Esempio n. 1
static void hash_for_segwit(struct sha256_ctx *ctx,
			    const struct bitcoin_tx *tx,
			    unsigned int input_num,
			    const u8 *witness_script)
	struct sha256_double h;

	/* BIP143:
	 * Double SHA256 of the serialization of:
	 *     1. nVersion of the transaction (4-byte little endian)
	add_le32(tx->version, add_sha, ctx);

	/*     2. hashPrevouts (32-byte hash) */
	hash_prevouts(&h, tx);
	add_sha(&h, sizeof(h), ctx);

	/*     3. hashSequence (32-byte hash) */
	hash_sequence(&h, tx);
	add_sha(&h, sizeof(h), ctx);

	/*     4. outpoint (32-byte hash + 4-byte little endian)  */
	add_sha(&tx->input[input_num].txid, sizeof(tx->input[input_num].txid),
	add_le32(tx->input[input_num].index, add_sha, ctx);

	/*     5. scriptCode of the input (varInt for the length + script) */
	add_varint_blob(witness_script, tal_count(witness_script), add_sha, ctx);

	/*     6. value of the output spent by this input (8-byte little end) */
	add_le64(*tx->input[input_num].amount, add_sha, ctx);

	/*     7. nSequence of the input (4-byte little endian) */
	add_le32(tx->input[input_num].sequence_number, add_sha, ctx);

	/*     8. hashOutputs (32-byte hash) */
	hash_outputs(&h, tx);
	add_sha(&h, sizeof(h), ctx);

	/*     9. nLocktime of the transaction (4-byte little endian) */
	add_le32(tx->lock_time, add_sha, ctx);
void OTExtensionWithMatrix::transfer(int nOTs,
                                     const BitVector& receiverInput)
    timeval totalstartv, totalendv;
    gettimeofday(&totalstartv, NULL);
    cout << "\tDoing " << nOTs << " extended OTs as " << role_to_str(ot_role) << endl;
    if (nOTs % nbaseOTs != 0)
        throw invalid_length(); //"nOTs must be a multiple of nbaseOTs\n");
    if (nOTs == 0)
    // add k + s to account for discarding k OTs
    nOTs += 2 * 128;

    int slice = nOTs / nsubloops / 128;
    BitMatrix t1(nOTs), u(nOTs);
    senderOutputMatrices.resize(2, BitMatrix(nOTs));
    // resize to account for extra k OTs that are discarded
    PRNG G;
    BitVector newReceiverInput(nOTs);
    for (unsigned int i = 0; i < receiverInput.size_bytes(); i++)
        newReceiverInput.set_byte(i, receiverInput.get_byte(i));

    //BitVector newReceiverInput(receiverInput);


    for (int loop = 0; loop < nloops; loop++)
        // randomize last 128 + 128 bits that will be discarded
        for (int i = 0; i < 4; i++)
            newReceiverInput.set_word(nOTs/64 - i, G.get_word());

        // subloop for first part to interleave communication with computation
        for (int start = 0; start < nOTs / 128; start += slice)
            vector<octetStream> os(2);

            BitMatrixSlice receiverOutputSlice(receiverOutputMatrix, start, slice);
            BitMatrixSlice senderOutputSlices[2] = {
                BitMatrixSlice(senderOutputMatrices[0], start, slice),
                BitMatrixSlice(senderOutputMatrices[1], start, slice)
            BitMatrixSlice t1Slice(t1, start, slice);
            BitMatrixSlice uSlice(u, start, slice);

            // expand with PRG and create correlation
            if (ot_role & RECEIVER)
                for (int i = 0; i < nbaseOTs; i++)
                    receiverOutputSlice.randomize(i, G_sender[i][0]);
                    t1Slice.randomize(i, G_sender[i][1]);

                t1Slice ^= receiverOutputSlice;
                t1Slice ^= newReceiverInput;

//                t1 = receiverOutputMatrix;
//                t1 ^= newReceiverInput;
//                receiverOutputMatrix.print_side_by_side(t1);
            timeval commst1, commst2;
            gettimeofday(&commst1, NULL);
            // send t0 + t1 + x
            send_if_ot_receiver(player, os, ot_role);

            // sender adjusts using base receiver bits
            if (ot_role & SENDER)
                for (int i = 0; i < nbaseOTs; i++)
                    // randomize base receiver output
                    senderOutputSlices[0].randomize(i, G_receiver[i]);

                // u = t0 + t1 + x
                senderOutputSlices[0].conditional_xor(baseReceiverInput, u);
            gettimeofday(&commst2, NULL);
#ifdef VERBOSE
            double commstime = timeval_diff(&commst1, &commst2);
            cout << "\t\tCommunication took time " << commstime/1000000 << endl << flush;
            times["Communication"] += timeval_diff(&commst1, &commst2);

            // transpose t0[i] onto receiverOutput and tmp (q[i]) onto senderOutput[i][0]

#ifdef VERBOSE
            cout << "Starting matrix transpose\n" << flush << endl;
            timeval transt1, transt2;
            gettimeofday(&transt1, NULL);
            // transpose in 128-bit chunks
            if (ot_role & RECEIVER)
            if (ot_role & SENDER)

            gettimeofday(&transt2, NULL);
#ifdef VERBOSE
            double transtime = timeval_diff(&transt1, &transt2);
            cout << "\t\tMatrix transpose took time " << transtime/1000000 << endl << flush;
            times["Matrix transpose"] += timeval_diff(&transt1, &transt2);

        // correlation check
        if (!passive_only)
            timeval startv, endv;
            gettimeofday(&startv, NULL);
            check_correlation(nOTs, newReceiverInput);
            gettimeofday(&endv, NULL);
#ifdef VERBOSE
            double elapsed = timeval_diff(&startv, &endv);
            cout << "\t\tTotal correlation check time: " << elapsed/1000000 << endl << flush;
            times["Total correlation check"] += timeval_diff(&startv, &endv);

#ifdef VERBOSE
        gettimeofday(&totalendv, NULL);
        double elapsed = timeval_diff(&totalstartv, &totalendv);
        cout << "\t\tTotal thread time: " << elapsed/1000000 << endl << flush;

    gettimeofday(&totalendv, NULL);
    times["Total thread"] +=  timeval_diff(&totalstartv, &totalendv);

    receiverOutputMatrix.resize(nOTs - 2 * 128);
    senderOutputMatrices[0].resize(nOTs - 2 * 128);
    senderOutputMatrices[1].resize(nOTs - 2 * 128);