feat: upstreamed to email-verifier+ tests

zkemail · Jul 13, 2024 · 3d96f71 · 3d96f71
1 parent 1efdbec
commit 3d96f71
Show file tree

Hide file tree

Showing 6 changed files with 227 additions and 149 deletions.
diff --git a/packages/circuits/email-verifier.circom b/packages/circuits/email-verifier.circom
@@ -9,6 +9,7 @@ include "./lib/sha.circom";
 include "./utils/array.circom";
 include "./utils/regex.circom";
 include "./utils/hash.circom";
+include "./helpers/body-masker.circom";
 
 
 /// @title EmailVerifier
@@ -20,6 +21,7 @@ include "./utils/hash.circom";
 /// @param n Number of bits per chunk the RSA key is split into. Recommended to be 121.
 /// @param k Number of chunks the RSA key is split into. Recommended to be 17.
 /// @param ignoreBodyHashCheck Set 1 to skip body hash check in case data to prove/extract is only in the headers.
+/// @param turnOnBodyMasking Set 1 to turn on body masking.
 /// @input emailHeader[maxHeadersLength] Email headers that are signed (ones in `DKIM-Signature` header) as ASCII int[], padded as per SHA-256 block size.
 /// @input emailHeaderLength Length of the email header including the SHA-256 padding.
 /// @input pubkey[k] RSA public key split into k chunks of n bits each.
@@ -28,8 +30,10 @@ include "./utils/hash.circom";
 /// @input emailBodyLength Length of the email body including the SHA-256 padding.
 /// @input bodyHashIndex Index of the body hash `bh` in the emailHeader.
 /// @input precomputedSHA[32] Precomputed SHA-256 hash of the email body till the bodyHashIndex.
+/// @input mask[maxBodyLength] Mask for the email body.
 /// @output pubkeyHash Poseidon hash of the pubkey - Poseidon(n/2)(n/2 chunks of pubkey with k*2 bits per chunk).
-template EmailVerifier(maxHeadersLength, maxBodyLength, n, k, ignoreBodyHashCheck) {
+/// @output maskedBody[maxBodyLength] Masked email body.
+template EmailVerifier(maxHeadersLength, maxBodyLength, n, k, ignoreBodyHashCheck, turnOnBodyMasking) {
     assert(maxHeadersLength % 64 == 0);
     assert(maxBodyLength % 64 == 0);
     assert(n * k > 2048); // to support 2048 bit RSA
@@ -122,8 +126,17 @@ template EmailVerifier(maxHeadersLength, maxBodyLength, n, k, ignoreBodyHashChec
             }
             computedBodyHashInts[i].out === headerBodyHash[i];
         }
-    }
 
+        if (turnOnBodyMasking == 1) {
+            signal input mask[maxBodyLength];
+            signal output maskedBody[maxBodyLength];
+            component bodyMasker = BodyMasker(maxBodyLength);
+
+            bodyMasker.body <== emailBody;
+            bodyMasker.mask <== mask;
+            maskedBody <== bodyMasker.masked_body;
+        }
+    }
 
     // Calculate the Poseidon hash of DKIM public key as output
     // This can be used to verify (by verifier/contract) the pubkey used in the proof without needing the full key