diff --git a/Cargo.lock b/Cargo.lock index 03b2a4dcd9..fac19e33d8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -43,6 +43,11 @@ dependencies = [ "nodrop 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "autocfg" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "bech32" version = "0.6.0" @@ -61,7 +66,8 @@ dependencies = [ "group 0.1.0", "num_cpus 1.8.0 (registry+https://github.com/rust-lang/crates.io-index)", "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -69,11 +75,6 @@ name = "bit-vec" version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -[[package]] -name = "bitflags" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "blake2b_simd" version = "0.5.1" @@ -136,6 +137,15 @@ name = "byteorder" version = "1.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "c2-chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)", + "ppv-lite86 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "constant_time_eq" version = "0.1.3" @@ -186,7 +196,7 @@ version = "0.4.0" dependencies = [ "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", "ff_derive 0.3.0", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -213,20 +223,6 @@ dependencies = [ "num-traits 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "fuchsia-zircon" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "bitflags 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", - "fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "fuchsia-zircon-sys" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "futures" version = "0.1.21" @@ -241,11 +237,6 @@ dependencies = [ "num_cpus 1.8.0 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "gcc" -version = "0.3.54" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "generic-array" version = "0.9.0" @@ -262,12 +253,22 @@ dependencies = [ "typenum 1.10.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "getrandom" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.59 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "group" version = "0.1.0" dependencies = [ "ff 0.4.0", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -294,12 +295,15 @@ dependencies = [ [[package]] name = "lazy_static" -version = "1.0.0" +version = "1.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "spin 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", +] [[package]] name = "libc" -version = "0.2.40" +version = "0.2.59" source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] @@ -311,10 +315,11 @@ dependencies = [ "blake2s_simd 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", "ff 0.4.0", - "lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", + "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.59 (registry+https://github.com/rust-lang/crates.io-index)", "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_os 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "sapling-crypto 0.0.1", "zcash_primitives 0.0.0", "zcash_proofs 0.0.0", @@ -352,7 +357,7 @@ name = "num_cpus" version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.59 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -372,9 +377,15 @@ dependencies = [ "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", "ff 0.4.0", "group 0.1.0", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "ppv-lite86" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "proc-macro-hack" version = "0.4.0" @@ -406,45 +417,58 @@ dependencies = [ [[package]] name = "rand" -version = "0.3.22" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "getrandom 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.59 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_chacha 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] -name = "rand" -version = "0.4.2" +name = "rand_chacha" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", + "autocfg 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", + "c2-chacha 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] -name = "redox_syscall" -version = "0.1.40" +name = "rand_core" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "getrandom 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", +] [[package]] -name = "rust-crypto" -version = "0.2.36" +name = "rand_os" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "gcc 0.3.54 (registry+https://github.com/rust-lang/crates.io-index)", - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.3.22 (registry+https://github.com/rust-lang/crates.io-index)", - "rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)", - "time 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)", + "getrandom 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] -name = "rustc-serialize" -version = "0.3.24" +name = "rand_xorshift" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", +] [[package]] name = "sapling-crypto" @@ -458,8 +482,9 @@ dependencies = [ "ff 0.4.0", "hex-literal 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", - "rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -473,6 +498,11 @@ dependencies = [ "opaque-debug 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "spin" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" + [[package]] name = "stream-cipher" version = "0.1.1" @@ -491,16 +521,6 @@ dependencies = [ "unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "time" -version = "0.1.40" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)", - "redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "typenum" version = "1.10.0" @@ -511,32 +531,14 @@ name = "unicode-xid" version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -[[package]] -name = "winapi" -version = "0.3.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", - "winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", -] - -[[package]] -name = "winapi-i686-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - -[[package]] -name = "winapi-x86_64-pc-windows-gnu" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" - [[package]] name = "zcash_client_backend" version = "0.0.0" dependencies = [ "bech32 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)", "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "sapling-crypto 0.0.1", "zcash_primitives 0.0.0", ] @@ -552,9 +554,10 @@ dependencies = [ "ff 0.4.0", "fpe 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", - "lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", + "lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)", "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_os 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "sapling-crypto 0.0.1", "sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -568,7 +571,7 @@ dependencies = [ "byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)", "ff 0.4.0", "pairing 0.14.2", - "rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_os 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "sapling-crypto 0.0.1", "zcash_primitives 0.0.0", ] @@ -579,9 +582,9 @@ dependencies = [ "checksum aesni 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)" = "6810b7fb9f2bb4f76f05ac1c170b8dde285b6308955dc3afd89710268c958d9e" "checksum arrayref 0.3.5 (registry+https://github.com/rust-lang/crates.io-index)" = "0d382e583f07208808f6b1249e60848879ba3543f57c32277bf52d69c2f0f0ee" "checksum arrayvec 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)" = "92c7fb76bc8826a8b33b4ee5bb07a247a81e76764ab4d55e8f73e3a4d8808c71" +"checksum autocfg 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "0e49efa51329a5fd37e7c79db4621af617cd4e3e5bc224939808d076077077bf" "checksum bech32 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)" = "58946044516aa9dc922182e0d6e9d124a31aafe6b421614654eb27cf90cec09c" "checksum bit-vec 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "02b4ff8b16e6076c3e14220b39fbc1fabb6737522281a388998046859400895f" -"checksum bitflags 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b3c30d3802dfb7281680d6285f2ccdaa8c2d8fee41f93805dba5c4cf50dc23cf" "checksum blake2b_simd 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "d909f9ef55928e57e7de9638828bc9407233b5cb0904066a7edebbaa9946db2f" "checksum blake2s_simd 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)" = "fa20660ff9f1e6d0a05444b5ebbbae13e4c018d4c66cc78c7e421e3396358a52" "checksum block-buffer 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "49665c62e0e700857531fa5d3763e91b539ff1abeebd56808d378b495870d60d" @@ -590,6 +593,7 @@ dependencies = [ "checksum byte-tools 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "560c32574a12a89ecd91f5e742165893f86e3ab98d21f8ea548658eb9eef5f40" "checksum byte-tools 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "980479e6fde23246dfb54d47580d66b4e99202e7579c5eaa9fe10ecb5ebd2182" "checksum byteorder 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "73b5bdfe7ee3ad0b99c9801d58807a9dbc9e09196365b0203853b99889ab3c87" +"checksum c2-chacha 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7d64d04786e0f528460fc884753cf8dddcc466be308f6026f8e355c41a0e4101" "checksum constant_time_eq 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "8ff012e225ce166d4422e0e78419d901719760f62ae2b7969ca6b564d1b54a9e" "checksum crossbeam 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "24ce9782d4d5c53674646a6a4c1863a21a8fc0cb649b3c94dfc16e45071dea19" "checksum crypto_api 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "2f855e87e75a4799e18b8529178adcde6fd4f97c1449ff4821e747ff728bb102" @@ -598,18 +602,16 @@ dependencies = [ "checksum digest 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "05f47366984d3ad862010e22c7ce81a7dbcaebbdfb37241a620f8b6596ee135c" "checksum fake-simd 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" "checksum fpe 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ce3371c82bfbd984f624cab093f55e7336f5a6e589f8518e1258f54f011b89ad" -"checksum fuchsia-zircon 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "2e9763c69ebaae630ba35f74888db465e49e259ba1bc0eda7d06f4a067615d82" -"checksum fuchsia-zircon-sys 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" "checksum futures 0.1.21 (registry+https://github.com/rust-lang/crates.io-index)" = "1a70b146671de62ec8c8ed572219ca5d594d9b06c0b364d5e67b722fc559b48c" "checksum futures-cpupool 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)" = "ab90cde24b3319636588d0c35fe03b1333857621051837ed769faefb4c2162e4" -"checksum gcc 0.3.54 (registry+https://github.com/rust-lang/crates.io-index)" = "5e33ec290da0d127825013597dbdfc28bee4964690c7ce1166cbc2a7bd08b1bb" "checksum generic-array 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3c0f28c2f5bfb5960175af447a2da7c18900693738343dc896ffbcabd9839592" "checksum generic-array 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ef25c5683767570c2bbd7deba372926a55eaae9982d7726ee2a1050239d45b9d" +"checksum getrandom 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "e65cce4e5084b14874c4e7097f38cab54f47ee554f9194673456ea379dcc4c55" "checksum hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77" "checksum hex-literal 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "4da5f0e01bd8a71a224a4eedecaacfcabda388dbb7a80faf04d3514287572d95" "checksum hex-literal-impl 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "1d340b6514f232f6db1bd16db65302a5278a04fef9ce867cb932e7e5fa21130a" -"checksum lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c8f31047daa365f19be14b47c29df4f7c3b581832407daabe6ae77397619237d" -"checksum libc 0.2.40 (registry+https://github.com/rust-lang/crates.io-index)" = "6fd41f331ac7c5b8ac259b8bf82c75c0fb2e469bbf37d2becbba9a6a2221965b" +"checksum lazy_static 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "bc5729f27f159ddd61f4df6228e827e86643d4d3e7c32183cb30a1c08f604a14" +"checksum libc 0.2.59 (registry+https://github.com/rust-lang/crates.io-index)" = "3262021842bf00fe07dbd6cf34ff25c99d7a7ebef8deea84db72be3ea3bb0aff" "checksum nodrop 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)" = "9a2228dca57108069a5262f2ed8bd2e82496d2e074a06d1ccc7ce1687b6ae0a2" "checksum num-bigint 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3eceac7784c5dc97c2d6edf30259b4e153e6e2b42b3c85e9a6e9f45d06caef6e" "checksum num-integer 0.1.39 (registry+https://github.com/rust-lang/crates.io-index)" = "e83d528d2677f0518c570baf2b7abdcf0cd2d248860b68507bdcb3e91d4c0cea" @@ -617,21 +619,20 @@ dependencies = [ "checksum num_cpus 1.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c51a3322e4bca9d212ad9a158a02abc6934d005490c054a2778df73a70aa0a30" "checksum opaque-debug 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "d620c9c26834b34f039489ac0dfdb12c7ac15ccaf818350a64c9b5334a452ad7" "checksum opaque-debug 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "93f5bb2e8e8dec81642920ccff6b61f1eb94fa3020c5a325c9851ff604152409" +"checksum ppv-lite86 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "e3cbf9f658cdb5000fcf6f362b8ea2ba154b9f146a61c7a20d647034c6b6561b" "checksum proc-macro-hack 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3ba8d4f9257b85eb6cdf13f055cea3190520aab1409ca2ab43493ea4820c25f0" "checksum proc-macro-hack-impl 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d5cb6f960ad471404618e9817c0e5d10b1ae74cfdf01fab89ea0641fe7fb2892" "checksum proc-macro2 0.4.14 (registry+https://github.com/rust-lang/crates.io-index)" = "b331c6ad3411474cd55540398dc7ad89fc41488e64ec71fdecc9c9b86de96fb0" "checksum quote 0.6.8 (registry+https://github.com/rust-lang/crates.io-index)" = "dd636425967c33af890042c483632d33fa7a18f19ad1d7ea72e8998c6ef8dea5" -"checksum rand 0.3.22 (registry+https://github.com/rust-lang/crates.io-index)" = "15a732abf9d20f0ad8eeb6f909bf6868722d9a06e1e50802b6a70351f40b4eb1" -"checksum rand 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "eba5f8cb59cc50ed56be8880a5c7b496bfd9bd26394e176bc67884094145c2c5" -"checksum redox_syscall 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)" = "c214e91d3ecf43e9a4e41e578973adeb14b474f2bee858742d127af75a0112b1" -"checksum rust-crypto 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)" = "f76d05d3993fd5f4af9434e8e436db163a12a9d40e1a58a726f27a01dfd12a2a" -"checksum rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)" = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" +"checksum rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d47eab0e83d9693d40f825f86948aa16eff6750ead4bdffc4ab95b8b3a7f052c" +"checksum rand_chacha 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e193067942ef6f485a349a113329140d0ab9e2168ce92274499bb0e9a4190d9d" +"checksum rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "615e683324e75af5d43d8f7a39ffe3ee4a9dc42c5c701167a71dc59c3a493aca" +"checksum rand_hc 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +"checksum rand_os 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "6e8c83d0434e67e7a92be561af33f3ca17ff9899a4acf28030fabb8c5c323a1a" +"checksum rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "77d416b86801d23dde1aa643023b775c3a462efc0ed96443add11546cdf1dca8" "checksum sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7b4d8bfd0e469f417657573d8451fb33d16cfe0989359b93baf3a1ffc639543d" +"checksum spin 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "44363f6f51401c34e7be73db0db371c04705d35efbe9f7d6082e03a921a32c55" "checksum stream-cipher 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "30dc6118470d69ce0fdcf7e6f95e95853f7f4f72f80d835d4519577c323814ab" "checksum syn 0.14.9 (registry+https://github.com/rust-lang/crates.io-index)" = "261ae9ecaa397c42b960649561949d69311f08eeaea86a65696e6e46517cf741" -"checksum time 0.1.40 (registry+https://github.com/rust-lang/crates.io-index)" = "d825be0eb33fda1a7e68012d51e9c7f451dc1a69391e7fdc197060bb8c56667b" "checksum typenum 1.10.0 (registry+https://github.com/rust-lang/crates.io-index)" = "612d636f949607bdf9b123b4a6f6d966dedf3ff669f7f045890d3a4a73948169" "checksum unicode-xid 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc" -"checksum winapi 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "04e3bd221fcbe8a271359c04f21a76db7d0c6028862d1bb5512d85e1e2eb5bb3" -"checksum winapi-i686-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -"checksum winapi-x86_64-pc-windows-gnu 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" diff --git a/bellman/Cargo.toml b/bellman/Cargo.toml index 20602c2353..b15671e977 100644 --- a/bellman/Cargo.toml +++ b/bellman/Cargo.toml @@ -9,7 +9,6 @@ repository = "https://github.com/ebfull/bellman" version = "0.1.0" [dependencies] -rand = "0.4" bit-vec = "0.4.4" ff = { path = "../ff" } futures = "0.1" @@ -18,8 +17,12 @@ group = { path = "../group" } num_cpus = { version = "1", optional = true } crossbeam = { version = "0.3", optional = true } pairing = { path = "../pairing", optional = true } +rand_core = "0.5" byteorder = "1" +[dev-dependencies] +rand = "0.7" + [features] groth16 = ["pairing"] multicore = ["futures-cpupool", "crossbeam", "num_cpus"] diff --git a/bellman/src/domain.rs b/bellman/src/domain.rs index 4606ce5a2b..5d7d500098 100644 --- a/bellman/src/domain.rs +++ b/bellman/src/domain.rs @@ -375,16 +375,16 @@ fn parallel_fft>( #[test] fn polynomial_arith() { use pairing::bls12_381::Bls12; - use rand::{self, Rand}; + use rand_core::RngCore; - fn test_mul(rng: &mut R) + fn test_mul(rng: &mut R) { let worker = Worker::new(); for coeffs_a in 0..70 { for coeffs_b in 0..70 { - let mut a: Vec<_> = (0..coeffs_a).map(|_| Scalar::(E::Fr::rand(rng))).collect(); - let mut b: Vec<_> = (0..coeffs_b).map(|_| Scalar::(E::Fr::rand(rng))).collect(); + let mut a: Vec<_> = (0..coeffs_a).map(|_| Scalar::(E::Fr::random(rng))).collect(); + let mut b: Vec<_> = (0..coeffs_b).map(|_| Scalar::(E::Fr::random(rng))).collect(); // naive evaluation let mut naive = vec![Scalar(E::Fr::zero()); coeffs_a + coeffs_b]; @@ -423,9 +423,9 @@ fn polynomial_arith() { #[test] fn fft_composition() { use pairing::bls12_381::Bls12; - use rand; + use rand_core::RngCore; - fn test_comp(rng: &mut R) + fn test_comp(rng: &mut R) { let worker = Worker::new(); @@ -434,7 +434,7 @@ fn fft_composition() { let mut v = vec![]; for _ in 0..coeffs { - v.push(Scalar::(rng.gen())); + v.push(Scalar::(E::Fr::random(rng))); } let mut domain = EvaluationDomain::from_coeffs(v.clone()).unwrap(); @@ -462,10 +462,10 @@ fn fft_composition() { #[test] fn parallel_fft_consistency() { use pairing::bls12_381::Bls12; - use rand::{self, Rand}; + use rand_core::RngCore; use std::cmp::min; - fn test_consistency(rng: &mut R) + fn test_consistency(rng: &mut R) { let worker = Worker::new(); @@ -473,7 +473,7 @@ fn parallel_fft_consistency() { for log_d in 0..10 { let d = 1 << log_d; - let v1 = (0..d).map(|_| Scalar::(E::Fr::rand(rng))).collect::>(); + let v1 = (0..d).map(|_| Scalar::(E::Fr::random(rng))).collect::>(); let mut v1 = EvaluationDomain::from_coeffs(v1).unwrap(); let mut v2 = EvaluationDomain::from_coeffs(v1.coeffs.clone()).unwrap(); diff --git a/bellman/src/groth16/generator.rs b/bellman/src/groth16/generator.rs index 50d5bd7630..3e15b2bc14 100644 --- a/bellman/src/groth16/generator.rs +++ b/bellman/src/groth16/generator.rs @@ -1,4 +1,4 @@ -use rand::Rng; +use rand_core::RngCore; use std::sync::Arc; @@ -35,15 +35,15 @@ pub fn generate_random_parameters( circuit: C, rng: &mut R ) -> Result, SynthesisError> - where E: Engine, C: Circuit, R: Rng + where E: Engine, C: Circuit, R: RngCore { - let g1 = rng.gen(); - let g2 = rng.gen(); - let alpha = rng.gen(); - let beta = rng.gen(); - let gamma = rng.gen(); - let delta = rng.gen(); - let tau = rng.gen(); + let g1 = E::G1::random(rng); + let g2 = E::G2::random(rng); + let alpha = E::Fr::random(rng); + let beta = E::Fr::random(rng); + let gamma = E::Fr::random(rng); + let delta = E::Fr::random(rng); + let tau = E::Fr::random(rng); generate_parameters::( circuit, diff --git a/bellman/src/groth16/mod.rs b/bellman/src/groth16/mod.rs index e613d6646c..767150cbae 100644 --- a/bellman/src/groth16/mod.rs +++ b/bellman/src/groth16/mod.rs @@ -487,7 +487,7 @@ mod test_with_bls12_381 { use {Circuit, SynthesisError, ConstraintSystem}; use ff::Field; - use rand::{Rand, thread_rng}; + use rand::{thread_rng}; use pairing::bls12_381::{Bls12, Fr}; #[test] @@ -547,8 +547,8 @@ mod test_with_bls12_381 { let pvk = prepare_verifying_key::(¶ms.vk); for _ in 0..100 { - let a = Fr::rand(rng); - let b = Fr::rand(rng); + let a = Fr::random(rng); + let b = Fr::random(rng); let mut c = a; c.mul_assign(&b); diff --git a/bellman/src/groth16/prover.rs b/bellman/src/groth16/prover.rs index c674622cf1..ceb3dce7fa 100644 --- a/bellman/src/groth16/prover.rs +++ b/bellman/src/groth16/prover.rs @@ -1,4 +1,4 @@ -use rand::Rng; +use rand_core::RngCore; use std::sync::Arc; @@ -189,10 +189,10 @@ pub fn create_random_proof>( params: P, rng: &mut R ) -> Result, SynthesisError> - where E: Engine, C: Circuit, R: Rng + where E: Engine, C: Circuit, R: RngCore { - let r = rng.gen(); - let s = rng.gen(); + let r = E::Fr::random(rng); + let s = E::Fr::random(rng); create_proof::(circuit, params, r, s) } diff --git a/bellman/src/groth16/tests/dummy_engine.rs b/bellman/src/groth16/tests/dummy_engine.rs index d5f37a971f..654b8148a9 100644 --- a/bellman/src/groth16/tests/dummy_engine.rs +++ b/bellman/src/groth16/tests/dummy_engine.rs @@ -6,7 +6,7 @@ use pairing::{Engine, PairingCurveAffine}; use std::cmp::Ordering; use std::fmt; -use rand::{Rand, Rng}; +use rand_core::RngCore; use std::num::Wrapping; const MODULUS_R: Wrapping = Wrapping(64513); @@ -20,13 +20,11 @@ impl fmt::Display for Fr { } } -impl Rand for Fr { - fn rand(rng: &mut R) -> Self { - Fr(Wrapping(rng.gen()) % MODULUS_R) +impl Field for Fr { + fn random(rng: &mut R) -> Self { + Fr(Wrapping(rng.next_u32()) % MODULUS_R) } -} -impl Field for Fr { fn zero() -> Self { Fr(Wrapping(0)) } @@ -145,12 +143,6 @@ impl PartialOrd for FrRepr { } } -impl Rand for FrRepr { - fn rand(rng: &mut R) -> Self { - FrRepr([rng.gen()]) - } -} - impl fmt::Display for FrRepr { fn fmt(&self, f: &mut fmt::Formatter) -> Result<(), fmt::Error> { write!(f, "{}", (self.0)[0]) @@ -300,6 +292,10 @@ impl CurveProjective for Fr { type Scalar = Fr; type Engine = DummyEngine; + fn random(rng: &mut R) -> Self { + ::random(rng) + } + fn zero() -> Self { ::zero() } diff --git a/bellman/src/lib.rs b/bellman/src/lib.rs index d22d90f3a9..bf9a4e14e2 100644 --- a/bellman/src/lib.rs +++ b/bellman/src/lib.rs @@ -2,7 +2,7 @@ extern crate ff; extern crate group; #[cfg(feature = "pairing")] extern crate pairing; -extern crate rand; +extern crate rand_core; extern crate futures; extern crate bit_vec; @@ -15,6 +15,9 @@ extern crate futures_cpupool; #[cfg(feature = "multicore")] extern crate num_cpus; +#[cfg(test)] +extern crate rand; + pub mod multicore; mod multiexp; pub mod domain; diff --git a/bellman/src/multiexp.rs b/bellman/src/multiexp.rs index d24572bf6e..c6553971bf 100644 --- a/bellman/src/multiexp.rs +++ b/bellman/src/multiexp.rs @@ -274,14 +274,14 @@ fn test_with_bls12() { acc } - use rand::{self, Rand}; + use rand; use pairing::{bls12_381::Bls12, Engine}; const SAMPLES: usize = 1 << 14; let rng = &mut rand::thread_rng(); - let v = Arc::new((0..SAMPLES).map(|_| ::Fr::rand(rng).into_repr()).collect::>()); - let g = Arc::new((0..SAMPLES).map(|_| ::G1::rand(rng).into_affine()).collect::>()); + let v = Arc::new((0..SAMPLES).map(|_| ::Fr::random(rng).into_repr()).collect::>()); + let g = Arc::new((0..SAMPLES).map(|_| ::G1::random(rng).into_affine()).collect::>()); let naive = naive_multiexp(g.clone(), v.clone()); diff --git a/bellman/tests/mimc.rs b/bellman/tests/mimc.rs index 1d554a57d0..d08940f753 100644 --- a/bellman/tests/mimc.rs +++ b/bellman/tests/mimc.rs @@ -4,13 +4,13 @@ extern crate pairing; extern crate rand; // For randomness (during paramgen and proof generation) -use rand::{thread_rng, Rng}; +use rand::thread_rng; // For benchmarking use std::time::{Duration, Instant}; // Bring in some tools for using pairing-friendly curves -use ff::Field; +use ff::{Field, ScalarEngine}; use pairing::Engine; // We're going to use the BLS12-381 pairing-friendly elliptic curve. @@ -172,7 +172,7 @@ fn test_mimc() { let rng = &mut thread_rng(); // Generate the MiMC round constants - let constants = (0..MIMC_ROUNDS).map(|_| rng.gen()).collect::>(); + let constants = (0..MIMC_ROUNDS).map(|_| ::Fr::random(rng)).collect::>(); println!("Creating parameters..."); @@ -203,8 +203,8 @@ fn test_mimc() { for _ in 0..SAMPLES { // Generate a random preimage and compute the image - let xl = rng.gen(); - let xr = rng.gen(); + let xl = ::Fr::random(rng); + let xr = ::Fr::random(rng); let image = mimc::(xl, xr, &constants); proof_vec.truncate(0); diff --git a/ff/Cargo.toml b/ff/Cargo.toml index 22db67a8e1..212f6c43d1 100644 --- a/ff/Cargo.toml +++ b/ff/Cargo.toml @@ -10,8 +10,8 @@ repository = "https://github.com/ebfull/ff" [dependencies] byteorder = "1" -rand = "0.4" ff_derive = { version = "0.3.0", path = "ff_derive", optional = true } +rand_core = "0.5" [features] default = [] diff --git a/ff/ff_derive/src/lib.rs b/ff/ff_derive/src/lib.rs index 45d344537f..df2625bfd3 100644 --- a/ff/ff_derive/src/lib.rs +++ b/ff/ff_derive/src/lib.rs @@ -136,13 +136,6 @@ fn prime_field_repr_impl(repr: &syn::Ident, limbs: usize) -> proc_macro2::TokenS } } - impl ::rand::Rand for #repr { - #[inline(always)] - fn rand(rng: &mut R) -> Self { - #repr(rng.gen()) - } - } - impl ::std::fmt::Display for #repr { fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { try!(write!(f, "0x")); @@ -839,22 +832,6 @@ fn prime_field_impl( } } - impl ::rand::Rand for #name { - /// Computes a uniformly random element using rejection sampling. - fn rand(rng: &mut R) -> Self { - loop { - let mut tmp = #name(#repr::rand(rng)); - - // Mask away the unused bits at the beginning. - tmp.0.as_mut()[#top_limb_index] &= 0xffffffffffffffff >> REPR_SHAVE_BITS; - - if tmp.is_valid() { - return tmp - } - } - } - } - impl From<#name> for #repr { fn from(e: #name) -> #repr { e.into_repr() @@ -904,6 +881,26 @@ fn prime_field_impl( } impl ::ff::Field for #name { + /// Computes a uniformly random element using rejection sampling. + fn random(rng: &mut R) -> Self { + loop { + let mut tmp = { + let mut repr = [0u64; #limbs]; + for i in 0..#limbs { + repr[i] = rng.next_u64(); + } + #name(#repr(repr)) + }; + + // Mask away the unused most-significant bits. + tmp.0.as_mut()[#top_limb_index] &= 0xffffffffffffffff >> REPR_SHAVE_BITS; + + if tmp.is_valid() { + return tmp + } + } + } + #[inline] fn zero() -> Self { #name(#repr::from(0)) diff --git a/ff/src/lib.rs b/ff/src/lib.rs index a9d117f24c..482dc46aa6 100644 --- a/ff/src/lib.rs +++ b/ff/src/lib.rs @@ -1,7 +1,7 @@ #![allow(unused_imports)] extern crate byteorder; -extern crate rand; +extern crate rand_core; #[cfg(feature = "derive")] #[macro_use] @@ -10,14 +10,18 @@ extern crate ff_derive; #[cfg(feature = "derive")] pub use ff_derive::*; +use rand_core::RngCore; use std::error::Error; use std::fmt; use std::io::{self, Read, Write}; /// This trait represents an element of a field. pub trait Field: - Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display + 'static + rand::Rand + Sized + Eq + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display + 'static { + /// Returns an element chosen uniformly at random using a user-provided RNG. + fn random(rng: &mut R) -> Self; + /// Returns the zero element of the field, the additive identity. fn zero() -> Self; @@ -100,7 +104,6 @@ pub trait PrimeFieldRepr: + fmt::Debug + fmt::Display + 'static - + rand::Rand + AsRef<[u64]> + AsMut<[u64]> + From diff --git a/group/Cargo.toml b/group/Cargo.toml index ad3f84d5ff..7d2d5317b4 100644 --- a/group/Cargo.toml +++ b/group/Cargo.toml @@ -14,4 +14,5 @@ repository = "https://github.com/ebfull/group" [dependencies] ff = { path = "../ff" } -rand = "0.4" +rand = "0.7" +rand_xorshift = "0.2" diff --git a/group/src/lib.rs b/group/src/lib.rs index fc924c3743..448c5a3476 100644 --- a/group/src/lib.rs +++ b/group/src/lib.rs @@ -1,7 +1,9 @@ extern crate ff; extern crate rand; +extern crate rand_xorshift; use ff::{PrimeField, PrimeFieldDecodingError, ScalarEngine, SqrtField}; +use rand::RngCore; use std::error::Error; use std::fmt; @@ -13,23 +15,16 @@ pub use self::wnaf::Wnaf; /// Projective representation of an elliptic curve point guaranteed to be /// in the correct prime order subgroup. pub trait CurveProjective: - PartialEq - + Eq - + Sized - + Copy - + Clone - + Send - + Sync - + fmt::Debug - + fmt::Display - + rand::Rand - + 'static + PartialEq + Eq + Sized + Copy + Clone + Send + Sync + fmt::Debug + fmt::Display + 'static { type Engine: ScalarEngine; type Scalar: PrimeField + SqrtField; type Base: SqrtField; type Affine: CurveAffine; + /// Returns an element chosen uniformly at random using a user-provided RNG. + fn random(rng: &mut R) -> Self; + /// Returns the additive identity. fn zero() -> Self; diff --git a/group/src/tests/mod.rs b/group/src/tests/mod.rs index b4c47dbdcc..2b58b6ca7d 100644 --- a/group/src/tests/mod.rs +++ b/group/src/tests/mod.rs @@ -1,9 +1,14 @@ -use rand::{Rand, Rng, SeedableRng, XorShiftRng}; +use ff::{Field, PrimeField}; +use rand::SeedableRng; +use rand_xorshift::XorShiftRng; use {CurveAffine, CurveProjective, EncodedPoint}; pub fn curve_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); // Negation edge case with zero. { @@ -21,7 +26,7 @@ pub fn curve_tests() { // Addition edge cases with zero { - let mut r = G::rand(&mut rng); + let mut r = G::random(&mut rng); let rcopy = r; r.add_assign(&G::zero()); assert_eq!(r, rcopy); @@ -45,9 +50,10 @@ pub fn curve_tests() { // Transformations { - let a = G::rand(&mut rng); + let a = G::random(&mut rng); let b = a.into_affine().into_projective(); - let c = a.into_affine() + let c = a + .into_affine() .into_projective() .into_affine() .into_projective(); @@ -65,11 +71,12 @@ pub fn curve_tests() { } fn random_wnaf_tests() { - use ff::PrimeField; - use wnaf::*; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); { let mut table = vec![]; @@ -77,8 +84,8 @@ fn random_wnaf_tests() { for w in 2..14 { for _ in 0..100 { - let g = G::rand(&mut rng); - let s = G::Scalar::rand(&mut rng).into_repr(); + let g = G::random(&mut rng); + let s = G::Scalar::random(&mut rng).into_repr(); let mut g1 = g; g1.mul_assign(s); @@ -95,8 +102,8 @@ fn random_wnaf_tests() { fn only_compiles_if_send(_: &S) {} for _ in 0..100 { - let g = G::rand(&mut rng); - let s = G::Scalar::rand(&mut rng).into_repr(); + let g = G::random(&mut rng); + let s = G::Scalar::random(&mut rng).into_repr(); let mut g1 = g; g1.mul_assign(s); @@ -129,7 +136,8 @@ fn random_wnaf_tests() { let mut wnaf = Wnaf::new(); { // Populate the vectors. - wnaf.base(rng.gen(), 1).scalar(rng.gen()); + wnaf.base(G::random(&mut rng), 1) + .scalar(G::Scalar::random(&mut rng).into_repr()); } wnaf.base(g, 1).scalar(s) }; @@ -137,7 +145,8 @@ fn random_wnaf_tests() { let mut wnaf = Wnaf::new(); { // Populate the vectors. - wnaf.base(rng.gen(), 1).scalar(rng.gen()); + wnaf.base(G::random(&mut rng), 1) + .scalar(G::Scalar::random(&mut rng).into_repr()); } wnaf.scalar(s).base(g) }; @@ -145,7 +154,8 @@ fn random_wnaf_tests() { let mut wnaf = Wnaf::new(); { // Populate the vectors. - wnaf.base(rng.gen(), 1).scalar(rng.gen()); + wnaf.base(G::random(&mut rng), 1) + .scalar(G::Scalar::random(&mut rng).into_repr()); } let mut shared = wnaf.base(g, 1).shared(); @@ -157,7 +167,8 @@ fn random_wnaf_tests() { let mut wnaf = Wnaf::new(); { // Populate the vectors. - wnaf.base(rng.gen(), 1).scalar(rng.gen()); + wnaf.base(G::random(&mut rng), 1) + .scalar(G::Scalar::random(&mut rng).into_repr()); } let mut shared = wnaf.scalar(s).shared(); @@ -179,14 +190,15 @@ fn random_wnaf_tests() { } fn random_negation_tests() { - use ff::Field; - - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let r = G::rand(&mut rng); + let r = G::random(&mut rng); - let s = G::Scalar::rand(&mut rng); + let s = G::Scalar::random(&mut rng); let mut sneg = s; sneg.negate(); @@ -210,11 +222,14 @@ fn random_negation_tests() { } fn random_doubling_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let mut a = G::rand(&mut rng); - let mut b = G::rand(&mut rng); + let mut a = G::random(&mut rng); + let mut b = G::random(&mut rng); // 2(a + b) let mut tmp1 = a; @@ -237,15 +252,18 @@ fn random_doubling_tests() { } fn random_multiplication_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let mut a = G::rand(&mut rng); - let mut b = G::rand(&mut rng); + let mut a = G::random(&mut rng); + let mut b = G::random(&mut rng); let a_affine = a.into_affine(); let b_affine = b.into_affine(); - let s = G::Scalar::rand(&mut rng); + let s = G::Scalar::random(&mut rng); // s ( a + b ) let mut tmp1 = a; @@ -269,12 +287,15 @@ fn random_multiplication_tests() { } fn random_addition_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = G::rand(&mut rng); - let b = G::rand(&mut rng); - let c = G::rand(&mut rng); + let a = G::random(&mut rng); + let b = G::random(&mut rng); + let c = G::random(&mut rng); let a_affine = a.into_affine(); let b_affine = b.into_affine(); let c_affine = c.into_affine(); @@ -347,10 +368,13 @@ fn random_addition_tests() { } fn random_transformation_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let g = G::rand(&mut rng); + let g = G::random(&mut rng); let g_affine = g.into_affine(); let g_projective = g_affine.into_projective(); assert_eq!(g, g_projective); @@ -358,24 +382,25 @@ fn random_transformation_tests() { // Batch normalization for _ in 0..10 { - let mut v = (0..1000).map(|_| G::rand(&mut rng)).collect::>(); + let mut v = (0..1000).map(|_| G::random(&mut rng)).collect::>(); for i in &v { assert!(!i.is_normalized()); } - use rand::distributions::{IndependentSample, Range}; - let between = Range::new(0, 1000); + use rand::distributions::{Distribution, Uniform}; + let between = Uniform::new(0, 1000); // Sprinkle in some normalized points for _ in 0..5 { - v[between.ind_sample(&mut rng)] = G::zero(); + v[between.sample(&mut rng)] = G::zero(); } for _ in 0..5 { - let s = between.ind_sample(&mut rng); + let s = between.sample(&mut rng); v[s] = v[s].into_affine().into_projective(); } - let expected_v = v.iter() + let expected_v = v + .iter() .map(|v| v.into_affine().into_projective()) .collect::>(); G::batch_normalization(&mut v); @@ -389,7 +414,10 @@ fn random_transformation_tests() { } fn random_encoding_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); assert_eq!( G::zero().into_uncompressed().into_affine().unwrap(), @@ -402,7 +430,7 @@ fn random_encoding_tests() { ); for _ in 0..1000 { - let mut r = G::Projective::rand(&mut rng).into_affine(); + let mut r = G::Projective::random(&mut rng).into_affine(); let uncompressed = r.into_uncompressed(); let de_uncompressed = uncompressed.into_affine().unwrap(); diff --git a/librustzcash/Cargo.toml b/librustzcash/Cargo.toml index e75a71c040..ffc38fa47f 100644 --- a/librustzcash/Cargo.toml +++ b/librustzcash/Cargo.toml @@ -22,7 +22,8 @@ libc = "0.2" pairing = { path = "../pairing" } lazy_static = "1" byteorder = "1" -rand = "0.4" +rand_core = "0.5" +rand_os = "0.2" sapling-crypto = { path = "../sapling-crypto" } zcash_primitives = { path = "../zcash_primitives" } zcash_proofs = { path = "../zcash_proofs" } diff --git a/librustzcash/src/rustzcash.rs b/librustzcash/src/rustzcash.rs index cfb26e10e5..1db70ac1ed 100644 --- a/librustzcash/src/rustzcash.rs +++ b/librustzcash/src/rustzcash.rs @@ -5,7 +5,8 @@ extern crate byteorder; extern crate ff; extern crate libc; extern crate pairing; -extern crate rand; +extern crate rand_core; +extern crate rand_os; extern crate sapling_crypto; extern crate zcash_primitives; extern crate zcash_proofs; @@ -37,10 +38,11 @@ use blake2s_simd::Params as Blake2sParams; use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; -use rand::{OsRng, Rng}; +use rand_core::RngCore; +use rand_os::OsRng; use std::io::BufReader; -use libc::{c_char, c_uchar, int64_t, size_t, uint32_t, uint64_t}; +use libc::{c_char, c_uchar, size_t}; use std::ffi::CStr; use std::fs::File; use std::path::{Path, PathBuf}; @@ -386,11 +388,9 @@ fn test_gen_r() { #[no_mangle] pub extern "system" fn librustzcash_sapling_generate_r(result: *mut [c_uchar; 32]) { // create random 64 byte buffer - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; let mut buffer = [0u8; 64]; - for i in 0..buffer.len() { - buffer[i] = rng.gen(); - } + rng.fill_bytes(&mut buffer); // reduce to uniform value let r = ::Fs::to_uniform(&buffer[..]); @@ -404,7 +404,7 @@ pub extern "system" fn librustzcash_sapling_generate_r(result: *mut [c_uchar; 32 fn priv_get_note( diversifier: *const [c_uchar; 11], pk_d: *const [c_uchar; 32], - value: uint64_t, + value: u64, r: *const [c_uchar; 32], ) -> Result, ()> { let diversifier = sapling_crypto::primitives::Diversifier(unsafe { *diversifier }); @@ -444,11 +444,11 @@ fn priv_get_note( pub extern "system" fn librustzcash_sapling_compute_nf( diversifier: *const [c_uchar; 11], pk_d: *const [c_uchar; 32], - value: uint64_t, + value: u64, r: *const [c_uchar; 32], ak: *const [c_uchar; 32], nk: *const [c_uchar; 32], - position: uint64_t, + position: u64, result: *mut [c_uchar; 32], ) -> bool { let note = match priv_get_note(diversifier, pk_d, value, r) { @@ -489,7 +489,7 @@ pub extern "system" fn librustzcash_sapling_compute_nf( pub extern "system" fn librustzcash_sapling_compute_cm( diversifier: *const [c_uchar; 11], pk_d: *const [c_uchar; 32], - value: uint64_t, + value: u64, r: *const [c_uchar; 32], result: *mut [c_uchar; 32], ) -> bool { @@ -562,8 +562,8 @@ pub extern "system" fn librustzcash_sapling_ka_derivepublic( #[no_mangle] pub extern "system" fn librustzcash_eh_isvalid( - n: uint32_t, - k: uint32_t, + n: u32, + k: u32, input: *const c_uchar, input_len: size_t, nonce: *const c_uchar, @@ -700,7 +700,7 @@ pub extern "system" fn librustzcash_sapling_check_output( #[no_mangle] pub extern "system" fn librustzcash_sapling_final_check( ctx: *mut SaplingVerificationContext, - value_balance: int64_t, + value_balance: i64, binding_sig: *const [c_uchar; 64], sighash_value: *const [c_uchar; 32], ) -> bool { @@ -728,31 +728,31 @@ pub extern "system" fn librustzcash_sprout_prove( // First input in_sk1: *const [c_uchar; 32], - in_value1: uint64_t, + in_value1: u64, in_rho1: *const [c_uchar; 32], in_r1: *const [c_uchar; 32], in_auth1: *const [c_uchar; 1 + 33 * SPROUT_TREE_DEPTH + 8], // Second input in_sk2: *const [c_uchar; 32], - in_value2: uint64_t, + in_value2: u64, in_rho2: *const [c_uchar; 32], in_r2: *const [c_uchar; 32], in_auth2: *const [c_uchar; 1 + 33 * SPROUT_TREE_DEPTH + 8], // First output out_pk1: *const [c_uchar; 32], - out_value1: uint64_t, + out_value1: u64, out_r1: *const [c_uchar; 32], // Second output out_pk2: *const [c_uchar; 32], - out_value2: uint64_t, + out_value2: u64, out_r2: *const [c_uchar; 32], // Public value - vpub_old: uint64_t, - vpub_new: uint64_t, + vpub_old: u64, + vpub_new: u64, ) { let phi = unsafe { *phi }; let rt = unsafe { *rt }; @@ -858,7 +858,7 @@ pub extern "system" fn librustzcash_sprout_prove( drop(sprout_fs); // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; let proof = create_random_proof(js, ¶ms, &mut rng).expect("proving should not fail"); @@ -878,8 +878,8 @@ pub extern "system" fn librustzcash_sprout_verify( nf2: *const [c_uchar; 32], cm1: *const [c_uchar; 32], cm2: *const [c_uchar; 32], - vpub_old: uint64_t, - vpub_new: uint64_t, + vpub_old: u64, + vpub_new: u64, ) -> bool { // Prepare the public input for the verifier let mut public_input = Vec::with_capacity((32 * 8) + (8 * 2)); @@ -923,7 +923,7 @@ pub extern "system" fn librustzcash_sapling_output_proof( diversifier: *const [c_uchar; 11], pk_d: *const [c_uchar; 32], rcm: *const [c_uchar; 32], - value: uint64_t, + value: u64, cv: *mut [c_uchar; 32], zkproof: *mut [c_uchar; GROTH_PROOF_SIZE], ) -> bool { @@ -1015,7 +1015,7 @@ pub extern "system" fn librustzcash_sapling_spend_sig( #[no_mangle] pub extern "system" fn librustzcash_sapling_binding_sig( ctx: *const SaplingProvingContext, - value_balance: int64_t, + value_balance: i64, sighash: *const [c_uchar; 32], result: *mut [c_uchar; 64], ) -> bool { @@ -1040,7 +1040,7 @@ pub extern "system" fn librustzcash_sapling_spend_proof( diversifier: *const [c_uchar; 11], rcm: *const [c_uchar; 32], ar: *const [c_uchar; 32], - value: uint64_t, + value: u64, anchor: *const [c_uchar; 32], witness: *const [c_uchar; 1 + 33 * SAPLING_TREE_DEPTH + 8], cv: *mut [c_uchar; 32], @@ -1161,7 +1161,7 @@ pub extern "system" fn librustzcash_zip32_xsk_master( #[no_mangle] pub extern "system" fn librustzcash_zip32_xsk_derive( xsk_parent: *const [c_uchar; 169], - i: uint32_t, + i: u32, xsk_i: *mut [c_uchar; 169], ) { let xsk_parent = zip32::ExtendedSpendingKey::read(&unsafe { *xsk_parent }[..]) @@ -1177,7 +1177,7 @@ pub extern "system" fn librustzcash_zip32_xsk_derive( #[no_mangle] pub extern "system" fn librustzcash_zip32_xfvk_derive( xfvk_parent: *const [c_uchar; 169], - i: uint32_t, + i: u32, xfvk_i: *mut [c_uchar; 169], ) -> bool { let xfvk_parent = zip32::ExtendedFullViewingKey::read(&unsafe { *xfvk_parent }[..]) diff --git a/librustzcash/src/tests/key_agreement.rs b/librustzcash/src/tests/key_agreement.rs index a72abf0da2..412ecc3e1b 100644 --- a/librustzcash/src/tests/key_agreement.rs +++ b/librustzcash/src/tests/key_agreement.rs @@ -1,6 +1,7 @@ use ff::{PrimeField, PrimeFieldRepr}; use pairing::bls12_381::Bls12; -use rand::{OsRng, Rng}; +use rand_core::RngCore; +use rand_os::OsRng; use sapling_crypto::jubjub::{edwards, JubjubBls12}; use sapling_crypto::primitives::{Diversifier, ViewingKey}; @@ -12,7 +13,7 @@ use { #[test] fn test_key_agreement() { let params = JubjubBls12::new(); - let mut rng = OsRng::new().unwrap(); + let mut rng = OsRng; // Create random viewing key let vk = ViewingKey:: { @@ -22,7 +23,9 @@ fn test_key_agreement() { // Create a random address with the viewing key let addr = loop { - match vk.into_payment_address(Diversifier(rng.gen()), ¶ms) { + let mut d = [0; 11]; + rng.fill_bytes(&mut d); + match vk.into_payment_address(Diversifier(d), ¶ms) { Some(a) => break a, None => {} } diff --git a/pairing/Cargo.toml b/pairing/Cargo.toml index 3446f46ced..759fd3d0f0 100644 --- a/pairing/Cargo.toml +++ b/pairing/Cargo.toml @@ -15,10 +15,13 @@ homepage = "https://github.com/ebfull/pairing" repository = "https://github.com/ebfull/pairing" [dependencies] -rand = "0.4" byteorder = "1" ff = { path = "../ff", features = ["derive"] } group = { path = "../group" } +rand_core = "0.5" + +[dev-dependencies] +rand_xorshift = "0.2" [features] unstable-features = ["expose-arith"] diff --git a/pairing/src/bls12_381/ec.rs b/pairing/src/bls12_381/ec.rs index f5a6d8f4bc..b20dea8dd5 100644 --- a/pairing/src/bls12_381/ec.rs +++ b/pairing/src/bls12_381/ec.rs @@ -200,11 +200,16 @@ macro_rules! curve_impl { } - impl Rand for $projective { - fn rand(rng: &mut R) -> Self { + impl CurveProjective for $projective { + type Engine = Bls12; + type Scalar = $scalarfield; + type Base = $basefield; + type Affine = $affine; + + fn random(rng: &mut R) -> Self { loop { - let x = rng.gen(); - let greatest = rng.gen(); + let x = $basefield::random(rng); + let greatest = rng.next_u32() % 2 != 0; if let Some(p) = $affine::get_point_from_x(x, greatest) { let p = p.scale_by_cofactor(); @@ -215,13 +220,6 @@ macro_rules! curve_impl { } } } - } - - impl CurveProjective for $projective { - type Engine = Bls12; - type Scalar = $scalarfield; - type Base = $basefield; - type Affine = $affine; // The point at infinity is always represented by // Z = 0. @@ -629,7 +627,7 @@ pub mod g1 { use super::g2::G2Affine; use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr, SqrtField}; use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError}; - use rand::{Rand, Rng}; + use rand_core::RngCore; use std::fmt; use {Engine, PairingCurveAffine}; @@ -1276,7 +1274,7 @@ pub mod g2 { use super::g1::G1Affine; use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr, SqrtField}; use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError}; - use rand::{Rand, Rng}; + use rand_core::RngCore; use std::fmt; use {Engine, PairingCurveAffine}; diff --git a/pairing/src/bls12_381/fq.rs b/pairing/src/bls12_381/fq.rs index fd0d416d5d..0f54196aff 100644 --- a/pairing/src/bls12_381/fq.rs +++ b/pairing/src/bls12_381/fq.rs @@ -1173,7 +1173,9 @@ fn test_neg_one() { } #[cfg(test)] -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq_repr_ordering() { @@ -1396,7 +1398,10 @@ fn test_fq_repr_num_bits() { #[test] fn test_fq_repr_sub_noborrow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FqRepr([ 0x827a4a08041ebd9, @@ -1426,7 +1431,7 @@ fn test_fq_repr_sub_noborrow() { ); for _ in 0..1000 { - let mut a = FqRepr::rand(&mut rng); + let mut a = Fq::random(&mut rng).into_repr(); a.0[5] >>= 30; let mut b = a; for _ in 0..10 { @@ -1483,7 +1488,10 @@ fn test_fq_repr_sub_noborrow() { #[test] fn test_fq_repr_add_nocarry() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FqRepr([ 0x827a4a08041ebd9, @@ -1514,9 +1522,9 @@ fn test_fq_repr_add_nocarry() { // Test for the associativity of addition. for _ in 0..1000 { - let mut a = FqRepr::rand(&mut rng); - let mut b = FqRepr::rand(&mut rng); - let mut c = FqRepr::rand(&mut rng); + let mut a = Fq::random(&mut rng).into_repr(); + let mut b = Fq::random(&mut rng).into_repr(); + let mut c = Fq::random(&mut rng).into_repr(); // Unset the first few bits, so that overflow won't occur. a.0[5] >>= 3; @@ -1595,10 +1603,13 @@ fn test_fq_is_valid() { ])).is_valid() ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); assert!(a.is_valid()); } } @@ -1708,13 +1719,16 @@ fn test_fq_add_assign() { // Test associativity - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Generate a, b, c and ensure (a + b) + c == a + (b + c). - let a = Fq::rand(&mut rng); - let b = Fq::rand(&mut rng); - let c = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); + let b = Fq::random(&mut rng); + let c = Fq::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -1818,12 +1832,15 @@ fn test_fq_sub_assign() { ); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure that (a - b) + (b - a) = 0. - let a = Fq::rand(&mut rng); - let b = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); + let b = Fq::random(&mut rng); let mut tmp1 = a; tmp1.sub_assign(&b); @@ -1865,13 +1882,16 @@ fn test_fq_mul_assign() { ])) ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * b) * c = a * (b * c) - let a = Fq::rand(&mut rng); - let b = Fq::rand(&mut rng); - let c = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); + let b = Fq::random(&mut rng); + let c = Fq::random(&mut rng); let mut tmp1 = a; tmp1.mul_assign(&b); @@ -1887,10 +1907,10 @@ fn test_fq_mul_assign() { for _ in 0..1000000 { // Ensure that r * (a + b + c) = r*a + r*b + r*c - let r = Fq::rand(&mut rng); - let mut a = Fq::rand(&mut rng); - let mut b = Fq::rand(&mut rng); - let mut c = Fq::rand(&mut rng); + let r = Fq::random(&mut rng); + let mut a = Fq::random(&mut rng); + let mut b = Fq::random(&mut rng); + let mut c = Fq::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -1932,11 +1952,14 @@ fn test_fq_squaring() { ])).unwrap() ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * a) = a^2 - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let mut tmp = a; tmp.square(); @@ -1952,13 +1975,16 @@ fn test_fq_squaring() { fn test_fq_inverse() { assert!(Fq::zero().inverse().is_none()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let one = Fq::one(); for _ in 0..1000 { // Ensure that a * a^-1 = 1 - let mut a = Fq::rand(&mut rng); + let mut a = Fq::random(&mut rng); let ainv = a.inverse().unwrap(); a.mul_assign(&ainv); assert_eq!(a, one); @@ -1967,11 +1993,14 @@ fn test_fq_inverse() { #[test] fn test_fq_double() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure doubling a is equivalent to adding a to itself. - let mut a = Fq::rand(&mut rng); + let mut a = Fq::random(&mut rng); let mut b = a; b.add_assign(&a); a.double(); @@ -1988,11 +2017,14 @@ fn test_fq_negate() { assert!(a.is_zero()); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure (a - (-a)) = 0. - let mut a = Fq::rand(&mut rng); + let mut a = Fq::random(&mut rng); let mut b = a; b.negate(); a.add_assign(&b); @@ -2003,12 +2035,15 @@ fn test_fq_negate() { #[test] fn test_fq_pow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for i in 0..1000 { // Exponentiate by various small numbers and ensure it consists with repeated // multiplication. - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let target = a.pow(&[i]); let mut c = Fq::one(); for _ in 0..i { @@ -2019,7 +2054,7 @@ fn test_fq_pow() { for _ in 0..1000 { // Exponentiating by the modulus should have no effect in a prime field. - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); assert_eq!(a, a.pow(Fq::char())); } @@ -2029,13 +2064,16 @@ fn test_fq_pow() { fn test_fq_sqrt() { use ff::SqrtField; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); assert_eq!(Fq::zero().sqrt().unwrap(), Fq::zero()); for _ in 0..1000 { // Ensure sqrt(a^2) = a or -a - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let mut nega = a; nega.negate(); let mut b = a; @@ -2048,7 +2086,7 @@ fn test_fq_sqrt() { for _ in 0..1000 { // Ensure sqrt(a)^2 = a for random a - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); if let Some(mut tmp) = a.sqrt() { tmp.square(); @@ -2108,11 +2146,14 @@ fn test_fq_from_into_repr() { // Zero should be in the field. assert!(Fq::from_repr(FqRepr::from(0)).unwrap().is_zero()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Try to turn Fq elements into representations and back again, and compare. - let a = Fq::rand(&mut rng); + let a = Fq::random(&mut rng); let a_repr = a.into_repr(); let b_repr = FqRepr::from(a); assert_eq!(a_repr, b_repr); @@ -2205,7 +2246,7 @@ fn test_fq_ordering() { #[test] fn fq_repr_tests() { - ::tests::repr::random_repr_tests::(); + ::tests::repr::random_repr_tests::(); } #[test] diff --git a/pairing/src/bls12_381/fq12.rs b/pairing/src/bls12_381/fq12.rs index b24fcaaace..f07a337842 100644 --- a/pairing/src/bls12_381/fq12.rs +++ b/pairing/src/bls12_381/fq12.rs @@ -2,7 +2,7 @@ use super::fq::FROBENIUS_COEFF_FQ12_C1; use super::fq2::Fq2; use super::fq6::Fq6; use ff::Field; -use rand::{Rand, Rng}; +use rand_core::{RngCore}; /// An element of Fq12, represented by c0 + c1 * w. #[derive(Copy, Clone, Debug, Eq, PartialEq)] @@ -17,15 +17,6 @@ impl ::std::fmt::Display for Fq12 { } } -impl Rand for Fq12 { - fn rand(rng: &mut R) -> Self { - Fq12 { - c0: rng.gen(), - c1: rng.gen(), - } - } -} - impl Fq12 { pub fn conjugate(&mut self) { self.c1.negate(); @@ -49,6 +40,13 @@ impl Fq12 { } impl Field for Fq12 { + fn random(rng: &mut R) -> Self { + Fq12 { + c0: Fq6::random(rng), + c1: Fq6::random(rng), + } + } + fn zero() -> Self { Fq12 { c0: Fq6::zero(), @@ -149,17 +147,22 @@ impl Field for Fq12 { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq12_mul_by_014() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let c0 = Fq2::rand(&mut rng); - let c1 = Fq2::rand(&mut rng); - let c5 = Fq2::rand(&mut rng); - let mut a = Fq12::rand(&mut rng); + let c0 = Fq2::random(&mut rng); + let c1 = Fq2::random(&mut rng); + let c5 = Fq2::random(&mut rng); + let mut a = Fq12::random(&mut rng); let mut b = a; a.mul_by_014(&c0, &c1, &c5); diff --git a/pairing/src/bls12_381/fq2.rs b/pairing/src/bls12_381/fq2.rs index 363439a67b..994a28a2aa 100644 --- a/pairing/src/bls12_381/fq2.rs +++ b/pairing/src/bls12_381/fq2.rs @@ -1,6 +1,6 @@ use super::fq::{FROBENIUS_COEFF_FQ2_C1, Fq, NEGATIVE_ONE}; use ff::{Field, SqrtField}; -use rand::{Rand, Rng}; +use rand_core::RngCore; use std::cmp::Ordering; @@ -56,16 +56,14 @@ impl Fq2 { } } -impl Rand for Fq2 { - fn rand(rng: &mut R) -> Self { +impl Field for Fq2 { + fn random(rng: &mut R) -> Self { Fq2 { - c0: rng.gen(), - c1: rng.gen(), + c0: Fq::random(rng), + c1: Fq::random(rng), } } -} -impl Field for Fq2 { fn zero() -> Self { Fq2 { c0: Fq::zero(), @@ -879,11 +877,16 @@ fn test_fq2_legendre() { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq2_mul_nonresidue() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let nqr = Fq2 { c0: Fq::one(), @@ -891,7 +894,7 @@ fn test_fq2_mul_nonresidue() { }; for _ in 0..1000 { - let mut a = Fq2::rand(&mut rng); + let mut a = Fq2::random(&mut rng); let mut b = a; a.mul_by_nonresidue(); b.mul_assign(&nqr); diff --git a/pairing/src/bls12_381/fq6.rs b/pairing/src/bls12_381/fq6.rs index 36c6e285e4..87e64cb0e7 100644 --- a/pairing/src/bls12_381/fq6.rs +++ b/pairing/src/bls12_381/fq6.rs @@ -1,7 +1,7 @@ use super::fq::{FROBENIUS_COEFF_FQ6_C1, FROBENIUS_COEFF_FQ6_C2}; use super::fq2::Fq2; use ff::Field; -use rand::{Rand, Rng}; +use rand_core::RngCore; /// An element of Fq6, represented by c0 + c1 * v + c2 * v^(2). #[derive(Copy, Clone, Debug, Eq, PartialEq)] @@ -17,15 +17,6 @@ impl ::std::fmt::Display for Fq6 { } } -impl Rand for Fq6 { - fn rand(rng: &mut R) -> Self { - Fq6 { - c0: rng.gen(), - c1: rng.gen(), - c2: rng.gen(), - } - } -} impl Fq6 { /// Multiply by quadratic nonresidue v. @@ -110,6 +101,14 @@ impl Fq6 { } impl Field for Fq6 { + fn random(rng: &mut R) -> Self { + Fq6 { + c0: Fq2::random(rng), + c1: Fq2::random(rng), + c2: Fq2::random(rng), + } + } + fn zero() -> Self { Fq6 { c0: Fq2::zero(), @@ -302,11 +301,16 @@ impl Field for Fq6 { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fq6_mul_nonresidue() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let nqr = Fq6 { c0: Fq2::zero(), @@ -315,7 +319,7 @@ fn test_fq6_mul_nonresidue() { }; for _ in 0..1000 { - let mut a = Fq6::rand(&mut rng); + let mut a = Fq6::random(&mut rng); let mut b = a; a.mul_by_nonresidue(); b.mul_assign(&nqr); @@ -326,11 +330,14 @@ fn test_fq6_mul_nonresidue() { #[test] fn test_fq6_mul_by_1() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let c1 = Fq2::rand(&mut rng); - let mut a = Fq6::rand(&mut rng); + let c1 = Fq2::random(&mut rng); + let mut a = Fq6::random(&mut rng); let mut b = a; a.mul_by_1(&c1); @@ -346,12 +353,15 @@ fn test_fq6_mul_by_1() { #[test] fn test_fq6_mul_by_01() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let c0 = Fq2::rand(&mut rng); - let c1 = Fq2::rand(&mut rng); - let mut a = Fq6::rand(&mut rng); + let c0 = Fq2::random(&mut rng); + let c1 = Fq2::random(&mut rng); + let mut a = Fq6::random(&mut rng); let mut b = a; a.mul_by_01(&c0, &c1); diff --git a/pairing/src/bls12_381/fr.rs b/pairing/src/bls12_381/fr.rs index 5e5763142c..cb378f4127 100644 --- a/pairing/src/bls12_381/fr.rs +++ b/pairing/src/bls12_381/fr.rs @@ -6,7 +6,9 @@ use ff::{Field, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr}; pub struct Fr(FrRepr); #[cfg(test)] -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fr_repr_ordering() { @@ -197,7 +199,10 @@ fn test_fr_repr_num_bits() { #[test] fn test_fr_repr_sub_noborrow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FrRepr([ 0x8e62a7e85264e2c3, @@ -221,7 +226,7 @@ fn test_fr_repr_sub_noborrow() { ); for _ in 0..1000 { - let mut a = FrRepr::rand(&mut rng); + let mut a = Fr::random(&mut rng).into_repr(); a.0[3] >>= 30; let mut b = a; for _ in 0..10 { @@ -296,7 +301,10 @@ fn test_fr_legendre() { #[test] fn test_fr_repr_add_nocarry() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FrRepr([ 0xd64f669809cbc6a4, @@ -322,9 +330,9 @@ fn test_fr_repr_add_nocarry() { // Test for the associativity of addition. for _ in 0..1000 { - let mut a = FrRepr::rand(&mut rng); - let mut b = FrRepr::rand(&mut rng); - let mut c = FrRepr::rand(&mut rng); + let mut a = Fr::random(&mut rng).into_repr(); + let mut b = Fr::random(&mut rng).into_repr(); + let mut c = Fr::random(&mut rng).into_repr(); // Unset the first few bits, so that overflow won't occur. a.0[3] >>= 3; @@ -397,10 +405,13 @@ fn test_fr_is_valid() { ])).is_valid() ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); assert!(a.is_valid()); } } @@ -492,13 +503,16 @@ fn test_fr_add_assign() { // Test associativity - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Generate a, b, c and ensure (a + b) + c == a + (b + c). - let a = Fr::rand(&mut rng); - let b = Fr::rand(&mut rng); - let c = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); + let b = Fr::random(&mut rng); + let c = Fr::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -586,12 +600,15 @@ fn test_fr_sub_assign() { ); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure that (a - b) + (b - a) = 0. - let a = Fr::rand(&mut rng); - let b = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); + let b = Fr::random(&mut rng); let mut tmp1 = a; tmp1.sub_assign(&b); @@ -627,13 +644,16 @@ fn test_fr_mul_assign() { ])) ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * b) * c = a * (b * c) - let a = Fr::rand(&mut rng); - let b = Fr::rand(&mut rng); - let c = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); + let b = Fr::random(&mut rng); + let c = Fr::random(&mut rng); let mut tmp1 = a; tmp1.mul_assign(&b); @@ -649,10 +669,10 @@ fn test_fr_mul_assign() { for _ in 0..1000000 { // Ensure that r * (a + b + c) = r*a + r*b + r*c - let r = Fr::rand(&mut rng); - let mut a = Fr::rand(&mut rng); - let mut b = Fr::rand(&mut rng); - let mut c = Fr::rand(&mut rng); + let r = Fr::random(&mut rng); + let mut a = Fr::random(&mut rng); + let mut b = Fr::random(&mut rng); + let mut c = Fr::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -690,11 +710,14 @@ fn test_fr_squaring() { ])).unwrap() ); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * a) = a^2 - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let mut tmp = a; tmp.square(); @@ -710,13 +733,16 @@ fn test_fr_squaring() { fn test_fr_inverse() { assert!(Fr::zero().inverse().is_none()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let one = Fr::one(); for _ in 0..1000 { // Ensure that a * a^-1 = 1 - let mut a = Fr::rand(&mut rng); + let mut a = Fr::random(&mut rng); let ainv = a.inverse().unwrap(); a.mul_assign(&ainv); assert_eq!(a, one); @@ -725,11 +751,14 @@ fn test_fr_inverse() { #[test] fn test_fr_double() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure doubling a is equivalent to adding a to itself. - let mut a = Fr::rand(&mut rng); + let mut a = Fr::random(&mut rng); let mut b = a; b.add_assign(&a); a.double(); @@ -746,11 +775,14 @@ fn test_fr_negate() { assert!(a.is_zero()); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure (a - (-a)) = 0. - let mut a = Fr::rand(&mut rng); + let mut a = Fr::random(&mut rng); let mut b = a; b.negate(); a.add_assign(&b); @@ -761,12 +793,15 @@ fn test_fr_negate() { #[test] fn test_fr_pow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for i in 0..1000 { // Exponentiate by various small numbers and ensure it consists with repeated // multiplication. - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let target = a.pow(&[i]); let mut c = Fr::one(); for _ in 0..i { @@ -777,7 +812,7 @@ fn test_fr_pow() { for _ in 0..1000 { // Exponentiating by the modulus should have no effect in a prime field. - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); assert_eq!(a, a.pow(Fr::char())); } @@ -787,13 +822,16 @@ fn test_fr_pow() { fn test_fr_sqrt() { use ff::SqrtField; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); assert_eq!(Fr::zero().sqrt().unwrap(), Fr::zero()); for _ in 0..1000 { // Ensure sqrt(a^2) = a or -a - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let mut nega = a; nega.negate(); let mut b = a; @@ -806,7 +844,7 @@ fn test_fr_sqrt() { for _ in 0..1000 { // Ensure sqrt(a)^2 = a for random a - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); if let Some(mut tmp) = a.sqrt() { tmp.square(); @@ -858,11 +896,14 @@ fn test_fr_from_into_repr() { // Zero should be in the field. assert!(Fr::from_repr(FrRepr::from(0)).unwrap().is_zero()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Try to turn Fr elements into representations and back again, and compare. - let a = Fr::rand(&mut rng); + let a = Fr::random(&mut rng); let a_repr = a.into_repr(); let b_repr = FrRepr::from(a); assert_eq!(a_repr, b_repr); @@ -982,5 +1023,5 @@ fn fr_field_tests() { #[test] fn fr_repr_tests() { - ::tests::repr::random_repr_tests::(); + ::tests::repr::random_repr_tests::(); } diff --git a/pairing/src/lib.rs b/pairing/src/lib.rs index 686938ff36..1c8d90c276 100644 --- a/pairing/src/lib.rs +++ b/pairing/src/lib.rs @@ -14,7 +14,10 @@ extern crate byteorder; extern crate ff; extern crate group; -extern crate rand; +extern crate rand_core; + +#[cfg(test)] +extern crate rand_xorshift; #[cfg(test)] pub mod tests; diff --git a/pairing/src/tests/engine.rs b/pairing/src/tests/engine.rs index 7b1944dd5e..fc74f1bbe2 100644 --- a/pairing/src/tests/engine.rs +++ b/pairing/src/tests/engine.rs @@ -1,14 +1,18 @@ use group::{CurveAffine, CurveProjective}; -use rand::{Rand, SeedableRng, XorShiftRng}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; use {Engine, Field, PairingCurveAffine, PrimeField}; pub fn engine_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..10 { - let a = E::G1::rand(&mut rng).into_affine(); - let b = E::G2::rand(&mut rng).into_affine(); + let a = E::G1::random(&mut rng).into_affine(); + let b = E::G2::random(&mut rng).into_affine(); assert!(a.pairing_with(&b) == b.pairing_with(&a)); assert!(a.pairing_with(&b) == E::pairing(a, b)); @@ -18,10 +22,10 @@ pub fn engine_tests() { let z1 = E::G1Affine::zero().prepare(); let z2 = E::G2Affine::zero().prepare(); - let a = E::G1::rand(&mut rng).into_affine().prepare(); - let b = E::G2::rand(&mut rng).into_affine().prepare(); - let c = E::G1::rand(&mut rng).into_affine().prepare(); - let d = E::G2::rand(&mut rng).into_affine().prepare(); + let a = E::G1::random(&mut rng).into_affine().prepare(); + let b = E::G2::random(&mut rng).into_affine().prepare(); + let c = E::G1::random(&mut rng).into_affine().prepare(); + let d = E::G2::random(&mut rng).into_affine().prepare(); assert_eq!( E::Fqk::one(), @@ -49,12 +53,15 @@ pub fn engine_tests() { } fn random_miller_loop_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); // Exercise the miller loop for a reduced pairing for _ in 0..1000 { - let a = E::G1::rand(&mut rng); - let b = E::G2::rand(&mut rng); + let a = E::G1::random(&mut rng); + let b = E::G2::random(&mut rng); let p2 = E::pairing(a, b); @@ -68,10 +75,10 @@ fn random_miller_loop_tests() { // Exercise a double miller loop for _ in 0..1000 { - let a = E::G1::rand(&mut rng); - let b = E::G2::rand(&mut rng); - let c = E::G1::rand(&mut rng); - let d = E::G2::rand(&mut rng); + let a = E::G1::random(&mut rng); + let b = E::G2::random(&mut rng); + let c = E::G1::random(&mut rng); + let d = E::G2::random(&mut rng); let ab = E::pairing(a, b); let cd = E::pairing(c, d); @@ -92,14 +99,17 @@ fn random_miller_loop_tests() { } fn random_bilinearity_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = E::G1::rand(&mut rng); - let b = E::G2::rand(&mut rng); + let a = E::G1::random(&mut rng); + let b = E::G2::random(&mut rng); - let c = E::Fr::rand(&mut rng); - let d = E::Fr::rand(&mut rng); + let c = E::Fr::random(&mut rng); + let d = E::Fr::random(&mut rng); let mut ac = a; ac.mul_assign(c); diff --git a/pairing/src/tests/field.rs b/pairing/src/tests/field.rs index 55396a74be..0a33a73121 100644 --- a/pairing/src/tests/field.rs +++ b/pairing/src/tests/field.rs @@ -1,12 +1,16 @@ use ff::{Field, LegendreSymbol, PrimeField, SqrtField}; -use rand::{Rng, SeedableRng, XorShiftRng}; +use rand_core::{RngCore, SeedableRng}; +use rand_xorshift::XorShiftRng; pub fn random_frobenius_tests>(characteristic: C, maxpower: usize) { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { for i in 0..(maxpower + 1) { - let mut a = F::rand(&mut rng); + let mut a = F::random(&mut rng); let mut b = a; for _ in 0..i { @@ -20,10 +24,13 @@ pub fn random_frobenius_tests>(characteristic: C, maxp } pub fn random_sqrt_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..10000 { - let a = F::rand(&mut rng); + let a = F::random(&mut rng); let mut b = a; b.square(); assert_eq!(b.legendre(), LegendreSymbol::QuadraticResidue); @@ -54,7 +61,10 @@ pub fn random_sqrt_tests() { } pub fn random_field_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); random_multiplication_tests::(&mut rng); random_addition_tests::(&mut rng); @@ -76,14 +86,14 @@ pub fn random_field_tests() { // Multiplication by zero { - let mut a = F::rand(&mut rng); + let mut a = F::random(&mut rng); a.mul_assign(&F::zero()); assert!(a.is_zero()); } // Addition by zero { - let mut a = F::rand(&mut rng); + let mut a = F::random(&mut rng); let copy = a; a.add_assign(&F::zero()); assert_eq!(a, copy); @@ -106,10 +116,13 @@ pub fn from_str_tests() { } { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let n: u64 = rng.gen(); + let n = rng.next_u64(); let a = F::from_str(&format!("{}", n)).unwrap(); let b = F::from_repr(n.into()).unwrap(); @@ -124,11 +137,11 @@ pub fn from_str_tests() { assert!(F::from_str("00000000000").is_none()); } -fn random_multiplication_tests(rng: &mut R) { +fn random_multiplication_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); - let b = F::rand(rng); - let c = F::rand(rng); + let a = F::random(rng); + let b = F::random(rng); + let c = F::random(rng); let mut t0 = a; // (a * b) * c t0.mul_assign(&b); @@ -147,11 +160,11 @@ fn random_multiplication_tests(rng: &mut R) { } } -fn random_addition_tests(rng: &mut R) { +fn random_addition_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); - let b = F::rand(rng); - let c = F::rand(rng); + let a = F::random(rng); + let b = F::random(rng); + let c = F::random(rng); let mut t0 = a; // (a + b) + c t0.add_assign(&b); @@ -170,10 +183,10 @@ fn random_addition_tests(rng: &mut R) { } } -fn random_subtraction_tests(rng: &mut R) { +fn random_subtraction_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); - let b = F::rand(rng); + let b = F::random(rng); + let a = F::random(rng); let mut t0 = a; // (a - b) t0.sub_assign(&b); @@ -188,9 +201,9 @@ fn random_subtraction_tests(rng: &mut R) { } } -fn random_negation_tests(rng: &mut R) { +fn random_negation_tests(rng: &mut R) { for _ in 0..10000 { - let a = F::rand(rng); + let a = F::random(rng); let mut b = a; b.negate(); b.add_assign(&a); @@ -199,9 +212,9 @@ fn random_negation_tests(rng: &mut R) { } } -fn random_doubling_tests(rng: &mut R) { +fn random_doubling_tests(rng: &mut R) { for _ in 0..10000 { - let mut a = F::rand(rng); + let mut a = F::random(rng); let mut b = a; a.add_assign(&b); b.double(); @@ -210,9 +223,9 @@ fn random_doubling_tests(rng: &mut R) { } } -fn random_squaring_tests(rng: &mut R) { +fn random_squaring_tests(rng: &mut R) { for _ in 0..10000 { - let mut a = F::rand(rng); + let mut a = F::random(rng); let mut b = a; a.mul_assign(&b); b.square(); @@ -221,11 +234,11 @@ fn random_squaring_tests(rng: &mut R) { } } -fn random_inversion_tests(rng: &mut R) { +fn random_inversion_tests(rng: &mut R) { assert!(F::zero().inverse().is_none()); for _ in 0..10000 { - let mut a = F::rand(rng); + let mut a = F::random(rng); let b = a.inverse().unwrap(); // probablistically nonzero a.mul_assign(&b); @@ -233,14 +246,14 @@ fn random_inversion_tests(rng: &mut R) { } } -fn random_expansion_tests(rng: &mut R) { +fn random_expansion_tests(rng: &mut R) { for _ in 0..10000 { // Compare (a + b)(c + d) and (a*c + b*c + a*d + b*d) - let a = F::rand(rng); - let b = F::rand(rng); - let c = F::rand(rng); - let d = F::rand(rng); + let a = F::random(rng); + let b = F::random(rng); + let c = F::random(rng); + let d = F::random(rng); let mut t0 = a; t0.add_assign(&b); diff --git a/pairing/src/tests/repr.rs b/pairing/src/tests/repr.rs index 09dd441357..67badd8025 100644 --- a/pairing/src/tests/repr.rs +++ b/pairing/src/tests/repr.rs @@ -1,21 +1,25 @@ -use ff::PrimeFieldRepr; -use rand::{SeedableRng, XorShiftRng}; - -pub fn random_repr_tests() { - random_encoding_tests::(); - random_shl_tests::(); - random_shr_tests::(); +use ff::{PrimeField, PrimeFieldRepr}; +use rand_core::SeedableRng; +use rand_xorshift::XorShiftRng; + +pub fn random_repr_tests() { + random_encoding_tests::

(); + random_shl_tests::

(); + random_shr_tests::

(); } -fn random_encoding_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +fn random_encoding_tests() { + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let r = R::rand(&mut rng); + let r = P::random(&mut rng).into_repr(); // Big endian { - let mut rdecoded = R::default(); + let mut rdecoded =

::Repr::default(); let mut v: Vec = vec![]; r.write_be(&mut v).unwrap(); @@ -26,7 +30,7 @@ fn random_encoding_tests() { // Little endian { - let mut rdecoded = R::default(); + let mut rdecoded =

::Repr::default(); let mut v: Vec = vec![]; r.write_le(&mut v).unwrap(); @@ -36,8 +40,8 @@ fn random_encoding_tests() { } { - let mut rdecoded_le = R::default(); - let mut rdecoded_be_flip = R::default(); + let mut rdecoded_le =

::Repr::default(); + let mut rdecoded_be_flip =

::Repr::default(); let mut v: Vec = vec![]; r.write_le(&mut v).unwrap(); @@ -55,11 +59,14 @@ fn random_encoding_tests() { } } -fn random_shl_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +fn random_shl_tests() { + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { - let r = R::rand(&mut rng); + let r = P::random(&mut rng).into_repr(); for shift in 0..(r.num_bits() + 1) { let mut r1 = r; @@ -76,11 +83,14 @@ fn random_shl_tests() { } } -fn random_shr_tests() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +fn random_shr_tests() { + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { - let r = R::rand(&mut rng); + let r = P::random(&mut rng).into_repr(); for shift in 0..(r.num_bits() + 1) { let mut r1 = r; diff --git a/sapling-crypto/Cargo.toml b/sapling-crypto/Cargo.toml index 7d4377450c..0026f6c475 100644 --- a/sapling-crypto/Cargo.toml +++ b/sapling-crypto/Cargo.toml @@ -17,10 +17,11 @@ bellman = { path = "../bellman" } blake2b_simd = "0.5" blake2s_simd = "0.5" ff = { path = "../ff" } -rand = "0.4" +rand_core = "0.5" digest = "0.7" byteorder = "1" [dev-dependencies] hex-literal = "0.1" -rust-crypto = "0.2" +rand_xorshift = "0.2" +sha2 = "0.8" diff --git a/sapling-crypto/examples/bench.rs b/sapling-crypto/examples/bench.rs index 4b7a707b43..e9ffc13e1a 100644 --- a/sapling-crypto/examples/bench.rs +++ b/sapling-crypto/examples/bench.rs @@ -1,8 +1,11 @@ +extern crate ff; extern crate sapling_crypto; extern crate bellman; -extern crate rand; extern crate pairing; +extern crate rand_core; +extern crate rand_xorshift; +use ff::Field; use std::time::{Duration, Instant}; use sapling_crypto::jubjub::{ JubjubBls12, @@ -18,14 +21,18 @@ use sapling_crypto::primitives::{ ValueCommitment }; use bellman::groth16::*; -use rand::{XorShiftRng, SeedableRng, Rng}; +use rand_core::{RngCore, SeedableRng}; +use rand_xorshift::XorShiftRng; use pairing::bls12_381::{Bls12, Fr}; const TREE_DEPTH: usize = 32; fn main() { let jubjub_params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); println!("Creating sample parameters..."); let groth_params = generate_random_parameters::( @@ -48,10 +55,10 @@ fn main() { for _ in 0..SAMPLES { let value_commitment = ValueCommitment { value: 1, - randomness: rng.gen() + randomness: fs::Fs::random(rng) }; - let nsk: fs::Fs = rng.gen(); + let nsk = fs::Fs::random(rng); let ak = edwards::Point::rand(rng, jubjub_params).mul_by_cofactor(jubjub_params); let proof_generation_key = ProofGenerationKey { @@ -64,7 +71,11 @@ fn main() { let payment_address; loop { - let diversifier = Diversifier(rng.gen()); + let diversifier = { + let mut d = [0; 11]; + rng.fill_bytes(&mut d); + Diversifier(d) + }; if let Some(p) = viewing_key.into_payment_address( diversifier, @@ -76,10 +87,10 @@ fn main() { } } - let commitment_randomness: fs::Fs = rng.gen(); - let auth_path = vec![Some((rng.gen(), rng.gen())); TREE_DEPTH]; - let ar: fs::Fs = rng.gen(); - let anchor: Fr = rng.gen(); + let commitment_randomness = fs::Fs::random(rng); + let auth_path = vec![Some((Fr::random(rng), rng.next_u32() % 2 != 0)); TREE_DEPTH]; + let ar = fs::Fs::random(rng); + let anchor = Fr::random(rng); let start = Instant::now(); let _ = create_random_proof(Spend { diff --git a/sapling-crypto/src/circuit/blake2s.rs b/sapling-crypto/src/circuit/blake2s.rs index 46bbe67633..8627dc06a2 100644 --- a/sapling-crypto/src/circuit/blake2s.rs +++ b/sapling-crypto/src/circuit/blake2s.rs @@ -321,8 +321,10 @@ pub fn blake2s>( #[cfg(test)] mod test { use blake2s_simd::Params as Blake2sParams; - use rand::{XorShiftRng, SeedableRng, Rng}; use pairing::bls12_381::{Bls12}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; + use ::circuit::boolean::{Boolean, AllocatedBit}; use ::circuit::test::TestConstraintSystem; use super::blake2s; @@ -366,9 +368,12 @@ mod test { // doesn't result in more constraints. let mut cs = TestConstraintSystem::::new(); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let input_bits: Vec<_> = (0..512) - .map(|_| Boolean::constant(rng.gen())) + .map(|_| Boolean::constant(rng.next_u32() % 2 != 0)) .chain((0..512) .map(|i| AllocatedBit::alloc(cs.namespace(|| format!("input bit {}", i)), Some(true)).unwrap().into())) .collect(); @@ -380,21 +385,27 @@ mod test { #[test] fn test_blake2s_constant_constraints() { let mut cs = TestConstraintSystem::::new(); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); - let input_bits: Vec<_> = (0..512).map(|_| Boolean::constant(rng.gen())).collect(); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); + let input_bits: Vec<_> = (0..512).map(|_| Boolean::constant(rng.next_u32() % 2 != 0)).collect(); blake2s(&mut cs, &input_bits, b"12345678").unwrap(); assert_eq!(cs.num_constraints(), 0); } #[test] fn test_blake2s() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for input_len in (0..32).chain((32..256).filter(|a| a % 8 == 0)) { let mut h = Blake2sParams::new().hash_length(32).personal(b"12345678").to_state(); - let data: Vec = (0..input_len).map(|_| rng.gen()).collect(); + let data: Vec = (0..input_len).map(|_| rng.next_u32() as u8).collect(); h.update(&data); diff --git a/sapling-crypto/src/circuit/ecc.rs b/sapling-crypto/src/circuit/ecc.rs index 107164996e..9b4dbbcf0d 100644 --- a/sapling-crypto/src/circuit/ecc.rs +++ b/sapling-crypto/src/circuit/ecc.rs @@ -748,9 +748,11 @@ impl MontgomeryPoint { #[cfg(test)] mod test { use bellman::{ConstraintSystem}; - use rand::{XorShiftRng, SeedableRng, Rand, Rng}; use ff::{BitIterator, Field, PrimeField}; use pairing::bls12_381::{Bls12, Fr}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; + use ::circuit::test::*; use ::jubjub::{ montgomery, @@ -774,7 +776,10 @@ mod test { #[test] fn test_into_edwards() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let mut cs = TestConstraintSystem::::new(); @@ -798,12 +803,12 @@ mod test { assert!(q.x.get_value().unwrap() == u); assert!(q.y.get_value().unwrap() == v); - cs.set("u/num", rng.gen()); + cs.set("u/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied().unwrap(), "u computation"); cs.set("u/num", u); assert!(cs.is_satisfied()); - cs.set("v/num", rng.gen()); + cs.set("v/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied().unwrap(), "v computation"); cs.set("v/num", v); assert!(cs.is_satisfied()); @@ -813,7 +818,10 @@ mod test { #[test] fn test_interpret() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let p = edwards::Point::::rand(rng, ¶ms); @@ -853,8 +861,8 @@ mod test { // Random (x, y) are unlikely to be on the curve. for _ in 0..100 { - let x = rng.gen(); - let y = rng.gen(); + let x = Fr::random(rng); + let y = Fr::random(rng); let mut cs = TestConstraintSystem::::new(); let numx = AllocatedNum::alloc(cs.namespace(|| "x"), || { @@ -873,13 +881,16 @@ mod test { #[test] fn test_edwards_fixed_base_multiplication() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let mut cs = TestConstraintSystem::::new(); let p = params.generator(FixedGenerators::NoteCommitmentRandomness); - let s = Fs::rand(rng); + let s = Fs::random(rng); let q = p.mul(s, params); let (x1, y1) = q.into_xy(); @@ -908,13 +919,16 @@ mod test { #[test] fn test_edwards_multiplication() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let mut cs = TestConstraintSystem::::new(); let p = edwards::Point::::rand(rng, params); - let s = Fs::rand(rng); + let s = Fs::random(rng); let q = p.mul(s, params); let (x0, y0) = p.into_xy(); @@ -965,7 +979,10 @@ mod test { #[test] fn test_conditionally_select() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let mut cs = TestConstraintSystem::::new(); @@ -986,10 +1003,10 @@ mod test { y: num_y0 }; - let mut should_we_select = rng.gen(); + let mut should_we_select = rng.next_u32() % 2 != 0; // Conditionally allocate - let mut b = if rng.gen() { + let mut b = if rng.next_u32() % 2 != 0 { Boolean::from(AllocatedBit::alloc( cs.namespace(|| "condition"), Some(should_we_select) @@ -999,7 +1016,7 @@ mod test { }; // Conditionally negate - if rng.gen() { + if rng.next_u32() % 2 != 0 { b = b.not(); should_we_select = !should_we_select; } @@ -1031,7 +1048,10 @@ mod test { #[test] fn test_edwards_addition() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let p1 = edwards::Point::::rand(rng, params); @@ -1077,19 +1097,19 @@ mod test { assert!(p3.y.get_value().unwrap() == y2); let u = cs.get("addition/U/num"); - cs.set("addition/U/num", rng.gen()); + cs.set("addition/U/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/U computation")); cs.set("addition/U/num", u); assert!(cs.is_satisfied()); let x3 = cs.get("addition/x3/num"); - cs.set("addition/x3/num", rng.gen()); + cs.set("addition/x3/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/x3 computation")); cs.set("addition/x3/num", x3); assert!(cs.is_satisfied()); let y3 = cs.get("addition/y3/num"); - cs.set("addition/y3/num", rng.gen()); + cs.set("addition/y3/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/y3 computation")); cs.set("addition/y3/num", y3); assert!(cs.is_satisfied()); @@ -1099,7 +1119,10 @@ mod test { #[test] fn test_edwards_doubling() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let p1 = edwards::Point::::rand(rng, params); @@ -1134,12 +1157,15 @@ mod test { #[test] fn test_montgomery_addition() { let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let p1 = loop { - let x: Fr = rng.gen(); - let s: bool = rng.gen(); + let x = Fr::random(rng); + let s: bool = rng.next_u32() % 2 != 0; if let Some(p) = montgomery::Point::::get_for_x(x, s, params) { break p; @@ -1147,8 +1173,8 @@ mod test { }; let p2 = loop { - let x: Fr = rng.gen(); - let s: bool = rng.gen(); + let x = Fr::random(rng); + let s: bool = rng.next_u32() % 2 != 0; if let Some(p) = montgomery::Point::::get_for_x(x, s, params) { break p; @@ -1194,17 +1220,17 @@ mod test { assert!(p3.x.get_value().unwrap() == x2); assert!(p3.y.get_value().unwrap() == y2); - cs.set("addition/yprime/num", rng.gen()); + cs.set("addition/yprime/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate yprime")); cs.set("addition/yprime/num", y2); assert!(cs.is_satisfied()); - cs.set("addition/xprime/num", rng.gen()); + cs.set("addition/xprime/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate xprime")); cs.set("addition/xprime/num", x2); assert!(cs.is_satisfied()); - cs.set("addition/lambda/num", rng.gen()); + cs.set("addition/lambda/num", Fr::random(rng)); assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate lambda")); } } diff --git a/sapling-crypto/src/circuit/lookup.rs b/sapling-crypto/src/circuit/lookup.rs index 272f5f6569..d57f17ce8e 100644 --- a/sapling-crypto/src/circuit/lookup.rs +++ b/sapling-crypto/src/circuit/lookup.rs @@ -196,37 +196,41 @@ pub fn lookup3_xy_with_conditional_negation( #[cfg(test)] mod test { - use rand::{SeedableRng, Rand, Rng, XorShiftRng}; use super::*; use ::circuit::test::*; use ::circuit::boolean::{Boolean, AllocatedBit}; use pairing::bls12_381::{Bls12, Fr}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; #[test] fn test_lookup3_xy() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0656]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let mut cs = TestConstraintSystem::::new(); - let a_val = rng.gen(); + let a_val = rng.next_u32() % 2 != 0; let a = Boolean::from( AllocatedBit::alloc(cs.namespace(|| "a"), Some(a_val)).unwrap() ); - let b_val = rng.gen(); + let b_val = rng.next_u32() % 2 != 0; let b = Boolean::from( AllocatedBit::alloc(cs.namespace(|| "b"), Some(b_val)).unwrap() ); - let c_val = rng.gen(); + let c_val = rng.next_u32() % 2 != 0; let c = Boolean::from( AllocatedBit::alloc(cs.namespace(|| "c"), Some(c_val)).unwrap() ); let bits = vec![a, b, c]; - let points: Vec<(Fr, Fr)> = (0..8).map(|_| (rng.gen(), rng.gen())).collect(); + let points: Vec<(Fr, Fr)> = (0..8).map(|_| (Fr::random(&mut rng), Fr::random(&mut rng))).collect(); let res = lookup3_xy(&mut cs, &bits, &points).unwrap(); @@ -244,29 +248,32 @@ mod test { #[test] fn test_lookup3_xy_with_conditional_negation() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let mut cs = TestConstraintSystem::::new(); - let a_val = rng.gen(); + let a_val = rng.next_u32() % 2 != 0; let a = Boolean::from( AllocatedBit::alloc(cs.namespace(|| "a"), Some(a_val)).unwrap() ); - let b_val = rng.gen(); + let b_val = rng.next_u32() % 2 != 0; let b = Boolean::from( AllocatedBit::alloc(cs.namespace(|| "b"), Some(b_val)).unwrap() ); - let c_val = rng.gen(); + let c_val = rng.next_u32() % 2 != 0; let c = Boolean::from( AllocatedBit::alloc(cs.namespace(|| "c"), Some(c_val)).unwrap() ); let bits = vec![a, b, c]; - let points: Vec<(Fr, Fr)> = (0..4).map(|_| (rng.gen(), rng.gen())).collect(); + let points: Vec<(Fr, Fr)> = (0..4).map(|_| (Fr::random(&mut rng), Fr::random(&mut rng))).collect(); let res = lookup3_xy_with_conditional_negation(&mut cs, &bits, &points).unwrap(); @@ -285,12 +292,15 @@ mod test { #[test] fn test_synth() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let window_size = 4; let mut assignment = vec![Fr::zero(); 1 << window_size]; - let constants: Vec<_> = (0..(1 << window_size)).map(|_| Fr::rand(&mut rng)).collect(); + let constants: Vec<_> = (0..(1 << window_size)).map(|_| Fr::random(&mut rng)).collect(); synth::(window_size, &constants, &mut assignment); diff --git a/sapling-crypto/src/circuit/multipack.rs b/sapling-crypto/src/circuit/multipack.rs index bf1b04653e..fdecd345c5 100644 --- a/sapling-crypto/src/circuit/multipack.rs +++ b/sapling-crypto/src/circuit/multipack.rs @@ -80,18 +80,23 @@ pub fn compute_multipacking( #[test] fn test_multipacking() { - use rand::{SeedableRng, Rng, XorShiftRng}; use bellman::{ConstraintSystem}; use pairing::bls12_381::{Bls12}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; + use ::circuit::test::*; use super::boolean::{AllocatedBit, Boolean}; - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for num_bits in 0..1500 { let mut cs = TestConstraintSystem::::new(); - let bits: Vec = (0..num_bits).map(|_| rng.gen()).collect(); + let bits: Vec = (0..num_bits).map(|_| rng.next_u32() % 2 != 0).collect(); let circuit_bits = bits.iter().enumerate() .map(|(i, &b)| { diff --git a/sapling-crypto/src/circuit/num.rs b/sapling-crypto/src/circuit/num.rs index 919d9217e3..1cdfe225e7 100644 --- a/sapling-crypto/src/circuit/num.rs +++ b/sapling-crypto/src/circuit/num.rs @@ -455,10 +455,12 @@ impl Num { #[cfg(test)] mod test { - use rand::{SeedableRng, Rand, Rng, XorShiftRng}; use bellman::{ConstraintSystem}; use ff::{BitIterator, Field, PrimeField}; use pairing::bls12_381::{Bls12, Fr}; + use rand_core::SeedableRng; + use rand_xorshift::XorShiftRng; + use ::circuit::test::*; use super::{AllocatedNum, Boolean}; @@ -502,12 +504,15 @@ mod test { #[test] fn test_num_conditional_reversal() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); { let mut cs = TestConstraintSystem::::new(); - let a = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(rng.gen())).unwrap(); - let b = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(rng.gen())).unwrap(); + let a = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(Fr::random(&mut rng))).unwrap(); + let b = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(Fr::random(&mut rng))).unwrap(); let condition = Boolean::constant(false); let (c, d) = AllocatedNum::conditionally_reverse(&mut cs, &a, &b, &condition).unwrap(); @@ -520,8 +525,8 @@ mod test { { let mut cs = TestConstraintSystem::::new(); - let a = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(rng.gen())).unwrap(); - let b = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(rng.gen())).unwrap(); + let a = AllocatedNum::alloc(cs.namespace(|| "a"), || Ok(Fr::random(&mut rng))).unwrap(); + let b = AllocatedNum::alloc(cs.namespace(|| "b"), || Ok(Fr::random(&mut rng))).unwrap(); let condition = Boolean::constant(true); let (c, d) = AllocatedNum::conditionally_reverse(&mut cs, &a, &b, &condition).unwrap(); @@ -573,10 +578,13 @@ mod test { #[test] fn test_into_bits() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for i in 0..200 { - let r = Fr::rand(&mut rng); + let r = Fr::random(&mut rng); let mut cs = TestConstraintSystem::::new(); let n = AllocatedNum::alloc(&mut cs, || Ok(r)).unwrap(); @@ -597,7 +605,7 @@ mod test { } } - cs.set("num", Fr::rand(&mut rng)); + cs.set("num", Fr::random(&mut rng)); assert!(!cs.is_satisfied()); cs.set("num", r); assert!(cs.is_satisfied()); diff --git a/sapling-crypto/src/circuit/pedersen_hash.rs b/sapling-crypto/src/circuit/pedersen_hash.rs index 297a0e0dd3..dd000d3b5a 100644 --- a/sapling-crypto/src/circuit/pedersen_hash.rs +++ b/sapling-crypto/src/circuit/pedersen_hash.rs @@ -112,20 +112,24 @@ pub fn pedersen_hash( #[cfg(test)] mod test { - use rand::{SeedableRng, Rng, XorShiftRng}; use super::*; use ::circuit::test::*; use ::circuit::boolean::{Boolean, AllocatedBit}; use ff::PrimeField; use pairing::bls12_381::{Bls12, Fr}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; #[test] fn test_pedersen_hash_constraints() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let params = &JubjubBls12::new(); let mut cs = TestConstraintSystem::::new(); - let input: Vec = (0..(Fr::NUM_BITS * 2)).map(|_| rng.gen()).collect(); + let input: Vec = (0..(Fr::NUM_BITS * 2)).map(|_| rng.next_u32() % 2 != 0).collect(); let input_bools: Vec = input.iter().enumerate().map(|(i, b)| { Boolean::from( @@ -146,12 +150,15 @@ mod test { #[test] fn test_pedersen_hash() { - let mut rng = XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let params = &JubjubBls12::new(); for length in 0..751 { for _ in 0..5 { - let mut input: Vec = (0..length).map(|_| rng.gen()).collect(); + let mut input: Vec = (0..length).map(|_| rng.next_u32() % 2 != 0).collect(); let mut cs = TestConstraintSystem::::new(); diff --git a/sapling-crypto/src/circuit/sapling/mod.rs b/sapling-crypto/src/circuit/sapling/mod.rs index e84b94adbb..469ab2edad 100644 --- a/sapling-crypto/src/circuit/sapling/mod.rs +++ b/sapling-crypto/src/circuit/sapling/mod.rs @@ -600,22 +600,27 @@ impl<'a, E: JubjubEngine> Circuit for Output<'a, E> { fn test_input_circuit_with_bls12_381() { use ff::{BitIterator, Field}; use pairing::bls12_381::*; - use rand::{SeedableRng, Rng, XorShiftRng}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; + use ::circuit::test::*; use jubjub::{JubjubBls12, fs, edwards}; let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let tree_depth = 32; for _ in 0..10 { let value_commitment = ValueCommitment { - value: rng.gen(), - randomness: rng.gen() + value: rng.next_u64(), + randomness: fs::Fs::random(rng), }; - let nsk: fs::Fs = rng.gen(); + let nsk = fs::Fs::random(rng); let ak = edwards::Point::rand(rng, params).mul_by_cofactor(params); let proof_generation_key = ::primitives::ProofGenerationKey { @@ -628,7 +633,11 @@ fn test_input_circuit_with_bls12_381() { let payment_address; loop { - let diversifier = ::primitives::Diversifier(rng.gen()); + let diversifier = { + let mut d = [0; 11]; + rng.fill_bytes(&mut d); + ::primitives::Diversifier(d) + }; if let Some(p) = viewing_key.into_payment_address( diversifier, @@ -641,9 +650,9 @@ fn test_input_circuit_with_bls12_381() { } let g_d = payment_address.diversifier.g_d(params).unwrap(); - let commitment_randomness: fs::Fs = rng.gen(); - let auth_path = vec![Some((rng.gen(), rng.gen())); tree_depth]; - let ar: fs::Fs = rng.gen(); + let commitment_randomness = fs::Fs::random(rng); + let auth_path = vec![Some((Fr::random(rng), rng.next_u32() % 2 != 0)); tree_depth]; + let ar = fs::Fs::random(rng); { let rk = viewing_key.rk(ar, params).into_xy(); @@ -732,20 +741,24 @@ fn test_input_circuit_with_bls12_381() { fn test_output_circuit_with_bls12_381() { use ff::Field; use pairing::bls12_381::*; - use rand::{SeedableRng, Rng, XorShiftRng}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; use ::circuit::test::*; use jubjub::{JubjubBls12, fs, edwards}; let params = &JubjubBls12::new(); - let rng = &mut XorShiftRng::from_seed([0x3dbe6258, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { let value_commitment = ValueCommitment { - value: rng.gen(), - randomness: rng.gen() + value: rng.next_u64(), + randomness: fs::Fs::random(rng), }; - let nsk: fs::Fs = rng.gen(); + let nsk = fs::Fs::random(rng); let ak = edwards::Point::rand(rng, params).mul_by_cofactor(params); let proof_generation_key = ::primitives::ProofGenerationKey { @@ -758,7 +771,11 @@ fn test_output_circuit_with_bls12_381() { let payment_address; loop { - let diversifier = ::primitives::Diversifier(rng.gen()); + let diversifier = { + let mut d = [0; 11]; + rng.fill_bytes(&mut d); + ::primitives::Diversifier(d) + }; if let Some(p) = viewing_key.into_payment_address( diversifier, @@ -770,8 +787,8 @@ fn test_output_circuit_with_bls12_381() { } } - let commitment_randomness: fs::Fs = rng.gen(); - let esk: fs::Fs = rng.gen(); + let commitment_randomness = fs::Fs::random(rng); + let esk = fs::Fs::random(rng); { let mut cs = TestConstraintSystem::::new(); diff --git a/sapling-crypto/src/circuit/sha256.rs b/sapling-crypto/src/circuit/sha256.rs index 7b55fc89bf..3b32282e9d 100644 --- a/sapling-crypto/src/circuit/sha256.rs +++ b/sapling-crypto/src/circuit/sha256.rs @@ -308,7 +308,8 @@ mod test { use circuit::boolean::AllocatedBit; use pairing::bls12_381::Bls12; use circuit::test::TestConstraintSystem; - use rand::{XorShiftRng, SeedableRng, Rng}; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; #[test] fn test_blank_hash() { @@ -341,7 +342,10 @@ mod test { #[test] fn test_full_block() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let iv = get_sha256_iv(); @@ -350,7 +354,7 @@ mod test { Boolean::from( AllocatedBit::alloc( cs.namespace(|| format!("input bit {}", i)), - Some(rng.gen()) + Some(rng.next_u32() % 2 != 0) ).unwrap() ) }).collect(); @@ -367,18 +371,19 @@ mod test { #[test] fn test_against_vectors() { - use crypto::sha2::Sha256; - use crypto::digest::Digest; + use sha2::{Digest, Sha256}; - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for input_len in (0..32).chain((32..256).filter(|a| a % 8 == 0)) { let mut h = Sha256::new(); - let data: Vec = (0..input_len).map(|_| rng.gen()).collect(); + let data: Vec = (0..input_len).map(|_| rng.next_u32() as u8).collect(); h.input(&data); - let mut hash_result = [0u8; 32]; - h.result(&mut hash_result[..]); + let hash_result = h.result(); let mut cs = TestConstraintSystem::::new(); let mut input_bits = vec![]; diff --git a/sapling-crypto/src/circuit/uint32.rs b/sapling-crypto/src/circuit/uint32.rs index 6dd4535035..939b544bdd 100644 --- a/sapling-crypto/src/circuit/uint32.rs +++ b/sapling-crypto/src/circuit/uint32.rs @@ -409,7 +409,6 @@ impl UInt32 { #[cfg(test)] mod test { - use rand::{XorShiftRng, SeedableRng, Rng}; use ::circuit::boolean::{Boolean}; use super::{UInt32}; use ff::Field; @@ -417,13 +416,18 @@ mod test { use ::circuit::test::*; use bellman::{ConstraintSystem}; use circuit::multieq::MultiEq; + use rand_core::{RngCore, SeedableRng}; + use rand_xorshift::XorShiftRng; #[test] fn test_uint32_from_bits_be() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let mut v = (0..32).map(|_| Boolean::constant(rng.gen())).collect::>(); + let mut v = (0..32).map(|_| Boolean::constant(rng.next_u32() % 2 != 0)).collect::>(); let b = UInt32::from_bits_be(&v); @@ -451,10 +455,13 @@ mod test { #[test] fn test_uint32_from_bits() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let mut v = (0..32).map(|_| Boolean::constant(rng.gen())).collect::>(); + let mut v = (0..32).map(|_| Boolean::constant(rng.next_u32() % 2 != 0)).collect::>(); let b = UInt32::from_bits(&v); @@ -482,14 +489,17 @@ mod test { #[test] fn test_uint32_xor() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let mut cs = TestConstraintSystem::::new(); - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); + let a = rng.next_u32(); + let b = rng.next_u32(); + let c = rng.next_u32(); let mut expected = a ^ b ^ c; @@ -524,14 +534,17 @@ mod test { #[test] fn test_uint32_addmany_constants() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let mut cs = TestConstraintSystem::::new(); - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); + let a = rng.next_u32(); + let b = rng.next_u32(); + let c = rng.next_u32(); let a_bit = UInt32::constant(a); let b_bit = UInt32::constant(b); @@ -563,15 +576,18 @@ mod test { #[test] fn test_uint32_addmany() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let mut cs = TestConstraintSystem::::new(); - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); - let d: u32 = rng.gen(); + let a = rng.next_u32(); + let b = rng.next_u32(); + let c = rng.next_u32(); + let d = rng.next_u32(); let mut expected = (a ^ b).wrapping_add(c).wrapping_add(d); @@ -620,9 +636,12 @@ mod test { #[test] fn test_uint32_rotr() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); - let mut num = rng.gen(); + let mut num = rng.next_u32(); let a = UInt32::constant(num); @@ -650,11 +669,14 @@ mod test { #[test] fn test_uint32_shr() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..50 { for i in 0..60 { - let num = rng.gen(); + let num = rng.next_u32(); let a = UInt32::constant(num).shr(i); let b = UInt32::constant(num.wrapping_shr(i as u32)); @@ -670,14 +692,17 @@ mod test { #[test] fn test_uint32_sha256_maj() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let mut cs = TestConstraintSystem::::new(); - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); + let a = rng.next_u32(); + let b = rng.next_u32(); + let c = rng.next_u32(); let mut expected = (a & b) ^ (a & c) ^ (b & c); @@ -711,14 +736,17 @@ mod test { #[test] fn test_uint32_sha256_ch() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0653]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let mut cs = TestConstraintSystem::::new(); - let a: u32 = rng.gen(); - let b: u32 = rng.gen(); - let c: u32 = rng.gen(); + let a = rng.next_u32(); + let b = rng.next_u32(); + let c = rng.next_u32(); let mut expected = (a & b) ^ ((!a) & c); diff --git a/sapling-crypto/src/jubjub/edwards.rs b/sapling-crypto/src/jubjub/edwards.rs index 16d21e7ce3..e912aca230 100644 --- a/sapling-crypto/src/jubjub/edwards.rs +++ b/sapling-crypto/src/jubjub/edwards.rs @@ -8,9 +8,7 @@ use super::{ montgomery }; -use rand::{ - Rng -}; +use rand_core::RngCore; use std::marker::PhantomData; @@ -185,12 +183,13 @@ impl Point { convert_subgroup(&tmp) } - pub fn rand(rng: &mut R, params: &E::Params) -> Self + pub fn rand(rng: &mut R, params: &E::Params) -> Self { loop { - let y: E::Fr = rng.gen(); + let y = E::Fr::random(rng); + let sign = rng.next_u32() % 2 != 0; - if let Some(p) = Self::get_for_y(y, rng.gen(), params) { + if let Some(p) = Self::get_for_y(y, sign, params) { return p; } } diff --git a/sapling-crypto/src/jubjub/fs.rs b/sapling-crypto/src/jubjub/fs.rs index 6a5157382b..baa16ef138 100644 --- a/sapling-crypto/src/jubjub/fs.rs +++ b/sapling-crypto/src/jubjub/fs.rs @@ -4,6 +4,7 @@ use ff::{ LegendreSymbol::{self, *}, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr, SqrtField, }; +use rand_core::RngCore; use super::ToUniform; @@ -42,13 +43,6 @@ const NEGATIVE_ONE: Fs = Fs(FsRepr([0xaa9f02ab1d6124de, 0xb3524a6466112932, 0x73 #[derive(Copy, Clone, PartialEq, Eq, Default, Debug)] pub struct FsRepr(pub [u64; 4]); -impl ::rand::Rand for FsRepr { - #[inline(always)] - fn rand(rng: &mut R) -> Self { - FsRepr(rng.gen()) - } -} - impl ::std::fmt::Display for FsRepr { fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result { @@ -240,21 +234,6 @@ impl ::std::fmt::Display for Fs } } -impl ::rand::Rand for Fs { - fn rand(rng: &mut R) -> Self { - loop { - let mut tmp = Fs(FsRepr::rand(rng)); - - // Mask away the unused bits at the beginning. - tmp.0.as_mut()[3] &= 0xffffffffffffffff >> REPR_SHAVE_BITS; - - if tmp.is_valid() { - return tmp - } - } - } -} - impl From for FsRepr { fn from(e: Fs) -> FsRepr { e.into_repr() @@ -303,6 +282,25 @@ impl PrimeField for Fs { } impl Field for Fs { + fn random(rng: &mut R) -> Self { + loop { + let mut tmp = { + let mut repr = [0u64; 4]; + for i in 0..4 { + repr[i] = rng.next_u64(); + } + Fs(FsRepr(repr)) + }; + + // Mask away the unused most-significant bits. + tmp.0.as_mut()[3] &= 0xffffffffffffffff >> REPR_SHAVE_BITS; + + if tmp.is_valid() { + return tmp + } + } + } + #[inline] fn zero() -> Self { Fs(FsRepr::from(0)) @@ -622,7 +620,9 @@ fn test_neg_one() { } #[cfg(test)] -use rand::{SeedableRng, XorShiftRng, Rand}; +use rand_core::SeedableRng; +#[cfg(test)] +use rand_xorshift::XorShiftRng; #[test] fn test_fs_repr_ordering() { @@ -760,14 +760,17 @@ fn test_fs_repr_num_bits() { #[test] fn test_fs_repr_sub_noborrow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FsRepr([0x8e62a7e85264e2c3, 0xb23d34c1941d3ca, 0x5976930b7502dd15, 0x600f3fb517bf5495]); t.sub_noborrow(&FsRepr([0xd64f669809cbc6a4, 0xfa76cb9d90cf7637, 0xfefb0df9038d43b3, 0x298a30c744b31acf])); assert!(t == FsRepr([0xb813415048991c1f, 0x10ad07ae88725d92, 0x5a7b851271759961, 0x36850eedd30c39c5])); for _ in 0..1000 { - let mut a = FsRepr::rand(&mut rng); + let mut a = Fs::random(&mut rng).into_repr(); a.0[3] >>= 30; let mut b = a; for _ in 0..10 { @@ -806,7 +809,10 @@ fn test_fs_legendre() { #[test] fn test_fr_repr_add_nocarry() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let mut t = FsRepr([0xd64f669809cbc6a4, 0xfa76cb9d90cf7637, 0xfefb0df9038d43b3, 0x298a30c744b31acf]); t.add_nocarry(&FsRepr([0x8e62a7e85264e2c3, 0xb23d34c1941d3ca, 0x5976930b7502dd15, 0x600f3fb517bf5495])); @@ -814,9 +820,9 @@ fn test_fr_repr_add_nocarry() { // Test for the associativity of addition. for _ in 0..1000 { - let mut a = FsRepr::rand(&mut rng); - let mut b = FsRepr::rand(&mut rng); - let mut c = FsRepr::rand(&mut rng); + let mut a = Fs::random(&mut rng).into_repr(); + let mut b = Fs::random(&mut rng).into_repr(); + let mut c = Fs::random(&mut rng).into_repr(); // Unset the first few bits, so that overflow won't occur. a.0[3] >>= 3; @@ -865,10 +871,13 @@ fn test_fs_is_valid() { assert!(Fs(FsRepr([0xd0970e5ed6f72cb6, 0xa6682093ccc81082, 0x6673b0101343b00, 0xe7db4ea6533afa9])).is_valid()); assert!(!Fs(FsRepr([0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])).is_valid()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); assert!(a.is_valid()); } } @@ -903,13 +912,16 @@ fn test_fs_add_assign() { // Test associativity - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Generate a, b, c and ensure (a + b) + c == a + (b + c). - let a = Fs::rand(&mut rng); - let b = Fs::rand(&mut rng); - let c = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); + let b = Fs::random(&mut rng); + let c = Fs::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -948,12 +960,15 @@ fn test_fs_sub_assign() { assert_eq!(tmp, Fs(FsRepr([0x361e16aef5cce835, 0x55bbde2536e274c1, 0x4dc77a63fd15ee75, 0x1e14bb37c14f230]))); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure that (a - b) + (b - a) = 0. - let a = Fs::rand(&mut rng); - let b = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); + let b = Fs::random(&mut rng); let mut tmp1 = a; tmp1.sub_assign(&b); @@ -972,13 +987,16 @@ fn test_fs_mul_assign() { tmp.mul_assign(&Fs(FsRepr([0xdae00fc63c9fa90f, 0x5a5ed89b96ce21ce, 0x913cd26101bd6f58, 0x3f0822831697fe9]))); assert!(tmp == Fs(FsRepr([0xb68ecb61d54d2992, 0x5ff95874defce6a6, 0x3590eb053894657d, 0x53823a118515933]))); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * b) * c = a * (b * c) - let a = Fs::rand(&mut rng); - let b = Fs::rand(&mut rng); - let c = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); + let b = Fs::random(&mut rng); + let c = Fs::random(&mut rng); let mut tmp1 = a; tmp1.mul_assign(&b); @@ -994,10 +1012,10 @@ fn test_fs_mul_assign() { for _ in 0..1000000 { // Ensure that r * (a + b + c) = r*a + r*b + r*c - let r = Fs::rand(&mut rng); - let mut a = Fs::rand(&mut rng); - let mut b = Fs::rand(&mut rng); - let mut c = Fs::rand(&mut rng); + let r = Fs::random(&mut rng); + let mut a = Fs::random(&mut rng); + let mut b = Fs::random(&mut rng); + let mut c = Fs::random(&mut rng); let mut tmp1 = a; tmp1.add_assign(&b); @@ -1022,11 +1040,14 @@ fn test_fr_squaring() { a.square(); assert_eq!(a, Fs::from_repr(FsRepr([0x12c7f55cbc52fbaa, 0xdedc98a0b5e6ce9e, 0xad2892726a5396a, 0x9fe82af8fee77b3])).unwrap()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000000 { // Ensure that (a * a) = a^2 - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); let mut tmp = a; tmp.square(); @@ -1042,13 +1063,16 @@ fn test_fr_squaring() { fn test_fs_inverse() { assert!(Fs::zero().inverse().is_none()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let one = Fs::one(); for _ in 0..1000 { // Ensure that a * a^-1 = 1 - let mut a = Fs::rand(&mut rng); + let mut a = Fs::random(&mut rng); let ainv = a.inverse().unwrap(); a.mul_assign(&ainv); assert_eq!(a, one); @@ -1057,11 +1081,14 @@ fn test_fs_inverse() { #[test] fn test_fs_double() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure doubling a is equivalent to adding a to itself. - let mut a = Fs::rand(&mut rng); + let mut a = Fs::random(&mut rng); let mut b = a; b.add_assign(&a); a.double(); @@ -1078,11 +1105,14 @@ fn test_fs_negate() { assert!(a.is_zero()); } - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Ensure (a - (-a)) = 0. - let mut a = Fs::rand(&mut rng); + let mut a = Fs::random(&mut rng); let mut b = a; b.negate(); a.add_assign(&b); @@ -1093,12 +1123,15 @@ fn test_fs_negate() { #[test] fn test_fs_pow() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for i in 0..1000 { // Exponentiate by various small numbers and ensure it consists with repeated // multiplication. - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); let target = a.pow(&[i]); let mut c = Fs::one(); for _ in 0..i { @@ -1109,7 +1142,7 @@ fn test_fs_pow() { for _ in 0..1000 { // Exponentiating by the modulus should have no effect in a prime field. - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); assert_eq!(a, a.pow(Fs::char())); } @@ -1117,13 +1150,16 @@ fn test_fs_pow() { #[test] fn test_fs_sqrt() { - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); assert_eq!(Fs::zero().sqrt().unwrap(), Fs::zero()); for _ in 0..1000 { // Ensure sqrt(a^2) = a or -a - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); let mut nega = a; nega.negate(); let mut b = a; @@ -1136,7 +1172,7 @@ fn test_fs_sqrt() { for _ in 0..1000 { // Ensure sqrt(a)^2 = a for random a - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); if let Some(mut tmp) = a.sqrt() { tmp.square(); @@ -1166,11 +1202,14 @@ fn test_fs_from_into_repr() { // Zero should be in the field. assert!(Fs::from_repr(FsRepr::from(0)).unwrap().is_zero()); - let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let mut rng = XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { // Try to turn Fs elements into representations and back again, and compare. - let a = Fs::rand(&mut rng); + let a = Fs::random(&mut rng); let a_repr = a.into_repr(); let b_repr = FsRepr::from(a); assert_eq!(a_repr, b_repr); diff --git a/sapling-crypto/src/jubjub/montgomery.rs b/sapling-crypto/src/jubjub/montgomery.rs index 76203ebc7f..9bd602337d 100644 --- a/sapling-crypto/src/jubjub/montgomery.rs +++ b/sapling-crypto/src/jubjub/montgomery.rs @@ -8,9 +8,7 @@ use super::{ edwards }; -use rand::{ - Rng -}; +use rand_core::RngCore; use std::marker::PhantomData; @@ -101,12 +99,13 @@ impl Point { convert_subgroup(&tmp) } - pub fn rand(rng: &mut R, params: &E::Params) -> Self + pub fn rand(rng: &mut R, params: &E::Params) -> Self { loop { - let x: E::Fr = rng.gen(); + let x = E::Fr::random(rng); + let sign = rng.next_u32() % 2 != 0; - match Self::get_for_x(x, rng.gen(), params) { + match Self::get_for_x(x, sign, params) { Some(p) => { return p }, diff --git a/sapling-crypto/src/jubjub/tests.rs b/sapling-crypto/src/jubjub/tests.rs index eb7e36b78c..e15b81e1ea 100644 --- a/sapling-crypto/src/jubjub/tests.rs +++ b/sapling-crypto/src/jubjub/tests.rs @@ -14,7 +14,8 @@ use ff::{ LegendreSymbol }; -use rand::{XorShiftRng, SeedableRng, Rand}; +use rand_core::{RngCore, SeedableRng}; +use rand_xorshift::XorShiftRng; pub fn test_suite(params: &E::Params) { test_back_and_forth::(params); @@ -78,7 +79,10 @@ fn is_on_twisted_edwards_curve>( } fn test_loworder(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let inf = montgomery::Point::zero(); // try to find a point of order 8 @@ -109,15 +113,18 @@ fn test_loworder(params: &E::Params) { fn test_mul_associativity(params: &E::Params) { use self::edwards::Point; - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..100 { // Pick a random point and multiply it by the cofactor let base = Point::::rand(rng, params).mul_by_cofactor(params); - let mut a = E::Fs::rand(rng); - let b = E::Fs::rand(rng); - let c = E::Fs::rand(rng); + let mut a = E::Fs::random(rng); + let b = E::Fs::random(rng); + let c = E::Fs::random(rng); let res1 = base.mul(a, params).mul(b, params).mul(c, params); let res2 = base.mul(b, params).mul(c, params).mul(a, params); @@ -143,7 +150,10 @@ fn test_mul_associativity(params: &E::Params) { fn test_order(params: &E::Params) { use self::edwards::Point; - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); // The neutral element is in the prime order subgroup. assert!(Point::::zero().as_prime_order(params).is_some()); @@ -170,7 +180,10 @@ fn test_order(params: &E::Params) { } fn test_addition_associativity(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { use self::montgomery::Point; @@ -194,7 +207,10 @@ fn test_addition_associativity(params: &E::Params) { } fn test_identities(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); { use self::edwards::Point; @@ -228,11 +244,14 @@ fn test_identities(params: &E::Params) { } fn test_get_for(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let y = E::Fr::rand(rng); - let sign = bool::rand(rng); + let y = E::Fr::random(rng); + let sign = rng.next_u32() % 2 == 1; if let Some(mut p) = edwards::Point::::get_for_y(y, sign, params) { assert!(p.into_xy().0.into_repr().is_odd() == sign); @@ -247,7 +266,10 @@ fn test_get_for(params: &E::Params) { } fn test_read_write(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let e = edwards::Point::::rand(rng, params); @@ -262,7 +284,10 @@ fn test_read_write(params: &E::Params) { } fn test_rand(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { let p = montgomery::Point::::rand(rng, params); @@ -281,10 +306,13 @@ fn test_rand(params: &E::Params) { } fn test_back_and_forth(params: &E::Params) { - let rng = &mut XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x5d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); for _ in 0..1000 { - let s = E::Fs::rand(rng); + let s = E::Fs::random(rng); let edwards_p1 = edwards::Point::::rand(rng, params); let mont_p1 = montgomery::Point::from_edwards(&edwards_p1, params); let mont_p2 = montgomery::Point::::rand(rng, params); diff --git a/sapling-crypto/src/lib.rs b/sapling-crypto/src/lib.rs index 0535d9a2b4..14e713df4a 100644 --- a/sapling-crypto/src/lib.rs +++ b/sapling-crypto/src/lib.rs @@ -4,7 +4,7 @@ extern crate blake2b_simd; extern crate blake2s_simd; extern crate digest; extern crate ff; -extern crate rand; +extern crate rand_core; extern crate byteorder; #[cfg(test)] @@ -12,7 +12,10 @@ extern crate byteorder; extern crate hex_literal; #[cfg(test)] -extern crate crypto; +extern crate rand_xorshift; + +#[cfg(test)] +extern crate sha2; pub mod jubjub; pub mod group_hash; diff --git a/sapling-crypto/src/redjubjub.rs b/sapling-crypto/src/redjubjub.rs index 00e2f8f396..cd023478f9 100644 --- a/sapling-crypto/src/redjubjub.rs +++ b/sapling-crypto/src/redjubjub.rs @@ -2,7 +2,7 @@ //! See section 5.4.6 of the Sapling protocol specification. use ff::{Field, PrimeField, PrimeFieldRepr}; -use rand::{Rng, Rand}; +use rand_core::RngCore; use std::io::{self, Read, Write}; use jubjub::{FixedGenerators, JubjubEngine, JubjubParams, Unknown, edwards::Point}; @@ -71,7 +71,7 @@ impl PrivateKey { write_scalar::(&self.0, writer) } - pub fn sign( + pub fn sign( &self, msg: &[u8], rng: &mut R, @@ -163,7 +163,7 @@ pub struct BatchEntry<'a, E: JubjubEngine> { // TODO: #82: This is a naive implementation currently, // and doesn't use multiexp. -pub fn batch_verify<'a, E: JubjubEngine, R: Rng>( +pub fn batch_verify<'a, E: JubjubEngine, R: RngCore>( rng: &mut R, batch: &[BatchEntry<'a, E>], p_g: FixedGenerators, @@ -184,7 +184,7 @@ pub fn batch_verify<'a, E: JubjubEngine, R: Rng>( let mut c = h_star::(&entry.sig.rbar[..], entry.msg); - let z = E::Fs::rand(rng); + let z = E::Fs::random(rng); s.mul_assign(&z); s.negate(); @@ -206,7 +206,8 @@ pub fn batch_verify<'a, E: JubjubEngine, R: Rng>( #[cfg(test)] mod tests { use pairing::bls12_381::Bls12; - use rand::thread_rng; + use rand_core::SeedableRng; + use rand_xorshift::XorShiftRng; use jubjub::{JubjubBls12, fs::Fs, edwards}; @@ -214,17 +215,20 @@ mod tests { #[test] fn test_batch_verify() { - let rng = &mut thread_rng(); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let params = &JubjubBls12::new(); let p_g = FixedGenerators::SpendingKeyGenerator; - let sk1 = PrivateKey::(rng.gen()); + let sk1 = PrivateKey::(Fs::random(rng)); let vk1 = PublicKey::from_private(&sk1, p_g, params); let msg1 = b"Foo bar"; let sig1 = sk1.sign(msg1, rng, p_g, params); assert!(vk1.verify(msg1, &sig1, p_g, params)); - let sk2 = PrivateKey::(rng.gen()); + let sk2 = PrivateKey::(Fs::random(rng)); let vk2 = PublicKey::from_private(&sk2, p_g, params); let msg2 = b"Foo bar"; let sig2 = sk2.sign(msg2, rng, p_g, params); @@ -244,7 +248,10 @@ mod tests { #[test] fn cofactor_check() { - let rng = &mut thread_rng(); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let params = &JubjubBls12::new(); let zero = edwards::Point::zero(); let p_g = FixedGenerators::SpendingKeyGenerator; @@ -262,7 +269,7 @@ mod tests { } }; - let sk = PrivateKey::(rng.gen()); + let sk = PrivateKey::(Fs::random(rng)); let vk = PublicKey::from_private(&sk, p_g, params); // TODO: This test will need to change when #77 is fixed @@ -276,12 +283,15 @@ mod tests { #[test] fn round_trip_serialization() { - let rng = &mut thread_rng(); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let p_g = FixedGenerators::SpendingKeyGenerator; let params = &JubjubBls12::new(); for _ in 0..1000 { - let sk = PrivateKey::(rng.gen()); + let sk = PrivateKey::(Fs::random(rng)); let vk = PublicKey::from_private(&sk, p_g, params); let msg = b"Foo bar"; let sig = sk.sign(msg, rng, p_g, params); @@ -309,12 +319,15 @@ mod tests { #[test] fn random_signatures() { - let rng = &mut thread_rng(); + let rng = &mut XorShiftRng::from_seed([ + 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, + 0xe5, + ]); let p_g = FixedGenerators::SpendingKeyGenerator; let params = &JubjubBls12::new(); for _ in 0..1000 { - let sk = PrivateKey::(rng.gen()); + let sk = PrivateKey::(Fs::random(rng)); let vk = PublicKey::from_private(&sk, p_g, params); let msg1 = b"Foo bar"; @@ -328,7 +341,7 @@ mod tests { assert!(!vk.verify(msg1, &sig2, p_g, params)); assert!(!vk.verify(msg2, &sig1, p_g, params)); - let alpha = rng.gen(); + let alpha = Fs::random(rng); let rsk = sk.randomize(alpha); let rvk = vk.randomize(alpha, p_g, params); diff --git a/zcash_client_backend/Cargo.toml b/zcash_client_backend/Cargo.toml index bc57fdb560..1d7848e900 100644 --- a/zcash_client_backend/Cargo.toml +++ b/zcash_client_backend/Cargo.toml @@ -13,4 +13,5 @@ sapling-crypto = { path = "../sapling-crypto" } zcash_primitives = { path = "../zcash_primitives" } [dev-dependencies] -rand = "0.4" +rand_core = "0.5" +rand_xorshift = "0.2" diff --git a/zcash_client_backend/src/encoding.rs b/zcash_client_backend/src/encoding.rs index 17ef335266..d8162017b6 100644 --- a/zcash_client_backend/src/encoding.rs +++ b/zcash_client_backend/src/encoding.rs @@ -101,7 +101,8 @@ pub fn decode_extended_full_viewing_key( /// /// ``` /// use pairing::bls12_381::Bls12; -/// use rand::{SeedableRng, XorShiftRng}; +/// use rand_core::SeedableRng; +/// use rand_xorshift::XorShiftRng; /// use sapling_crypto::{ /// jubjub::edwards, /// primitives::{Diversifier, PaymentAddress}, @@ -112,7 +113,10 @@ pub fn decode_extended_full_viewing_key( /// }; /// use zcash_primitives::JUBJUB; /// -/// let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +/// let rng = &mut XorShiftRng::from_seed([ +/// 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, +/// 0xbc, 0xe5, +/// ]); /// /// let pa = PaymentAddress { /// diversifier: Diversifier([0u8; 11]), @@ -121,7 +125,7 @@ pub fn decode_extended_full_viewing_key( /// /// assert_eq!( /// encode_payment_address(HRP_SAPLING_PAYMENT_ADDRESS, &pa), -/// "ztestsapling1qqqqqqqqqqqqqqqqqqxrrfaccydp867g6zg7ne5ht37z38jtfyw0ygmp0ja6hhf07twjq6awtaj", +/// "ztestsapling1qqqqqqqqqqqqqqqqqrjq05nyfku05msvu49mawhg6kr0wwljahypwyk2h88z6975u563j0ym7pe", /// ); /// ``` pub fn encode_payment_address(hrp: &str, addr: &PaymentAddress) -> String { @@ -137,7 +141,8 @@ pub fn encode_payment_address(hrp: &str, addr: &PaymentAddress) -> String /// /// ``` /// use pairing::bls12_381::Bls12; -/// use rand::{SeedableRng, XorShiftRng}; +/// use rand_core::SeedableRng; +/// use rand_xorshift::XorShiftRng; /// use sapling_crypto::{ /// jubjub::edwards, /// primitives::{Diversifier, PaymentAddress}, @@ -148,7 +153,10 @@ pub fn encode_payment_address(hrp: &str, addr: &PaymentAddress) -> String /// }; /// use zcash_primitives::JUBJUB; /// -/// let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); +/// let rng = &mut XorShiftRng::from_seed([ +/// 0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, +/// 0xbc, 0xe5, +/// ]); /// /// let pa = PaymentAddress { /// diversifier: Diversifier([0u8; 11]), @@ -158,7 +166,7 @@ pub fn encode_payment_address(hrp: &str, addr: &PaymentAddress) -> String /// assert_eq!( /// decode_payment_address( /// HRP_SAPLING_PAYMENT_ADDRESS, -/// "ztestsapling1qqqqqqqqqqqqqqqqqqxrrfaccydp867g6zg7ne5ht37z38jtfyw0ygmp0ja6hhf07twjq6awtaj", +/// "ztestsapling1qqqqqqqqqqqqqqqqqrjq05nyfku05msvu49mawhg6kr0wwljahypwyk2h88z6975u563j0ym7pe", /// ), /// Ok(Some(pa)), /// ); @@ -182,7 +190,8 @@ pub fn decode_payment_address(hrp: &str, s: &str) -> Result CommitmentTree { /// # Examples /// /// ``` +/// extern crate ff; /// extern crate pairing; -/// extern crate rand; +/// extern crate rand_os; /// extern crate zcash_primitives; /// -/// use pairing::bls12_381::FrRepr; -/// use rand::{OsRng, Rand}; +/// use ff::{Field, PrimeField}; +/// use pairing::bls12_381::Fr; +/// use rand_os::OsRng; /// use zcash_primitives::{ /// merkle_tree::{CommitmentTree, IncrementalWitness}, /// sapling::Node, @@ -214,13 +216,13 @@ impl CommitmentTree { /// let mut rng = OsRng::new().unwrap(); /// let mut tree = CommitmentTree::::new(); /// -/// tree.append(Node::new(FrRepr::rand(&mut rng))); -/// tree.append(Node::new(FrRepr::rand(&mut rng))); +/// tree.append(Node::new(Fr::random(&mut rng).into_repr())); +/// tree.append(Node::new(Fr::random(&mut rng).into_repr())); /// let mut witness = IncrementalWitness::from_tree(&tree); /// assert_eq!(witness.position(), 1); /// assert_eq!(tree.root(), witness.root()); /// -/// let cmu = Node::new(FrRepr::rand(&mut rng)); +/// let cmu = Node::new(Fr::random(&mut rng).into_repr()); /// tree.append(cmu); /// witness.append(cmu); /// assert_eq!(tree.root(), witness.root()); diff --git a/zcash_primitives/src/note_encryption.rs b/zcash_primitives/src/note_encryption.rs index 610b746fef..196436171c 100644 --- a/zcash_primitives/src/note_encryption.rs +++ b/zcash_primitives/src/note_encryption.rs @@ -5,7 +5,8 @@ use byteorder::{LittleEndian, ReadBytesExt, WriteBytesExt}; use crypto_api_chachapoly::{ChaCha20Ietf, ChachaPolyIetf}; use ff::{PrimeField, PrimeFieldRepr}; use pairing::bls12_381::{Bls12, Fr}; -use rand::{OsRng, Rng}; +use rand_core::RngCore; +use rand_os::OsRng; use sapling_crypto::{ jubjub::{ edwards, @@ -136,11 +137,9 @@ impl Memo { fn generate_esk() -> Fs { // create random 64 byte buffer - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; let mut buffer = [0u8; 64]; - for i in 0..buffer.len() { - buffer[i] = rng.gen(); - } + rng.fill_bytes(&mut buffer); // reduce to uniform value Fs::to_uniform(&buffer[..]) @@ -211,12 +210,14 @@ fn prf_ock( /// # Examples /// /// ``` +/// extern crate ff; /// extern crate pairing; -/// extern crate rand; +/// extern crate rand_os; /// extern crate sapling_crypto; /// +/// use ff::Field; /// use pairing::bls12_381::Bls12; -/// use rand::{OsRng, Rand}; +/// use rand_os::OsRng; /// use sapling_crypto::{ /// jubjub::fs::Fs, /// primitives::{Diversifier, PaymentAddress, ValueCommitment}, @@ -227,7 +228,7 @@ fn prf_ock( /// JUBJUB, /// }; /// -/// let mut rng = OsRng::new().unwrap(); +/// let mut rng = OsRng; /// /// let diversifier = Diversifier([0; 11]); /// let pk_d = diversifier.g_d::(&JUBJUB).unwrap(); @@ -238,7 +239,7 @@ fn prf_ock( /// let ovk = OutgoingViewingKey([0; 32]); /// /// let value = 1000; -/// let rcv = Fs::rand(&mut rng); +/// let rcv = Fs::random(&mut rng); /// let cv = ValueCommitment:: { /// value, /// randomness: rcv.clone(), @@ -558,9 +559,10 @@ pub fn try_sapling_output_recovery( #[cfg(test)] mod tests { use crypto_api_chachapoly::ChachaPolyIetf; - use ff::{PrimeField, PrimeFieldRepr}; + use ff::{Field, PrimeField, PrimeFieldRepr}; use pairing::bls12_381::{Bls12, Fr, FrRepr}; - use rand::{thread_rng, Rand, Rng}; + use rand_core::RngCore; + use rand_os::OsRng; use sapling_crypto::{ jubjub::{ edwards, @@ -692,8 +694,8 @@ mod tests { assert_eq!(Memo::default().to_utf8(), None); } - fn random_enc_ciphertext( - mut rng: &mut Rng, + fn random_enc_ciphertext( + mut rng: &mut R, ) -> ( OutgoingViewingKey, Fs, @@ -704,7 +706,7 @@ mod tests { [u8; OUT_CIPHERTEXT_SIZE], ) { let diversifier = Diversifier([0; 11]); - let ivk = Fs::rand(&mut rng); + let ivk = Fs::random(&mut rng); let pk_d = diversifier.g_d::(&JUBJUB).unwrap().mul(ivk, &JUBJUB); let pa = PaymentAddress { diversifier, pk_d }; @@ -712,11 +714,13 @@ mod tests { let value = 100; let value_commitment = ValueCommitment:: { value, - randomness: Fs::rand(&mut rng), + randomness: Fs::random(&mut rng), }; let cv = value_commitment.cm(&JUBJUB).into(); - let note = pa.create_note(value, Fs::rand(&mut rng), &JUBJUB).unwrap(); + let note = pa + .create_note(value, Fs::random(&mut rng), &JUBJUB) + .unwrap(); let cmu = note.cm(&JUBJUB); let ovk = OutgoingViewingKey([0; 32]); @@ -844,19 +848,19 @@ mod tests { #[test] fn decryption_with_invalid_ivk() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, _, _, cmu, epk, enc_ciphertext, _) = random_enc_ciphertext(&mut rng); assert_eq!( - try_sapling_note_decryption(&Fs::rand(&mut rng), &epk, &cmu, &enc_ciphertext), + try_sapling_note_decryption(&Fs::random(&mut rng), &epk, &cmu, &enc_ciphertext), None ); } #[test] fn decryption_with_invalid_epk() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, ivk, _, cmu, _, enc_ciphertext, _) = random_enc_ciphertext(&mut rng); @@ -873,19 +877,19 @@ mod tests { #[test] fn decryption_with_invalid_cmu() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, ivk, _, _, epk, enc_ciphertext, _) = random_enc_ciphertext(&mut rng); assert_eq!( - try_sapling_note_decryption(&ivk, &epk, &Fr::rand(&mut rng), &enc_ciphertext), + try_sapling_note_decryption(&ivk, &epk, &Fr::random(&mut rng), &enc_ciphertext), None ); } #[test] fn decryption_with_invalid_tag() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, ivk, _, cmu, epk, mut enc_ciphertext, _) = random_enc_ciphertext(&mut rng); @@ -898,7 +902,7 @@ mod tests { #[test] fn decryption_with_invalid_version_byte() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, ivk, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -920,7 +924,7 @@ mod tests { #[test] fn decryption_with_invalid_diversifier() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, ivk, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -942,7 +946,7 @@ mod tests { #[test] fn decryption_with_incorrect_diversifier() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, ivk, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -964,13 +968,13 @@ mod tests { #[test] fn compact_decryption_with_invalid_ivk() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, _, _, cmu, epk, enc_ciphertext, _) = random_enc_ciphertext(&mut rng); assert_eq!( try_sapling_compact_note_decryption( - &Fs::rand(&mut rng), + &Fs::random(&mut rng), &epk, &cmu, &enc_ciphertext[..COMPACT_NOTE_SIZE] @@ -981,7 +985,7 @@ mod tests { #[test] fn compact_decryption_with_invalid_epk() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, ivk, _, cmu, _, enc_ciphertext, _) = random_enc_ciphertext(&mut rng); @@ -998,7 +1002,7 @@ mod tests { #[test] fn compact_decryption_with_invalid_cmu() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (_, ivk, _, _, epk, enc_ciphertext, _) = random_enc_ciphertext(&mut rng); @@ -1006,7 +1010,7 @@ mod tests { try_sapling_compact_note_decryption( &ivk, &epk, - &Fr::rand(&mut rng), + &Fr::random(&mut rng), &enc_ciphertext[..COMPACT_NOTE_SIZE] ), None @@ -1015,7 +1019,7 @@ mod tests { #[test] fn compact_decryption_with_invalid_version_byte() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, ivk, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1042,7 +1046,7 @@ mod tests { #[test] fn compact_decryption_with_invalid_diversifier() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, ivk, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1069,7 +1073,7 @@ mod tests { #[test] fn compact_decryption_with_incorrect_diversifier() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, ivk, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1096,7 +1100,7 @@ mod tests { #[test] fn recovery_with_invalid_ovk() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (mut ovk, _, cv, cmu, epk, enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1110,7 +1114,7 @@ mod tests { #[test] fn recovery_with_invalid_cv() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, _, cmu, epk, enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1129,7 +1133,7 @@ mod tests { #[test] fn recovery_with_invalid_cmu() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, _, epk, enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1137,7 +1141,7 @@ mod tests { try_sapling_output_recovery( &ovk, &cv, - &Fr::rand(&mut rng), + &Fr::random(&mut rng), &epk, &enc_ciphertext, &out_ciphertext @@ -1148,7 +1152,7 @@ mod tests { #[test] fn recovery_with_invalid_epk() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, cmu, _, enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1167,7 +1171,7 @@ mod tests { #[test] fn recovery_with_invalid_enc_tag() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1181,7 +1185,7 @@ mod tests { #[test] fn recovery_with_invalid_out_tag() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, cmu, epk, enc_ciphertext, mut out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1195,7 +1199,7 @@ mod tests { #[test] fn recovery_with_invalid_version_byte() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1217,7 +1221,7 @@ mod tests { #[test] fn recovery_with_invalid_diversifier() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); @@ -1239,7 +1243,7 @@ mod tests { #[test] fn recovery_with_incorrect_diversifier() { - let mut rng = thread_rng(); + let mut rng = OsRng; let (ovk, _, cv, cmu, epk, mut enc_ciphertext, out_ciphertext) = random_enc_ciphertext(&mut rng); diff --git a/zcash_primitives/src/sapling.rs b/zcash_primitives/src/sapling.rs index 0ee808c5d1..ad7e309233 100644 --- a/zcash_primitives/src/sapling.rs +++ b/zcash_primitives/src/sapling.rs @@ -2,7 +2,7 @@ use ff::{BitIterator, PrimeField, PrimeFieldRepr}; use pairing::bls12_381::{Bls12, Fr, FrRepr}; -use rand::OsRng; +use rand_os::OsRng; use sapling_crypto::{ jubjub::{fs::Fs, FixedGenerators, JubjubBls12}, pedersen_hash::{pedersen_hash, Personalization}, @@ -113,7 +113,7 @@ pub fn spend_sig( params: &JubjubBls12, ) -> Signature { // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; // We compute `rsk`... let rsk = ask.randomize(ar); diff --git a/zcash_primitives/src/transaction/tests.rs b/zcash_primitives/src/transaction/tests.rs index 1275bbacd9..d9788ff236 100644 --- a/zcash_primitives/src/transaction/tests.rs +++ b/zcash_primitives/src/transaction/tests.rs @@ -1,6 +1,10 @@ +use ff::Field; use pairing::bls12_381::Bls12; -use rand::{thread_rng, Rng}; -use sapling_crypto::{jubjub::FixedGenerators, redjubjub::PrivateKey}; +use rand_os::OsRng; +use sapling_crypto::{ + jubjub::{fs::Fs, FixedGenerators}, + redjubjub::PrivateKey, +}; use super::{ components::{Amount, Script}, @@ -193,8 +197,8 @@ fn tx_write_rejects_unexpected_binding_sig() { // Fails with an unexpected binding signature { - let rng = &mut thread_rng(); - let sk = PrivateKey::(rng.gen()); + let rng = &mut OsRng; + let sk = PrivateKey::(Fs::random(rng)); let sig = sk.sign( b"Foo bar", rng, diff --git a/zcash_proofs/Cargo.toml b/zcash_proofs/Cargo.toml index 34bd520acf..1eca6fdd56 100644 --- a/zcash_proofs/Cargo.toml +++ b/zcash_proofs/Cargo.toml @@ -11,6 +11,6 @@ blake2b_simd = "0.5" byteorder = "1" ff = { path = "../ff" } pairing = { path = "../pairing" } -rand = "0.4" +rand_os = "0.2" sapling-crypto = { path = "../sapling-crypto" } zcash_primitives = { path = "../zcash_primitives" } diff --git a/zcash_proofs/src/lib.rs b/zcash_proofs/src/lib.rs index 25434f4082..dd6975c0c8 100644 --- a/zcash_proofs/src/lib.rs +++ b/zcash_proofs/src/lib.rs @@ -3,7 +3,7 @@ extern crate blake2b_simd; extern crate byteorder; extern crate ff; extern crate pairing; -extern crate rand; +extern crate rand_os; extern crate sapling_crypto; extern crate zcash_primitives; diff --git a/zcash_proofs/src/sapling/prover.rs b/zcash_proofs/src/sapling/prover.rs index 4d63033467..fce4d8ec9c 100644 --- a/zcash_proofs/src/sapling/prover.rs +++ b/zcash_proofs/src/sapling/prover.rs @@ -3,7 +3,7 @@ use bellman::groth16::{ }; use ff::Field; use pairing::bls12_381::{Bls12, Fr}; -use rand::{OsRng, Rand}; +use rand_os::OsRng; use sapling_crypto::{ circuit::{ multipack, @@ -56,10 +56,10 @@ impl SaplingProvingContext { (), > { // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; // We create the randomness of the value commitment - let rcv = Fs::rand(&mut rng); + let rcv = Fs::random(&mut rng); // Accumulate the value commitment randomness in the context { @@ -189,12 +189,12 @@ impl SaplingProvingContext { params: &JubjubBls12, ) -> (Proof, edwards::Point) { // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; // We construct ephemeral randomness for the value commitment. This // randomness is not given back to the caller, but the synthetic // blinding factor `bsk` is accumulated in the context. - let rcv = Fs::rand(&mut rng); + let rcv = Fs::random(&mut rng); // Accumulate the value commitment randomness in the context { @@ -250,7 +250,7 @@ impl SaplingProvingContext { params: &JubjubBls12, ) -> Result { // Initialize secure RNG - let mut rng = OsRng::new().expect("should be able to construct RNG"); + let mut rng = OsRng; // Grab the current `bsk` from the context let bsk = PrivateKey::(self.bsk);