added test for HKDFSha256

crema-labs · Nov 23, 2024 · 97d9de0 · 97d9de0
1 parent f83b326
commit 97d9de0
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 7 deletions.
diff --git a/circuits/hkdf.circom b/circuits/hkdf.circom
@@ -6,19 +6,19 @@ include "./hmac/circuits/hmac.circom";
 // is : info length
 // k : key length
 // m : number of keys to extract
-// s : key length
-template HKDFSha256(ss,is,k,m,s){
-  signal input info[is];
-  signal input secret[ss];
+// n : key length
+template HKDFSha256(s,i,k,m,n){
+  signal input secret[s];
+  signal input info[i];
   signal input key[k];
 
-  component hmac = HmacSha256(ss, k);
-  signal output out[m][s];
+  component hmac = HmacSha256(s, k);
+  signal output out[m][n];
 
   hmac.message <== secret;
   hmac.key <== key;
 
-  component extract = Extract(is, 32, m, s);
+  component extract = Extract(i, 32, m, n);
   extract.info <== info;
   extract.key <== hmac.hmac;
 

diff --git a/tests/hkdf.test.ts b/tests/hkdf.test.ts
@@ -63,4 +63,37 @@ describe("HKDF", () => {
       );
     });
   });
+  describe("HKDFSha256", () => {
+    let circuit: WitnessTester<["secret", "info", "key"], ["out"]>;
+    before(async () => {
+      circuit = await circomkit.WitnessTester(`HKDF`, {
+        file: "hkdf",
+        template: "HKDFSha256",
+        params: [32, 0, 32, 2, 16],
+      });
+      console.log("#constraints:", await circuit.getConstraintCount());
+    });
+
+    it("should extract two 16 bytes keys from key", async () => {
+      await circuit.expectPass(
+        {
+          secret: [
+            0x10, 0xd9, 0xcb, 0x53, 0xd1, 0xa4, 0x05, 0xcf, 0xe2, 0x68, 0x6e, 0x08, 0x35, 0x90, 0x4d, 0x48, 0x43, 0x5e,
+            0x80, 0x54, 0xa7, 0x9f, 0x98, 0x56, 0x83, 0xd0, 0xff, 0x72, 0x59, 0xf7, 0xa8, 0x04,
+          ],
+          info: [],
+          key: [
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+          ],
+        },
+        {
+          out: [
+            [0x5b, 0x02, 0xd2, 0x11, 0x3a, 0xbb, 0x74, 0x49, 0xc3, 0x7d, 0x57, 0xe0, 0xc7, 0x7a, 0x99, 0xc4],
+            [0x43, 0x7a, 0xb4, 0xc1, 0x85, 0x2f, 0xa9, 0xcc, 0x8e, 0xc5, 0xbd, 0x64, 0x97, 0xf0, 0x31, 0x91],
+          ],
+        }
+      );
+    });
+  });
 });