Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
edwards_init.cpp
Go to the documentation of this file.
1
8#include <libff/algebra/curves/edwards/edwards_g1.hpp>
9#include <libff/algebra/curves/edwards/edwards_g2.hpp>
10#include <libff/algebra/curves/edwards/edwards_init.hpp>
11
12namespace libff {
13
14bigint<edwards_r_limbs> edwards_modulus_r;
15bigint<edwards_q_limbs> edwards_modulus_q;
16
17edwards_Fq edwards_coeff_a;
18edwards_Fq edwards_coeff_d;
19edwards_Fq3 edwards_twist;
20edwards_Fq3 edwards_twist_coeff_a;
21edwards_Fq3 edwards_twist_coeff_d;
22edwards_Fq edwards_twist_mul_by_a_c0;
23edwards_Fq edwards_twist_mul_by_a_c1;
24edwards_Fq edwards_twist_mul_by_a_c2;
25edwards_Fq edwards_twist_mul_by_d_c0;
26edwards_Fq edwards_twist_mul_by_d_c1;
27edwards_Fq edwards_twist_mul_by_d_c2;
28edwards_Fq edwards_twist_mul_by_q_Y;
29edwards_Fq edwards_twist_mul_by_q_Z;
30
31bigint<edwards_q_limbs> edwards_ate_loop_count;
32bigint<6*edwards_q_limbs> edwards_final_exponent;
33bigint<edwards_q_limbs> edwards_final_exponent_last_chunk_abs_of_w0;
34bool edwards_final_exponent_last_chunk_is_w0_neg;
35bigint<edwards_q_limbs> edwards_final_exponent_last_chunk_w1;
36
37void init_edwards_params()
38{
39 typedef bigint<edwards_r_limbs> bigint_r;
40 typedef bigint<edwards_q_limbs> bigint_q;
41
42 assert(sizeof(mp_limb_t) == 8 || sizeof(mp_limb_t) == 4); // Montgomery assumes this
43
44 /* parameters for scalar field Fr */
45
46 edwards_modulus_r = bigint_r("1552511030102430251236801561344621993261920897571225601");
47 assert(edwards_Fr::modulus_is_valid());
48 if (sizeof(mp_limb_t) == 8)
49 {
50 edwards_Fr::Rsquared = bigint_r("621738487827897760168419760282818735947979812540885779");
51 edwards_Fr::Rcubed = bigint_r("899968968216802386013510389846941393831065658679774050");
52 edwards_Fr::inv = 0xdde553277fffffff;
53 }
54 if (sizeof(mp_limb_t) == 4)
55 {
56 edwards_Fr::Rsquared = bigint_r("621738487827897760168419760282818735947979812540885779");
57 edwards_Fr::Rcubed = bigint_r("899968968216802386013510389846941393831065658679774050");
58 edwards_Fr::inv = 0x7fffffff;
59 }
60 edwards_Fr::num_bits = 181;
61 edwards_Fr::euler = bigint_r("776255515051215125618400780672310996630960448785612800");
62 edwards_Fr::s = 31;
63 edwards_Fr::t = bigint_r("722944284836962004768104088187507350585386575");
64 edwards_Fr::t_minus_1_over_2 = bigint_r("361472142418481002384052044093753675292693287");
65 edwards_Fr::multiplicative_generator = edwards_Fr("19");
66 edwards_Fr::root_of_unity = edwards_Fr("695314865466598274460565335217615316274564719601897184");
67 edwards_Fr::nqr = edwards_Fr("11");
68 edwards_Fr::nqr_to_t = edwards_Fr("1326707053668679463752768729767248251415639579872144553");
69
70 /* parameters for base field Fq */
71
72 edwards_modulus_q = bigint_q("6210044120409721004947206240885978274523751269793792001");
73 assert(edwards_Fq::modulus_is_valid());
74 if (sizeof(mp_limb_t) == 8)
75 {
76 edwards_Fq::Rsquared = bigint_q("5943559676554581037560514598978484097352477055348195432");
77 edwards_Fq::Rcubed = bigint_q("1081560488703514202058739223469726982199727506489234349");
78 edwards_Fq::inv = 0x76eb690b7fffffff;
79 }
80 if (sizeof(mp_limb_t) == 4)
81 {
82 edwards_Fq::Rsquared = bigint_q("5943559676554581037560514598978484097352477055348195432");
83 edwards_Fq::Rcubed = bigint_q("1081560488703514202058739223469726982199727506489234349");
84 edwards_Fq::inv = 0x7fffffff;
85 }
86 edwards_Fq::num_bits = 183;
87 edwards_Fq::euler = bigint_q("3105022060204860502473603120442989137261875634896896000");
88 edwards_Fq::s = 31;
89 edwards_Fq::t = bigint_q("2891777139347848019072416350658041552884388375");
90 edwards_Fq::t_minus_1_over_2 = bigint_q("1445888569673924009536208175329020776442194187");
91 edwards_Fq::multiplicative_generator = edwards_Fq("61");
92 edwards_Fq::root_of_unity = edwards_Fq("4692813029219384139894873043933463717810008194158530536");
93 edwards_Fq::nqr = edwards_Fq("23");
94 edwards_Fq::nqr_to_t = edwards_Fq("2626736066325740702418554487368721595489070118548299138");
95
96 /* parameters for twist field Fq3 */
97
98 edwards_Fq3::euler = bigint<3*edwards_q_limbs>("119744082713971502962992613191067836698205043373978948903839934564152994858051284658545502971203325031831647424413111161318314144765646525057914792711854057586688000");
99 edwards_Fq3::s = 31;
100 edwards_Fq3::t = bigint<3*edwards_q_limbs>("111520367408144756185815309352304634357062208814526860512643991563611659089151103662834971185031649686239331424621037357783237607000066456438894190557165125");
101 edwards_Fq3::t_minus_1_over_2 = bigint<3*edwards_q_limbs>("55760183704072378092907654676152317178531104407263430256321995781805829544575551831417485592515824843119665712310518678891618803500033228219447095278582562");
102 edwards_Fq3::non_residue = edwards_Fq("61");
103 edwards_Fq3::nqr = edwards_Fq3(edwards_Fq("23"),edwards_Fq("0"),edwards_Fq("0"));
104 edwards_Fq3::nqr_to_t = edwards_Fq3(edwards_Fq("104810943629412208121981114244673004633270996333237516"),edwards_Fq("0"),edwards_Fq("0"));
105 edwards_Fq3::Frobenius_coeffs_c1[0] = edwards_Fq("1");
106 edwards_Fq3::Frobenius_coeffs_c1[1] = edwards_Fq("1073752683758513276629212192812154536507607213288832061");
107 edwards_Fq3::Frobenius_coeffs_c1[2] = edwards_Fq("5136291436651207728317994048073823738016144056504959939");
108 edwards_Fq3::Frobenius_coeffs_c2[0] = edwards_Fq("1");
109 edwards_Fq3::Frobenius_coeffs_c2[1] = edwards_Fq("5136291436651207728317994048073823738016144056504959939");
110 edwards_Fq3::Frobenius_coeffs_c2[2] = edwards_Fq("1073752683758513276629212192812154536507607213288832061");
111
112 /* parameters for Fq6 */
113
114 edwards_Fq6::non_residue = edwards_Fq("61");
115 edwards_Fq6::Frobenius_coeffs_c1[0] = edwards_Fq("1");
116 edwards_Fq6::Frobenius_coeffs_c1[1] = edwards_Fq("1073752683758513276629212192812154536507607213288832062");
117 edwards_Fq6::Frobenius_coeffs_c1[2] = edwards_Fq("1073752683758513276629212192812154536507607213288832061");
118 edwards_Fq6::Frobenius_coeffs_c1[3] = edwards_Fq("6210044120409721004947206240885978274523751269793792000");
119 edwards_Fq6::Frobenius_coeffs_c1[4] = edwards_Fq("5136291436651207728317994048073823738016144056504959939");
120 edwards_Fq6::Frobenius_coeffs_c1[5] = edwards_Fq("5136291436651207728317994048073823738016144056504959940");
121 edwards_Fq6::my_Fp2::non_residue = edwards_Fq3::non_residue;
122
123 /* choice of Edwards curve and its twist */
124
125 edwards_coeff_a = edwards_Fq::one();
126 edwards_coeff_d = edwards_Fq("600581931845324488256649384912508268813600056237543024");
127 edwards_twist = edwards_Fq3(edwards_Fq::zero(), edwards_Fq::one(), edwards_Fq::zero());
128 edwards_twist_coeff_a = edwards_coeff_a * edwards_twist;
129 edwards_twist_coeff_d = edwards_coeff_d * edwards_twist;
130 edwards_twist_mul_by_a_c0 = edwards_coeff_a * edwards_Fq3::non_residue;
131 edwards_twist_mul_by_a_c1 = edwards_coeff_a;
132 edwards_twist_mul_by_a_c2 = edwards_coeff_a;
133 edwards_twist_mul_by_d_c0 = edwards_coeff_d * edwards_Fq3::non_residue;
134 edwards_twist_mul_by_d_c1 = edwards_coeff_d;
135 edwards_twist_mul_by_d_c2 = edwards_coeff_d;
136 edwards_twist_mul_by_q_Y = edwards_Fq("1073752683758513276629212192812154536507607213288832062");
137 edwards_twist_mul_by_q_Z = edwards_Fq("1073752683758513276629212192812154536507607213288832062");
138
139 /* choice of group G1 */
140 edwards_G1::G1_zero = edwards_G1(edwards_Fq::zero(),
141 edwards_Fq::one());
142 edwards_G1::G1_one = edwards_G1(edwards_Fq("3713709671941291996998665608188072510389821008693530490"),
143 edwards_Fq("4869953702976555123067178261685365085639705297852816679"));
144 edwards_G1::initialized = true;
145
146 edwards_G1::wnaf_window_table.resize(0);
147 edwards_G1::wnaf_window_table.push_back(9);
148 edwards_G1::wnaf_window_table.push_back(14);
149 edwards_G1::wnaf_window_table.push_back(24);
150 edwards_G1::wnaf_window_table.push_back(117);
151
152 edwards_G1::fixed_base_exp_window_table.resize(0);
153 // window 1 is unbeaten in [-inf, 4.10]
154 edwards_G1::fixed_base_exp_window_table.push_back(1);
155 // window 2 is unbeaten in [4.10, 9.69]
156 edwards_G1::fixed_base_exp_window_table.push_back(4);
157 // window 3 is unbeaten in [9.69, 25.21]
158 edwards_G1::fixed_base_exp_window_table.push_back(10);
159 // window 4 is unbeaten in [25.21, 60.00]
160 edwards_G1::fixed_base_exp_window_table.push_back(25);
161 // window 5 is unbeaten in [60.00, 149.33]
162 edwards_G1::fixed_base_exp_window_table.push_back(60);
163 // window 6 is unbeaten in [149.33, 369.61]
164 edwards_G1::fixed_base_exp_window_table.push_back(149);
165 // window 7 is unbeaten in [369.61, 849.07]
166 edwards_G1::fixed_base_exp_window_table.push_back(370);
167 // window 8 is unbeaten in [849.07, 1764.94]
168 edwards_G1::fixed_base_exp_window_table.push_back(849);
169 // window 9 is unbeaten in [1764.94, 4429.59]
170 edwards_G1::fixed_base_exp_window_table.push_back(1765);
171 // window 10 is unbeaten in [4429.59, 13388.78]
172 edwards_G1::fixed_base_exp_window_table.push_back(4430);
173 // window 11 is unbeaten in [13388.78, 15368.00]
174 edwards_G1::fixed_base_exp_window_table.push_back(13389);
175 // window 12 is unbeaten in [15368.00, 74912.07]
176 edwards_G1::fixed_base_exp_window_table.push_back(15368);
177 // window 13 is unbeaten in [74912.07, 438107.20]
178 edwards_G1::fixed_base_exp_window_table.push_back(74912);
179 // window 14 is never the best
180 edwards_G1::fixed_base_exp_window_table.push_back(0);
181 // window 15 is unbeaten in [438107.20, 1045626.18]
182 edwards_G1::fixed_base_exp_window_table.push_back(438107);
183 // window 16 is never the best
184 edwards_G1::fixed_base_exp_window_table.push_back(0);
185 // window 17 is unbeaten in [1045626.18, 1577434.48]
186 edwards_G1::fixed_base_exp_window_table.push_back(1045626);
187 // window 18 is unbeaten in [1577434.48, 17350594.23]
188 edwards_G1::fixed_base_exp_window_table.push_back(1577434);
189 // window 19 is never the best
190 edwards_G1::fixed_base_exp_window_table.push_back(0);
191 // window 20 is never the best
192 edwards_G1::fixed_base_exp_window_table.push_back(0);
193 // window 21 is unbeaten in [17350594.23, inf]
194 edwards_G1::fixed_base_exp_window_table.push_back(17350594);
195 // window 22 is never the best
196 edwards_G1::fixed_base_exp_window_table.push_back(0);
197
198 /* choice of group G2 */
199
200 edwards_G2::G2_zero = edwards_G2(edwards_Fq3::zero(),
201 edwards_Fq3::one());
202 edwards_G2::G2_one = edwards_G2(edwards_Fq3(edwards_Fq("4531683359223370252210990718516622098304721701253228128"),
203 edwards_Fq("5339624155305731263217400504407647531329993548123477368"),
204 edwards_Fq("3964037981777308726208525982198654699800283729988686552")),
205 edwards_Fq3(edwards_Fq("364634864866983740775341816274081071386963546650700569"),
206 edwards_Fq("3264380230116139014996291397901297105159834497864380415"),
207 edwards_Fq("3504781284999684163274269077749440837914479176282903747")));
208 edwards_G2::initialized = true;
209
210 edwards_G2::wnaf_window_table.resize(0);
211 edwards_G2::wnaf_window_table.push_back(6);
212 edwards_G2::wnaf_window_table.push_back(12);
213 edwards_G2::wnaf_window_table.push_back(42);
214 edwards_G2::wnaf_window_table.push_back(97);
215
216 edwards_G2::fixed_base_exp_window_table.resize(0);
217 // window 1 is unbeaten in [-inf, 4.74]
218 edwards_G2::fixed_base_exp_window_table.push_back(1);
219 // window 2 is unbeaten in [4.74, 10.67]
220 edwards_G2::fixed_base_exp_window_table.push_back(5);
221 // window 3 is unbeaten in [10.67, 25.53]
222 edwards_G2::fixed_base_exp_window_table.push_back(11);
223 // window 4 is unbeaten in [25.53, 60.67]
224 edwards_G2::fixed_base_exp_window_table.push_back(26);
225 // window 5 is unbeaten in [60.67, 145.77]
226 edwards_G2::fixed_base_exp_window_table.push_back(61);
227 // window 6 is unbeaten in [145.77, 356.76]
228 edwards_G2::fixed_base_exp_window_table.push_back(146);
229 // window 7 is unbeaten in [356.76, 823.08]
230 edwards_G2::fixed_base_exp_window_table.push_back(357);
231 // window 8 is unbeaten in [823.08, 1589.45]
232 edwards_G2::fixed_base_exp_window_table.push_back(823);
233 // window 9 is unbeaten in [1589.45, 4135.70]
234 edwards_G2::fixed_base_exp_window_table.push_back(1589);
235 // window 10 is unbeaten in [4135.70, 14297.74]
236 edwards_G2::fixed_base_exp_window_table.push_back(4136);
237 // window 11 is unbeaten in [14297.74, 16744.85]
238 edwards_G2::fixed_base_exp_window_table.push_back(14298);
239 // window 12 is unbeaten in [16744.85, 51768.98]
240 edwards_G2::fixed_base_exp_window_table.push_back(16745);
241 // window 13 is unbeaten in [51768.98, 99811.01]
242 edwards_G2::fixed_base_exp_window_table.push_back(51769);
243 // window 14 is unbeaten in [99811.01, 193306.72]
244 edwards_G2::fixed_base_exp_window_table.push_back(99811);
245 // window 15 is unbeaten in [193306.72, 907184.68]
246 edwards_G2::fixed_base_exp_window_table.push_back(193307);
247 // window 16 is never the best
248 edwards_G2::fixed_base_exp_window_table.push_back(0);
249 // window 17 is unbeaten in [907184.68, 1389682.59]
250 edwards_G2::fixed_base_exp_window_table.push_back(907185);
251 // window 18 is unbeaten in [1389682.59, 6752695.74]
252 edwards_G2::fixed_base_exp_window_table.push_back(1389683);
253 // window 19 is never the best
254 edwards_G2::fixed_base_exp_window_table.push_back(0);
255 // window 20 is unbeaten in [6752695.74, 193642894.51]
256 edwards_G2::fixed_base_exp_window_table.push_back(6752696);
257 // window 21 is unbeaten in [193642894.51, 226760202.29]
258 edwards_G2::fixed_base_exp_window_table.push_back(193642895);
259 // window 22 is unbeaten in [226760202.29, inf]
260 edwards_G2::fixed_base_exp_window_table.push_back(226760202);
261
262 /* pairing parameters */
263
264 edwards_ate_loop_count = bigint_q("4492509698523932320491110403");
265 edwards_final_exponent = bigint<6*edwards_q_limbs>("36943107177961694649618797346446870138748651578611748415128207429491593976636391130175425245705674550269561361208979548749447898941828686017765730419416875539615941651269793928962468899856083169227457503942470721108165443528513330156264699608120624990672333642644221591552000");
266 edwards_final_exponent_last_chunk_abs_of_w0 = bigint_q("17970038794095729281964441603");
267 edwards_final_exponent_last_chunk_is_w0_neg = true;
268 edwards_final_exponent_last_chunk_w1 = bigint_q("4");
269
270}
271} // libff
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::nqr_to_t
static Fp3_model< n, modulus > nqr_to_t
Definition fp3.hpp:46
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::t
static bigint< 3 *n > t
Definition fp3.hpp:42
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::Frobenius_coeffs_c1
static my_Fp Frobenius_coeffs_c1[3]
Definition fp3.hpp:47
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::one
static Fp3_model< n, modulus > one()
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::s
static size_t s
Definition fp3.hpp:41
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::t_minus_1_over_2
static bigint< 3 *n > t_minus_1_over_2
Definition fp3.hpp:43
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::Frobenius_coeffs_c2
static my_Fp Frobenius_coeffs_c2[3]
Definition fp3.hpp:48
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::zero
static Fp3_model< n, modulus > zero()
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::euler
static bigint< 3 *n > euler
Definition fp3.hpp:40
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::nqr
static Fp3_model< n, modulus > nqr
Definition fp3.hpp:45
libff::Fp3_model< edwards_q_limbs, edwards_modulus_q >::non_residue
static my_Fp non_residue
Definition fp3.hpp:44
libff::Fp6_2over3_model::non_residue
static my_Fp non_residue
Definition fp6_2over3.hpp:43
libff::Fp6_2over3_model::Frobenius_coeffs_c1
static my_Fp Frobenius_coeffs_c1[6]
Definition fp6_2over3.hpp:44
libff::Fp_model< edwards_q_limbs, edwards_modulus_q >
libff::Fp_model::euler
static bigint< n > euler
Definition fp.hpp:54
libff::Fp_model::multiplicative_generator
static Fp_model< n, modulus > multiplicative_generator
Definition fp.hpp:60
libff::Fp_model< edwards_q_limbs, edwards_modulus_q >::zero
static Fp_model< n, modulus > zero()
libff::Fp_model< edwards_q_limbs, edwards_modulus_q >::one
static Fp_model< n, modulus > one()
libff::Fp_model::s
static size_t s
Definition fp.hpp:55
libff::Fp_model::t
static bigint< n > t
Definition fp.hpp:56
libff::Fp_model::t_minus_1_over_2
static bigint< n > t_minus_1_over_2
Definition fp.hpp:57
libff::Fp_model::root_of_unity
static Fp_model< n, modulus > root_of_unity
Definition fp.hpp:61
libff::Fp_model::Rcubed
static bigint< n > Rcubed
Definition fp.hpp:64
libff::Fp_model::modulus_is_valid
static bool modulus_is_valid()
Definition fp.hpp:66
libff::Fp_model::inv
static mp_limb_t inv
Definition fp.hpp:62
libff::Fp_model::nqr_to_t
static Fp_model< n, modulus > nqr_to_t
Definition fp.hpp:59
libff::Fp_model::nqr
static Fp_model< n, modulus > nqr
Definition fp.hpp:58
libff::Fp_model::Rsquared
static bigint< n > Rsquared
Definition fp.hpp:63
libff::Fp_model::num_bits
static size_t num_bits
Definition fp.hpp:53
libff::edwards_G1
Definition edwards_g1.hpp:21
libff::edwards_G1::fixed_base_exp_window_table
static std::vector< size_t > fixed_base_exp_window_table
Definition edwards_g1.hpp:28
libff::edwards_G1::initialized
static bool initialized
Definition edwards_g1.hpp:31
libff::edwards_G1::G1_one
static edwards_G1 G1_one
Definition edwards_g1.hpp:30
libff::edwards_G1::G1_zero
static edwards_G1 G1_zero
Definition edwards_g1.hpp:29
libff::edwards_G1::wnaf_window_table
static std::vector< size_t > wnaf_window_table
Definition edwards_g1.hpp:27
libff::edwards_G2
Definition edwards_g2.hpp:22
libff::edwards_G2::fixed_base_exp_window_table
static std::vector< size_t > fixed_base_exp_window_table
Definition edwards_g2.hpp:29
libff::edwards_G2::initialized
static bool initialized
Definition edwards_g2.hpp:33
libff::edwards_G2::G2_one
static edwards_G2 G2_one
Definition edwards_g2.hpp:32
libff::edwards_G2::wnaf_window_table
static std::vector< size_t > wnaf_window_table
Definition edwards_g2.hpp:28
libff::edwards_G2::G2_zero
static edwards_G2 G2_zero
Definition edwards_g2.hpp:31
edwards_g1.hpp
edwards_g2.hpp
edwards_init.hpp
libff::edwards_twist
edwards_Fq3 edwards_twist
Definition edwards_init.cpp:19
libff::edwards_coeff_a
edwards_Fq edwards_coeff_a
Definition edwards_init.cpp:17
libff::init_edwards_params
void init_edwards_params()
Definition edwards_init.cpp:37
libff::edwards_Fq3
Fp3_model< edwards_q_limbs, edwards_modulus_q > edwards_Fq3
Definition edwards_init.hpp:28
libff::edwards_modulus_r
bigint< edwards_r_limbs > edwards_modulus_r
Definition edwards_init.cpp:14
libff::edwards_final_exponent
bigint< 6 *edwards_q_limbs > edwards_final_exponent
Definition edwards_init.cpp:32
libff::edwards_Fq
Fp_model< edwards_q_limbs, edwards_modulus_q > edwards_Fq
Definition edwards_init.hpp:27
libff::edwards_twist_mul_by_q_Y
edwards_Fq edwards_twist_mul_by_q_Y
Definition edwards_init.cpp:28
libff::edwards_twist_mul_by_d_c1
edwards_Fq edwards_twist_mul_by_d_c1
Definition edwards_init.cpp:26
libff::edwards_twist_mul_by_q_Z
edwards_Fq edwards_twist_mul_by_q_Z
Definition edwards_init.cpp:29
libff::edwards_final_exponent_last_chunk_abs_of_w0
bigint< edwards_q_limbs > edwards_final_exponent_last_chunk_abs_of_w0
Definition edwards_init.cpp:33
libff::edwards_modulus_q
bigint< edwards_q_limbs > edwards_modulus_q
Definition edwards_init.cpp:15
libff::edwards_twist_mul_by_a_c0
edwards_Fq edwards_twist_mul_by_a_c0
Definition edwards_init.cpp:22
libff::edwards_twist_mul_by_a_c1
edwards_Fq edwards_twist_mul_by_a_c1
Definition edwards_init.cpp:23
libff::edwards_coeff_d
edwards_Fq edwards_coeff_d
Definition edwards_init.cpp:18
libff::edwards_twist_coeff_a
edwards_Fq3 edwards_twist_coeff_a
Definition edwards_init.cpp:20
libff::edwards_final_exponent_last_chunk_w1
bigint< edwards_q_limbs > edwards_final_exponent_last_chunk_w1
Definition edwards_init.cpp:35
libff::edwards_final_exponent_last_chunk_is_w0_neg
bool edwards_final_exponent_last_chunk_is_w0_neg
Definition edwards_init.cpp:34
libff::edwards_twist_mul_by_d_c2
edwards_Fq edwards_twist_mul_by_d_c2
Definition edwards_init.cpp:27
libff::edwards_Fr
Fp_model< edwards_r_limbs, edwards_modulus_r > edwards_Fr
Definition edwards_init.hpp:26
libff::edwards_twist_mul_by_a_c2
edwards_Fq edwards_twist_mul_by_a_c2
Definition edwards_init.cpp:24
libff::edwards_twist_coeff_d
edwards_Fq3 edwards_twist_coeff_d
Definition edwards_init.cpp:21
libff::edwards_twist_mul_by_d_c0
edwards_Fq edwards_twist_mul_by_d_c0
Definition edwards_init.cpp:25
libff::edwards_ate_loop_count
bigint< edwards_q_limbs > edwards_ate_loop_count
Definition edwards_init.cpp:31