Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
Functions
bn::components Namespace Reference

Functions

void precomputeG2 (std::vector< Fp6 > &coeff, Fp2 Q[3], const Fp2 inQ[3])
 
void millerLoop (Fp12 &f, const std::vector< Fp6 > &Qcoeff, const Fp precP[2])
 
void millerLoop2 (Fp12 &f, const std::vector< Fp6 > &Q1coeff, const Fp precP1[2], const std::vector< Fp6 > &Q2coeff, const Fp precP2[2])
 

Function Documentation

◆ millerLoop()

void bn::components::millerLoop ( Fp12 & f,
const std::vector< Fp6 > & Qcoeff,
const Fp precP[2] )
inline

Definition at line 3060 of file bn.h.

3061{
3062 assert(Param::siTbl[1] == 1);
3063 size_t idx = 0;
3064
3065 Fp6 d = Qcoeff[idx];
3066 Fp6::mulFp6_24_Fp_01(d, precP);
3067 idx++;
3068
3069 Fp6 e = Qcoeff[idx];
3070 Fp6::mulFp6_24_Fp_01(e, precP);
3071 Fp12::Dbl::mul_Fp2_024_Fp2_024(f, d, e);
3072
3073 idx++;
3074 bn::Fp6 l;
3075 for (size_t i = 2; i < Param::siTbl.size(); i++) {
3076 l = Qcoeff[idx];
3077 idx++;
3078 Fp12::square(f);
3079 Fp6::mulFp6_24_Fp_01(l, precP);
3080
3081 Fp12::Dbl::mul_Fp2_024(f, l);
3082
3083 if (Param::siTbl[i]) {
3084 l = Qcoeff[idx];
3085 idx++;
3086 Fp6::mulFp6_24_Fp_01(l, precP);
3087 Fp12::Dbl::mul_Fp2_024(f, l);
3088 }
3089 }
3090
3091#ifndef BN_SUPPORT_SNARK
3092 // @memo z < 0
3093 Fp6::neg(f.b_, f.b_);
3094#endif
3095 Fp12 ft;
3096
3097 d = Qcoeff[idx];
3098 Fp6::mulFp6_24_Fp_01(d, precP);
3099 idx++;
3100
3101 e = Qcoeff[idx];
3102 Fp6::mulFp6_24_Fp_01(e, precP);
3103
3104 Fp12::Dbl::mul_Fp2_024_Fp2_024(ft, d, e);
3105 Fp12::mul(f, f, ft);
3106}
f
foo f
Definition X02-DisabledMacros.cpp:25
Fp12::mul
void mul(const Fp12 &rhs)
Definition bn254_if.hpp:143
bn::Fp6T
Definition bn.h:837
d
CK_ULONG d
Definition yubihsm_pkcs11.c:1238
l
int l
Definition yubihsm_pkcs11.c:525
Here is the call graph for this function:
Here is the caller graph for this function:

◆ millerLoop2()

void bn::components::millerLoop2 ( Fp12 & f,
const std::vector< Fp6 > & Q1coeff,
const Fp precP1[2],
const std::vector< Fp6 > & Q2coeff,
const Fp precP2[2] )
inline

Definition at line 3108 of file bn.h.

3110{
3111 assert(Param::siTbl[1] == 1);
3112 size_t idx = 0;
3113
3114 Fp6 d1 = Q1coeff[idx];
3115 Fp6::mulFp6_24_Fp_01(d1, precP1);
3116 Fp6 d2 = Q2coeff[idx];
3117 Fp6::mulFp6_24_Fp_01(d2, precP2);
3118 idx++;
3119
3120 Fp12 f1;
3121 Fp6 e1 = Q1coeff[idx];
3122 Fp6::mulFp6_24_Fp_01(e1, precP1);
3123 Fp12::Dbl::mul_Fp2_024_Fp2_024(f1, d1, e1);
3124
3125 Fp12 f2;
3126 Fp6 e2 = Q2coeff[idx];
3127 Fp6::mulFp6_24_Fp_01(e2, precP2);
3128 Fp12::Dbl::mul_Fp2_024_Fp2_024(f2, d2, e2);
3129 Fp12::mul(f, f1, f2);
3130
3131 idx++;
3132 bn::Fp6 l1, l2;
3133 for (size_t i = 2; i < Param::siTbl.size(); i++) {
3134 l1 = Q1coeff[idx];
3135 l2 = Q2coeff[idx];
3136 idx++;
3137 Fp12::square(f);
3138
3139 Fp6::mulFp6_24_Fp_01(l1, precP1);
3140 Fp6::mulFp6_24_Fp_01(l2, precP2);
3141
3142 Fp12::Dbl::mul_Fp2_024_Fp2_024(f1, l1, l2);
3143 Fp12::mul(f, f, f1);
3144
3145 if (Param::siTbl[i]) {
3146 l1 = Q1coeff[idx];
3147 l2 = Q2coeff[idx];
3148 idx++;
3149 Fp6::mulFp6_24_Fp_01(l1, precP1);
3150 Fp6::mulFp6_24_Fp_01(l2, precP2);
3151 Fp12::Dbl::mul_Fp2_024_Fp2_024(f1, l1, l2);
3152 Fp12::mul(f, f, f1);
3153 }
3154 }
3155
3156#ifndef BN_SUPPORT_SNARK
3157 // @memo z < 0
3158 Fp6::neg(f.b_, f.b_);
3159#endif
3160
3161 d1 = Q1coeff[idx];
3162 Fp6::mulFp6_24_Fp_01(d1, precP1);
3163
3164 d2 = Q2coeff[idx];
3165 Fp6::mulFp6_24_Fp_01(d2, precP2);
3166 idx++;
3167
3168 e1 = Q1coeff[idx];
3169 Fp6::mulFp6_24_Fp_01(e1, precP1);
3170
3171 e2 = Q2coeff[idx];
3172 Fp6::mulFp6_24_Fp_01(e2, precP2);
3173
3174 Fp12::Dbl::mul_Fp2_024_Fp2_024(f1, d1, e1);
3175 Fp12::Dbl::mul_Fp2_024_Fp2_024(f2, d2, e2);
3176 Fp12::mul(f, f, f1);
3177 Fp12::mul(f, f, f2);
3178}
d1
#define d1
Here is the call graph for this function:
Here is the caller graph for this function:

◆ precomputeG2()

void bn::components::precomputeG2 ( std::vector< Fp6 > & coeff,
Fp2 Q[3],
const Fp2 inQ[3] )
inline

Definition at line 2997 of file bn.h.

2998{
2999 coeff.clear();
3000 bn::ecop::NormalizeJac(Q, inQ);
3001
3002 Fp2 T[3];
3003 T[0] = Q[0];
3004 T[1] = Q[1];
3005 T[2] = Fp2(1);
3006 Fp2 Qneg[2];
3007 if (Param::useNAF) {
3008 Qneg[0] = Q[0];
3009 Fp2::neg(Qneg[1], Q[1]);
3010 }
3011
3012 Fp6 d;
3013 Fp6::pointDblLineEvalWithoutP(d, T);
3014 coeff.push_back(d);
3015
3016 Fp6 e;
3017 assert(Param::siTbl[1] == 1);
3018 Fp6::pointAddLineEvalWithoutP(e, T, Q);
3019 coeff.push_back(e);
3020
3021 bn::Fp6 l;
3022 // 844kclk
3023 for (size_t i = 2; i < Param::siTbl.size(); i++) {
3024 Fp6::pointDblLineEvalWithoutP(l, T);
3025 coeff.push_back(l);
3026
3027 if (Param::siTbl[i] > 0) {
3028 Fp6::pointAddLineEvalWithoutP(l, T, Q);
3029 coeff.push_back(l);
3030 }
3031 else if (Param::siTbl[i] < 0) {
3032 Fp6::pointAddLineEvalWithoutP(l, T, Qneg);
3033 coeff.push_back(l);
3034 }
3035 }
3036
3037 // addition step
3038 Fp2 Q1[2];
3039 bn::ecop::FrobEndOnTwist_1(Q1, Q);
3040 Fp2 Q2[2];
3041#ifdef BN_SUPPORT_SNARK
3042 bn::ecop::FrobEndOnTwist_2(Q2, Q);
3043 Fp2::neg(Q2[1], Q2[1]);
3044#else
3045 // @memo z < 0
3046 ecop::FrobEndOnTwist_8(Q2, Q);
3047 Fp2::neg(T[1], T[1]);
3048#endif
3049
3050 Fp6::pointAddLineEvalWithoutP(d, T, Q1);
3051 coeff.push_back(d);
3052
3053 Fp6::pointAddLineEvalWithoutP(e, T, Q2);
3054 coeff.push_back(e);
3055}
bn::ecop::FrobEndOnTwist_2
void FrobEndOnTwist_2(Fp2T< Fp > *Q, const Fp2T< Fp > *P)
Definition bn.h:2679
bn::ecop::NormalizeJac
void NormalizeJac(FF *out, const FF *in)
Definition bn.h:2451
bn::ecop::FrobEndOnTwist_1
void FrobEndOnTwist_1(Fp2T< Fp > *Q, const Fp2T< Fp > *P)
Definition bn.h:2650
T
#define T(meth, val, expected)
bn::Fp2T
Definition bn.h:348
Here is the call graph for this function:
Here is the caller graph for this function: