[Refactor] zc ParamGeneration: pass big args by ref and use arith_uint

src/libzerocoin/ParamGeneration.cpp

@@ -13,6 +13,7 @@
 #include "ParamGeneration.h"
 #include <string>
 #include <cmath>
+#include "arith_uint256.h"
 #include "hash.h"
 #include "uint256.h"
 
@@ -37,8 +38,7 @@ namespace libzerocoin {
 /// in length, and 3072 bits is strongly recommended.
 ///
 
-void
-CalculateParams(ZerocoinParams &params, CBigNum N, std::string aux, uint32_t securityLevel)
+void CalculateParams(ZerocoinParams &params, const CBigNum& N, const std::string& aux, uint32_t securityLevel)
 {
     params.initialized = false;
     params.accumulatorParams.initialized = false;
@@ -86,10 +86,10 @@ CalculateParams(ZerocoinParams &params, CBigNum N, std::string aux, uint32_t sec
     // a whole group, just a pair of random generators in QR_N.
     uint32_t resultCtr;
     params.accumulatorParams.accumulatorQRNCommitmentGroup.g = generateIntegerFromSeed(NLen - 1,
-            calculateSeed(N, aux, securityLevel, STRING_QRNCOMMIT_GROUPG),
+            UintToArith256(calculateSeed(N, aux, securityLevel, STRING_QRNCOMMIT_GROUPG)),
                                              &resultCtr).pow_mod(BN_TWO, N);
     params.accumulatorParams.accumulatorQRNCommitmentGroup.h = generateIntegerFromSeed(NLen - 1,
-            calculateSeed(N, aux, securityLevel, STRING_QRNCOMMIT_GROUPH),
+            UintToArith256(calculateSeed(N, aux, securityLevel, STRING_QRNCOMMIT_GROUPH)),
                                              &resultCtr).pow_mod(BN_TWO, N);
 
     // Calculate the accumulator base, which we calculate as "u = C**2 mod N"
@@ -123,8 +123,7 @@ CalculateParams(ZerocoinParams &params, CBigNum N, std::string aux, uint32_t sec
 ///
 /// Returns the hash of the value.
 
-uint256
-calculateGeneratorSeed(uint256 seed, uint256 pSeed, uint256 qSeed, std::string label, uint32_t index, uint32_t count)
+uint256 calculateGeneratorSeed(const uint256& seed, const uint256& pSeed, const uint256& qSeed, const std::string& label, uint32_t index, uint32_t count)
 {
     CHashWriter hasher(0,0);
     uint256     hash;
@@ -155,8 +154,7 @@ calculateGeneratorSeed(uint256 seed, uint256 pSeed, uint256 qSeed, std::string l
 ///
 /// Returns the hash of the value.
 
-uint256
-calculateSeed(CBigNum modulus, std::string auxString, uint32_t securityLevel, std::string groupName)
+uint256 calculateSeed(const CBigNum& modulus, const std::string& auxString, uint32_t securityLevel, const std::string& groupName)
 {
     CHashWriter hasher(0,0);
     uint256     hash;
@@ -174,8 +172,7 @@ calculateSeed(CBigNum modulus, std::string auxString, uint32_t securityLevel, st
     return hasher.GetHash();
 }
 
-uint256
-calculateHash(uint256 input)
+uint256 calculateHash(const uint256& input)
 {
     CHashWriter hasher(0,0);
 
@@ -242,8 +239,7 @@ calculateGroupParamLengths(uint32_t maxPLen, uint32_t securityLevel,
 /// primes "p" and "q". It uses the procedure in Appendix A.2.3 to
 /// derive two generators "g", "h".
 
-IntegerGroupParams
-deriveIntegerGroupParams(uint256 seed, uint32_t pLen, uint32_t qLen)
+IntegerGroupParams deriveIntegerGroupParams(const uint256& seed, uint32_t pLen, uint32_t qLen)
 {
     IntegerGroupParams result;
     CBigNum p;
@@ -288,8 +284,7 @@ deriveIntegerGroupParams(uint256 seed, uint32_t pLen, uint32_t qLen)
 /// Given "q" calculates the description of a group G of prime order "q" embedded within
 /// a field "F_p".
 
-IntegerGroupParams
-deriveIntegerGroupFromOrder(CBigNum &groupOrder)
+IntegerGroupParams deriveIntegerGroupFromOrder(const CBigNum& groupOrder)
 {
     IntegerGroupParams result;
 
@@ -352,10 +347,9 @@ deriveIntegerGroupFromOrder(CBigNum &groupOrder)
 /// algorithms described in FIPS 186-3 Appendix A.1.2 to calculate
 /// primes "p" and "q".
 
-void
-calculateGroupModulusAndOrder(uint256 seed, uint32_t pLen, uint32_t qLen,
-                              CBigNum *resultModulus, CBigNum *resultGroupOrder,
-                              uint256 *resultPseed, uint256 *resultQseed)
+void calculateGroupModulusAndOrder(const uint256& seed, uint32_t pLen, uint32_t qLen,
+                                   CBigNum *resultModulus, CBigNum *resultGroupOrder,
+                                   uint256 *resultPseed, uint256 *resultQseed)
 {
     // Verify that the seed length is >= qLen
     if (qLen > (sizeof(seed)) * 8) {
@@ -370,14 +364,14 @@ calculateGroupModulusAndOrder(uint256 seed, uint32_t pLen, uint32_t qLen,
     // Generate a random prime for the group order.
     // This may throw an exception, which we'll pass upwards.
     // Result is the value "resultGroupOrder", "qseed" and "qgen_counter".
-    uint256     qseed;
+    arith_uint256     qseed;
     uint32_t    qgen_counter;
-    *resultGroupOrder = generateRandomPrime(qLen, seed, &qseed, &qgen_counter);
+    *resultGroupOrder = generateRandomPrime(qLen, UintToArith256(seed), &qseed, &qgen_counter);
 
     // Using pLen / 2 + 1 as the length and qseed as the input_seed, use the random prime
     // routine to obtain p0 , pseed, and pgen_counter. We pass exceptions upward.
     uint32_t    p0len = ceil((pLen / 2.0) + 1);
-    uint256     pseed;
+    arith_uint256     pseed;
     uint32_t    pgen_counter;
     CBigNum p0 = generateRandomPrime(p0len, qseed, &pseed, &pgen_counter);
 
@@ -387,7 +381,7 @@ calculateGroupModulusAndOrder(uint256 seed, uint32_t pLen, uint32_t qLen,
     // Generate a random integer "x" of pLen bits
     uint32_t iterations;
     CBigNum x = generateIntegerFromSeed(pLen, pseed, &iterations);
-    pseed += (iterations + 1);
+    pseed += iterations + 1;
 
     // Set x = 2^{pLen-1} + (x mod 2^{pLen-1}).
     CBigNum powerOfTwo = BN_TWO.pow(pLen-1);
@@ -427,8 +421,8 @@ calculateGroupModulusAndOrder(uint256 seed, uint32_t pLen, uint32_t qLen,
         if ((resultModulus->gcd(z - BN_ONE)).isOne() &&
                 (z.pow_mod(p0, (*resultModulus))).isOne()) {
             // Success! Return the seeds and primes.
-            *resultPseed = pseed;
-            *resultQseed = qseed;
+            *resultPseed = ArithToUint256(pseed);
+            *resultQseed = ArithToUint256(qseed);
             return;
         }
 
@@ -454,8 +448,7 @@ calculateGroupModulusAndOrder(uint256 seed, uint32_t pLen, uint32_t qLen,
 /// Generates a random group generator deterministically as a function of (seed,pSeed,qSeed)
 /// Uses the algorithm described in FIPS 186-3 Appendix A.2.3.
 
-CBigNum
-calculateGroupGenerator(uint256 seed, uint256 pSeed, uint256 qSeed, CBigNum modulus, CBigNum groupOrder, uint32_t index)
+CBigNum calculateGroupGenerator(const uint256& seed, const uint256& pSeed, const uint256& qSeed, const CBigNum& modulus, const CBigNum& groupOrder, uint32_t index)
 {
     CBigNum result;
 
@@ -498,9 +491,8 @@ calculateGroupGenerator(uint256 seed, uint256 pSeed, uint256 qSeed, CBigNum modu
 /// seed. Uses the Shawe-Taylor algorithm as described in FIPS 186-3
 /// Appendix C.6. This is a recursive function.
 
-CBigNum
-generateRandomPrime(uint32_t primeBitLen, uint256 in_seed, uint256 *out_seed,
-                    uint32_t *prime_gen_counter)
+CBigNum generateRandomPrime(uint32_t primeBitLen, const arith_uint256& in_seed, arith_uint256 *out_seed,
+                            uint32_t *prime_gen_counter)
 {
     // Verify that primeBitLen is not too small
     if (primeBitLen < 2) {
@@ -512,7 +504,7 @@ generateRandomPrime(uint32_t primeBitLen, uint256 in_seed, uint256 *out_seed,
         CBigNum result(0);
 
         // Set prime_seed = in_seed, prime_gen_counter = 0.
-        uint256     prime_seed = in_seed;
+        arith_uint256 prime_seed = in_seed;
         (*prime_gen_counter) = 0;
 
         // Loop up to "4 * primeBitLen" iterations.
@@ -589,7 +581,7 @@ generateRandomPrime(uint32_t primeBitLen, uint256 in_seed, uint256 *out_seed,
 
             // Test "c" for primality as follows:
             // 1. First pick an integer "a" in between 2 and (c - 2)
-            CBigNum a = generateIntegerFromSeed(c.bitSize(), (*out_seed), &numIterations);
+            CBigNum a = generateIntegerFromSeed(c.bitSize(), *out_seed, &numIterations);
             a = BN_TWO + (a % (c - BN_THREE));
             (*out_seed) += (numIterations + 1);
 
@@ -615,8 +607,7 @@ generateRandomPrime(uint32_t primeBitLen, uint256 in_seed, uint256 *out_seed,
     throw std::runtime_error("Unable to generate random prime (too many tests)");
 }
 
-CBigNum
-generateIntegerFromSeed(uint32_t numBits, uint256 seed, uint32_t *numIterations)
+CBigNum generateIntegerFromSeed(uint32_t numBits, const arith_uint256& seed, uint32_t *numIterations)
 {
     CBigNum      result(0);
     uint32_t    iterations = ceil((double)numBits / (double)HASH_OUTPUT_BITS);
@@ -629,7 +620,7 @@ generateIntegerFromSeed(uint32_t numBits, uint256 seed, uint32_t *numIterations)
     // Loop "iterations" times filling up the value "result" with random bits
     for (uint32_t count = 0; count < iterations; count++) {
         // result += ( H(pseed + count) * 2^{count * p0len} )
-        result += CBigNum(calculateHash(seed + count)) * BN_TWO.pow(count * HASH_OUTPUT_BITS);
+        result += CBigNum(calculateHash(ArithToUint256(seed + count))) * BN_TWO.pow(count * HASH_OUTPUT_BITS);
     }
 
     result = BN_TWO.pow(numBits - 1) + (result % (BN_TWO.pow(numBits - 1)));
@@ -645,8 +636,7 @@ generateIntegerFromSeed(uint32_t numBits, uint256 seed, uint32_t *numIterations)
 ///
 /// Performs trial division to determine whether a uint32_t is prime.
 
-bool
-primalityTestByTrialDivision(uint32_t candidate)
+bool primalityTestByTrialDivision(uint32_t candidate)
 {
     // TODO: HACK HACK WRONG WRONG
     CBigNum canBignum(candidate);

src/libzerocoin/ParamGeneration.h

@@ -16,9 +16,8 @@
 
 namespace libzerocoin {
 
-void CalculateParams(ZerocoinParams &params, CBigNum N, std::string aux, uint32_t securityLevel);
-void calculateGroupParamLengths(uint32_t maxPLen, uint32_t securityLevel,
-                                uint32_t *pLen, uint32_t *qLen);
+void CalculateParams(ZerocoinParams &params, const CBigNum& N, const std::string& aux, uint32_t securityLevel);
+void calculateGroupParamLengths(uint32_t maxPLen, uint32_t securityLevel, uint32_t *pLen, uint32_t *qLen);
 
 // Constants
 #define STRING_COMMIT_GROUP         "COIN_COMMITMENT_GROUP"
@@ -35,21 +34,16 @@ void calculateGroupParamLengths(uint32_t maxPLen, uint32_t securityLevel,
 
 // Prototypes
 bool                primalityTestByTrialDivision(uint32_t candidate);
-uint256             calculateSeed(CBigNum modulus, std::string auxString, uint32_t securityLevel, std::string groupName);
-uint256             calculateGeneratorSeed(uint256 seed, uint256 pSeed, uint256 qSeed, std::string label, uint32_t index, uint32_t count);
-
-uint256             calculateHash(uint256 input);
-IntegerGroupParams  deriveIntegerGroupParams(uint256 seed, uint32_t pLen, uint32_t qLen);
-IntegerGroupParams  deriveIntegerGroupFromOrder(CBigNum &groupOrder);
-void                calculateGroupModulusAndOrder(uint256 seed, uint32_t pLen, uint32_t qLen,
-        CBigNum *resultModulus, CBigNum *resultGroupOrder,
-        uint256 *resultPseed, uint256 *resultQseed);
-CBigNum              calculateGroupGenerator(uint256 seed, uint256 pSeed, uint256 qSeed, CBigNum modulus,
-        CBigNum groupOrder, uint32_t index);
-CBigNum              generateRandomPrime(uint32_t primeBitLen, uint256 in_seed, uint256 *out_seed,
-                                        uint32_t *prime_gen_counter);
-CBigNum              generateIntegerFromSeed(uint32_t numBits, uint256 seed, uint32_t *numIterations);
-
+uint256             calculateSeed(const CBigNum& modulus, const std::string& auxString, uint32_t securityLevel, const std::string& groupName);
+uint256             calculateGeneratorSeed(const uint256& seed, const uint256& pSeed, const uint256& qSeed, const std::string& label, uint32_t index, uint32_t count);
+
+uint256             calculateHash(const uint256& input);
+IntegerGroupParams  deriveIntegerGroupParams(const uint256& seed, uint32_t pLen, uint32_t qLen);
+IntegerGroupParams  deriveIntegerGroupFromOrder(const CBigNum& groupOrder);
+void                calculateGroupModulusAndOrder(const uint256& seed, uint32_t pLen, uint32_t qLen, CBigNum *resultModulus, CBigNum *resultGroupOrder, uint256 *resultPseed, uint256 *resultQseed);
+CBigNum             calculateGroupGenerator(const uint256& seed, const uint256& pSeed, const uint256& qSeed, const CBigNum& modulus, const CBigNum& groupOrder, uint32_t index);
+CBigNum             generateRandomPrime(uint32_t primeBitLen, const arith_uint256& in_seed, arith_uint256 *out_seed, uint32_t *prime_gen_counter);
+CBigNum             generateIntegerFromSeed(uint32_t numBits, const arith_uint256& seed, uint32_t *numIterations);
 }/* namespace libzerocoin */
 
 #endif /* PARAMGENERATION_H_ */