repo-sync-2024-01-20T17:57:27+0800

.bazelversion

@@ -1 +1 @@
-6.2.1
+6.4.0

CHANGELOG.md

@@ -8,6 +8,9 @@ All notable changes to this project will be documented in this file.
 > - Add `[Bugfix]` prefix for bug fixes
 > - Add `[API]` prefix for API changes
 
+## Staging
+- [Feature] Add Silent Vole (malicious version)
+
 ## 2024-01-09
 - [YACL] v0.4.2
 - [Dependency] Bump: Openssl 3.0.12 (experimental)

bazel/openssl.BUILD

@@ -33,8 +33,8 @@ CONFIGURE_OPTIONS = [
     "--libdir=lib",
     "no-legacy",
     "no-weak-ssl-ciphers",
-    "no-shared",
     "no-tests",
+    "no-shared",
     "no-ui-console",
 ]
 
@@ -59,7 +59,6 @@ yacl_configure_make(
     }),
     lib_name = "openssl",
     lib_source = ":all_srcs",
-    out_binaries = ["openssl"],
     # Note that for Linux builds, libssl must come before libcrypto on the linker command-line.
     # As such, libssl must be listed before libcrypto
     out_static_libs = [

bazel/repositories.bzl

@@ -263,10 +263,10 @@ def _rules_foreign_cc():
     maybe(
         http_archive,
         name = "rules_foreign_cc",
-        sha256 = "476303bd0f1b04cc311fc258f1708a5f6ef82d3091e53fd1977fa20383425a6a",
-        strip_prefix = "rules_foreign_cc-0.10.1",
+        sha256 = "2463288e7b2256a1dc61d62c0f970dcbe5dfc22e90c58e60d3119ce2e47209af",
+        strip_prefix = "rules_foreign_cc-c2e097455d2bbf92b2ae71611d1261ba79eb8aa8",
         urls = [
-            "https://github.com/bazelbuild/rules_foreign_cc/archive/refs/tags/0.10.1.tar.gz",
+            "https://github.com/bazelbuild/rules_foreign_cc/archive/c2e097455d2bbf92b2ae71611d1261ba79eb8aa8.tar.gz",
         ],
     )
 

yacl/base/dynamic_bitset.h

@@ -789,6 +789,8 @@ class dynamic_bitset {
   template <typename BlockInputIterator>
   constexpr void append(BlockInputIterator first, BlockInputIterator last);
 
+  constexpr void append(const dynamic_bitset<Block, Allocator>& other);
+
   /**
    * @brief      Sets the bits to the result of binary AND on corresponding
    * pairs of bits of *this and @p rhs.
@@ -2481,6 +2483,24 @@ constexpr void dynamic_bitset<Block, Allocator>::append(
 
   assert(check_consistency());
 }
+
+template <typename Block, typename Allocator>
+constexpr void dynamic_bitset<Block, Allocator>::append(
+    const dynamic_bitset<Block, Allocator>& other) {
+  const auto final_size = size() + other.size();
+  const auto block_num = other.num_blocks();
+  if (&other != this) {
+    auto other_data = other.data();
+    append(other_data, other_data + block_num);
+  } else {
+    // Append a bitset to itself might cause an automatic reallocation
+    for (size_t i = 0; i < block_num; ++i) {
+      append(other.data()[i]);
+    }
+  }
+  resize(final_size);
+}
+
 template <typename Block, typename Allocator>
 constexpr dynamic_bitset<Block, Allocator>&
 dynamic_bitset<Block, Allocator>::operator&=(

yacl/base/dynamic_bitset_test.cc

@@ -123,7 +123,7 @@ TYPED_TEST(DynamicBitsetTest, PushPopTest) {
   EXPECT_EQ(bitset, check2);
 }
 
-TYPED_TEST(DynamicBitsetTest, AppendTest) {
+TYPED_TEST(DynamicBitsetTest, AppendBlockTest) {
   // GIVEN
   auto bitset = dynamic_bitset<TypeParam>("0100101");
   auto block = static_cast<TypeParam>(crypto::FastRandU128());
@@ -137,6 +137,37 @@ TYPED_TEST(DynamicBitsetTest, AppendTest) {
   EXPECT_EQ(block, check);
 }
 
+TYPED_TEST(DynamicBitsetTest, AppendBitSetTest) {
+  // GIVEN
+  auto bitset0 = dynamic_bitset<TypeParam>("010010101010101");
+  auto block = static_cast<TypeParam>(*bitset0.data());
+
+  auto size = bitset0.size();
+  // WHEN
+  bitset0.append(bitset0);
+
+  // THEN
+  bitset0 >>= size;  // right shift to remove the original bits
+  auto check = static_cast<TypeParam>(*bitset0.data());
+  EXPECT_EQ(block, check);
+}
+
+TYPED_TEST(DynamicBitsetTest, AppendBitSetTest2) {
+  // GIVEN
+  auto bitset0 = dynamic_bitset<TypeParam>("010010");
+  auto bitset1 = dynamic_bitset<TypeParam>("010010101010101");
+  auto block = static_cast<TypeParam>(*bitset1.data());
+
+  auto size = bitset0.size();
+  // WHEN
+  bitset0.append(bitset1);
+
+  // THEN
+  bitset0 >>= size;  // right shift to remove the original bits
+  auto check = static_cast<TypeParam>(*bitset1.data());
+  EXPECT_EQ(block, check);
+}
+
 TYPED_TEST(DynamicBitsetTest, XorTest) {
   auto r1 = crypto::RandVec<TypeParam>(kBlockNum);
   auto r2 = crypto::RandVec<TypeParam>(kBlockNum);

yacl/crypto/base/BUILD.bazel

@@ -28,7 +28,6 @@ yacl_cc_library(
         "//yacl/utils:scope_guard",
         "@com_github_openssl_openssl//:openssl",
     ],
-    alwayslink = True,
 )
 
 yacl_cc_library(

yacl/crypto/base/key_utils.cc

@@ -16,6 +16,7 @@
 
 #include <cstddef>
 
+#include "yacl/crypto/base/openssl_wrappers.h"
 #include "yacl/io/stream/file_io.h"
 
 namespace yacl::crypto {
@@ -351,8 +352,8 @@ Buffer ExportX509CertToBuf(const openssl::UniqueX509& x509) {
   openssl::UniqueBio bio(BIO_new(BIO_s_mem()));  // create an empty bio
 
   // export certificate to bio
-  OSSL_RET_1(PEM_write_bio_X509(bio.get(), x509.get()),
-             "Failed PEM_export_bio_X509.");
+  OSSL_RET_1(PEM_write_bio_X509(bio.get(), x509.get()));
+
   return BioToBuf(bio);
 }
 

yacl/crypto/base/openssl_wrappers.h

@@ -27,6 +27,7 @@
 #include "openssl/decoder.h"
 #include "openssl/ec.h"
 #include "openssl/encoder.h"
+#include "openssl/err.h"
 #include "openssl/evp.h"
 #include "openssl/pem.h"
 #include "openssl/provider.h"
@@ -111,6 +112,17 @@ inline UniqueMac FetchEvpHmac() {
   return UniqueMac(EVP_MAC_fetch(nullptr, OSSL_MAC_NAME_HMAC, nullptr));
 }
 
+// see: https://en.wikibooks.org/wiki/OpenSSL/Error_handling
+inline std::string GetOSSLErr() {
+  BIO* bio = BIO_new(BIO_s_mem());
+  ERR_print_errors(bio);
+  char* buf;
+  size_t len = BIO_get_mem_data(bio, &buf);
+  std::string ret(buf, len);
+  BIO_free(bio);
+  return ret;
+}
+
 // ---------------------------------
 // Helpers for OpenSSL return values
 // ---------------------------------

yacl/crypto/ossl-provider/BUILD.bazel

@@ -57,6 +57,8 @@ yacl_cc_library(
     name = "provider",
     srcs = [
         "provider.cc",
+    ],
+    hdrs = [
         "rand_impl.h",
         "version.h",
     ],

yacl/crypto/ossl-provider/provider_test.cc

@@ -35,12 +35,13 @@ TEST(OpensslTest, ShouldWork) {
   // initialize a provider that was previously added with
   auto prov = openssl::UniqueProv(
       OSSL_PROVIDER_load(libctx.get(), GetProviderPath().c_str()));
-  YACL_ENFORCE(prov != nullptr);
+  YACL_ENFORCE(prov != nullptr, ERR_error_string(ERR_get_error(), nullptr));
 
   // get provider's entropy source EVP_RAND* rand;
-  auto yes = EVP_RAND_fetch(libctx.get(), "Yes",
-                            nullptr); /* yes = yacl entropy source */
-  YACL_ENFORCE(yes != nullptr);
+  auto* yes = EVP_RAND_fetch(libctx.get(), "Yes",
+                             nullptr); /* yes = yacl entropy source */
+
+  YACL_ENFORCE(yes != nullptr, ERR_error_string(ERR_get_error(), nullptr));
   auto* yes_ctx = EVP_RAND_CTX_new(yes, nullptr);
   YACL_ENFORCE(yes_ctx != nullptr);
   EVP_RAND_instantiate(yes_ctx, 128, 0, nullptr, 0, nullptr);
@@ -73,69 +74,68 @@ TEST(OpensslTest, ShouldWork) {
   EVP_RAND_CTX_free(rctx);
 }
 
-// //   https://www.openssl.org/docs/man3.0/man7/EVP_RAND-SEED-SRC.html
-// TEST(OpensslTest, Example1) {
-//   EVP_RAND* rand;
-//   EVP_RAND_CTX* seed;
-//   EVP_RAND_CTX* rctx;
-//   unsigned char bytes[100];
-//   OSSL_PARAM params[2];
-//   OSSL_PARAM* p = params;
-//   unsigned int strength = 128;
-
-//   /* Create a seed source */
-//   rand = EVP_RAND_fetch(nullptr, "SEED-SRC", nullptr);
-//   seed = EVP_RAND_CTX_new(rand, nullptr);
-//   EVP_RAND_instantiate(seed, 128, 0, nullptr, 0, nullptr);
-
-//   /* Feed this into a DRBG */
-//   auto* tmp = EVP_RAND_fetch(nullptr, "CTR-DRBG", nullptr);
-//   // EVP_RAND_CTX_new() creates a new context for the RAND implementation
-//   rand.
-//   // If not NULL, parent specifies the seed source for this implementation.
-//   rctx = EVP_RAND_CTX_new(tmp, seed);
-//   YACL_ENFORCE(rctx != nullptr);
-
-//   /* Configure the DRBG */
-//   *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
-//                                           (char*)"AES-256-CTR", 0);
-//   *p = OSSL_PARAM_construct_end();
-//   EVP_RAND_instantiate(rctx, strength, 0, nullptr, 0, params);
-
-//   int ret =
-//       EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, nullptr, 0);
-//   EXPECT_EQ(ret, 1);
-
-//   EVP_RAND_free(rand);
-//   EVP_RAND_free(tmp);
-//   EVP_RAND_CTX_free(rctx);
-//   EVP_RAND_CTX_free(seed);
-// }
-
-// // https://www.openssl.org/docs/man3.0/man7/EVP_RAND-CTR-DRBG.html
-// TEST(OpensslTest, Example2) {
-//   EVP_RAND* rand;
-//   EVP_RAND_CTX* rctx;
-//   unsigned char bytes[100];
-//   OSSL_PARAM params[2];
-//   OSSL_PARAM* p = params;
-//   unsigned int strength = 128;
-
-//   rand = EVP_RAND_fetch(nullptr, "CTR-DRBG", nullptr);
-//   rctx = EVP_RAND_CTX_new(rand, nullptr);
-
-//   *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
-//                                           (char*)"AES-256-CTR", 0);
-//   *p = OSSL_PARAM_construct_end();
-//   int ret0 = EVP_RAND_instantiate(rctx, strength, 0, nullptr, 0, params);
-//   EXPECT_EQ(ret0, 1);
-
-//   int ret1 =
-//       EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, nullptr, 0);
-//   EXPECT_EQ(ret1, 1);
-
-//   EVP_RAND_free(rand);
-//   EVP_RAND_CTX_free(rctx);
-// }
+//   https://www.openssl.org/docs/man3.0/man7/EVP_RAND-SEED-SRC.html
+TEST(OpensslTest, Example1) {
+  EVP_RAND* rand;
+  EVP_RAND_CTX* seed;
+  EVP_RAND_CTX* rctx;
+  unsigned char bytes[100];
+  OSSL_PARAM params[2];
+  OSSL_PARAM* p = params;
+  unsigned int strength = 128;
+
+  /* Create a seed source */
+  rand = EVP_RAND_fetch(nullptr, "SEED-SRC", nullptr);
+  seed = EVP_RAND_CTX_new(rand, nullptr);
+  EVP_RAND_instantiate(seed, 128, 0, nullptr, 0, nullptr);
+
+  /* Feed this into a DRBG */
+  auto* tmp = EVP_RAND_fetch(nullptr, "CTR-DRBG", nullptr);
+  // EVP_RAND_CTX_new() creates a new context for the RAND implementation rand.
+  // If not NULL, parent specifies the seed source for this implementation.
+  rctx = EVP_RAND_CTX_new(tmp, seed);
+  YACL_ENFORCE(rctx != nullptr);
+
+  /* Configure the DRBG */
+  *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
+                                          (char*)"AES-256-CTR", 0);
+  *p = OSSL_PARAM_construct_end();
+  EVP_RAND_instantiate(rctx, strength, 0, nullptr, 0, params);
+
+  int ret =
+      EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, nullptr, 0);
+  EXPECT_EQ(ret, 1);
+
+  EVP_RAND_free(rand);
+  EVP_RAND_free(tmp);
+  EVP_RAND_CTX_free(rctx);
+  EVP_RAND_CTX_free(seed);
+}
+
+// https://www.openssl.org/docs/man3.0/man7/EVP_RAND-CTR-DRBG.html
+TEST(OpensslTest, Example2) {
+  EVP_RAND* rand;
+  EVP_RAND_CTX* rctx;
+  unsigned char bytes[100];
+  OSSL_PARAM params[2];
+  OSSL_PARAM* p = params;
+  unsigned int strength = 128;
+
+  rand = EVP_RAND_fetch(nullptr, "CTR-DRBG", nullptr);
+  rctx = EVP_RAND_CTX_new(rand, nullptr);
+
+  *p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
+                                          (char*)"AES-256-CTR", 0);
+  *p = OSSL_PARAM_construct_end();
+  int ret0 = EVP_RAND_instantiate(rctx, strength, 0, nullptr, 0, params);
+  EXPECT_EQ(ret0, 1);
+
+  int ret1 =
+      EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, nullptr, 0);
+  EXPECT_EQ(ret1, 1);
+
+  EVP_RAND_free(rand);
+  EVP_RAND_CTX_free(rctx);
+}
 
 }  // namespace yacl::crypto

yacl/crypto/primitives/dpf/BUILD.bazel

@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-load("//bazel:yacl.bzl", "yacl_cc_library", "yacl_cc_test")
+load("//bazel:yacl.bzl", "AES_COPT_FLAGS", "yacl_cc_library", "yacl_cc_test")
 load("@rules_proto//proto:defs.bzl", "proto_library")
 load("@rules_cc//cc:defs.bzl", "cc_proto_library")
 
@@ -52,3 +52,36 @@ cc_proto_library(
     name = "serializable_cc_proto",
     deps = [":serializable_proto"],
 )
+
+yacl_cc_library(
+    name = "mpfss",
+    srcs = ["mpfss.cc"],
+    hdrs = ["mpfss.h"],
+    copts = AES_COPT_FLAGS,
+    deps = [
+        "//yacl/base:aligned_vector",
+        "//yacl/base:dynamic_bitset",
+        "//yacl/base:int128",
+        "//yacl/crypto/primitives/ot:gywz_ote",
+        "//yacl/crypto/primitives/ot:ot_store",
+        "//yacl/crypto/primitives/ot:sgrr_ote",
+        "//yacl/crypto/tools:crhash",
+        "//yacl/crypto/utils:rand",
+        "//yacl/crypto/utils:secparam",
+        "//yacl/math:gadget",
+        "//yacl/math/f2k",
+    ],
+)
+
+yacl_cc_test(
+    name = "mpfss_test",
+    srcs = ["mpfss_test.cc"],
+    copts = AES_COPT_FLAGS,
+    deps = [
+        ":mpfss",
+        "//yacl/crypto/utils:rand",
+        "//yacl/link:test_util",
+        "//yacl/math:gadget",
+        "//yacl/math/f2k",
+    ],
+)