTEME(a0) ", " QUOTEME(a1) ", " QUOTEME(a2) ">") From 3cb2436528d5d7ca9ff36fcd2fb542b553c84a63 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sat, 8 Oct 2016 18:53:56 +0100 Subject: [PATCH 2/4] core: remove some unused code --- src/cryptonote_core/cryptonote_format_utils.cpp | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/cryptonote_core/cryptonote_format_utils.cpp b/src/cryptonote_core/cryptonote_format_utils.cpp index 64f8eb924..870e8f0d8 100644 --- a/src/cryptonote_core/cryptonote_format_utils.cpp +++ b/src/cryptonote_core/cryptonote_format_utils.cpp @@ -658,10 +658,7 @@ namespace cryptonote } else { - bool all_rct_inputs = true; size_t n_total_outs = sources[0].outputs.size(); // only for non-simple rct - BOOST_FOREACH(const tx_source_entry& src_entr, sources) - all_rct_inputs &= !(src_entr.mask == rct::identity()); // the non-simple version is slightly smaller, but assumes all real inputs // are on the same index, so can only be used if there just one ring. From d8eae67ef213a6e5e93a325da9de21d0857fe685 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sat, 8 Oct 2016 19:34:42 +0100 Subject: [PATCH 3/4] tests: add performance test for ge_frombytes_vartime At luigi1111's request --- tests/performance_tests/CMakeLists.txt | 1 + .../performance_tests/ge_frombytes_vartime.h | 70 +++++++++++++++++++ tests/performance_tests/main.cpp | 2 + 3 files changed, 73 insertions(+) create mode 100644 tests/performance_tests/ge_frombytes_vartime.h diff --git a/tests/performance_tests/CMakeLists.txt b/tests/performance_tests/CMakeLists.txt index 36dfd5952..5ec53cd2b 100644 --- a/tests/performance_tests/CMakeLists.txt +++ b/tests/performance_tests/CMakeLists.txt @@ -35,6 +35,7 @@ set(performance_tests_headers construct_tx.h derive_public_key.h derive_secret_key.h + ge_frombytes_vartime.h generate_key_derivation.h generate_key_image.h generate_key_image_helper.h diff --git a/tests/performance_tests/ge_frombytes_vartime.h b/tests/performance_tests/ge_frombytes_vartime.h new file mode 100644 index 000000000..c815422f9 --- /dev/null +++ b/tests/performance_tests/ge_frombytes_vartime.h @@ -0,0 +1,70 @@ +// Copyright (c) 2014-2016, The Monero Project +// +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without modification, are +// permitted provided that the following conditions are met: +// +// 1. Redistributions of source code must retain the above copyright notice, this list of +// conditions and the following disclaimer. +// +// 2. Redistributions in binary form must reproduce the above copyright notice, this list +// of conditions and the following disclaimer in the documentation and/or other +// materials provided with the distribution. +// +// 3. Neither the name of the copyright holder nor the names of its contributors may be +// used to endorse or promote products derived from this software without specific +// prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY +// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF +// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +// +// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers + +#pragma once + +#include "crypto/crypto.h" +#include "cryptonote_core/cryptonote_basic.h" + +#include "single_tx_test_base.h" + +class test_ge_frombytes_vartime : public multi_tx_test_base<1> +{ +public: + static const size_t loop_count = 10000; + + typedef multi_tx_test_base<1> base_class; + + bool init() + { + using namespace cryptonote; + + if (!base_class::init()) + return false; + + m_alice.generate(); + + std::vector destinations; + destinations.push_back(tx_destination_entry(1, m_alice.get_keys().m_account_address)); + + return construct_tx(this->m_miners[this->real_source_idx].get_keys(), this->m_sources, destinations, std::vector(), m_tx, 0); + } + + bool test() + { + ge_p3 unp; + const cryptonote::txin_to_key& txin = boost::get(m_tx.vin[0]); + return ge_frombytes_vartime(&unp, (const unsigned char*) &txin.k_image) == 0; + } + +private: + cryptonote::account_base m_alice; + cryptonote::transaction m_tx; +}; diff --git a/tests/performance_tests/main.cpp b/tests/performance_tests/main.cpp index 4de0fac54..d09276230 100644 --- a/tests/performance_tests/main.cpp +++ b/tests/performance_tests/main.cpp @@ -37,6 +37,7 @@ #include "cn_slow_hash.h" #include "derive_public_key.h" #include "derive_secret_key.h" +#include "ge_frombytes_vartime.h" #include "generate_key_derivation.h" #include "generate_key_image.h" #include "generate_key_image_helper.h" @@ -98,6 +99,7 @@ int main(int argc, char** argv) TEST_PERFORMANCE0(test_generate_key_image); TEST_PERFORMANCE0(test_derive_public_key); TEST_PERFORMANCE0(test_derive_secret_key); + TEST_PERFORMANCE0(test_ge_frombytes_vartime); TEST_PERFORMANCE0(test_cn_slow_hash); From 3126ba74255a647eb31c961d029c37538feb3cc7 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Sat, 8 Oct 2016 22:16:23 +0100 Subject: [PATCH 4/4] ringct: use const refs as parameters where appropriate --- src/ringct/rctSigs.cpp | 4 ++-- src/ringct/rctSigs.h | 4 ++-- src/ringct/rctTypes.h | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/ringct/rctSigs.cpp b/src/ringct/rctSigs.cpp index ed1f8cc0e..85d21e805 100644 --- a/src/ringct/rctSigs.cpp +++ b/src/ringct/rctSigs.cpp @@ -150,7 +150,7 @@ namespace rct { // Gen creates a signature which proves that for some column in the keymatrix "pk" // the signer knows a secret key for each row in that column // Ver verifies that the MG sig was created correctly - mgSig MLSAG_Gen(key message, const keyM & pk, const keyV & xx, const unsigned int index, size_t dsRows) { + mgSig MLSAG_Gen(const key &message, const keyM & pk, const keyV & xx, const unsigned int index, size_t dsRows) { mgSig rv; size_t cols = pk.size(); CHECK_AND_ASSERT_THROW_MES(cols >= 2, "Error! What is c if cols = 1!"); @@ -239,7 +239,7 @@ namespace rct { // Gen creates a signature which proves that for some column in the keymatrix "pk" // the signer knows a secret key for each row in that column // Ver verifies that the MG sig was created correctly - bool MLSAG_Ver(key message, const keyM & pk, const mgSig & rv, size_t dsRows) { + bool MLSAG_Ver(const key &message, const keyM & pk, const mgSig & rv, size_t dsRows) { size_t cols = pk.size(); CHECK_AND_ASSERT_MES(cols >= 2, false, "Error! What is c if cols = 1!"); diff --git a/src/ringct/rctSigs.h b/src/ringct/rctSigs.h index f1c906d5e..11d771818 100644 --- a/src/ringct/rctSigs.h +++ b/src/ringct/rctSigs.h @@ -90,8 +90,8 @@ namespace rct { // the signer knows a secret key for each row in that column // Ver verifies that the MG sig was created correctly keyV keyImageV(const keyV &xx); - mgSig MLSAG_Gen(key message, const keyM & pk, const keyV & xx, const unsigned int index, size_t dsRows); - bool MLSAG_Ver(key message, const keyM &pk, const mgSig &sig, size_t dsRows); + mgSig MLSAG_Gen(const key &message, const keyM & pk, const keyV & xx, const unsigned int index, size_t dsRows); + bool MLSAG_Ver(const key &message, const keyM &pk, const mgSig &sig, size_t dsRows); //mgSig MLSAG_Gen_Old(const keyM & pk, const keyV & xx, const int index); //proveRange and verRange diff --git a/src/ringct/rctTypes.h b/src/ringct/rctTypes.h index bfafebb83..25f6f9bc9 100644 --- a/src/ringct/rctTypes.h +++ b/src/ringct/rctTypes.h @@ -415,7 +415,7 @@ namespace rct { // then the value in the first 8 bytes is returned xmr_amount h2d(const key &test); //32 byte key to int[64] - void h2b(bits amountb2, key & test); + void h2b(bits amountb2, const key & test); //int[64] to 32 byte key void b2h(key & amountdh, bits amountb2); //int[64] to uint long long