Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
Functions
bn::ecop Namespace Reference

Functions

template<class FF >
void copy (FF *out, const FF *in)
 
template<class Fp >
bool isOnECJac3 (const Fp *P)
 
template<class Fp >
bool isOnECHom2 (const Fp *P)
 
template<class Fp >
bool isOnECHom3 (const Fp *P)
 
template<class Fp >
bool isOnTwistECJac3 (const Fp2T< Fp > *P)
 
template<class Fp >
bool isOnTwistECHom2 (const Fp2T< Fp > *P)
 
template<class Fp >
bool isOnTwistECHom3 (const Fp2T< Fp > *P)
 
template<class FF >
void NormalizeJac (FF *out, const FF *in)
 
template<class FF >
void NormalizeHom (FF *out, const FF *in)
 
template<class FF >
void ECDouble (FF *out, const FF *in)
 
template<class FF >
void ECAdd (FF *out, const FF *a, const FF *b)
 
template<class FF , class INT >
void ScalarMult (FF *out, const FF *in, const INT &m)
 
template<class Fp >
void FrobEndOnTwist_1 (Fp2T< Fp > *Q, const Fp2T< Fp > *P)
 
template<class Fp >
void FrobEndOnTwist_2 (Fp2T< Fp > *Q, const Fp2T< Fp > *P)
 
template<class Fp >
void FrobEndOnTwist_8 (Fp2T< Fp > *Q, const Fp2T< Fp > *P)
 

Function Documentation

◆ copy()

template<class FF >
void bn::ecop::copy ( FF * out,
const FF * in )
inline

Definition at line 2350 of file bn.h.

2351{
2352 out[0] = in[0];
2353 out[1] = in[1];
2354 out[2] = in[2];
2355}
Here is the caller graph for this function:

◆ ECAdd()

template<class FF >
void bn::ecop::ECAdd ( FF * out,
const FF * a,
const FF * b )
inline

Definition at line 2526 of file bn.h.

2527{
2528 if (a[2].isZero()) {
2529 copy(out, b);
2530 return;
2531 }
2532 if (b[2].isZero()) {
2533 copy(out, a);
2534 return;
2535 }
2536 FF Z1Z1, Z2Z2, U1, U2, t0, S1, t1, S2, H, t2, I, J, t3, r, V, t4, t5;
2537 FF t6, t7, t8, t9, t10, t11, t12, t13, t14;
2538 FF::square(Z1Z1, a[2]);
2539 FF::square(Z2Z2, b[2]);
2540 FF::mul(U1, a[0], Z2Z2);
2541 FF::mul(U2, b[0], Z1Z1);
2542 FF::mul(t0, b[2], Z2Z2);
2543 FF::mul(S1, a[1], t0);
2544 FF::mul(t1, a[2], Z1Z1);
2545 FF::mul(S2, b[1], t1);
2546 FF::sub(H, U2, U1);
2547 FF::sub(t3, S2, S1);
2548
2549 if (H.isZero()) {
2550 if (t3.isZero()) {
2551 ECDouble(out, a);
2552 } else {
2553 out[2].clear();
2554 }
2555 return;
2556 }
2557
2558 FF::add(t2, H, H);
2559 FF::square(I, t2);
2560 FF::mul(J, H, I);
2561 FF::add(r, t3, t3);
2562 FF::mul(V, U1, I);
2563 FF::square(t4, r);
2564 FF::add(t5, V, V);
2565 FF::sub(t6, t4, J);
2566 FF::sub(out[0], t6, t5);
2567 FF::sub(t7, V, out[0]);
2568 FF::mul(t8, S1, J);
2569 FF::add(t9, t8, t8);
2570 FF::mul(t10, r, t7);
2571 FF::sub(out[1], t10, t9);
2572 FF::add(t11, a[2], b[2]);
2573 FF::square(t12, t11);
2574 FF::sub(t13, t12, Z1Z1);
2575 FF::sub(t14, t13, Z2Z2);
2576 FF::mul(out[2], t14, H);
2577}
r
const mie::Vuint & r
Definition bn.cpp:28
a
const GenericPointer< typename T::ValueType > T2 T::AllocatorType & a
Definition pointer.h:1181
V
Definition test_zm.cpp:19
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ECDouble()

template<class FF >
void bn::ecop::ECDouble ( FF * out,
const FF * in )
inline

Definition at line 2497 of file bn.h.

2498{
2499 FF A, B, C, D, E, F, t0, t1, t2, t3, t4, t5, t6, t7, t8;
2500 FF::square(A, in[0]);
2501 FF::square(B, in[1]);
2502 FF::square(C, B);
2503 FF::add(t0, in[0], B);
2504 FF::square(t1, t0);
2505 FF::sub(t2, t1, A);
2506 FF::sub(t3, t2, C);
2507 FF::add(D, t3, t3);
2508 FF::add(E, A, A);
2509 FF::add(E, E, A);
2510 FF::square(F, E);
2511 FF::add(t4, D, D);
2512 FF::sub(out[0], F, t4);
2513 FF::sub(t5, D, out[0]);
2514 t6 = C; t6 += t6; t6 += t6; t6 += t6; // t6 = 8*C
2515 FF::mul(t7, E, t5);
2516 FF::mul(t8, in[1], in[2]);
2517 FF::sub(out[1], t7, t6);
2518 FF::add(out[2], t8, t8);
2519}
D
#define D(var, file, col, who, lev,...)
Definition debug.h:44
A
#define A
Here is the caller graph for this function:

◆ FrobEndOnTwist_1()

template<class Fp >
void bn::ecop::FrobEndOnTwist_1 ( Fp2T< Fp > * Q,
const Fp2T< Fp > * P )

Definition at line 2650 of file bn.h.

2651{
2652 typedef Fp2T<Fp> Fp2;
2653 typedef ParamT<Fp2> Param;
2654 // applying Q[0] <- P[0]^q
2655#ifdef BN_SUPPORT_SNARK
2656 Q[0].a_ = P[0].a_;
2657 Fp::neg(Q[0].b_, P[0].b_);
2658
2659 // Q[0] *= xi^((p-1)/3)
2660 Q[0] *= Param::gammar[1];
2661
2662 // applying Q[1] <- P[1]^q
2663 Q[1].a_ = P[1].a_;
2664 Fp::neg(Q[1].b_, P[1].b_);
2665
2666 // Q[1] *= xi^((p-1)/2)
2667 Q[1] *= Param::gammar[2];
2668#else
2669 Q[0].a_ = P[0].a_;
2670 Fp::neg(Q[0].b_, P[0].b_);
2671 Fp2::mul_Fp_1(Q[0], Param::W2p.b_);
2672 Q[1].a_ = P[1].a_;
2673 Fp::neg(Q[1].b_, P[1].b_);
2674 Q[1] *= Param::W3p;
2675#endif
2676}
P
#define P
Definition dtoa.c:437
bn::Fp2T
Definition bn.h:348
bn::Fp2T::a_
Fp a_
Definition bn.h:350
Here is the call graph for this function:
Here is the caller graph for this function:

◆ FrobEndOnTwist_2()

template<class Fp >
void bn::ecop::FrobEndOnTwist_2 ( Fp2T< Fp > * Q,
const Fp2T< Fp > * P )

Definition at line 2679 of file bn.h.

2680{
2681#ifdef BN_SUPPORT_SNARK
2682 Fp2T<Fp> scratch[2];
2683 FrobEndOnTwist_1(scratch, P);
2684 FrobEndOnTwist_1(Q, scratch);
2685#else
2686 typedef Fp2T<Fp> Fp2;
2687 typedef ParamT<Fp2> Param;
2688 Fp2::mul_Fp_0(Q[0], P[0], Param::Z);
2689 Fp2::neg(Q[1], P[1]);
2690#endif
2691}
bn::ecop::FrobEndOnTwist_1
void FrobEndOnTwist_1(Fp2T< Fp > *Q, const Fp2T< Fp > *P)
Definition bn.h:2650
Here is the call graph for this function:
Here is the caller graph for this function:

◆ FrobEndOnTwist_8()

template<class Fp >
void bn::ecop::FrobEndOnTwist_8 ( Fp2T< Fp > * Q,
const Fp2T< Fp > * P )

Definition at line 2694 of file bn.h.

2695{
2696#ifdef BN_SUPPORT_SNARK
2697 Fp2T<Fp> scratch2[2], scratch4[2], scratch6[2];
2698 FrobEndOnTwist_2(scratch2, P);
2699 FrobEndOnTwist_2(scratch4, scratch2);
2700 FrobEndOnTwist_2(scratch6, scratch4);
2701 FrobEndOnTwist_2(Q, scratch6);
2702#else
2703 typedef Fp2T<Fp> Fp2;
2704 typedef ParamT<Fp2> Param;
2705 Fp2::mul_Fp_0(Q[0], P[0], Param::Z);
2706 Q[1] = P[1];
2707#endif
2708}
bn::ecop::FrobEndOnTwist_2
void FrobEndOnTwist_2(Fp2T< Fp > *Q, const Fp2T< Fp > *P)
Definition bn.h:2679
Here is the call graph for this function:
Here is the caller graph for this function:

◆ isOnECHom2()

template<class Fp >
bool bn::ecop::isOnECHom2 ( const Fp * P)
inline

Definition at line 2380 of file bn.h.

2381{
2382 typedef Fp2T<Fp> Fp2;
2383 typedef ParamT<Fp2> Param;
2384 return P[1] * P[1] == P[0] * P[0] * P[0] + Param::b;
2385}
Here is the caller graph for this function:

◆ isOnECHom3()

template<class Fp >
bool bn::ecop::isOnECHom3 ( const Fp * P)
inline

Definition at line 2392 of file bn.h.

2393{
2394 typedef Fp2T<Fp> Fp2;
2395 typedef ParamT<Fp2> Param;
2396 if (P[2] == 0) return true;
2397
2398 Fp ZZZ;
2399 Fp::square(ZZZ, P[2]);
2400 Fp::mul(ZZZ, ZZZ, P[2]);
2401 ZZZ *= Param::b;
2402 return P[1] * P[1] * P[2] == P[0] * P[0] * P[0] + ZZZ;
2403}
Fp::mul
void mul(const Fp &rhs)
Definition bn254_if.hpp:80
mie::Fp
Definition zm2.h:18
Here is the call graph for this function:
Here is the caller graph for this function:

◆ isOnECJac3()

template<class Fp >
bool bn::ecop::isOnECJac3 ( const Fp * P)
inline

Definition at line 2361 of file bn.h.

2362{
2363 typedef Fp2T<Fp> Fp2;
2364 typedef ParamT<Fp2> Param;
2365 if (P[2] == 0) return true;
2366
2367 Fp Z6p_2;
2368 Fp::square(Z6p_2, P[2]);
2369 Fp::mul(Z6p_2, Z6p_2, P[2]);
2370 Fp::square(Z6p_2, Z6p_2);
2371 Z6p_2 *= Param::b;
2372 return P[1] * P[1] == P[0] * P[0] * P[0] + Z6p_2;
2373}
Here is the call graph for this function:
Here is the caller graph for this function:

◆ isOnTwistECHom2()

template<class Fp >
bool bn::ecop::isOnTwistECHom2 ( const Fp2T< Fp > * P)
inline

Definition at line 2427 of file bn.h.

2428{
2429 typedef Fp2T<Fp> Fp2;
2430 typedef ParamT<Fp2> Param;
2431 return P[1] * P[1] == (P[0] * P[0] * P[0] + Param::b_invxi);
2432}
Here is the caller graph for this function:

◆ isOnTwistECHom3()

template<class Fp >
bool bn::ecop::isOnTwistECHom3 ( const Fp2T< Fp > * P)
inline

Definition at line 2439 of file bn.h.

2440{
2441 typedef Fp2T<Fp> Fp2;
2442 typedef ParamT<Fp2> Param;
2443 if (P[2] == 0) return true;
2444 return P[1] * P[1] * P[2] == (P[0] * P[0] * P[0] + Param::b_invxi * P[2] * P[2] * P[2]);
2445}
Here is the caller graph for this function:

◆ isOnTwistECJac3()

template<class Fp >
bool bn::ecop::isOnTwistECJac3 ( const Fp2T< Fp > * P)
inline

Definition at line 2409 of file bn.h.

2410{
2411 typedef Fp2T<Fp> Fp2;
2412 typedef ParamT<Fp2> Param;
2413
2414 if (P[2] == 0) return true;
2415 Fp2 Z6p;
2416 Fp2::square(Z6p, P[2]);
2417 Fp2::mul(Z6p, Z6p, P[2]);
2418 Fp2::square(Z6p, Z6p);
2419 return P[1] * P[1] == P[0] * P[0] * P[0] + Param::b_invxi * Z6p;
2420}
Fp2::mul
void mul(const Fp2 &rhs)
Definition bn254_if.hpp:116
Here is the caller graph for this function:

◆ NormalizeHom()

template<class FF >
void bn::ecop::NormalizeHom ( FF * out,
const FF * in )
inline

Definition at line 2475 of file bn.h.

2476{
2477 if (in[2] == 0) {
2478 out[0].clear();
2479 out[1].clear();
2480 out[2].clear();
2481 } else if (in[2] == 1) {
2482 copy(out, in);
2483 } else {
2484 FF A = in[2];
2485 A.inverse();
2486 FF::mul(out[0], in[0], A);
2487 FF::mul(out[1], in[1], A);
2488 out[2] = 1;
2489 }
2490}
Here is the call graph for this function:
Here is the caller graph for this function:

◆ NormalizeJac()

template<class FF >
void bn::ecop::NormalizeJac ( FF * out,
const FF * in )
inline

Definition at line 2451 of file bn.h.

2452{
2453 if (in[2] == 0) {
2454 out[0].clear();
2455 out[1].clear();
2456 out[2].clear();
2457 } else if (in[2] == 1) {
2458 copy(out, in);
2459 } else {
2460 FF A, AA, t0;
2461 A = in[2];
2462 A.inverse();
2463 FF::square(AA, A);
2464 FF::mul(out[0], in[0], AA);
2465 FF::mul(t0, AA, A);
2466 FF::mul(out[1], in[1], t0);
2467 out[2] = 1;
2468 }
2469}
Here is the call graph for this function:
Here is the caller graph for this function:

◆ ScalarMult()

template<class FF , class INT >
void bn::ecop::ScalarMult ( FF * out,
const FF * in,
const INT & m )
inline

Definition at line 2590 of file bn.h.

2591{
2592 typedef typename mie::util::IntTag<INT> Tag;
2593 typedef typename Tag::value_type value_type;
2594
2595 if (m == 0) {
2596 out[0].clear();
2597 out[1].clear();
2598 out[2].clear();
2599 return;
2600 }
2601 FF inCopy[3];
2602 if (out == in) {
2603 ecop::copy(inCopy, in);
2604 in = inCopy;
2605 }
2606
2607 const int mSize = (int)Tag::getBlockSize(m);
2608 const int vSize = (int)sizeof(value_type) * 8;
2609 const value_type mask = value_type(1) << (vSize - 1);
2610 assert(mSize > 0); // if mSize == 0, it had been returned.
2611 /*
2612 Extract and process for MSB of most significant word.
2613 */
2614 value_type v = Tag::getBlock(m, mSize - 1);
2615 int j = 0;
2616
2617 while ((v != 0) && (!(v & mask))) {
2618 v <<= 1;
2619 ++j;
2620 }
2621
2622 v <<= 1;
2623 ++j;
2624 ecop::copy(out, in);
2625 /*
2626 Process for most significant word.
2627 */
2628 for (; j != vSize; ++j, v <<= 1) {
2629 ECDouble(out, out);
2630 if (v & mask) {
2631 ECAdd(out, out, in);
2632 }
2633 }
2634
2635 /*
2636 Process for non most significant words.
2637 */
2638 for (int i = mSize - 2; i >= 0; --i) {
2639 v = Tag::getBlock(m, i);
2640 for (j = 0; j != vSize; ++j, v <<= 1) {
2641 ECDouble(out, out);
2642 if (v & mask) {
2643 ECAdd(out, out, in);
2644 }
2645 }
2646 }
2647}
bn::ecop::ECDouble
void ECDouble(FF *out, const FF *in)
Definition bn.h:2497
bn::ecop::ECAdd
void ECAdd(FF *out, const FF *a, const FF *b)
Definition bn.h:2526
j
uint16_t j
Definition yubihsm_pkcs11.c:465
Here is the call graph for this function:
Here is the caller graph for this function: