{-# LANGUAGE DataKinds #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DerivingVia #-}
{-# LANGUAGE FlexibleInstances #-}
{-# LANGUAGE ForeignFunctionInterface #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
{-# LANGUAGE LambdaCase #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE TypeApplications #-}
{-# LANGUAGE TypeFamilies #-}

-- | Verifiable Random Function (VRF) implemented as FFI wrappers around the
-- implementation in https://github.com/input-output-hk/libsodium
module Cardano.Crypto.VRF.PraosBatchCompat (
  -- * VRFAlgorithm API
  PraosBatchCompatVRF,

  -- * Low-level size specifiers

  --
  -- Sizes of various value types involved in the VRF calculations. Users of
  -- this module will not need these, we are only exporting them for unit
  -- testing purposes.
  crypto_vrf_ietfdraft13_bytes_batchcompat,
  crypto_vrf_ietfdraft13_publickeybytes,
  crypto_vrf_ietfdraft13_secretkeybytes,
  crypto_vrf_ietfdraft13_seedbytes,
  crypto_vrf_ietfdraft13_outputbytes,
  io_crypto_vrf_ietfdraft13_publickeybytes,
  io_crypto_vrf_ietfdraft13_secretkeybytes,

  -- * Key sizes
  certSizeVRF,
  signKeySizeVRF,
  verKeySizeVRF,
  vrfKeySizeVRF,

  -- * Seed and key generation
  Seed,
  genSeed,
  keypairFromSeed,

  -- * Conversions
  unsafeRawSeed,
  outputBytes,
  proofBytes,
  skBytes,
  vkBytes,
  skToVerKey,
  skToSeed,

  -- * Core VRF operations
  prove,
  verify,
  SignKeyVRF (..),
  VerKeyVRF (..),
  CertVRF (..),
)
where

import Cardano.Binary (
  FromCBOR (..),
  ToCBOR (..),
 )

import Cardano.Crypto.RandomBytes (randombytes_buf)
import Cardano.Crypto.Seed (getBytesFromSeedT)
import Cardano.Crypto.Util (SignableRepresentation (..))
import Cardano.Crypto.VRF.Class

import Control.DeepSeq (NFData (..))
import Control.Monad (void)
import Data.ByteString (ByteString)
import qualified Data.ByteString as BS
import Data.Coerce (coerce)
import Data.Maybe (fromMaybe)
import Data.Proxy (Proxy (..))
import Foreign.C.Types
import Foreign.ForeignPtr
import Foreign.Marshal.Alloc
import Foreign.Marshal.Utils
import Foreign.Ptr
import GHC.Generics (Generic)
import NoThunks.Class (NoThunks, OnlyCheckWhnf (..), OnlyCheckWhnfNamed (..))
import System.IO.Unsafe (unsafePerformIO)

-- Value types.
--
-- These are all transparent to the Haskell side of things, all we ever do
-- with these is pass pointers to them around. We don't want to know anything
-- about them, hence, we make them uninhabited.
--
-- The actual values are kept entirely in C memory, allocated when a value is
-- created, and freed when the value's finalizer runs.
--
-- The reason we have them at all, rather than duplicating C's void pointers,
-- is because we want to distinguish them at the type level.

data SeedValue
data SignKeyValue
data VerKeyValue
data ProofValue
data OutputValue

-- Type aliases for raw pointers
--
-- These will not leave this module, they are only here for our convenience,
-- so we can afford to not newtype them.

type SeedPtr = Ptr SeedValue
type SignKeyPtr = Ptr SignKeyValue
type VerKeyPtr = Ptr VerKeyValue
type ProofPtr = Ptr ProofValue
type OutputPtr = Ptr OutputValue

-- The exported (via the 'VRFAlgorithm' typeclass) types.
--
-- These are wrappers around 'ForeignPtr's; we don't export the constructors,
-- so callers have to go through our blessed API to create any of them. This
-- way we can make sure that we always allocate the correct sizes, and attach
-- finalizers that automatically free the memory for us.

-- | A random seed, used to derive a key pair.
newtype Seed = Seed {Seed -> ForeignPtr SeedValue
unSeed :: ForeignPtr SeedValue}
  deriving (Context -> Seed -> IO (Maybe ThunkInfo)
Proxy Seed -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy Seed -> [Char]
$cshowTypeOf :: Proxy Seed -> [Char]
wNoThunks :: Context -> Seed -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> Seed -> IO (Maybe ThunkInfo)
noThunks :: Context -> Seed -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> Seed -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnf Seed

-- | Signing key. In this implementation, the signing key is actually a 64-byte
-- value that contains both the 32-byte signing key and the corresponding
-- 32-byte verification key.
newtype SignKey = SignKey {SignKey -> ForeignPtr SignKeyValue
unSignKey :: ForeignPtr SignKeyValue}
  deriving (forall x. Rep SignKey x -> SignKey
forall x. SignKey -> Rep SignKey x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep SignKey x -> SignKey
$cfrom :: forall x. SignKey -> Rep SignKey x
Generic)
  deriving (Context -> SignKey -> IO (Maybe ThunkInfo)
Proxy SignKey -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy SignKey -> [Char]
$cshowTypeOf :: Proxy SignKey -> [Char]
wNoThunks :: Context -> SignKey -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> SignKey -> IO (Maybe ThunkInfo)
noThunks :: Context -> SignKey -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> SignKey -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnf SignKey

instance NFData SignKey where
  rnf :: SignKey -> ()
rnf SignKey
a = seq :: forall a b. a -> b -> b
seq SignKey
a ()

-- | Verification key.
newtype VerKey = VerKey {VerKey -> ForeignPtr VerKeyValue
unVerKey :: ForeignPtr VerKeyValue}
  deriving (forall x. Rep VerKey x -> VerKey
forall x. VerKey -> Rep VerKey x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep VerKey x -> VerKey
$cfrom :: forall x. VerKey -> Rep VerKey x
Generic)
  deriving (Context -> VerKey -> IO (Maybe ThunkInfo)
Proxy VerKey -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy VerKey -> [Char]
$cshowTypeOf :: Proxy VerKey -> [Char]
wNoThunks :: Context -> VerKey -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> VerKey -> IO (Maybe ThunkInfo)
noThunks :: Context -> VerKey -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> VerKey -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnf VerKey

instance NFData VerKey where
  rnf :: VerKey -> ()
rnf VerKey
a = seq :: forall a b. a -> b -> b
seq VerKey
a ()

-- | A proof, as constructed by the 'prove' function.
newtype Proof = Proof {Proof -> ForeignPtr ProofValue
unProof :: ForeignPtr ProofValue}
  deriving (forall x. Rep Proof x -> Proof
forall x. Proof -> Rep Proof x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep Proof x -> Proof
$cfrom :: forall x. Proof -> Rep Proof x
Generic)
  deriving (Context -> Proof -> IO (Maybe ThunkInfo)
Proxy Proof -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy Proof -> [Char]
$cshowTypeOf :: Proxy Proof -> [Char]
wNoThunks :: Context -> Proof -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> Proof -> IO (Maybe ThunkInfo)
noThunks :: Context -> Proof -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> Proof -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnf Proof

instance NFData Proof where
  rnf :: Proof -> ()
rnf Proof
a = seq :: forall a b. a -> b -> b
seq Proof
a ()

-- | Hashed output of a proof verification, as returned by the 'verify'
-- function.
newtype Output = Output {Output -> ForeignPtr OutputValue
unOutput :: ForeignPtr OutputValue}
  deriving (forall x. Rep Output x -> Output
forall x. Output -> Rep Output x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep Output x -> Output
$cfrom :: forall x. Output -> Rep Output x
Generic)
  deriving (Context -> Output -> IO (Maybe ThunkInfo)
Proxy Output -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy Output -> [Char]
$cshowTypeOf :: Proxy Output -> [Char]
wNoThunks :: Context -> Output -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> Output -> IO (Maybe ThunkInfo)
noThunks :: Context -> Output -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> Output -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnf Output

-- Raw low-level FFI bindings.
--
foreign import ccall "crypto_vrf_ietfdraft13_bytes_batchcompat"
  crypto_vrf_ietfdraft13_bytes_batchcompat :: CSize
foreign import ccall "crypto_vrf_ietfdraft13_publickeybytes"
  crypto_vrf_ietfdraft13_publickeybytes :: CSize
foreign import ccall "crypto_vrf_ietfdraft13_secretkeybytes"
  crypto_vrf_ietfdraft13_secretkeybytes :: CSize
foreign import ccall "crypto_vrf_ietfdraft13_seedbytes" crypto_vrf_ietfdraft13_seedbytes :: CSize
foreign import ccall "crypto_vrf_ietfdraft13_outputbytes"
  crypto_vrf_ietfdraft13_outputbytes :: CSize

foreign import ccall "crypto_vrf_ietfdraft13_publickeybytes"
  io_crypto_vrf_ietfdraft13_publickeybytes :: IO CSize
foreign import ccall "crypto_vrf_ietfdraft13_secretkeybytes"
  io_crypto_vrf_ietfdraft13_secretkeybytes :: IO CSize

foreign import ccall "crypto_vrf_seed_keypair"
  crypto_vrf_ietfdraft13_keypair_from_seed :: VerKeyPtr -> SignKeyPtr -> SeedPtr -> IO CInt
foreign import ccall "crypto_vrf_sk_to_pk"
  crypto_vrf_ietfdraft13_sk_to_pk :: VerKeyPtr -> SignKeyPtr -> IO CInt
foreign import ccall "crypto_vrf_sk_to_seed"
  crypto_vrf_ietfdraft13_sk_to_seed :: SeedPtr -> SignKeyPtr -> IO CInt
foreign import ccall "crypto_vrf_ietfdraft13_prove_batchcompat"
  crypto_vrf_ietfdraft13_prove_batchcompat ::
    ProofPtr -> SignKeyPtr -> Ptr CChar -> CULLong -> IO CInt
foreign import ccall "crypto_vrf_ietfdraft13_verify_batchcompat"
  crypto_vrf_ietfdraft13_verify_batchcompat ::
    OutputPtr -> VerKeyPtr -> ProofPtr -> Ptr CChar -> CULLong -> IO CInt

foreign import ccall "crypto_vrf_ietfdraft13_proof_to_hash_batchcompat"
  crypto_vrf_ietfdraft13_proof_to_hash_batchcompat :: OutputPtr -> ProofPtr -> IO CInt

-- Key size constants

certSizeVRF :: Int
certSizeVRF :: Int
certSizeVRF = forall a b. (Integral a, Num b) => a -> b
fromIntegral forall a b. (a -> b) -> a -> b
$! CSize
crypto_vrf_ietfdraft13_bytes_batchcompat

signKeySizeVRF :: Int
signKeySizeVRF :: Int
signKeySizeVRF = forall a b. (Integral a, Num b) => a -> b
fromIntegral forall a b. (a -> b) -> a -> b
$! CSize
crypto_vrf_ietfdraft13_secretkeybytes

verKeySizeVRF :: Int
verKeySizeVRF :: Int
verKeySizeVRF = forall a b. (Integral a, Num b) => a -> b
fromIntegral forall a b. (a -> b) -> a -> b
$! CSize
crypto_vrf_ietfdraft13_publickeybytes

vrfKeySizeVRF :: Int
vrfKeySizeVRF :: Int
vrfKeySizeVRF = forall a b. (Integral a, Num b) => a -> b
fromIntegral forall a b. (a -> b) -> a -> b
$! CSize
crypto_vrf_ietfdraft13_outputbytes

ioSignKeySizeVRF :: IO Int
ioSignKeySizeVRF :: IO Int
ioSignKeySizeVRF = forall a b. (Integral a, Num b) => a -> b
fromIntegral forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> IO CSize
io_crypto_vrf_ietfdraft13_secretkeybytes

ioVerKeySizeVRF :: IO Int
ioVerKeySizeVRF :: IO Int
ioVerKeySizeVRF = forall a b. (Integral a, Num b) => a -> b
fromIntegral forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> IO CSize
io_crypto_vrf_ietfdraft13_publickeybytes

-- | Allocate a 'Seed' and attach a finalizer. The allocated memory will not be initialized.
mkSeed :: IO Seed
mkSeed :: IO Seed
mkSeed = do
  Ptr SeedValue
ptr <- forall a. Int -> IO (Ptr a)
mallocBytes (forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_seedbytes)
  ForeignPtr SeedValue -> Seed
Seed forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> forall a. FinalizerPtr a -> Ptr a -> IO (ForeignPtr a)
newForeignPtr forall a. FinalizerPtr a
finalizerFree Ptr SeedValue
ptr

-- | Generate a random seed.
-- Uses 'randombytes_buf' to create random data.
--
-- This function provides an alternative way of generating seeds specifically
-- for the 'PraosVRF' algorithm. Unlike the 'genKeyPairVRF' method, which uses
-- a 'ByteString'-based 'Cardano.Crypto.Seed.Seed', this seed generation method
-- bypasses the GHC heap, keeping the seed in C-allocated memory instead.
--
-- This provides two advantages:
-- 1. It avoids the overhead of unnecessary GHC-side heap allocations.
-- 2. It avoids leaking the seed via the GHC heap; the 'Seed' type itself
--    takes care of zeroing out its memory upon finalization.
genSeed :: IO Seed
genSeed :: IO Seed
genSeed = do
  Seed
seed <- IO Seed
mkSeed
  forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Seed -> ForeignPtr SeedValue
unSeed Seed
seed) forall a b. (a -> b) -> a -> b
$ \Ptr SeedValue
ptr ->
    forall a. Ptr a -> CSize -> IO ()
randombytes_buf Ptr SeedValue
ptr CSize
crypto_vrf_ietfdraft13_seedbytes
  forall (m :: * -> *) a. Monad m => a -> m a
return Seed
seed

copyFromByteString :: Ptr a -> ByteString -> Int -> IO ()
copyFromByteString :: forall a. Ptr a -> ByteString -> Int -> IO ()
copyFromByteString Ptr a
ptr ByteString
bs Int
lenExpected =
  forall a. ByteString -> (CStringLen -> IO a) -> IO a
BS.useAsCStringLen ByteString
bs forall a b. (a -> b) -> a -> b
$ \(Ptr CChar
cstr, Int
lenActual) ->
    if Int
lenActual forall a. Ord a => a -> a -> Bool
>= Int
lenExpected
      then
        forall a. Ptr a -> Ptr a -> Int -> IO ()
copyBytes (forall a b. Ptr a -> Ptr b
castPtr Ptr a
ptr) Ptr CChar
cstr Int
lenExpected
      else
        forall a. HasCallStack => [Char] -> a
error forall a b. (a -> b) -> a -> b
$
          [Char]
"Invalid input size, expected at least " forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show Int
lenExpected forall a. Semigroup a => a -> a -> a
<> [Char]
", but got " forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show Int
lenActual

seedFromBytes :: ByteString -> Seed
seedFromBytes :: ByteString -> Seed
seedFromBytes ByteString
bs
  | ByteString -> Int
BS.length ByteString
bs forall a. Ord a => a -> a -> Bool
< forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_seedbytes =
      forall a. HasCallStack => [Char] -> a
error [Char]
"Not enough bytes for seed"
seedFromBytes ByteString
bs = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ do
  Seed
seed <- IO Seed
mkSeed
  forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Seed -> ForeignPtr SeedValue
unSeed Seed
seed) forall a b. (a -> b) -> a -> b
$ \Ptr SeedValue
ptr ->
    forall a. Ptr a -> ByteString -> Int -> IO ()
copyFromByteString Ptr SeedValue
ptr ByteString
bs (forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_seedbytes)
  forall (m :: * -> *) a. Monad m => a -> m a
return Seed
seed

-- | Convert an opaque 'Seed' into a 'ByteString' that we can inspect.
-- Note that this will copy the seed into RTS-managed memory; this is not
-- currently a problem, but if at any point we decide that we want to make
-- sure the seed is properly mlocked, then this function will leak such a
-- secured seed into non-locked (swappable) memory.
unsafeRawSeed :: Seed -> IO ByteString
unsafeRawSeed :: Seed -> IO ByteString
unsafeRawSeed (Seed ForeignPtr SeedValue
fp) = forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr SeedValue
fp forall a b. (a -> b) -> a -> b
$ \Ptr SeedValue
ptr ->
  CStringLen -> IO ByteString
BS.packCStringLen (forall a b. Ptr a -> Ptr b
castPtr Ptr SeedValue
ptr, forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_seedbytes)

-- | Convert a proof verification output hash into a 'ByteString' that we can
-- inspect.
outputBytes :: Output -> ByteString
outputBytes :: Output -> ByteString
outputBytes (Output ForeignPtr OutputValue
op) = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr OutputValue
op forall a b. (a -> b) -> a -> b
$ \Ptr OutputValue
ptr ->
  CStringLen -> IO ByteString
BS.packCStringLen (forall a b. Ptr a -> Ptr b
castPtr Ptr OutputValue
ptr, forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_outputbytes)

-- | Convert a proof into a 'ByteString' that we can inspect.
proofBytes :: Proof -> ByteString
proofBytes :: Proof -> ByteString
proofBytes (Proof ForeignPtr ProofValue
op) = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr ProofValue
op forall a b. (a -> b) -> a -> b
$ \Ptr ProofValue
ptr ->
  CStringLen -> IO ByteString
BS.packCStringLen (forall a b. Ptr a -> Ptr b
castPtr Ptr ProofValue
ptr, Int
certSizeVRF)

-- | Convert a verification key into a 'ByteString' that we can inspect.
vkBytes :: VerKey -> ByteString
vkBytes :: VerKey -> ByteString
vkBytes (VerKey ForeignPtr VerKeyValue
op) = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr VerKeyValue
op forall a b. (a -> b) -> a -> b
$ \Ptr VerKeyValue
ptr ->
  CStringLen -> IO ByteString
BS.packCStringLen (forall a b. Ptr a -> Ptr b
castPtr Ptr VerKeyValue
ptr, Int
verKeySizeVRF)

-- | Convert a signing key into a 'ByteString' that we can inspect.
skBytes :: SignKey -> ByteString
skBytes :: SignKey -> ByteString
skBytes (SignKey ForeignPtr SignKeyValue
op) = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr SignKeyValue
op forall a b. (a -> b) -> a -> b
$ \Ptr SignKeyValue
ptr ->
  CStringLen -> IO ByteString
BS.packCStringLen (forall a b. Ptr a -> Ptr b
castPtr Ptr SignKeyValue
ptr, Int
signKeySizeVRF)

instance Show Proof where
  show :: Proof -> [Char]
show = forall a. Show a => a -> [Char]
show forall b c a. (b -> c) -> (a -> b) -> a -> c
. Proof -> ByteString
proofBytes

instance Eq Proof where
  Proof
a == :: Proof -> Proof -> Bool
== Proof
b = Proof -> ByteString
proofBytes Proof
a forall a. Eq a => a -> a -> Bool
== Proof -> ByteString
proofBytes Proof
b

instance ToCBOR Proof where
  toCBOR :: Proof -> Encoding
toCBOR = forall a. ToCBOR a => a -> Encoding
toCBOR forall b c a. (b -> c) -> (a -> b) -> a -> c
. Proof -> ByteString
proofBytes
  encodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size) -> Proxy Proof -> Size
encodedSizeExpr forall t. ToCBOR t => Proxy t -> Size
_ Proxy Proof
_ =
    forall a.
ToCBOR a =>
(forall t. ToCBOR t => Proxy t -> Size) -> Proxy a -> Size
encodedSizeExpr (\Proxy t
_ -> forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
certSizeVRF) (forall {k} (t :: k). Proxy t
Proxy :: Proxy ByteString)

instance FromCBOR Proof where
  fromCBOR :: forall s. Decoder s Proof
fromCBOR = ByteString -> Proof
proofFromBytes forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> forall a s. FromCBOR a => Decoder s a
fromCBOR

instance Show SignKey where
  show :: SignKey -> [Char]
show = forall a. Show a => a -> [Char]
show forall b c a. (b -> c) -> (a -> b) -> a -> c
. SignKey -> ByteString
skBytes

instance Eq SignKey where
  SignKey
a == :: SignKey -> SignKey -> Bool
== SignKey
b = SignKey -> ByteString
skBytes SignKey
a forall a. Eq a => a -> a -> Bool
== SignKey -> ByteString
skBytes SignKey
b

instance ToCBOR SignKey where
  toCBOR :: SignKey -> Encoding
toCBOR = forall a. ToCBOR a => a -> Encoding
toCBOR forall b c a. (b -> c) -> (a -> b) -> a -> c
. SignKey -> ByteString
skBytes
  encodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size) -> Proxy SignKey -> Size
encodedSizeExpr forall t. ToCBOR t => Proxy t -> Size
_ Proxy SignKey
_ =
    forall a.
ToCBOR a =>
(forall t. ToCBOR t => Proxy t -> Size) -> Proxy a -> Size
encodedSizeExpr (\Proxy t
_ -> forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
signKeySizeVRF) (forall {k} (t :: k). Proxy t
Proxy :: Proxy ByteString)

instance FromCBOR SignKey where
  fromCBOR :: forall s. Decoder s SignKey
fromCBOR = ByteString -> SignKey
skFromBytes forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> forall a s. FromCBOR a => Decoder s a
fromCBOR

instance Show VerKey where
  show :: VerKey -> [Char]
show = forall a. Show a => a -> [Char]
show forall b c a. (b -> c) -> (a -> b) -> a -> c
. VerKey -> ByteString
vkBytes

instance Eq VerKey where
  VerKey
a == :: VerKey -> VerKey -> Bool
== VerKey
b = VerKey -> ByteString
vkBytes VerKey
a forall a. Eq a => a -> a -> Bool
== VerKey -> ByteString
vkBytes VerKey
b

instance ToCBOR VerKey where
  toCBOR :: VerKey -> Encoding
toCBOR = forall a. ToCBOR a => a -> Encoding
toCBOR forall b c a. (b -> c) -> (a -> b) -> a -> c
. VerKey -> ByteString
vkBytes
  encodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size) -> Proxy VerKey -> Size
encodedSizeExpr forall t. ToCBOR t => Proxy t -> Size
_ Proxy VerKey
_ =
    forall a.
ToCBOR a =>
(forall t. ToCBOR t => Proxy t -> Size) -> Proxy a -> Size
encodedSizeExpr (\Proxy t
_ -> forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
verKeySizeVRF) (forall {k} (t :: k). Proxy t
Proxy :: Proxy ByteString)

instance FromCBOR VerKey where
  fromCBOR :: forall s. Decoder s VerKey
fromCBOR = ByteString -> VerKey
vkFromBytes forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> forall a s. FromCBOR a => Decoder s a
fromCBOR

-- | Allocate a Verification Key and attach a finalizer. The allocated memory will
-- not be initialized.
mkVerKey :: IO VerKey
mkVerKey :: IO VerKey
mkVerKey = forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap ForeignPtr VerKeyValue -> VerKey
VerKey forall a b. (a -> b) -> a -> b
$ forall a. FinalizerPtr a -> Ptr a -> IO (ForeignPtr a)
newForeignPtr forall a. FinalizerPtr a
finalizerFree forall (m :: * -> *) a b. Monad m => (a -> m b) -> m a -> m b
=<< forall a. Int -> IO (Ptr a)
mallocBytes Int
verKeySizeVRF

-- | Allocate a Signing Key and attach a finalizer. The allocated memory will
-- not be initialized.
mkSignKey :: IO SignKey
mkSignKey :: IO SignKey
mkSignKey = forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap ForeignPtr SignKeyValue -> SignKey
SignKey forall a b. (a -> b) -> a -> b
$ forall a. FinalizerPtr a -> Ptr a -> IO (ForeignPtr a)
newForeignPtr forall a. FinalizerPtr a
finalizerFree forall (m :: * -> *) a b. Monad m => (a -> m b) -> m a -> m b
=<< forall a. Int -> IO (Ptr a)
mallocBytes Int
signKeySizeVRF

-- | Allocate a Proof and attach a finalizer. The allocated memory will
-- not be initialized.
mkProof :: IO Proof
mkProof :: IO Proof
mkProof = forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap ForeignPtr ProofValue -> Proof
Proof forall a b. (a -> b) -> a -> b
$ forall a. FinalizerPtr a -> Ptr a -> IO (ForeignPtr a)
newForeignPtr forall a. FinalizerPtr a
finalizerFree forall (m :: * -> *) a b. Monad m => (a -> m b) -> m a -> m b
=<< forall a. Int -> IO (Ptr a)
mallocBytes Int
certSizeVRF

proofFromBytes :: ByteString -> Proof
proofFromBytes :: ByteString -> Proof
proofFromBytes ByteString
bs
  | ByteString -> Int
BS.length ByteString
bs forall a. Eq a => a -> a -> Bool
/= Int
certSizeVRF =
      forall a. HasCallStack => [Char] -> a
error [Char]
"Invalid proof length"
  | Bool
otherwise =
      forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ do
        Proof
proof <- IO Proof
mkProof
        forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Proof -> ForeignPtr ProofValue
unProof Proof
proof) forall a b. (a -> b) -> a -> b
$ \Ptr ProofValue
ptr ->
          forall a. Ptr a -> ByteString -> Int -> IO ()
copyFromByteString Ptr ProofValue
ptr ByteString
bs Int
certSizeVRF
        forall (m :: * -> *) a. Monad m => a -> m a
return Proof
proof

skFromBytes :: ByteString -> SignKey
skFromBytes :: ByteString -> SignKey
skFromBytes ByteString
bs = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ do
  if Int
bsLen forall a. Eq a => a -> a -> Bool
/= Int
signKeySizeVRF
    then do
      Int
ioSize <- IO Int
ioSignKeySizeVRF
      forall a. HasCallStack => [Char] -> a
error
        ( [Char]
"Invalid sk length "
            forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show @Int Int
bsLen
            forall a. Semigroup a => a -> a -> a
<> [Char]
", expecting "
            forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show @Int Int
signKeySizeVRF
            forall a. Semigroup a => a -> a -> a
<> [Char]
" or "
            forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show @Int Int
ioSize
        )
    else do
      SignKey
sk <- IO SignKey
mkSignKey
      forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (SignKey -> ForeignPtr SignKeyValue
unSignKey SignKey
sk) forall a b. (a -> b) -> a -> b
$ \Ptr SignKeyValue
ptr ->
        forall a. Ptr a -> ByteString -> Int -> IO ()
copyFromByteString Ptr SignKeyValue
ptr ByteString
bs Int
signKeySizeVRF
      forall (m :: * -> *) a. Monad m => a -> m a
return SignKey
sk
  where
    bsLen :: Int
bsLen = ByteString -> Int
BS.length ByteString
bs

vkFromBytes :: ByteString -> VerKey
vkFromBytes :: ByteString -> VerKey
vkFromBytes ByteString
bs = forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ do
  if ByteString -> Int
BS.length ByteString
bs forall a. Eq a => a -> a -> Bool
/= Int
verKeySizeVRF
    then do
      Int
ioSize <- IO Int
ioVerKeySizeVRF
      forall a. HasCallStack => [Char] -> a
error
        ( [Char]
"Invalid pk length "
            forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show @Int Int
bsLen
            forall a. Semigroup a => a -> a -> a
<> [Char]
", expecting "
            forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show @Int Int
verKeySizeVRF
            forall a. Semigroup a => a -> a -> a
<> [Char]
" or "
            forall a. Semigroup a => a -> a -> a
<> forall a. Show a => a -> [Char]
show @Int Int
ioSize
        )
    else do
      VerKey
pk <- IO VerKey
mkVerKey
      forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (VerKey -> ForeignPtr VerKeyValue
unVerKey VerKey
pk) forall a b. (a -> b) -> a -> b
$ \Ptr VerKeyValue
ptr ->
        forall a. Ptr a -> ByteString -> Int -> IO ()
copyFromByteString Ptr VerKeyValue
ptr ByteString
bs Int
verKeySizeVRF
      forall (m :: * -> *) a. Monad m => a -> m a
return VerKey
pk
  where
    bsLen :: Int
bsLen = ByteString -> Int
BS.length ByteString
bs

-- | Allocate an Output and attach a finalizer. The allocated memory will
-- not be initialized.
mkOutput :: IO Output
mkOutput :: IO Output
mkOutput =
  forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap ForeignPtr OutputValue -> Output
Output forall a b. (a -> b) -> a -> b
$
    forall a. FinalizerPtr a -> Ptr a -> IO (ForeignPtr a)
newForeignPtr forall a. FinalizerPtr a
finalizerFree forall (m :: * -> *) a b. Monad m => (a -> m b) -> m a -> m b
=<< forall a. Int -> IO (Ptr a)
mallocBytes (forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_outputbytes)

-- | Derive a key pair (Sign + Verify) from a seed.
keypairFromSeed :: Seed -> (VerKey, SignKey)
keypairFromSeed :: Seed -> (VerKey, SignKey)
keypairFromSeed Seed
seed =
  forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Seed -> ForeignPtr SeedValue
unSeed Seed
seed) forall a b. (a -> b) -> a -> b
$ \Ptr SeedValue
sptr -> do
    VerKey
pk <- IO VerKey
mkVerKey
    SignKey
sk <- IO SignKey
mkSignKey
    forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (VerKey -> ForeignPtr VerKeyValue
unVerKey VerKey
pk) forall a b. (a -> b) -> a -> b
$ \Ptr VerKeyValue
pkPtr -> do
      forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (SignKey -> ForeignPtr SignKeyValue
unSignKey SignKey
sk) forall a b. (a -> b) -> a -> b
$ \Ptr SignKeyValue
skPtr -> do
        forall (f :: * -> *) a. Functor f => f a -> f ()
void forall a b. (a -> b) -> a -> b
$ Ptr VerKeyValue -> Ptr SignKeyValue -> Ptr SeedValue -> IO CInt
crypto_vrf_ietfdraft13_keypair_from_seed Ptr VerKeyValue
pkPtr Ptr SignKeyValue
skPtr Ptr SeedValue
sptr
    forall (m :: * -> *) a. Monad m => a -> m a
return forall a b. (a -> b) -> a -> b
$ VerKey
pk seq :: forall a b. a -> b -> b
`seq` SignKey
sk seq :: forall a b. a -> b -> b
`seq` (VerKey
pk, SignKey
sk)

-- | Derive a Verification Key from a Signing Key.
skToVerKey :: SignKey -> VerKey
skToVerKey :: SignKey -> VerKey
skToVerKey SignKey
sk =
  forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (SignKey -> ForeignPtr SignKeyValue
unSignKey SignKey
sk) forall a b. (a -> b) -> a -> b
$ \Ptr SignKeyValue
skPtr -> do
    VerKey
pk <- IO VerKey
mkVerKey
    forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (VerKey -> ForeignPtr VerKeyValue
unVerKey VerKey
pk) forall a b. (a -> b) -> a -> b
$ \Ptr VerKeyValue
pkPtr -> do
      forall (f :: * -> *) a. Functor f => f a -> f ()
void forall a b. (a -> b) -> a -> b
$ Ptr VerKeyValue -> Ptr SignKeyValue -> IO CInt
crypto_vrf_ietfdraft13_sk_to_pk Ptr VerKeyValue
pkPtr Ptr SignKeyValue
skPtr
    forall (m :: * -> *) a. Monad m => a -> m a
return VerKey
pk

-- | Get the seed used to generate a given Signing Key
skToSeed :: SignKey -> Seed
skToSeed :: SignKey -> Seed
skToSeed SignKey
sk =
  forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$ forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (SignKey -> ForeignPtr SignKeyValue
unSignKey SignKey
sk) forall a b. (a -> b) -> a -> b
$ \Ptr SignKeyValue
skPtr -> do
    Seed
seed <- IO Seed
mkSeed
    CInt
_ <- forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Seed -> ForeignPtr SeedValue
unSeed Seed
seed) forall a b. (a -> b) -> a -> b
$ \Ptr SeedValue
seedPtr -> do
      Ptr SeedValue -> Ptr SignKeyValue -> IO CInt
crypto_vrf_ietfdraft13_sk_to_seed Ptr SeedValue
seedPtr Ptr SignKeyValue
skPtr
    forall (m :: * -> *) a. Monad m => a -> m a
return Seed
seed

-- | Construct a proof from a Signing Key and a message.
-- Returns 'Just' the proof on success, 'Nothing' if the signing key could not
-- be decoded.
prove :: SignKey -> ByteString -> Maybe Proof
prove :: SignKey -> ByteString -> Maybe Proof
prove SignKey
sk ByteString
msg =
  forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$
    forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (SignKey -> ForeignPtr SignKeyValue
unSignKey SignKey
sk) forall a b. (a -> b) -> a -> b
$ \Ptr SignKeyValue
skPtr -> do
      Proof
proof <- IO Proof
mkProof
      forall a. ByteString -> (CStringLen -> IO a) -> IO a
BS.useAsCStringLen ByteString
msg forall a b. (a -> b) -> a -> b
$ \(Ptr CChar
m, Int
mlen) -> do
        forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Proof -> ForeignPtr ProofValue
unProof Proof
proof) forall a b. (a -> b) -> a -> b
$ \Ptr ProofValue
proofPtr -> do
          Ptr ProofValue
-> Ptr SignKeyValue -> Ptr CChar -> CULLong -> IO CInt
crypto_vrf_ietfdraft13_prove_batchcompat Ptr ProofValue
proofPtr Ptr SignKeyValue
skPtr Ptr CChar
m (forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
mlen) forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= \case
            CInt
0 -> forall (m :: * -> *) a. Monad m => a -> m a
return forall a b. (a -> b) -> a -> b
$ forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$! Proof
proof
            CInt
_ -> forall (m :: * -> *) a. Monad m => a -> m a
return forall a. Maybe a
Nothing

-- | Verify a VRF proof and validate the Verification Key. Returns 'Just' a hash of
-- the verification result on success, 'Nothing' if the verification did not
-- succeed.
--
-- For a given verification key and message, there are many possible proofs but only
-- one possible output hash.
verify :: VerKey -> Proof -> ByteString -> Maybe Output
verify :: VerKey -> Proof -> ByteString -> Maybe Output
verify VerKey
pk Proof
proof ByteString
msg =
  forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$
    forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (VerKey -> ForeignPtr VerKeyValue
unVerKey VerKey
pk) forall a b. (a -> b) -> a -> b
$ \Ptr VerKeyValue
pkPtr -> do
      forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Proof -> ForeignPtr ProofValue
unProof Proof
proof) forall a b. (a -> b) -> a -> b
$ \Ptr ProofValue
proofPtr -> do
        Output
output <- IO Output
mkOutput
        forall a. ByteString -> (CStringLen -> IO a) -> IO a
BS.useAsCStringLen ByteString
msg forall a b. (a -> b) -> a -> b
$ \(Ptr CChar
m, Int
mlen) -> do
          forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Output -> ForeignPtr OutputValue
unOutput Output
output) forall a b. (a -> b) -> a -> b
$ \Ptr OutputValue
outputPtr -> do
            Ptr OutputValue
-> Ptr VerKeyValue
-> Ptr ProofValue
-> Ptr CChar
-> CULLong
-> IO CInt
crypto_vrf_ietfdraft13_verify_batchcompat Ptr OutputValue
outputPtr Ptr VerKeyValue
pkPtr Ptr ProofValue
proofPtr Ptr CChar
m (forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
mlen) forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= \case
              CInt
0 -> forall (m :: * -> *) a. Monad m => a -> m a
return forall a b. (a -> b) -> a -> b
$ forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$! Output
output
              CInt
_ -> forall (m :: * -> *) a. Monad m => a -> m a
return forall a. Maybe a
Nothing

outputFromProof :: Proof -> Maybe Output
outputFromProof :: Proof -> Maybe Output
outputFromProof (Proof ForeignPtr ProofValue
p) =
  forall a. IO a -> a
unsafePerformIO forall a b. (a -> b) -> a -> b
$
    forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr ForeignPtr ProofValue
p forall a b. (a -> b) -> a -> b
$ \Ptr ProofValue
ptr -> do
      Output
output <- IO Output
mkOutput
      forall a b. ForeignPtr a -> (Ptr a -> IO b) -> IO b
withForeignPtr (Output -> ForeignPtr OutputValue
unOutput Output
output) forall a b. (a -> b) -> a -> b
$ \Ptr OutputValue
outputPtr -> do
        Ptr OutputValue -> Ptr ProofValue -> IO CInt
crypto_vrf_ietfdraft13_proof_to_hash_batchcompat Ptr OutputValue
outputPtr Ptr ProofValue
ptr forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= \case
          CInt
0 -> forall (m :: * -> *) a. Monad m => a -> m a
return forall a b. (a -> b) -> a -> b
$ forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$! Output
output
          CInt
_ -> forall (m :: * -> *) a. Monad m => a -> m a
return forall a. Maybe a
Nothing

data PraosBatchCompatVRF

instance VRFAlgorithm PraosBatchCompatVRF where
  newtype VerKeyVRF PraosBatchCompatVRF = VerKeyPraosBatchCompatVRF VerKey
    deriving stock (Int -> VerKeyVRF PraosBatchCompatVRF -> ShowS
[VerKeyVRF PraosBatchCompatVRF] -> ShowS
VerKeyVRF PraosBatchCompatVRF -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [VerKeyVRF PraosBatchCompatVRF] -> ShowS
$cshowList :: [VerKeyVRF PraosBatchCompatVRF] -> ShowS
show :: VerKeyVRF PraosBatchCompatVRF -> [Char]
$cshow :: VerKeyVRF PraosBatchCompatVRF -> [Char]
showsPrec :: Int -> VerKeyVRF PraosBatchCompatVRF -> ShowS
$cshowsPrec :: Int -> VerKeyVRF PraosBatchCompatVRF -> ShowS
Show, VerKeyVRF PraosBatchCompatVRF
-> VerKeyVRF PraosBatchCompatVRF -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: VerKeyVRF PraosBatchCompatVRF
-> VerKeyVRF PraosBatchCompatVRF -> Bool
$c/= :: VerKeyVRF PraosBatchCompatVRF
-> VerKeyVRF PraosBatchCompatVRF -> Bool
== :: VerKeyVRF PraosBatchCompatVRF
-> VerKeyVRF PraosBatchCompatVRF -> Bool
$c== :: VerKeyVRF PraosBatchCompatVRF
-> VerKeyVRF PraosBatchCompatVRF -> Bool
Eq, forall x.
Rep (VerKeyVRF PraosBatchCompatVRF) x
-> VerKeyVRF PraosBatchCompatVRF
forall x.
VerKeyVRF PraosBatchCompatVRF
-> Rep (VerKeyVRF PraosBatchCompatVRF) x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep (VerKeyVRF PraosBatchCompatVRF) x
-> VerKeyVRF PraosBatchCompatVRF
$cfrom :: forall x.
VerKeyVRF PraosBatchCompatVRF
-> Rep (VerKeyVRF PraosBatchCompatVRF) x
Generic)
    deriving newtype (Typeable (VerKeyVRF PraosBatchCompatVRF)
VerKeyVRF PraosBatchCompatVRF -> Encoding
(forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [VerKeyVRF PraosBatchCompatVRF] -> Size
(forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (VerKeyVRF PraosBatchCompatVRF) -> Size
forall a.
Typeable a
-> (a -> Encoding)
-> ((forall t. ToCBOR t => Proxy t -> Size) -> Proxy a -> Size)
-> ((forall t. ToCBOR t => Proxy t -> Size) -> Proxy [a] -> Size)
-> ToCBOR a
encodedListSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [VerKeyVRF PraosBatchCompatVRF] -> Size
$cencodedListSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [VerKeyVRF PraosBatchCompatVRF] -> Size
encodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (VerKeyVRF PraosBatchCompatVRF) -> Size
$cencodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (VerKeyVRF PraosBatchCompatVRF) -> Size
toCBOR :: VerKeyVRF PraosBatchCompatVRF -> Encoding
$ctoCBOR :: VerKeyVRF PraosBatchCompatVRF -> Encoding
ToCBOR, Typeable (VerKeyVRF PraosBatchCompatVRF)
Proxy (VerKeyVRF PraosBatchCompatVRF) -> Text
forall s. Decoder s (VerKeyVRF PraosBatchCompatVRF)
forall a.
Typeable a
-> (forall s. Decoder s a) -> (Proxy a -> Text) -> FromCBOR a
label :: Proxy (VerKeyVRF PraosBatchCompatVRF) -> Text
$clabel :: Proxy (VerKeyVRF PraosBatchCompatVRF) -> Text
fromCBOR :: forall s. Decoder s (VerKeyVRF PraosBatchCompatVRF)
$cfromCBOR :: forall s. Decoder s (VerKeyVRF PraosBatchCompatVRF)
FromCBOR)
    deriving (Context -> VerKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
Proxy (VerKeyVRF PraosBatchCompatVRF) -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy (VerKeyVRF PraosBatchCompatVRF) -> [Char]
$cshowTypeOf :: Proxy (VerKeyVRF PraosBatchCompatVRF) -> [Char]
wNoThunks :: Context -> VerKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> VerKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
noThunks :: Context -> VerKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> VerKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnfNamed "VerKeyVRF PraosBatchCompatVRF" VerKey
    deriving newtype (VerKeyVRF PraosBatchCompatVRF -> ()
forall a. (a -> ()) -> NFData a
rnf :: VerKeyVRF PraosBatchCompatVRF -> ()
$crnf :: VerKeyVRF PraosBatchCompatVRF -> ()
NFData)

  newtype SignKeyVRF PraosBatchCompatVRF = SignKeyPraosBatchCompatVRF SignKey
    deriving stock (Int -> SignKeyVRF PraosBatchCompatVRF -> ShowS
[SignKeyVRF PraosBatchCompatVRF] -> ShowS
SignKeyVRF PraosBatchCompatVRF -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [SignKeyVRF PraosBatchCompatVRF] -> ShowS
$cshowList :: [SignKeyVRF PraosBatchCompatVRF] -> ShowS
show :: SignKeyVRF PraosBatchCompatVRF -> [Char]
$cshow :: SignKeyVRF PraosBatchCompatVRF -> [Char]
showsPrec :: Int -> SignKeyVRF PraosBatchCompatVRF -> ShowS
$cshowsPrec :: Int -> SignKeyVRF PraosBatchCompatVRF -> ShowS
Show, SignKeyVRF PraosBatchCompatVRF
-> SignKeyVRF PraosBatchCompatVRF -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: SignKeyVRF PraosBatchCompatVRF
-> SignKeyVRF PraosBatchCompatVRF -> Bool
$c/= :: SignKeyVRF PraosBatchCompatVRF
-> SignKeyVRF PraosBatchCompatVRF -> Bool
== :: SignKeyVRF PraosBatchCompatVRF
-> SignKeyVRF PraosBatchCompatVRF -> Bool
$c== :: SignKeyVRF PraosBatchCompatVRF
-> SignKeyVRF PraosBatchCompatVRF -> Bool
Eq, forall x.
Rep (SignKeyVRF PraosBatchCompatVRF) x
-> SignKeyVRF PraosBatchCompatVRF
forall x.
SignKeyVRF PraosBatchCompatVRF
-> Rep (SignKeyVRF PraosBatchCompatVRF) x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep (SignKeyVRF PraosBatchCompatVRF) x
-> SignKeyVRF PraosBatchCompatVRF
$cfrom :: forall x.
SignKeyVRF PraosBatchCompatVRF
-> Rep (SignKeyVRF PraosBatchCompatVRF) x
Generic)
    deriving newtype (Typeable (SignKeyVRF PraosBatchCompatVRF)
SignKeyVRF PraosBatchCompatVRF -> Encoding
(forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [SignKeyVRF PraosBatchCompatVRF] -> Size
(forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (SignKeyVRF PraosBatchCompatVRF) -> Size
forall a.
Typeable a
-> (a -> Encoding)
-> ((forall t. ToCBOR t => Proxy t -> Size) -> Proxy a -> Size)
-> ((forall t. ToCBOR t => Proxy t -> Size) -> Proxy [a] -> Size)
-> ToCBOR a
encodedListSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [SignKeyVRF PraosBatchCompatVRF] -> Size
$cencodedListSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [SignKeyVRF PraosBatchCompatVRF] -> Size
encodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (SignKeyVRF PraosBatchCompatVRF) -> Size
$cencodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (SignKeyVRF PraosBatchCompatVRF) -> Size
toCBOR :: SignKeyVRF PraosBatchCompatVRF -> Encoding
$ctoCBOR :: SignKeyVRF PraosBatchCompatVRF -> Encoding
ToCBOR, Typeable (SignKeyVRF PraosBatchCompatVRF)
Proxy (SignKeyVRF PraosBatchCompatVRF) -> Text
forall s. Decoder s (SignKeyVRF PraosBatchCompatVRF)
forall a.
Typeable a
-> (forall s. Decoder s a) -> (Proxy a -> Text) -> FromCBOR a
label :: Proxy (SignKeyVRF PraosBatchCompatVRF) -> Text
$clabel :: Proxy (SignKeyVRF PraosBatchCompatVRF) -> Text
fromCBOR :: forall s. Decoder s (SignKeyVRF PraosBatchCompatVRF)
$cfromCBOR :: forall s. Decoder s (SignKeyVRF PraosBatchCompatVRF)
FromCBOR)
    deriving (Context -> SignKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
Proxy (SignKeyVRF PraosBatchCompatVRF) -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy (SignKeyVRF PraosBatchCompatVRF) -> [Char]
$cshowTypeOf :: Proxy (SignKeyVRF PraosBatchCompatVRF) -> [Char]
wNoThunks :: Context -> SignKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> SignKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
noThunks :: Context -> SignKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> SignKeyVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnfNamed "SignKeyVRF PraosBatchCompatVRF" SignKey
    deriving newtype (SignKeyVRF PraosBatchCompatVRF -> ()
forall a. (a -> ()) -> NFData a
rnf :: SignKeyVRF PraosBatchCompatVRF -> ()
$crnf :: SignKeyVRF PraosBatchCompatVRF -> ()
NFData)

  newtype CertVRF PraosBatchCompatVRF = CertPraosBatchCompatVRF Proof
    deriving stock (Int -> CertVRF PraosBatchCompatVRF -> ShowS
[CertVRF PraosBatchCompatVRF] -> ShowS
CertVRF PraosBatchCompatVRF -> [Char]
forall a.
(Int -> a -> ShowS) -> (a -> [Char]) -> ([a] -> ShowS) -> Show a
showList :: [CertVRF PraosBatchCompatVRF] -> ShowS
$cshowList :: [CertVRF PraosBatchCompatVRF] -> ShowS
show :: CertVRF PraosBatchCompatVRF -> [Char]
$cshow :: CertVRF PraosBatchCompatVRF -> [Char]
showsPrec :: Int -> CertVRF PraosBatchCompatVRF -> ShowS
$cshowsPrec :: Int -> CertVRF PraosBatchCompatVRF -> ShowS
Show, CertVRF PraosBatchCompatVRF -> CertVRF PraosBatchCompatVRF -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CertVRF PraosBatchCompatVRF -> CertVRF PraosBatchCompatVRF -> Bool
$c/= :: CertVRF PraosBatchCompatVRF -> CertVRF PraosBatchCompatVRF -> Bool
== :: CertVRF PraosBatchCompatVRF -> CertVRF PraosBatchCompatVRF -> Bool
$c== :: CertVRF PraosBatchCompatVRF -> CertVRF PraosBatchCompatVRF -> Bool
Eq, forall x.
Rep (CertVRF PraosBatchCompatVRF) x -> CertVRF PraosBatchCompatVRF
forall x.
CertVRF PraosBatchCompatVRF -> Rep (CertVRF PraosBatchCompatVRF) x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep (CertVRF PraosBatchCompatVRF) x -> CertVRF PraosBatchCompatVRF
$cfrom :: forall x.
CertVRF PraosBatchCompatVRF -> Rep (CertVRF PraosBatchCompatVRF) x
Generic)
    deriving newtype (Typeable (CertVRF PraosBatchCompatVRF)
CertVRF PraosBatchCompatVRF -> Encoding
(forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [CertVRF PraosBatchCompatVRF] -> Size
(forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (CertVRF PraosBatchCompatVRF) -> Size
forall a.
Typeable a
-> (a -> Encoding)
-> ((forall t. ToCBOR t => Proxy t -> Size) -> Proxy a -> Size)
-> ((forall t. ToCBOR t => Proxy t -> Size) -> Proxy [a] -> Size)
-> ToCBOR a
encodedListSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [CertVRF PraosBatchCompatVRF] -> Size
$cencodedListSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy [CertVRF PraosBatchCompatVRF] -> Size
encodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (CertVRF PraosBatchCompatVRF) -> Size
$cencodedSizeExpr :: (forall t. ToCBOR t => Proxy t -> Size)
-> Proxy (CertVRF PraosBatchCompatVRF) -> Size
toCBOR :: CertVRF PraosBatchCompatVRF -> Encoding
$ctoCBOR :: CertVRF PraosBatchCompatVRF -> Encoding
ToCBOR, Typeable (CertVRF PraosBatchCompatVRF)
Proxy (CertVRF PraosBatchCompatVRF) -> Text
forall s. Decoder s (CertVRF PraosBatchCompatVRF)
forall a.
Typeable a
-> (forall s. Decoder s a) -> (Proxy a -> Text) -> FromCBOR a
label :: Proxy (CertVRF PraosBatchCompatVRF) -> Text
$clabel :: Proxy (CertVRF PraosBatchCompatVRF) -> Text
fromCBOR :: forall s. Decoder s (CertVRF PraosBatchCompatVRF)
$cfromCBOR :: forall s. Decoder s (CertVRF PraosBatchCompatVRF)
FromCBOR)
    deriving (Context -> CertVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
Proxy (CertVRF PraosBatchCompatVRF) -> [Char]
forall a.
(Context -> a -> IO (Maybe ThunkInfo))
-> (Context -> a -> IO (Maybe ThunkInfo))
-> (Proxy a -> [Char])
-> NoThunks a
showTypeOf :: Proxy (CertVRF PraosBatchCompatVRF) -> [Char]
$cshowTypeOf :: Proxy (CertVRF PraosBatchCompatVRF) -> [Char]
wNoThunks :: Context -> CertVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
$cwNoThunks :: Context -> CertVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
noThunks :: Context -> CertVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
$cnoThunks :: Context -> CertVRF PraosBatchCompatVRF -> IO (Maybe ThunkInfo)
NoThunks) via OnlyCheckWhnfNamed "CertKeyVRF PraosBatchCompatVRF" Proof
    deriving newtype (CertVRF PraosBatchCompatVRF -> ()
forall a. (a -> ()) -> NFData a
rnf :: CertVRF PraosBatchCompatVRF -> ()
$crnf :: CertVRF PraosBatchCompatVRF -> ()
NFData)

  type Signable PraosBatchCompatVRF = SignableRepresentation

  algorithmNameVRF :: forall (proxy :: * -> *). proxy PraosBatchCompatVRF -> [Char]
algorithmNameVRF = forall a b. a -> b -> a
const [Char]
"PraosBatchCompatVRF"

  deriveVerKeyVRF :: SignKeyVRF PraosBatchCompatVRF -> VerKeyVRF PraosBatchCompatVRF
deriveVerKeyVRF = coerce :: forall a b. Coercible a b => a -> b
coerce SignKey -> VerKey
skToVerKey

  evalVRF :: forall a.
(HasCallStack, Signable PraosBatchCompatVRF a) =>
ContextVRF PraosBatchCompatVRF
-> a
-> SignKeyVRF PraosBatchCompatVRF
-> (OutputVRF PraosBatchCompatVRF, CertVRF PraosBatchCompatVRF)
evalVRF = \ContextVRF PraosBatchCompatVRF
_ a
msg (SignKeyPraosBatchCompatVRF SignKey
sk) ->
    let msgBS :: ByteString
msgBS = forall a. SignableRepresentation a => a -> ByteString
getSignableRepresentation a
msg
        proof :: Proof
proof = forall a. a -> Maybe a -> a
fromMaybe (forall a. HasCallStack => [Char] -> a
error [Char]
"Invalid Key") forall a b. (a -> b) -> a -> b
$ SignKey -> ByteString -> Maybe Proof
prove SignKey
sk ByteString
msgBS
        output :: Output
output = forall a. a -> Maybe a -> a
fromMaybe (forall a. HasCallStack => [Char] -> a
error [Char]
"Invalid Proof") forall a b. (a -> b) -> a -> b
$ Proof -> Maybe Output
outputFromProof Proof
proof
     in Output
output seq :: forall a b. a -> b -> b
`seq`
          Proof
proof seq :: forall a b. a -> b -> b
`seq`
            (forall v. ByteString -> OutputVRF v
OutputVRF (Output -> ByteString
outputBytes Output
output), Proof -> CertVRF PraosBatchCompatVRF
CertPraosBatchCompatVRF Proof
proof)

  verifyVRF :: forall a.
(HasCallStack, Signable PraosBatchCompatVRF a) =>
ContextVRF PraosBatchCompatVRF
-> VerKeyVRF PraosBatchCompatVRF
-> a
-> CertVRF PraosBatchCompatVRF
-> Maybe (OutputVRF PraosBatchCompatVRF)
verifyVRF = \ContextVRF PraosBatchCompatVRF
_ (VerKeyPraosBatchCompatVRF VerKey
pk) a
msg (CertPraosBatchCompatVRF Proof
proof) ->
    (forall v. ByteString -> OutputVRF v
OutputVRF forall b c a. (b -> c) -> (a -> b) -> a -> c
. Output -> ByteString
outputBytes) forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> VerKey -> Proof -> ByteString -> Maybe Output
verify VerKey
pk Proof
proof (forall a. SignableRepresentation a => a -> ByteString
getSignableRepresentation a
msg)

  sizeOutputVRF :: forall (proxy :: * -> *). proxy PraosBatchCompatVRF -> Word
sizeOutputVRF proxy PraosBatchCompatVRF
_ = forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_outputbytes
  seedSizeVRF :: forall (proxy :: * -> *). proxy PraosBatchCompatVRF -> Word
seedSizeVRF proxy PraosBatchCompatVRF
_ = forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_seedbytes

  genKeyPairVRF :: Seed
-> (SignKeyVRF PraosBatchCompatVRF, VerKeyVRF PraosBatchCompatVRF)
genKeyPairVRF = \Seed
cryptoseed ->
    let seed :: Seed
seed =
          ByteString -> Seed
seedFromBytes forall b c a. (b -> c) -> (a -> b) -> a -> c
. forall a b. (a, b) -> a
fst forall b c a. (b -> c) -> (a -> b) -> a -> c
. Word -> Seed -> (ByteString, Seed)
getBytesFromSeedT (forall a b. (Integral a, Num b) => a -> b
fromIntegral CSize
crypto_vrf_ietfdraft13_seedbytes) forall a b. (a -> b) -> a -> b
$ Seed
cryptoseed
        (VerKey
pk, SignKey
sk) = Seed -> (VerKey, SignKey)
keypairFromSeed Seed
seed
     in SignKey
sk seq :: forall a b. a -> b -> b
`seq` VerKey
pk seq :: forall a b. a -> b -> b
`seq` (SignKey -> SignKeyVRF PraosBatchCompatVRF
SignKeyPraosBatchCompatVRF SignKey
sk, VerKey -> VerKeyVRF PraosBatchCompatVRF
VerKeyPraosBatchCompatVRF VerKey
pk)

  rawSerialiseVerKeyVRF :: VerKeyVRF PraosBatchCompatVRF -> ByteString
rawSerialiseVerKeyVRF (VerKeyPraosBatchCompatVRF VerKey
pk) = VerKey -> ByteString
vkBytes VerKey
pk
  rawSerialiseSignKeyVRF :: SignKeyVRF PraosBatchCompatVRF -> ByteString
rawSerialiseSignKeyVRF (SignKeyPraosBatchCompatVRF SignKey
sk) = SignKey -> ByteString
skBytes SignKey
sk
  rawSerialiseCertVRF :: CertVRF PraosBatchCompatVRF -> ByteString
rawSerialiseCertVRF (CertPraosBatchCompatVRF Proof
proof) = Proof -> ByteString
proofBytes Proof
proof
  rawDeserialiseVerKeyVRF :: ByteString -> Maybe (VerKeyVRF PraosBatchCompatVRF)
rawDeserialiseVerKeyVRF = forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap (VerKey -> VerKeyVRF PraosBatchCompatVRF
VerKeyPraosBatchCompatVRF forall b c a. (b -> c) -> (a -> b) -> a -> c
. ByteString -> VerKey
vkFromBytes) forall b c a. (b -> c) -> (a -> b) -> a -> c
. Int -> ByteString -> Maybe ByteString
assertLength Int
verKeySizeVRF
  rawDeserialiseSignKeyVRF :: ByteString -> Maybe (SignKeyVRF PraosBatchCompatVRF)
rawDeserialiseSignKeyVRF = forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap (SignKey -> SignKeyVRF PraosBatchCompatVRF
SignKeyPraosBatchCompatVRF forall b c a. (b -> c) -> (a -> b) -> a -> c
. ByteString -> SignKey
skFromBytes) forall b c a. (b -> c) -> (a -> b) -> a -> c
. Int -> ByteString -> Maybe ByteString
assertLength Int
signKeySizeVRF
  rawDeserialiseCertVRF :: ByteString -> Maybe (CertVRF PraosBatchCompatVRF)
rawDeserialiseCertVRF = forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
fmap (Proof -> CertVRF PraosBatchCompatVRF
CertPraosBatchCompatVRF forall b c a. (b -> c) -> (a -> b) -> a -> c
. ByteString -> Proof
proofFromBytes) forall b c a. (b -> c) -> (a -> b) -> a -> c
. Int -> ByteString -> Maybe ByteString
assertLength Int
certSizeVRF

  sizeVerKeyVRF :: forall (proxy :: * -> *). proxy PraosBatchCompatVRF -> Word
sizeVerKeyVRF proxy PraosBatchCompatVRF
_ = forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
verKeySizeVRF
  sizeSignKeyVRF :: forall (proxy :: * -> *). proxy PraosBatchCompatVRF -> Word
sizeSignKeyVRF proxy PraosBatchCompatVRF
_ = forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
signKeySizeVRF
  sizeCertVRF :: forall (proxy :: * -> *). proxy PraosBatchCompatVRF -> Word
sizeCertVRF proxy PraosBatchCompatVRF
_ = forall a b. (Integral a, Num b) => a -> b
fromIntegral Int
certSizeVRF

assertLength :: Int -> ByteString -> Maybe ByteString
assertLength :: Int -> ByteString -> Maybe ByteString
assertLength Int
l ByteString
bs
  | ByteString -> Int
BS.length ByteString
bs forall a. Eq a => a -> a -> Bool
== Int
l =
      forall a. a -> Maybe a
Just ByteString
bs
  | Bool
otherwise =
      forall a. Maybe a
Nothing