Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
Classes | Typedefs | Functions
aes128_constraint.test.cpp File Reference
#include "aes128_constraint.hpp"
#include "acir_format.hpp"
#include "barretenberg/circuit_checker/circuit_checker.hpp"
#include "barretenberg/common/assert.hpp"
#include "barretenberg/crypto/aes128/aes128.hpp"
#include "barretenberg/dsl/acir_format/test_class.hpp"
#include "barretenberg/dsl/acir_format/utils.hpp"
#include "barretenberg/numeric/random/engine.hpp"
#include <cstdint>
#include <gtest/gtest.h>
#include <vector>

Go to the source code of this file.

Classes

class  AES128TestingFunctions< Builder_, IsPlaintextConstant, IsKeyConstant, IsIVConstant >
 Testing functions to generate the AES128Test test suite. More...
 
class  AES128TestingFunctions< Builder_, IsPlaintextConstant, IsKeyConstant, IsIVConstant >::InvalidWitness
 
class  AES128TestAllWitness< Builder >
 
class  AES128TestConstantPlaintext< Builder >
 
class  AES128TestConstantKey< Builder >
 
class  AES128TestConstantIV< Builder >
 
class  AES128TestAllConstant< Builder >
 
class  AES128RangeConstraintTest
 
class  AES128ShapeValidationTest
 

Typedefs

using BuilderTypes = testing::Types< UltraCircuitBuilder, MegaCircuitBuilder >
 

Functions

 TYPED_TEST_SUITE (AES128TestAllWitness, BuilderTypes)
 
 TYPED_TEST (AES128TestAllWitness, GenerateVKFromConstraints)
 
 TYPED_TEST (AES128TestAllWitness, Tampering)
 
 TYPED_TEST_SUITE (AES128TestConstantPlaintext, BuilderTypes)
 
 TYPED_TEST (AES128TestConstantPlaintext, GenerateVKFromConstraints)
 
 TYPED_TEST (AES128TestConstantPlaintext, Tampering)
 
 TYPED_TEST_SUITE (AES128TestConstantKey, BuilderTypes)
 
 TYPED_TEST (AES128TestConstantKey, GenerateVKFromConstraints)
 
 TYPED_TEST (AES128TestConstantKey, Tampering)
 
 TYPED_TEST_SUITE (AES128TestConstantIV, BuilderTypes)
 
 TYPED_TEST (AES128TestConstantIV, GenerateVKFromConstraints)
 
 TYPED_TEST (AES128TestConstantIV, Tampering)
 
 TYPED_TEST_SUITE (AES128TestAllConstant, BuilderTypes)
 
 TYPED_TEST (AES128TestAllConstant, GenerateVKFromConstraints)
 
 TYPED_TEST (AES128TestAllConstant, Tampering)
 
 TEST_F (AES128RangeConstraintTest, PlaintextOutOfRangeFails)
 Test that plaintext byte values > 255 cause circuit failure at the RANGE CONSTRAINT, not at the lookup tables.
 
 TEST_F (AES128RangeConstraintTest, KeyOutOfRangeFails)
 Test that key byte values > 255 cause circuit failure at the RANGE CONSTRAINT.
 
 TEST_F (AES128RangeConstraintTest, IVOutOfRangeFails)
 Test that IV byte values > 255 cause circuit failure at the RANGE CONSTRAINT.
 
 TEST_F (AES128RangeConstraintTest, OutputOutOfRangeFails)
 Test that output byte values > 255 cause circuit failure at the RANGE CONSTRAINT.
 
 TEST_F (AES128ShapeValidationTest, InputsNotBlockAlignedRejected)
 
 TEST_F (AES128ShapeValidationTest, OutputsSizeMismatchRejected)
 

Typedef Documentation

◆ BuilderTypes

using BuilderTypes = testing::Types<UltraCircuitBuilder, MegaCircuitBuilder>

Definition at line 245 of file aes128_constraint.test.cpp.

Function Documentation

◆ TEST_F() [1/6]

TEST_F ( AES128RangeConstraintTest  ,
IVOutOfRangeFails   
)

Test that IV byte values > 255 cause circuit failure at the RANGE CONSTRAINT.

Same logic with correct byte ordering: 256 in LSB position overflows to adjacent byte.

Definition at line 589 of file aes128_constraint.test.cpp.

◆ TEST_F() [2/6]

TEST_F ( AES128RangeConstraintTest  ,
KeyOutOfRangeFails   
)

Test that key byte values > 255 cause circuit failure at the RANGE CONSTRAINT.

Same logic as PlaintextOutOfRangeFails with correct byte ordering:

  • 256 in LSB position (index 15) overflows to 1 in position 14

Definition at line 544 of file aes128_constraint.test.cpp.

◆ TEST_F() [3/6]

TEST_F ( AES128RangeConstraintTest  ,
OutputOutOfRangeFails   
)

Test that output byte values > 255 cause circuit failure at the RANGE CONSTRAINT.

For outputs, we provide witnesses that pack to the same value using LSB overflow: If valid output is [..., X, Y], then [..., X-1, Y+256] packs to the same value: (X-1)*256^1 + (Y+256)*256^0 = X*256 - 256 + Y + 256 = X*256 + Y

Definition at line 636 of file aes128_constraint.test.cpp.

◆ TEST_F() [4/6]

TEST_F ( AES128RangeConstraintTest  ,
PlaintextOutOfRangeFails   
)

Test that plaintext byte values > 255 cause circuit failure at the RANGE CONSTRAINT, not at the lookup tables.

This tests the "overflow attack" scenario with correct byte ordering:

  • Packing is big-endian: byte[0] is MSB (×256^15), byte[15] is LSB (×256^0)
  • Attacker provides plaintext [..., 0, 256] (256 in LSB position 15)
  • packed = 256 * 256^0 = 256
  • When sliced: 256 % 256 = 0, 256 / 256 = 1 → slices = [0, 1, 0, ...]
  • This corresponds to valid plaintext [..., 1, 0] (1 in position 14)

The range constraint should catch this attack.

Definition at line 489 of file aes128_constraint.test.cpp.

◆ TEST_F() [5/6]

TEST_F ( AES128ShapeValidationTest  ,
InputsNotBlockAlignedRejected   
)

Definition at line 716 of file aes128_constraint.test.cpp.

◆ TEST_F() [6/6]

TEST_F ( AES128ShapeValidationTest  ,
OutputsSizeMismatchRejected   
)

Definition at line 722 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [1/10]

TYPED_TEST ( AES128TestAllConstant  ,
GenerateVKFromConstraints   
)

Definition at line 350 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [2/10]

TYPED_TEST ( AES128TestAllConstant  ,
Tampering   
)

Definition at line 356 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [3/10]

TYPED_TEST ( AES128TestAllWitness  ,
GenerateVKFromConstraints   
)

Definition at line 259 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [4/10]

TYPED_TEST ( AES128TestAllWitness  ,
Tampering   
)

Definition at line 265 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [5/10]

TYPED_TEST ( AES128TestConstantIV  ,
GenerateVKFromConstraints   
)

Definition at line 327 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [6/10]

TYPED_TEST ( AES128TestConstantIV  ,
Tampering   
)

Definition at line 333 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [7/10]

TYPED_TEST ( AES128TestConstantKey  ,
GenerateVKFromConstraints   
)

Definition at line 304 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [8/10]

TYPED_TEST ( AES128TestConstantKey  ,
Tampering   
)

Definition at line 310 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [9/10]

TYPED_TEST ( AES128TestConstantPlaintext  ,
GenerateVKFromConstraints   
)

Definition at line 281 of file aes128_constraint.test.cpp.

◆ TYPED_TEST() [10/10]

TYPED_TEST ( AES128TestConstantPlaintext  ,
Tampering   
)

Definition at line 287 of file aes128_constraint.test.cpp.

◆ TYPED_TEST_SUITE() [1/5]

TYPED_TEST_SUITE ( AES128TestAllConstant  ,
BuilderTypes   
)

◆ TYPED_TEST_SUITE() [2/5]

TYPED_TEST_SUITE ( AES128TestAllWitness  ,
BuilderTypes   
)

◆ TYPED_TEST_SUITE() [3/5]

TYPED_TEST_SUITE ( AES128TestConstantIV  ,
BuilderTypes   
)

◆ TYPED_TEST_SUITE() [4/5]

TYPED_TEST_SUITE ( AES128TestConstantKey  ,
BuilderTypes   
)

◆ TYPED_TEST_SUITE() [5/5]

TYPED_TEST_SUITE ( AES128TestConstantPlaintext  ,
BuilderTypes   
)