From 9d88934bdf5bd8f89184fc8cd942474df2cf7755 Mon Sep 17 00:00:00 2001 From: Vasiliy Olekhov Date: Wed, 31 Jul 2024 11:26:51 +0300 Subject: [PATCH] Comments reviewed and removed #297 Added test for points of order 2 and 4, removed unused forms and coordinates #297 Reverted constructors for inverted coordinates #297 Exception thrown in release also #297 Removed edwards<183> curve and inverted coordinates #297 Further cleanup of inverted coordinates #297 --- .../detail/edwards/183/edwards_params.hpp | 148 -- .../edwards/183/twisted_edwards_params.hpp | 107 -- .../curves/detail/edwards/basic_policy.hpp | 155 --- .../curves/detail/edwards/element_g2.hpp | 456 ------- .../algebra/curves/detail/edwards/g1.hpp | 69 - .../algebra/curves/detail/edwards/g2.hpp | 65 - .../algebra/curves/detail/edwards/types.hpp | 84 -- .../detail/forms/edwards/coordinates.hpp | 52 - .../forms/edwards/inverted/add_2007_bl.hpp | 69 - .../forms/edwards/inverted/dbl_2007_bl.hpp | 69 - .../forms/edwards/inverted/element_g1.hpp | 299 ----- .../forms/edwards/inverted/madd_2007_bl.hpp | 71 - .../detail/forms/hessian/coordinates.hpp | 50 - .../jacobi_intersections/coordinates.hpp | 50 - .../forms/jacobi_quartics/coordinates.hpp | 54 - .../detail/forms/montgomery/coordinates.hpp | 1 - .../forms/short_weierstrass/coordinates.hpp | 6 - .../jacobian/add_2007_bl.hpp | 1 - .../jacobian/dbl_2007_bl.hpp | 1 - .../jacobian/madd_2007_bl.hpp | 1 - .../jacobian_with_a4_0/add_2007_bl.hpp | 1 - .../jacobian_with_a4_0/dbl_2009_l.hpp | 1 - .../jacobian_with_a4_0/madd_2007_bl.hpp | 1 - .../jacobian_with_a4_minus_3/add_2007_bl.hpp | 1 - .../jacobian_with_a4_minus_3/dbl_2007_bl.hpp | 1 - .../jacobian_with_a4_minus_3/madd_2007_bl.hpp | 1 - .../projective/add_1998_cmo_2.hpp | 1 - .../projective/dbl_2007_bl.hpp | 1 - .../projective/element_g1.hpp | 1 - .../add_1998_cmo_2.hpp | 1 - .../dbl_2007_bl.hpp | 1 - .../projective_with_a4_minus_3/element_g1.hpp | 5 +- .../forms/twisted_edwards/coordinates.hpp | 3 - .../twisted_edwards/element_g1_affine.hpp | 16 - .../extended_with_a_minus_1/element_g1.hpp | 16 +- .../inverted/add_2008_bbjlp.hpp | 70 - .../inverted/dbl_2008_bbjlp.hpp | 69 - .../twisted_edwards/inverted/element_g1.hpp | 314 ----- .../inverted/madd_2008_bbjlp.hpp | 71 - .../forms/twisted_hessian/coordinates.hpp | 49 - .../curves/detail/params/pairing/edwards.hpp | 78 -- .../nil/crypto3/algebra/curves/edwards.hpp | 81 -- .../nil/crypto3/algebra/curves/pallas.hpp | 0 .../curves/params/multiexp/edwards.hpp | 155 --- .../algebra/curves/params/wnaf/edwards.hpp | 67 - .../nil/crypto3/algebra/curves/vesta.hpp | 0 .../fields/arithmetic_params/edwards.hpp | 213 --- .../detail/extension_params/edwards/fp3.hpp | 145 -- .../extension_params/edwards/fp6_2over3.hpp | 101 -- .../algebra/fields/edwards/base_field.hpp | 98 -- .../algebra/fields/edwards/scalar_field.hpp | 93 -- .../nil/crypto3/algebra/fields/fp3.hpp | 6 - .../nil/crypto3/algebra/fields/fp6_2over3.hpp | 6 - .../pairing/detail/edwards/183/params.hpp | 88 -- .../pairing/detail/edwards/183/types.hpp | 107 -- .../nil/crypto3/algebra/pairing/edwards.hpp | 61 - .../edwards/183/ate_double_miller_loop.hpp | 107 -- .../pairing/edwards/183/ate_miller_loop.hpp | 94 -- .../pairing/edwards/183/ate_precompute_g1.hpp | 69 - .../pairing/edwards/183/ate_precompute_g2.hpp | 204 --- .../edwards/183/final_exponentiation.hpp | 103 -- .../pairing/edwards/183/tate_miller_loop.hpp | 92 -- .../edwards/183/tate_precompute_g1.hpp | 193 --- .../edwards/183/tate_precompute_g2.hpp | 66 - libs/algebra/test/curves.cpp | 109 +- libs/algebra/test/curves_static.cpp | 1 - libs/algebra/test/data/curves.json | 1186 +---------------- 67 files changed, 100 insertions(+), 5855 deletions(-) delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/edwards_params.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/twisted_edwards_params.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/basic_policy.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/element_g2.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g1.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g2.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/types.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/coordinates.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/add_2007_bl.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/dbl_2007_bl.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/element_g1.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/madd_2007_bl.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/hessian/coordinates.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_intersections/coordinates.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_quartics/coordinates.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/add_2008_bbjlp.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/dbl_2008_bbjlp.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/element_g1.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/madd_2008_bbjlp.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_hessian/coordinates.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/detail/params/pairing/edwards.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/edwards.hpp mode change 100755 => 100644 libs/algebra/include/nil/crypto3/algebra/curves/pallas.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/params/multiexp/edwards.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/curves/params/wnaf/edwards.hpp mode change 100755 => 100644 libs/algebra/include/nil/crypto3/algebra/curves/vesta.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/fields/arithmetic_params/edwards.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp3.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp6_2over3.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/fields/edwards/base_field.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/fields/edwards/scalar_field.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/params.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/types.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_double_miller_loop.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_miller_loop.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g1.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g2.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/final_exponentiation.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_miller_loop.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g1.hpp delete mode 100644 libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g2.hpp diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/edwards_params.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/edwards_params.hpp deleted file mode 100644 index 4e974de4c2..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/edwards_params.hpp +++ /dev/null @@ -1,148 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_EDWARDS_PARAMS_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_EDWARDS_PARAMS_HPP - -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - template<> - struct edwards_params<183, forms::edwards> { - - using base_field_type = typename edwards_types<183>::base_field_type; - using scalar_field_type = typename edwards_types<183>::scalar_field_type; - - constexpr static const typename edwards_types<183>::integral_type c = - typename edwards_types<183>::integral_type(0x01); - constexpr static const typename edwards_types<183>::integral_type d = - typename edwards_types<183>::integral_type( - 0x64536D55979879327CF1306BB5A6277D254EF9776CE70_cppui_modular179); - }; - - template<> - struct edwards_g1_params<183, forms::edwards> : public edwards_params<183, forms::edwards> { - - using field_type = typename edwards_types<183>::g1_field_type; - - template - using group_type = edwards_types<183>::g1_type; - -#ifdef STANDARD_EC_INF_POINTS_ENABLED - constexpr static const std::array zero_fill = { - field_type::value_type::zero(), field_type::value_type::one()}; -#else - constexpr static const std::array zero_fill = { - field_type::value_type::zero(), field_type::value_type::zero()}; -#endif - - private: - constexpr static const std::array inverted_one_fill = { - typename field_type::value_type(0x32d83d8aaa0c500f57b15fda90b1ad111067f812c7dd27_cppui_modular182), - typename field_type::value_type(0x26c5df4587aa6a5d345efc9f2d47f8b1656517ef618f7a_cppui_modular182), - typename field_type::value_type(0x3c6395f7eeafc1d930f0234a46e4a4806b953f0c3374ac_cppui_modular182)}; - - public: - constexpr static const std::array one_fill = { - inverted_one_fill[2] * inverted_one_fill[0].inversed(), - inverted_one_fill[2] * inverted_one_fill[1].inversed()}; - }; - - template<> - struct edwards_g2_params<183, forms::edwards> : public edwards_params<183, forms::edwards> { - - using field_type = typename edwards_types<183>::g2_field_type; - - template - using group_type = edwards_types<183>::g2_type; - - constexpr static const typename field_type::value_type twist = - typename field_type::value_type(0x00u, 0x01u, 0x00u); - - private: - constexpr static const typename field_type::value_type::underlying_type g1_c = - typename field_type::value_type::underlying_type(c); - constexpr static const typename field_type::value_type::underlying_type g1_d = - typename field_type::value_type::underlying_type(d); - - public: - constexpr static const typename field_type::value_type c = g1_c * twist; - constexpr static const typename field_type::value_type d = g1_d * twist; - -#ifdef STANDARD_EC_INF_POINTS_ENABLED - constexpr static const std::array zero_fill = { - field_type::value_type::zero(), field_type::value_type::one()}; -#else - constexpr static const std::array zero_fill = { - field_type::value_type::zero(), field_type::value_type::zero()}; -#endif - - - private: - constexpr static const std::array inverted_one_fill = { - typename field_type::value_type(0x3CE954C85AD30F53B1BB4C4F87029780F4141927FEB19_cppui_modular178, - 0x2214EB976DE3A4D9DF9C8D5F7AEDFEC337E03A20B32FFF_cppui_modular182, - 0x249774AB0EDC7FE2E665DDBFE08594F3071E0B3AC994C3_cppui_modular182), - typename field_type::value_type(0x2F501F9482C0D0D6E80AC55A79FD4D4594CAF187952660_cppui_modular182, - 0x37BF8F1B1CDA11A81E8BB8F41B5FF462C9A13DC7DE1578_cppui_modular182, - 0x2962F0DA0C7928B2CFBBACE3D0354652B6922A764C12D8_cppui_modular182), - typename field_type::value_type(0x3b6ad5c355d8b231b16e97b5c6f635357993efdc248101_cppui_modular182, - 0x2e8b3daf5fa18f9d9c6fa2ca0603fd0c9b09eeece8fd0d_cppui_modular182, - 0x3c3baf061e62a04a4e9d1db335b8779c70384ae2933a73_cppui_modular182)}; - - public: - constexpr static const std::array one_fill = { - inverted_one_fill[2] * inverted_one_fill[0].inversed(), - inverted_one_fill[2] * inverted_one_fill[1].inversed()}; - }; - - constexpr typename edwards_types<183>::integral_type const edwards_params<183, forms::edwards>::c; - constexpr typename edwards_types<183>::integral_type const edwards_params<183, forms::edwards>::d; - - constexpr std::array::field_type::value_type, - 2> const edwards_g1_params<183, forms::edwards>::zero_fill; - constexpr std::array::field_type::value_type, - 2> const edwards_g1_params<183, forms::edwards>::one_fill; - - constexpr std::array::field_type::value_type, - 2> const edwards_g2_params<183, forms::edwards>::zero_fill; - constexpr std::array::field_type::value_type, - 2> const edwards_g2_params<183, forms::edwards>::one_fill; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_EDWARDS_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/twisted_edwards_params.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/twisted_edwards_params.hpp deleted file mode 100644 index b49efc7d15..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/183/twisted_edwards_params.hpp +++ /dev/null @@ -1,107 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_TWISTED_EDWARDS_PARAMS_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_TWISTED_EDWARDS_PARAMS_HPP - -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - template<> - struct edwards_params<183, forms::twisted_edwards> { - - using base_field_type = typename edwards_types<183>::base_field_type; - using scalar_field_type = typename edwards_types<183>::scalar_field_type; - - constexpr static const typename edwards_types<183>::integral_type a = - typename edwards_types<183>::integral_type(0x01); - constexpr static const typename edwards_types<183>::integral_type d = - edwards_params<183, forms::edwards>::d; - }; - - template<> - struct edwards_g1_params<183, forms::twisted_edwards> - : public edwards_params<183, forms::twisted_edwards> { - - using field_type = typename edwards_types<183>::g1_field_type; - - template - using group_type = edwards_types<183>::g1_type; - - constexpr static const std::array zero_fill = - edwards_g1_params<183, forms::edwards>::zero_fill; - - constexpr static const std::array one_fill = - edwards_g1_params<183, forms::edwards>::one_fill; - }; - - template<> - struct edwards_g2_params<183, forms::twisted_edwards> - : public edwards_params<183, forms::twisted_edwards> { - - using field_type = typename edwards_types<183>::g2_field_type; - - template - using group_type = edwards_types<183>::g2_type; - - constexpr static const std::array zero_fill = - edwards_g2_params<183, forms::edwards>::zero_fill; - - constexpr static const std::array one_fill = - edwards_g2_params<183, forms::edwards>::one_fill; - }; - - constexpr typename edwards_params<183, forms::twisted_edwards>::base_field_type::integral_type const - edwards_params<183, forms::twisted_edwards>::a; - constexpr typename edwards_params<183, forms::twisted_edwards>::base_field_type::integral_type const - edwards_params<183, forms::twisted_edwards>::d; - - constexpr std::array< - typename edwards_g1_params<183, forms::twisted_edwards>::field_type::value_type, 2> const - edwards_g1_params<183, forms::twisted_edwards>::zero_fill; - constexpr std::array< - typename edwards_g1_params<183, forms::twisted_edwards>::field_type::value_type, 2> const - edwards_g1_params<183, forms::twisted_edwards>::one_fill; - - constexpr std::array< - typename edwards_g2_params<183, forms::twisted_edwards>::field_type::value_type, 2> const - edwards_g2_params<183, forms::twisted_edwards>::zero_fill; - constexpr std::array< - typename edwards_g2_params<183, forms::twisted_edwards>::field_type::value_type, 2> const - edwards_g2_params<183, forms::twisted_edwards>::one_fill; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_TWISTED_EDWARDS_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/basic_policy.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/basic_policy.hpp deleted file mode 100644 index 67a0a894c4..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/basic_policy.hpp +++ /dev/null @@ -1,155 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_BASIC_POLICY_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_BASIC_POLICY_HPP - -#include -#include - -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - using namespace algebra; - /** @brief A struct representing details about base and scalar fields. - * @tparam Version version of the curve - * - */ - template - struct edwards_basic_policy { }; - /** @brief A struct representing details about base and scalar fields of the size 183 bits and 181 - * bits respectively. - * - */ - template<> - struct edwards_basic_policy<183> { - constexpr static const std::size_t version = 183; ///< size of the base field in bits - typedef fields::edwards_fq g1_field_type; - typedef g1_field_type base_field_type; - typedef typename fields::fp3 g2_field_type; - typedef typename fields::fp6_2over3 gt_field_type; - - typedef typename base_field_type::integral_type integral_type; - typedef typename base_field_type::extended_integral_type extended_integral_type; - - constexpr static const integral_type base_field_modulus = - base_field_type::modulus; ///< characteristic of the base field - - typedef fields::edwards_fr scalar_field_type; - constexpr static const integral_type scalar_field_modulus = - scalar_field_type::modulus; ///< characteristic of the scalar field (order of the group - ///< of points) - - constexpr static const integral_type p = - base_field_modulus; ///< characteristic of the base field - constexpr static const integral_type q = - scalar_field_modulus; ///< characteristic of the scalar field (order of the group of - ///< points) - - constexpr static const integral_type a = - 0x01; ///< coefficient of short Weierstrass curve $y^2=x^3+a*x+b$ - constexpr static const integral_type d = - 0x64536D55979879327CF1306BB5A6277D254EF9776CE70_cppui_modular179; ///< coefficient of short - ///< Weierstrass curve - ///< $y^2=x^3+a*x+b$ -#ifdef STANDARD_EC_INF_POINTS_ENABLED - constexpr static const std::array g1_zero_fill = { - g1_field_type::value_type::one(), g1_field_type::value_type::zero(), - g1_field_type::value_type::zero()}; -#else - constexpr static const std::array g1_zero_fill = { - g1_field_type::value_type::zero(), g1_field_type::value_type::zero(), - g1_field_type::value_type::zero()}; -#endif - - - constexpr static const std::array g1_one_fill = { - typename g1_field_type::value_type( - 0x32d83d8aaa0c500f57b15fda90b1ad111067f812c7dd27_cppui_modular182), - typename g1_field_type::value_type( - 0x26c5df4587aa6a5d345efc9f2d47f8b1656517ef618f7a_cppui_modular182), - typename g1_field_type::value_type( - 0x3c6395f7eeafc1d930f0234a46e4a4806b953f0c3374ac_cppui_modular182)}; - -#ifdef STANDARD_EC_INF_POINTS_ENABLED - constexpr static const std::array g2_zero_fill = { - g2_field_type::value_type::one(), g2_field_type::value_type::zero(), - g2_field_type::value_type::zero()}; -#else - constexpr static const std::array g2_zero_fill = { - g2_field_type::value_type::zero(), g2_field_type::value_type::zero(), - g2_field_type::value_type::zero()}; -#endif - - constexpr static const std::array g2_one_fill = { - typename g2_field_type::value_type( - 0x3CE954C85AD30F53B1BB4C4F87029780F4141927FEB19_cppui_modular178, - 0x2214EB976DE3A4D9DF9C8D5F7AEDFEC337E03A20B32FFF_cppui_modular182, - 0x249774AB0EDC7FE2E665DDBFE08594F3071E0B3AC994C3_cppui_modular182), - typename g2_field_type::value_type( - 0x2F501F9482C0D0D6E80AC55A79FD4D4594CAF187952660_cppui_modular182, - 0x37BF8F1B1CDA11A81E8BB8F41B5FF462C9A13DC7DE1578_cppui_modular182, - 0x2962F0DA0C7928B2CFBBACE3D0354652B6922A764C12D8_cppui_modular182), - typename g2_field_type::value_type( - 0x3b6ad5c355d8b231b16e97b5c6f635357993efdc248101_cppui_modular182, - 0x2e8b3daf5fa18f9d9c6fa2ca0603fd0c9b09eeece8fd0d_cppui_modular182, - 0x3c3baf061e62a04a4e9d1db335b8779c70384ae2933a73_cppui_modular182)}; - }; - - constexpr typename edwards_basic_policy<183>::integral_type const - edwards_basic_policy<183>::base_field_modulus; - constexpr typename edwards_basic_policy<183>::integral_type const - edwards_basic_policy<183>::scalar_field_modulus; - - constexpr typename edwards_basic_policy<183>::integral_type const edwards_basic_policy<183>::a; - constexpr typename edwards_basic_policy<183>::integral_type const edwards_basic_policy<183>::d; - - constexpr typename edwards_basic_policy<183>::integral_type const edwards_basic_policy<183>::p; - constexpr typename edwards_basic_policy<183>::integral_type const edwards_basic_policy<183>::q; - - constexpr std::array::g1_field_type::value_type, 3> const - edwards_basic_policy<183>::g1_zero_fill; - constexpr std::array::g1_field_type::value_type, 3> const - edwards_basic_policy<183>::g1_one_fill; - constexpr std::array::g2_field_type::value_type, 3> const - edwards_basic_policy<183>::g2_zero_fill; - constexpr std::array::g2_field_type::value_type, 3> const - edwards_basic_policy<183>::g2_one_fill; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_BASIC_POLICY_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/element_g2.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/element_g2.hpp deleted file mode 100644 index 27b8893ba8..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/element_g2.hpp +++ /dev/null @@ -1,456 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2020-2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_G2_ELEMENT_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_G2_ELEMENT_HPP - -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - /** @brief A struct representing a group G2 of Edwards curve. - * @tparam Version version of the curve - * - */ - template - struct edwards_g2; - /** @brief A struct representing an element from the group G2 of Edwards curve. - * @tparam Version version of the curve - * - */ - template - class element_edwards_g2 { }; - /** @brief A struct representing an elememnt from the group G2 of Edwards curve. - * - */ - template<> - class element_edwards_g2<183> { - public: - - using group_type = edwards_g2<183, forms::twisted_edwards, coordinates::inverted>; - - using policy_type = edwards_basic_policy<183>; - typedef typename policy_type::g1_field_type::value_type g1_field_type_value; - typedef typename policy_type::g2_field_type::value_type g2_field_type_value; - - using underlying_field_value_type = g2_field_type_value; - - underlying_field_value_type X; - underlying_field_value_type Y; - underlying_field_value_type Z; - - /************************* Constructors and zero/one ***********************************/ - /** @brief - * @return the point at infinity by default - * - */ - constexpr element_edwards_g2() : - element_edwards_g2(policy_type::g2_zero_fill[0], policy_type::g2_zero_fill[1], - policy_type::g2_zero_fill[2]) {}; - - /** @brief - * @return the selected point $(X:Y:Z)$ in the projective coordinates - * - */ - constexpr element_edwards_g2(const underlying_field_value_type& X, - const underlying_field_value_type& Y, - const underlying_field_value_type& Z) - : X(X), Y(Y), Z(Z) - { } - - template - explicit constexpr element_edwards_g2( - const boost::multiprecision::number &value) { - *this = one() * value; - } - - /** @brief - * @return the selected point $(X:Y:X*Y)$ in the inverted coordinates - * - */ - constexpr element_edwards_g2(underlying_field_value_type X, underlying_field_value_type Y) : - element_edwards_g2(X, Y, X * Y) {}; - /** @brief Get the point at infinity - * - */ - constexpr static element_edwards_g2 zero() { - return element_edwards_g2(policy_type::g2_zero_fill[0], policy_type::g2_zero_fill[1], - policy_type::g2_zero_fill[2]); - } - /** @brief Get the generator of group G2 - * - */ - constexpr static element_edwards_g2 one() { - return element_edwards_g2(policy_type::g2_one_fill[0], - policy_type::g2_one_fill[1], - policy_type::g2_one_fill[2]); // it's better to precompute also - } - - /** @brief - * - * @return true if element from group G2 lies on the elliptic curve - * a*x^2 + y^2 = 1 + d*x^2*y^2 - * x = Z/X, y = Z/Y - * a * Z^2/X^2 + Z^2/Y^2 == 1 + d * Z^4 / X^2 / Y^2 - * a * Z^2 * Y^2 + Z^2 * X^2 == X^2 * Y^2 + d * Z^4 - */ - constexpr bool is_well_formed() const { - if (this->is_zero()) { - return true; - } else { - - const auto X2 = this->X.squared(); - const auto Y2 = this->Y.squared(); - const auto Z2 = this->Z.squared(); - - return (policy_type::a * Z2*Y2 + Z2*X2 == X2*Y2 + policy_type::d * Z2*Z2); - } - } - - /************************* Comparison operations ***********************************/ - - constexpr bool operator==(const element_edwards_g2 &other) const { - if (this->is_zero()) { - return other.is_zero(); - } - - if (other.is_zero()) { - return false; - } - - /* now neither is O */ - - // X1/Z1 = X2/Z2 <=> X1*Z2 = X2*Z1 - if ((this->X * other.Z) != (other.X * this->Z)) { - return false; - } - - // Y1/Z1 = Y2/Z2 <=> Y1*Z2 = Y2*Z1 - if ((this->Y * other.Z) != (other.Y * this->Z)) { - return false; - } - - return true; - } - - constexpr bool operator!=(const element_edwards_g2 &other) const { - return !(operator==(other)); - } - /** @brief - * - * @return true if element from group G2 is the point at infinity - */ - constexpr bool is_zero() const { - return (this->Y.is_zero() && this->Z.is_zero()); - } - /** @brief - * - * @return true if element from group G2 in affine coordinates - */ - constexpr bool is_special() const { - return (this->is_zero() || this->Z == underlying_field_value_type::one()); - } - - /************************* Arithmetic operations ***********************************/ - - constexpr element_edwards_g2 operator=(const element_edwards_g2 &other) { - // handle special cases having to do with O - this->X = other.X; - this->Y = other.Y; - this->Z = other.Z; - - return *this; - } - - template - constexpr const element_edwards_g2& operator=( - const boost::multiprecision::number &value) { - *this = one() * value; - return *this; - } - - constexpr element_edwards_g2 operator+(const element_edwards_g2 &other) const { - if (this->is_zero()) { - return other; - } - - if (other.is_zero()) { - return (*this); - } - - element_edwards_g2 result = *this; - - if (*this == other) { - result.double_inplace(); - return result; - } - - result.add(other); - return result; - } - - constexpr element_edwards_g2& operator+=(const element_edwards_g2 &other) { - // handle special cases having to do with O - if (this->is_zero()) { - *this = other; - } else if (other.is_zero()) { - // Do nothing. - } else if (*this == other) { - this->double_inplace(); - } else { - this->add(other); - } - return *this; - } - - constexpr element_edwards_g2 operator-() const { - return element_edwards_g2(-(this->X), this->Y, this->Z); - } - - constexpr element_edwards_g2 operator-(const element_edwards_g2 &other) const { - return (*this) + (-other); - } - - constexpr element_edwards_g2& operator-=(const element_edwards_g2 &other) { - return (*this) += (-other); - } - - template - constexpr element_edwards_g2& operator*=(const boost::multiprecision::number &right) { - (*this) = (*this) * right; - return *this; - } - - template - typename std::enable_if::value && - !is_extended_field::value, - element_edwards_g2>::type - operator*=(const FieldValueType &right) { - return (*this) *= right.data; - } - - /** @brief - * - * @return doubled element from group G2 - */ - constexpr void double_inplace() { - - if (!this->is_zero()) { - // NOTE: does not handle O and pts of order 2,4 - // http://www.hyperelliptic.org/EFD/g1p/auto-twisted-inverted.html#doubling-dbl-2008-bbjlp - - const underlying_field_value_type A = (this->X).squared(); // A = X1^2 - const underlying_field_value_type B = (this->Y).squared(); // B = Y1^2 - const underlying_field_value_type U = mul_by_a(B); // U = a*B - const underlying_field_value_type C = A + U; // C = A+U - const underlying_field_value_type D = A - U; // D = A-U - const underlying_field_value_type E = - (this->X + this->Y).squared() - A - B; // E = (X1+Y1)^2-A-B - const underlying_field_value_type dZZ = mul_by_d(this->Z.squared()); - X = C * D; // X3 = C*D - Y = E * (C - dZZ - dZZ); // Y3 = E*(C-2*d*Z1^2) - Z = D * E; // Z3 = D*E - } - } - - /** @brief - * - * “Mixed addition” refers to the case Z2 known to be 1. - * @return addition of two elements from group G2 - */ - constexpr void mixed_add(const element_edwards_g2 &other) { - - // handle special cases having to do with O - if (other.is_zero()) { - return; - } - - if (this->is_zero()) { - *this = other; - return; - } - - // NOTE: does not handle O and pts of order 2,4 - // http://www.hyperelliptic.org/EFD/g1p/auto-edwards-inverted.html#addition-madd-2007-lb - - const underlying_field_value_type A = this->Z; // A = Z1*Z2 - const underlying_field_value_type B = mul_by_d(A.squared()); // B = d*A^2 - const underlying_field_value_type C = (this->X) * (other.X); // C = X1*X2 - const underlying_field_value_type D = (this->Y) * (other.Y); // D = Y1*Y2 - const underlying_field_value_type E = C * D; // E = C*D - const underlying_field_value_type H = C - mul_by_a(D); // H = C-a*D - const underlying_field_value_type I = - (this->X + this->Y) * (other.X + other.Y) - C - D; // I = (X1+Y1)*(X2+Y2)-C-D - X = (E + B) * H; // X3 = (E+B)*H - Y = (E - B) * I; // Y3 = (E-B)*I - Z = A * H * I; // Z3 = A*H*I - } - - private: - constexpr void add(const element_edwards_g2 &other) { - // NOTE: does not handle O and pts of order 2,4 - // http://www.hyperelliptic.org/EFD/g1p/auto-twisted-inverted.html#addition-add-2008-bbjlp - - const underlying_field_value_type A = (this->Z) * (other.Z); // A = Z1*Z2 - const underlying_field_value_type B = this->mul_by_d(A.squared()); // B = d*A^2 - const underlying_field_value_type C = (this->X) * (other.X); // C = X1*X2 - const underlying_field_value_type D = (this->Y) * (other.Y); // D = Y1*Y2 - const underlying_field_value_type E = C * D; // E = C*D - const underlying_field_value_type H = C - this->mul_by_a(D); // H = C-a*D - const underlying_field_value_type I = - (this->X + this->Y) * (other.X + other.Y) - C - D; // I = (X1+Y1)*(X2+Y2)-C-D - X = (E + B) * H; // X3 = (E+B)*H - Y = (E - B) * I; // Y3 = (E-B)*I - Z = A * H * I; // Z3 = A*H*I - } - - public: - /************************* Extra arithmetic operations ***********************************/ - - constexpr inline static underlying_field_value_type - mul_by_a(const underlying_field_value_type &elt) { - return underlying_field_value_type(twist_mul_by_a_c0 * elt.data[2], elt.data[0], - elt.data[1]); - } - - constexpr inline static underlying_field_value_type - mul_by_d(const underlying_field_value_type &elt) { - return underlying_field_value_type(twist_mul_by_d_c0 * elt.data[2], - twist_mul_by_d_c1 * elt.data[0], - twist_mul_by_d_c2 * elt.data[1]); - } - - /************************* Reducing operations ***********************************/ - /** @brief - * - * @return return the corresponding element from inverted coordinates to affine coordinates - */ - constexpr element_edwards_g2 to_affine() const { - underlying_field_value_type p_out[3]; - - if (this->is_zero()) { - p_out[0] = underlying_field_value_type::zero(); - p_out[1] = underlying_field_value_type::one(); - p_out[2] = underlying_field_value_type::one(); - } else { - // go from inverted coordinates to projective coordinates - underlying_field_value_type tX = this->Y * this->Z; - underlying_field_value_type tY = this->X * this->Z; - underlying_field_value_type tZ = this->X * this->Y; - // go from projective coordinates to affine coordinates - underlying_field_value_type tZ_inv = tZ.inversed(); - p_out[0] = tX * tZ_inv; - p_out[1] = tY * tZ_inv; - p_out[2] = underlying_field_value_type::one(); - } - - return element_edwards_g2(p_out[0], p_out[1], p_out[2]); - } - - /** @brief - * - * @return return the corresponding element from projective coordinates to affine coordinates - */ - constexpr element_edwards_g2 to_projective() const { - underlying_field_value_type p_out[3]; - - if (this->Z.is_zero()) { - return *this; - } - - underlying_field_value_type Z_inv = this->Z.inversed(); - p_out[0] = this->X * Z_inv; - p_out[1] = this->Y * Z_inv; - p_out[2] = underlying_field_value_type::one(); - - return element_edwards_g2(p_out[0], p_out[1], p_out[2]); - } - - constexpr static const g2_field_type_value twist = g2_field_type_value( - g2_field_type_value::underlying_type::zero(), g2_field_type_value::underlying_type::one(), - g2_field_type_value::underlying_type::zero()); - - private: - constexpr static const g1_field_type_value a = policy_type::a; - constexpr static const g1_field_type_value d = policy_type::d; - - constexpr static const g2_field_type_value twist_coeff_a = a * twist; - constexpr static const g2_field_type_value twist_coeff_d = d * twist; - - constexpr static g1_field_type_value twist_mul_by_a_c0 = a * g2_field_type_value::non_residue; - constexpr static const g1_field_type_value twist_mul_by_a_c1 = a; - constexpr static const g1_field_type_value twist_mul_by_a_c2 = a; - constexpr static g1_field_type_value twist_mul_by_d_c0 = d * g2_field_type_value::non_residue; - constexpr static const g1_field_type_value twist_mul_by_d_c1 = d; - constexpr static const g1_field_type_value twist_mul_by_d_c2 = d; - constexpr static const g1_field_type_value twist_mul_by_q_Y = - g1_field_type_value(0xB35E3665A18365954D018902935D4419423F84321BC3E_cppui_modular180); - constexpr static const g1_field_type_value twist_mul_by_q_Z = - g1_field_type_value(0xB35E3665A18365954D018902935D4419423F84321BC3E_cppui_modular180); - }; - - constexpr typename element_edwards_g2<183>::g1_field_type_value const element_edwards_g2<183>::a; - constexpr typename element_edwards_g2<183>::g1_field_type_value const element_edwards_g2<183>::d; - - constexpr typename element_edwards_g2<183>::g2_field_type_value const - element_edwards_g2<183>::twist_coeff_a; - constexpr typename element_edwards_g2<183>::g2_field_type_value const - element_edwards_g2<183>::twist_coeff_d; - - constexpr typename element_edwards_g2<183>::g1_field_type_value const - element_edwards_g2<183>::twist_mul_by_a_c1; - constexpr typename element_edwards_g2<183>::g1_field_type_value const - element_edwards_g2<183>::twist_mul_by_a_c2; - - constexpr typename element_edwards_g2<183>::g1_field_type_value const - element_edwards_g2<183>::twist_mul_by_d_c1; - constexpr typename element_edwards_g2<183>::g1_field_type_value const - element_edwards_g2<183>::twist_mul_by_d_c2; - - constexpr typename element_edwards_g2<183>::g1_field_type_value const - element_edwards_g2<183>::twist_mul_by_q_Y; - constexpr typename element_edwards_g2<183>::g1_field_type_value const - element_edwards_g2<183>::twist_mul_by_q_Z; - - constexpr typename element_edwards_g2<183>::g1_field_type_value - element_edwards_g2<183>::twist_mul_by_a_c0; - constexpr typename element_edwards_g2<183>::g1_field_type_value - element_edwards_g2<183>::twist_mul_by_d_c0; - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g1.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g1.hpp deleted file mode 100644 index 8c3b6c9275..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g1.hpp +++ /dev/null @@ -1,69 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2020-2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_G1_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_G1_HPP - -// #include -#include -// #include -#include - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - - template - class edwards; - - namespace detail { - /** @brief A struct representing a group G1 of Edwards curve. - * @tparam Version version of the curve - * - */ - template - struct edwards_g1 { - - using params_type = edwards_g1_params; - - using curve_type = edwards; - - using field_type = typename params_type::field_type; - - constexpr static const std::size_t value_bits = - field_type::value_bits + 1; ///< size of the base field in bits - - using value_type = curve_element; - }; - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_183_G1_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g2.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g2.hpp deleted file mode 100644 index fd327a542b..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/g2.hpp +++ /dev/null @@ -1,65 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2020-2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_G2_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_G2_HPP - -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - - template - class edwards; - - namespace detail { - /** @brief A struct representing a group G2 of Edwards curve. - * @tparam Version version of the curve - * - */ - template - struct edwards_g2 { - - using params_type = edwards_basic_policy; - - using curve_type = edwards; - - using field_type = typename params_type::g2_field_type; - - constexpr static const std::size_t value_bits = - field_type::value_bits + 1; ///< size of the base field in bits - - using value_type = element_edwards_g2; - }; - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_G2_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/types.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/types.hpp deleted file mode 100644 index 637c60dd33..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/edwards/types.hpp +++ /dev/null @@ -1,84 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_TYPES_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_TYPES_HPP - -#include -#include - -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - template - struct edwards_g1; - - template - struct edwards_g2; - - template - struct edwards_params; - - template - struct edwards_g1_params; - - template - struct edwards_g2_params; - - /** @brief A struct representing details about base and scalar fields. - * @tparam Version version of the curve - * - */ - template - struct edwards_types { - using base_field_type = fields::edwards_base_field; - using scalar_field_type = fields::edwards_scalar_field; - - using g1_field_type = base_field_type; - using g2_field_type = typename fields::fp3; - using gt_field_type = typename fields::fp6_2over3; - - using integral_type = typename base_field_type::integral_type; - - template - using g1_type = edwards_g1; - - template - using g2_type = edwards_g2; - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_TYPES_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/coordinates.hpp deleted file mode 100644 index f26a287f70..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/coordinates.hpp +++ /dev/null @@ -1,52 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2021 Mikhail Komarov -// Copyright (c) 2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ZK_ALGEBRA_CURVES_EDWARDS_COORDINATES_REPRESENTATIONS_HPP -#define CRYPTO3_ZK_ALGEBRA_CURVES_EDWARDS_COORDINATES_REPRESENTATIONS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace coordinates { - - /** @brief Edwards curve group element coordinates representation. - * Description: https://hyperelliptic.org/EFD/g1p/auto-edwards.html - */ - struct affine; - struct inverted; - struct projective; - struct squared_yz_squared_d; - struct yz_squared_d; - - } // namespace coordinates - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ZK_ALGEBRA_CURVES_EDWARDS_COORDINATES_REPRESENTATIONS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/add_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/add_2007_bl.hpp deleted file mode 100644 index 2b1e3f07c9..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/add_2007_bl.hpp +++ /dev/null @@ -1,69 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_ADD_2007_BL_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_ADD_2007_BL_HPP - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - /** @brief A struct representing element addition from the group G1 of Edwards curve - * for inversed coordinates representation. - * NOTE: does not handle O and pts of order 2,4 - * http://www.hyperelliptic.org/EFD/g1p/auto-edwards-inverted.html#addition-add-2007-bl - */ - - struct edwards_element_g1_inverted_add_2007_bl { - - template - constexpr static inline void process(ElementType &first, - const ElementType &second) { - - using field_value_type = typename ElementType::field_type::value_type; - - field_value_type A = (first.Z) * (second.Z); // A = Z1*Z2 - field_value_type B = ElementType::params_type::d * A.squared(); // B = d*A^2 - field_value_type C = (first.X) * (second.X); // C = X1*X2 - field_value_type D = (first.Y) * (second.Y); // D = Y1*Y2 - field_value_type E = C * D; // E = C*D - field_value_type H = C - D; // H = C-D - field_value_type I = - (first.X + first.Y) * (second.X + second.Y) - C - D; // I = (X1+Y1)*(X2+Y2)-C-D - first.X = ElementType::params_type::c * (E + B) * H; // X3 = c*(E+B)*H - first.Y = ElementType::params_type::c * (E - B) * I; // Y3 = c*(E-B)*I - first.Z = A * H * I; // Z3 = A*H*I - - } - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_ADD_2007_BL_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/dbl_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/dbl_2007_bl.hpp deleted file mode 100644 index 7a3f927993..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/dbl_2007_bl.hpp +++ /dev/null @@ -1,69 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_DBL_2007_BL_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_DBL_2007_BL_HPP - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - /** @brief A struct representing element doubling from the group G1 of Edwards curve - * for inversed coordinates representation. - * NOTE: does not handle O and pts of order 2,4 - * http://www.hyperelliptic.org/EFD/g1p/auto-edwards-inverted.html#doubling-dbl-2007-bl - */ - - struct edwards_element_g1_inverted_dbl_2007_bl { - - template - constexpr static inline void process(ElementType &first) { - - using field_value_type = typename ElementType::field_type::value_type; - - if (!first.is_zero()) { - - field_value_type A = (first.X).squared(); // A = X1^2 - field_value_type B = (first.Y).squared(); // B = Y1^2 - field_value_type C = A + B; // C = A+B - field_value_type D = A - B; // D = A-B - field_value_type E = (first.X + first.Y).squared() - C; // E = (X1+Y1)^2-C - first.X = C * D; // X3 = C*D - field_value_type dZZ = ElementType::params_type::c * ElementType::params_type::c * - ElementType::params_type::d * first.Z.squared(); - first.Y = E * (C - dZZ - dZZ); // Y3 = E*(C-c*c*2*d*Z1^2) - first.Z = ElementType::params_type::c * D * E; // Z3 = c*D*E - } - } - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_DBL_2007_BL_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/element_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/element_g1.hpp deleted file mode 100644 index 1b822ec1c6..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/element_g1.hpp +++ /dev/null @@ -1,299 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2020-2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_HPP - -#include -#include - -#include -#include -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - /** @brief A struct representing a group G1 of elliptic curve. - * @tparam CurveParams Parameters of the group - * @tparam Form Form of the curve - * @tparam Coordinates Representation coordinates of the group element - */ - template - class curve_element; - - /** @brief A struct representing an element from the group G1 of Edwards curve of - * inverted coordinates representation. - * Description: http://www.hyperelliptic.org/EFD/g1p/auto-edwards-inverted.html - * - */ - template - class curve_element { - public: - - using params_type = CurveParams; - using field_type = typename params_type::field_type; - - private: - using field_value_type = typename field_type::value_type; - - using common_addition_processor = edwards_element_g1_inverted_add_2007_bl; - using common_doubling_processor = edwards_element_g1_inverted_dbl_2007_bl; - using mixed_addition_processor = edwards_element_g1_inverted_madd_2007_bl; - - public: - using group_type = typename params_type::group_type; - - using form = forms::edwards; - using coordinates = coordinates::inverted; - - field_value_type X; - field_value_type Y; - field_value_type Z; - - /************************* Constructors and zero/one ***********************************/ - - /** @brief - * @return the point at infinity by default - * - */ - constexpr curve_element() : - curve_element(params_type::zero_fill[0], - params_type::zero_fill[1], - params_type::zero_fill[2]) {}; - - /** @brief - * @return the selected point (X:Y:Z) - * - */ - constexpr curve_element(const field_value_type& X, const field_value_type& Y, const field_value_type& Z) - : X(X), Y(Y), Z(Z) - { } - - template - explicit constexpr curve_element( - const boost::multiprecision::number &value) { - *this = one() * value; - } - - /** @brief Get the point at infinity - * - */ - constexpr static curve_element zero() { - return curve_element(); - } - - /** @brief Get the generator of group G1 - * - */ - constexpr static curve_element one() { - return curve_element(params_type::one_fill[0], params_type::one_fill[1], - params_type::one_fill[2]); - } - - /************************* Comparison operations ***********************************/ - - constexpr bool operator==(const curve_element &other) const { - if (this->is_zero()) { - return other.is_zero(); - } - - if (other.is_zero()) { - return false; - } - - /* now neither is O */ - - // X1/Z1 = X2/Z2 <=> X1*Z2 = X2*Z1 - if ((this->X * other.Z) != (other.X * this->Z)) { - return false; - } - - // Y1/Z1 = Y2/Z2 <=> Y1*Z2 = Y2*Z1 - if ((this->Y * other.Z) != (other.Y * this->Z)) { - return false; - } - - return true; - } - - constexpr bool operator!=(const curve_element &other) const { - return !(operator==(other)); - } - /** @brief - * - * @return true if element from group G1 is the point at infinity - */ - constexpr bool is_zero() const { - return (this->Y.is_zero() && this->Z.is_zero()); - } - - /** @brief - * - * @return true if element from group G1 lies on the elliptic curve - */ - constexpr bool is_well_formed() const { - if (this->is_zero()) { - return true; - } else { - - const auto X2 = this->X.squared(); - const auto Y2 = this->Y.squared(); - const auto Z2 = this->Z.squared(); - - return (params_type::a * Z2*Y2 + Z2*X2 == X2*Y2 + params_type::d * Z2*Z2); - } - } - - /************************* Reducing operations ***********************************/ - - /** @brief - * - * @return return the corresponding element from inverted coordinates to - * affine coordinates - */ - constexpr curve_element - to_affine() const { - - using result_type = curve_element; - - if (is_zero()) { - return result_type::zero(); - } - - // x=Z/X, y=Z/Y - return result_type(Z * X.inversed(), Z * Y.inversed()); - } - - /************************* Arithmetic operations ***********************************/ - - constexpr curve_element operator=(const curve_element &other) { - // handle special cases having to do with O - this->X = other.X; - this->Y = other.Y; - this->Z = other.Z; - - return *this; - } - - template - constexpr const curve_element& operator=( - const boost::multiprecision::number &value) { - *this = one() * value; - return *this; - } - - constexpr curve_element operator+(const curve_element &other) const { - if (this->is_zero()) { - return other; - } - - if (other.is_zero()) { - return (*this); - } - - curve_element result = *this; - - if (*this == other) { - result.double_inplace(); - return result; - } - - common_addition_processor::process(result, other); - return result; - } - - constexpr curve_element& operator+=(const curve_element &other) { - // handle special cases having to do with O - if (this->is_zero()) { - *this = other; - } else if (other.is_zero()) { - // Do nothing. - } else if (*this == other) { - common_doubling_processor::process(*this); - } else { - common_addition_processor::process(*this, other); - } - return *this; - } - - constexpr curve_element operator-() const { - return curve_element(-(this->X), this->Y, this->Z); - } - - constexpr curve_element operator-(const curve_element &other) const { - return (*this) + (-other); - } - - constexpr curve_element& operator-=(const curve_element &other) { - return (*this) += (-other); - } - - /** @brief - * - * @return doubled element from group G1 - */ - constexpr void double_inplace() { - common_doubling_processor::process(*this); - } - - /** @brief - * - * “Mixed addition” refers to the case Z2 known to be 1. - * @return addition of two elements from group G1 - */ - constexpr void mixed_add(const curve_element &other) { - // handle special cases having to do with O - if (this->is_zero()) { - return; - } - if (other.is_zero()) { - return; - } - mixed_addition_processor::process(*this, other); - } - }; - - template - std::ostream& operator<<(std::ostream& os, curve_element const& e) - { - os << "{\"X\":" << e.X << ",\"Y\":" << e.Y << ",\"Z\":" << e.Z << "}"; - return os; - } - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/madd_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/madd_2007_bl.hpp deleted file mode 100644 index 14640bc5c5..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/edwards/inverted/madd_2007_bl.hpp +++ /dev/null @@ -1,71 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_MADD_2007_BL_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_MADD_2007_BL_HPP - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - /** @brief A struct representing element addition from the group G1 of Edwards curve - * for inversed coordinates representation. - * NOTE: does not handle O and pts of order 2,4 - * http://www.hyperelliptic.org/EFD/g1p/auto-edwards-inverted.html#addition-madd-2007-bl - */ - - struct edwards_element_g1_inverted_madd_2007_bl { - - template - constexpr static inline void process(ElementType &first, - const ElementType &second) { - - using field_value_type = typename ElementType::field_type::value_type; - - // Because for some reasons it's not so - assert(second.Z == field_value_type::one()); - - field_value_type A = first.Z; // A = Z1 - field_value_type B = ElementType::params_type::d * A.squared(); // B = d*A^2 - field_value_type C = (first.X) * (second.X); // C = X1*X2 - field_value_type D = (first.Y) * (second.Y); // D = Y1*Y2 - field_value_type E = C * D; // E = C*D - field_value_type H = C - D; // H = C-D - field_value_type I = - (first.X + first.Y) * (second.X + second.Y) - C - D; // I = (X1+Y1)*(X2+Y2)-C-D - first.X = ElementType::params_type::c * (E + B) * H; // X3 = c*(E+B)*H - first.Y = ElementType::params_type::c * (E - B) * I; // Y3 = c*(E-B)*I - first.Z = A * H * I; // Z3 = A*H*I - } - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_G1_ELEMENT_INVERTED_MADD_2007_BL_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/hessian/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/hessian/coordinates.hpp deleted file mode 100644 index 594659fa40..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/hessian/coordinates.hpp +++ /dev/null @@ -1,50 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2021 Mikhail Komarov -// Copyright (c) 2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ZK_ALGEBRA_CURVES_HESSIAN_COORDINATES_REPRESENTATIONS_HPP -#define CRYPTO3_ZK_ALGEBRA_CURVES_HESSIAN_COORDINATES_REPRESENTATIONS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace coordinates { - - /** @brief Hessian curve group element coordinates representation. - * Description: https://hyperelliptic.org/EFD/g1p/auto-hessian.html - */ - struct affine; - struct extended; - struct projective; - - } // namespace coordinates - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ZK_ALGEBRA_CURVES_HESSIAN_COORDINATES_REPRESENTATIONS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_intersections/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_intersections/coordinates.hpp deleted file mode 100644 index e3b834982f..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_intersections/coordinates.hpp +++ /dev/null @@ -1,50 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2021 Mikhail Komarov -// Copyright (c) 2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ZK_ALGEBRA_CURVES_JACOBI_INTERSECTIONS_COORDINATES_REPRESENTATIONS_HPP -#define CRYPTO3_ZK_ALGEBRA_CURVES_JACOBI_INTERSECTIONS_COORDINATES_REPRESENTATIONS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace coordinates { - - /** @brief Jacobi intersections curve group element coordinates representation. - * Description: https://hyperelliptic.org/EFD/g1p/auto-jintersect.html - */ - struct affine; - struct extended; - struct projective; - - } // namespace coordinates - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ZK_ALGEBRA_CURVES_JACOBI_INTERSECTIONS_COORDINATES_REPRESENTATIONS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_quartics/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_quartics/coordinates.hpp deleted file mode 100644 index 21d1b63e20..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/jacobi_quartics/coordinates.hpp +++ /dev/null @@ -1,54 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2021 Mikhail Komarov -// Copyright (c) 2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ZK_ALGEBRA_CURVES_JACOBI_QUATRICS_COORDINATES_REPRESENTATIONS_HPP -#define CRYPTO3_ZK_ALGEBRA_CURVES_JACOBI_QUATRICS_COORDINATES_REPRESENTATIONS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace coordinates { - - /** @brief Jacobi quatrics curve group element coordinates representation. - * Description: https://hyperelliptic.org/EFD/g1p/auto-jquartic.html - */ - struct affine { }; - struct double_oriented_xxyzz { }; - struct doubling_oriented_xxyzzr { }; - struct double_oriented_xyz { }; - struct xxyzz { }; - struct xxyzzr { }; - struct xyz { }; - - } // namespace coordinates - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ZK_ALGEBRA_CURVES_JACOBI_QUATRICS_COORDINATES_REPRESENTATIONS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/montgomery/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/montgomery/coordinates.hpp index b8142a3df7..72fb5a4486 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/montgomery/coordinates.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/montgomery/coordinates.hpp @@ -38,7 +38,6 @@ namespace nil { * Description: https://hyperelliptic.org/EFD/g1p/auto-montgom.html */ struct affine; - struct xz; } // namespace coordinates } // namespace curves diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/coordinates.hpp index 5fcf5e72c9..ff336feef7 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/coordinates.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/coordinates.hpp @@ -41,14 +41,8 @@ namespace nil { struct jacobian; struct jacobian_with_a4_0; struct jacobian_with_a4_minus_3; - struct modified_jacobian; struct projective; - struct projective_with_a4_minus_1; struct projective_with_a4_minus_3; - struct w12_with_a6_0; - struct xyzz; - struct xyzz_with_a4_minus_3; - struct xz; } // namespace coordinates } // namespace curves diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/add_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/add_2007_bl.hpp index e5e5a1bc30..b172a8a6c4 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/add_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/add_2007_bl.hpp @@ -34,7 +34,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for jacobian_ coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-add-2007-bl */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/dbl_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/dbl_2007_bl.hpp index d25a24f351..89820bbe90 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/dbl_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/dbl_2007_bl.hpp @@ -34,7 +34,6 @@ namespace nil { /** @brief A struct representing element doubling from the group G1 of short Weierstrass curve * for jacobian_ coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#doubling-dbl-2007-bl */ struct short_weierstrass_element_g1_jacobian_dbl_2007_bl { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/madd_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/madd_2007_bl.hpp index 79c570603d..5681a81c62 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/madd_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian/madd_2007_bl.hpp @@ -34,7 +34,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for jacobian coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-madd-2007-bl */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/add_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/add_2007_bl.hpp index 1ffc7c2e58..a80ffbe3a8 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/add_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/add_2007_bl.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for jacobian_with_a4_0 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/dbl_2009_l.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/dbl_2009_l.hpp index d308aa0f89..b4cd2d5a73 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/dbl_2009_l.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/dbl_2009_l.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element doubling from the group G1 of short Weierstrass curve * for jacobian_with_a4_0 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l */ struct short_weierstrass_element_g1_jacobian_with_a4_0_dbl_2009_l { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/madd_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/madd_2007_bl.hpp index 418681bdd4..2ca363d5d2 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/madd_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_0/madd_2007_bl.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for jacobian_with_a4_0 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-madd-2007-bl */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/add_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/add_2007_bl.hpp index 9198ae273b..d703564c09 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/add_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/add_2007_bl.hpp @@ -34,7 +34,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for jacobian_with_a4_minus_3 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/dbl_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/dbl_2007_bl.hpp index f703646b4e..5abc1dcf70 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/dbl_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/dbl_2007_bl.hpp @@ -34,7 +34,6 @@ namespace nil { /** @brief A struct representing element doubling from the group G1 of short Weierstrass curve * for jacobian_with_a4_minus_3 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian.html#addition-madd-2007-bl */ struct short_weierstrass_element_g1_jacobian_with_a4_minus_3_dbl_2007_bl { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/madd_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/madd_2007_bl.hpp index 4bd49bb0fb..64ea6294d2 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/madd_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/jacobian_with_a4_minus_3/madd_2007_bl.hpp @@ -34,7 +34,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for jacobian_with_a4_minus_3 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-madd-2007-bl */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/add_1998_cmo_2.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/add_1998_cmo_2.hpp index 2ccbf45044..d3fb1265f6 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/add_1998_cmo_2.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/add_1998_cmo_2.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for projective coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-projective.html#addition-add-1998-cmo-2 */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/dbl_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/dbl_2007_bl.hpp index ba437fe02f..3dfb7b09f5 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/dbl_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/dbl_2007_bl.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element doubling from the group G1 of short Weierstrass curve * for projective coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-projective.html#doubling-dbl-2007-bl */ struct short_weierstrass_element_g1_projective_dbl_2007_bl { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/element_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/element_g1.hpp index 0773a3207b..7ac86a6a6b 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/element_g1.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective/element_g1.hpp @@ -283,7 +283,6 @@ namespace nil { */ constexpr void mixed_add(const curve_element &other) { - // NOTE: does not handle O and pts of order 2,4 // http://www.hyperelliptic.org/EFD/g1p/auto-shortw-projective.html#addition-add-1998-cmo-2 if (this->is_zero()) { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/add_1998_cmo_2.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/add_1998_cmo_2.hpp index 8943f71d02..64c0207cc2 100755 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/add_1998_cmo_2.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/add_1998_cmo_2.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element addition from the group G1 of short Weierstrass curve * for projective_with_a4_minus_3 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-projective-3.html#addition-add-1998-cmo-2 */ diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/dbl_2007_bl.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/dbl_2007_bl.hpp index 1d1214260b..ea3ed5202f 100755 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/dbl_2007_bl.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/dbl_2007_bl.hpp @@ -35,7 +35,6 @@ namespace nil { /** @brief A struct representing element doubling from the group G1 of short Weierstrass curve * for projective_with_a4_minus_3 coordinates representation. - * NOTE: does not handle O and pts of order 2,4 * http://www.hyperelliptic.org/EFD/g1p/auto-shortw-projective-3.html#doubling-dbl-2007-bl */ struct short_weierstrass_element_g1_projective_with_a4_minus_3_dbl_2007_bl { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/element_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/element_g1.hpp index 8e19ae0cac..261d0cdcd1 100755 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/element_g1.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/short_weierstrass/projective_with_a4_minus_3/element_g1.hpp @@ -165,13 +165,13 @@ namespace nil { z y^2 = x^3 + a z^2 x + b z^3 z (y^2 - b z^2) = x ( x^2 + a z^2) - z (y^2 - b z^2) = x ( x^2 - z^2) + z (y^2 - b z^2) = x ( x^2 - 3 z^2) */ const field_value_type X2 = this->X.squared(); const field_value_type Y2 = this->Y.squared(); const field_value_type Z2 = this->Z.squared(); - return (this->Z * (Y2 - params_type::b * Z2) == this->X * (X2 - Z2)); + return (this->Z * (Y2 - params_type::b * Z2) == this->X * (X2 + params_type::a * Z2)); } } @@ -271,7 +271,6 @@ namespace nil { */ constexpr void mixed_add(const curve_element &other) { - // NOTE: does not handle O and pts of order 2,4 // http://www.hyperelliptic.org/EFD/g1p/auto-shortw-projective_with_a4_minus_3.html#addition-add-1998-cmo-2 if (this->is_zero()) { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/coordinates.hpp index f0f9065e2c..207f123e7c 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/coordinates.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/coordinates.hpp @@ -39,10 +39,7 @@ namespace nil { */ struct affine; - struct extended; struct extended_with_a_minus_1; - struct inverted; - struct projective; } // namespace coordinates } // namespace curves diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/element_g1_affine.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/element_g1_affine.hpp index b7c4245f6c..c95cf59fb9 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/element_g1_affine.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/element_g1_affine.hpp @@ -183,22 +183,6 @@ namespace nil { // = 1 // } - /** @brief - * - * @return return the corresponding element from affine coordinates to - * inverted coordinates - */ - constexpr curve_element - to_inverted() const { - - using result_type = - curve_element; - - return result_type( - X.inversed(), Y.inversed(), - result_type::field_type::value_type::one()); // X = x^(-1), Y = y^(-1), Z = 1 - } - /** @brief * * @return return the corresponding element from affine coordinates to diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp index eee9b13b07..6a22198e39 100644 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/extended_with_a_minus_1/element_g1.hpp @@ -94,11 +94,19 @@ namespace nil { field_value_type::one()) {} /** @brief - * @return the selected point (X:Y:Z) + * @return the selected point (X:Y:T:Z) * */ constexpr curve_element(const field_value_type& X, const field_value_type& Y, const field_value_type& T, const field_value_type& Z) - : X(X), Y(Y), T(T), Z(Z) + : X(X), Y(Y), T(T), Z(Z) + { } + + /** @brief + * constructor from affine coordinates + * + */ + constexpr curve_element(const field_value_type& X, const field_value_type& Y) + : X(X), Y(Y), T(X*Y), Z(field_value_type::one()) { } templateis_zero()) { diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/add_2008_bbjlp.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/add_2008_bbjlp.hpp deleted file mode 100644 index c5f4d90586..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/add_2008_bbjlp.hpp +++ /dev/null @@ -1,70 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_ADD_2008_BBJLP_HPP -#define CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_ADD_2008_BBJLP_HPP - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - /** @brief A struct representing element addition from the group G1 of twisted Edwards curve - * for inversed coordinates representation. - * NOTE: does not handle O and pts of order 2,4 - * http://www.hyperelliptic.org/EFD/g1p/auto-twisted-inverted.html#addition-add-2008-bbjlp - */ - - struct twisted_edwards_element_g1_inverted_add_2008_bbjlp { - - template - constexpr static inline void process(ElementType &first, - const ElementType &second) { - - using field_value_type = typename ElementType::field_type::value_type; - - field_value_type A = (first.Z) * (second.Z); // A = Z1*Z2 - field_value_type B = ElementType::params_type::d * A.squared(); // B = d*A^2 - field_value_type C = (first.X) * (second.X); // C = X1*X2 - field_value_type D = (first.Y) * (second.Y); // D = Y1*Y2 - field_value_type E = C * D; // E = C*D - field_value_type H = C - ElementType::params_type::a * D; // H = C-a*D - field_value_type I = - (first.X + first.Y) * (second.X + second.Y) - C - D; // I = (X1+Y1)*(X2+Y2)-C-D - - first.X = (E + B) * H; // X3 = (E+B)*H - first.Y = (E - B) * I; // Y3 = (E-B)*I - first.Z = A * H * I; // Z3 = A*H*I - - } - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_ADD_2008_BBJLP_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/dbl_2008_bbjlp.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/dbl_2008_bbjlp.hpp deleted file mode 100644 index 2985022835..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/dbl_2008_bbjlp.hpp +++ /dev/null @@ -1,69 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_DBL_2008_BBJLP_HPP -#define CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_DBL_2008_BBJLP_HPP - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - /** @brief A struct representing element doubling from the group G1 of twisted Edwards curve - * for inversed coordinates representation. - * NOTE: does not handle O and pts of order 2,4 - * http://www.hyperelliptic.org/EFD/g1p/auto-twisted-inverted.html#doubling-dbl-2008-bbjlp - */ - - struct twisted_edwards_element_g1_inverted_dbl_2008_bbjlp { - - template - constexpr static inline void process(ElementType &first) { - - using field_value_type = typename ElementType::field_type::value_type; - - if (!first.is_zero()) { - field_value_type A = (first.X).squared(); // A = X1^2 - field_value_type B = (first.Y).squared(); // B = Y1^2 - field_value_type U = ElementType::params_type::a * B; // U = a*B - field_value_type C = A + U; // C = A+U - field_value_type D = A - U; // D = A-U - field_value_type E = (first.X + first.Y).squared() - A - B; // E = (X1+Y1)^2-A-B - field_value_type d2 = - ElementType::params_type::d + ElementType::params_type::d; // d2=2*d - first.X = C * D; // X3 = C*D - first.Y = E * (C - d2 * first.Z.squared()); // Y3 = E*(C-d2*Z1^2) - first.Z = D * E; // Z3 = D*E - } - } - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_DBL_2008_BBJLP_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/element_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/element_g1.hpp deleted file mode 100644 index 4ad9fd1ac5..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/element_g1.hpp +++ /dev/null @@ -1,314 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2021 Mikhail Komarov -// Copyright (c) 2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_HPP -#define CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_HPP - -#include -#include - -#include -#include -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - /** @brief A struct representing a group G1 of elliptic curve. - * @tparam CurveParams Parameters of the group - * @tparam Form Form of the curve - * @tparam Coordinates Representation coordinates of the group element - */ - template - class curve_element; - - /** @brief A struct representing an element from the group G1 of twisted Edwards curve of - * inverted coordinates representation. - * Description: http://www.hyperelliptic.org/EFD/g1p/auto-edwards-inverted.html - * - */ - template - class curve_element { - public: - - using params_type = CurveParams; - using field_type = typename params_type::field_type; - - private: - using field_value_type = typename field_type::value_type; - - using common_addition_processor = twisted_edwards_element_g1_inverted_add_2008_bbjlp; - using common_doubling_processor = twisted_edwards_element_g1_inverted_dbl_2008_bbjlp; - using mixed_addition_processor = twisted_edwards_element_g1_inverted_madd_2008_bbjlp; - - public: - using form = forms::twisted_edwards; - using coordinates = coordinates::inverted; - - using group_type = typename params_type::template group_type; - - field_value_type X; - field_value_type Y; - field_value_type Z; - - /************************* Constructors and zero/one ***********************************/ - - /** @brief - * @return the point at infinity by default - * - */ - constexpr curve_element() : - curve_element(params_type::zero_fill[1], - params_type::zero_fill[0], - field_value_type::zero()) {} - - /** @brief - * @return the selected point (X:Y:Z) - * - */ - constexpr curve_element(const field_value_type& X, const field_value_type& Y, const field_value_type& Z) - : X(X), Y(Y), Z(Z) - { } - - /** @brief constructor from affine coordinates - * - */ - constexpr curve_element(const field_value_type& X, const field_value_type& Y) - : X(X.inversed()), Y(Y.inversed()), Z(field_value_type::one()) - { } - - - template - explicit constexpr curve_element( - const boost::multiprecision::number &value) { - *this = one() * value; - } - - /** @brief Get the point at infinity - * - */ - constexpr static curve_element zero() { - return curve_element(); - } - - /** @brief Get the generator of group G1 - * - */ - constexpr static curve_element one() { - return curve_element(params_type::one_fill[0].inversed(), - params_type::one_fill[1].inversed(), - field_value_type::one()); - } - - /************************* Comparison operations ***********************************/ - - constexpr bool operator==(const curve_element &other) const { - if (this->is_zero()) { - return other.is_zero(); - } - - if (other.is_zero()) { - return false; - } - - /* now neither is O */ - - // X1/Z1 = X2/Z2 <=> X1*Z2 = X2*Z1 - if ((this->X * other.Z) != (other.X * this->Z)) { - return false; - } - - // Y1/Z1 = Y2/Z2 <=> Y1*Z2 = Y2*Z1 - if ((this->Y * other.Z) != (other.Y * this->Z)) { - return false; - } - - return true; - } - - constexpr bool operator!=(const curve_element &other) const { - return !(operator==(other)); - } - /** @brief - * - * @return true if element from group G1 is the point at infinity - */ - constexpr bool is_zero() const { - return (this->Y.is_zero() && this->Z.is_zero()); - } - - - /** @brief - * - * @return true if element from group G2 lies on the elliptic curve - * a*x^2 + y^2 = 1 + d*x^2*y^2 - * x = Z/X, y = Z/Y - * a * Z^2/X^2 + Z^2/Y^2 == 1 + d * Z^4 / X^2 / Y^2 - * a * Z^2 * Y^2 + Z^2 * X^2 == X^2 * Y^2 + d * Z^4 - */ - constexpr bool is_well_formed() const { - if (this->is_zero()) { - return true; - } else { - - const auto X2 = this->X.squared(); - const auto Y2 = this->Y.squared(); - const auto Z2 = this->Z.squared(); - - return (params_type::a * Z2*Y2 + Z2*X2 == X2*Y2 + params_type::d * Z2*Z2); - } - } - - /************************* Reducing operations ***********************************/ - - /** @brief - * - * @return return the corresponding element from inverted coordinates to - * affine coordinates - */ - constexpr curve_element - to_affine() const { - - using result_type = curve_element; - - if (is_zero()) { - return result_type::zero(); - } - - // x=Z/X, y=Z/Y - return result_type(Z * X.inversed(), Z * Y.inversed()); - } - - /************************* Arithmetic operations ***********************************/ - - constexpr curve_element operator=(const curve_element &other) { - // handle special cases having to do with O - this->X = other.X; - this->Y = other.Y; - this->Z = other.Z; - - return *this; - } - - template - constexpr const curve_element& operator=( - const boost::multiprecision::number &value) { - *this = one() * value; - return *this; - } - - constexpr curve_element operator+(const curve_element &other) const { - if (this->is_zero()) { - return other; - } - - if (other.is_zero()) { - return (*this); - } - - curve_element result = *this; - - if (*this == other) { - result.double_inplace(); - return result; - } - - common_addition_processor::process(result, other); - return result; - } - - constexpr curve_element& operator+=(const curve_element &other) { - // handle special cases having to do with O - if (this->is_zero()) { - *this = other; - } else if (other.is_zero()) { - // Do nothing. - } else if (*this == other) { - common_doubling_processor::process(*this); - } else { - common_addition_processor::process(*this, other); - } - return *this; - } - - constexpr curve_element operator-() const { - return curve_element(-(this->X), this->Y, this->Z); - } - - constexpr curve_element operator-(const curve_element &other) const { - return (*this) + (-other); - } - - constexpr curve_element& operator-=(const curve_element &other) { - return (*this) += (-other); - } - - /** @brief - * - * @return doubled element from group G1 - */ - constexpr void double_inplace() { - common_doubling_processor::process(*this); - } - - /** @brief - * - * “Mixed addition” refers to the case Z2 known to be 1. - * @return addition of two elements from group G1 - */ - void mixed_add(const curve_element &other) { - - // handle special cases having to do with O - if (this->is_zero()) { - *this = other; - return; - } - - if (other.is_zero()) { - return; - } - - mixed_addition_processor::process(*this, other); - } - }; - - template - std::ostream& operator<<(std::ostream& os, curve_element const& e) - { - os << "{\"X\":" << e.X << ",\"Y\":" << e.Y << ",\"Z\":" << e.Z << "}"; - return os; - } - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/madd_2008_bbjlp.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/madd_2008_bbjlp.hpp deleted file mode 100644 index 44cad3c9f1..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_edwards/inverted/madd_2008_bbjlp.hpp +++ /dev/null @@ -1,71 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_MADD_2008_BBJLP_HPP -#define CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_MADD_2008_BBJLP_HPP - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace detail { - - /** @brief A struct representing element addition from the group G1 of twisted Edwards curve - * for inversed coordinates representation. - * NOTE: does not handle O and pts of order 2,4 - * http://www.hyperelliptic.org/EFD/g1p/auto-twisted-inverted.html#addition-madd-2008-bbjlp - */ - - struct twisted_edwards_element_g1_inverted_madd_2008_bbjlp { - - template - constexpr static inline void process(ElementType &first, - const ElementType &second) { - - using field_value_type = typename ElementType::field_type::value_type; - - assert(second.Z == field_value_type::one()); - - field_value_type B = ElementType::params_type::d * (first.Z).squared(); // B = d*Z1^2 - field_value_type C = (first.X) * (second.X); // C = X1*X2 - field_value_type D = (first.Y) * (second.Y); // D = Y1*Y2 - field_value_type E = C * D; // E = C*D - field_value_type H = C - ElementType::params_type::a * D; // H = C-a*D - field_value_type I = - (first.X + first.Y) * (second.X + second.Y) - C - D; // I = (X1+Y1)*(X2+Y2)-C-D - - first.X = (E + B) * H; // X3 = (E+B)*H - first.Y = (E - B) * I; // Y3 = (E-B)*I - first.Z = first.Z * H * I; // Z3 = Z1*H*I - - } - }; - - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_CURVES_TWISTED_EDWARDS_G1_ELEMENT_INVERTED_MADD_2008_BBJLP_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_hessian/coordinates.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_hessian/coordinates.hpp deleted file mode 100644 index e7f3c75b1d..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/forms/twisted_hessian/coordinates.hpp +++ /dev/null @@ -1,49 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2021 Mikhail Komarov -// Copyright (c) 2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ZK_ALGEBRA_CURVES_TWISTED_HESSIAN_COORDINATES_REPRESENTATIONS_HPP -#define CRYPTO3_ZK_ALGEBRA_CURVES_TWISTED_HESSIAN_COORDINATES_REPRESENTATIONS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - namespace coordinates { - - /** @brief Twisted Hessian curve group element coordinates representation. - * Description: https://hyperelliptic.org/EFD/g1p/auto-twistedhessian.html - */ - struct affine; - struct projective; - - } // namespace coordinates - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ZK_ALGEBRA_CURVES_TWISTED_HESSIAN_COORDINATES_REPRESENTATIONS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/detail/params/pairing/edwards.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/detail/params/pairing/edwards.hpp deleted file mode 100644 index a4a0ff3cd8..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/detail/params/pairing/edwards.hpp +++ /dev/null @@ -1,78 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_PAIRING_PARAMS_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_PAIRING_PARAMS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - - template - struct edwards; - - namespace detail { - - template - struct pairing_params; - - /************************* EDWARDS-183 ***********************************/ - - template<> - struct pairing_params> { - - using policy_type = edwards_basic_policy<183>; - - using g1_field_type_value = typename policy_type::g1_field_type::value_type; - using g2_field_type_value = typename policy_type::g2_field_type::value_type; - - constexpr static const g2_field_type_value twist = g2_field_type_value( - {g2_field_type_value::underlying_type::zero(), g2_field_type_value::underlying_type::one(), - g2_field_type_value::underlying_type::zero()}); - - constexpr static const g2_field_type_value twist_coeff_a = a * twist; - constexpr static const g2_field_type_value twist_coeff_d = d * twist; - - constexpr static const g1_field_type_value twist_mul_by_a_c0; - constexpr static const g1_field_type_value twist_mul_by_a_c1 = a; - constexpr static const g1_field_type_value twist_mul_by_a_c2 = a; - constexpr static const g1_field_type_value twist_mul_by_d_c0; - constexpr static const g1_field_type_value twist_mul_by_d_c1 = d; - constexpr static const g1_field_type_value twist_mul_by_d_c2 = d; - constexpr static const g1_field_type_value twist_mul_by_q_Y = - g1_field_type_value(0xB35E3665A18365954D018902935D4419423F84321BC3E_cppui_modular180); - constexpr static const g1_field_type_value twist_mul_by_q_Z = - g1_field_type_value(0xB35E3665A18365954D018902935D4419423F84321BC3E_cppui_modular180); - }; - } // namespace detail - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_PAIRING_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/edwards.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/edwards.hpp deleted file mode 100644 index 78e6ff2e33..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/edwards.hpp +++ /dev/null @@ -1,81 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// Copyright (c) 2020-2021 Ilias Khairullin -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_HPP - -#include -#include -#include -#include - -// #include -#include - -// #include -// #include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - - /** @brief A struct representing a Edwards curve, providing 128 bits of security. - * @tparam Version version of the curve - * - */ - template - class edwards { - - typedef detail::edwards_types policy_type; - - public: - typedef typename policy_type::base_field_type base_field_type; - typedef typename policy_type::scalar_field_type scalar_field_type; - - template - using g1_type = typename detail::edwards_g1; - - template - using g2_type = typename detail::edwards_g2; - - // typedef typename pairing::pairing_policy, - // pairing::detail::edwards_pairing_functions> - // pairing; - - typedef typename policy_type::gt_field_type gt_type; - - constexpr static const bool has_affine_pairing = false; - }; - - typedef edwards<183> edwards_183; - - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/pallas.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/pallas.hpp old mode 100755 new mode 100644 diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/params/multiexp/edwards.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/params/multiexp/edwards.hpp deleted file mode 100644 index 9974acdc47..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/params/multiexp/edwards.hpp +++ /dev/null @@ -1,155 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_MULTIEXP_PARAMS_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_MULTIEXP_PARAMS_HPP - -#include - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - - template - struct multiexp_params; - - /************************* EDWARDS-183 ***********************************/ - - template<> - struct multiexp_params::g1_type<>> { - - constexpr static const std::array fixed_base_exp_window_table = { - // window 1 is unbeaten in [-inf, 4.10] - 1, - // window 2 is unbeaten in [4.10, 9.69] - 4, - // window 3 is unbeaten in [9.69, 25.21] - 10, - // window 4 is unbeaten in [25.21, 60.00] - 25, - // window 5 is unbeaten in [60.00, 149.33] - 60, - // window 6 is unbeaten in [149.33, 369.61] - 149, - // window 7 is unbeaten in [369.61, 849.07] - 370, - // window 8 is unbeaten in [849.07, 1764.94] - 849, - // window 9 is unbeaten in [1764.94, 4429.59] - 1765, - // window 10 is unbeaten in [4429.59, 13388.78] - 4430, - // window 11 is unbeaten in [13388.78, 15368.00] - 13389, - // window 12 is unbeaten in [15368.00, 74912.07] - 15368, - // window 13 is unbeaten in [74912.07, 438107.20] - 74912, - // window 14 is never the best - 0, - // window 15 is unbeaten in [438107.20, 1045626.18] - 438107, - // window 16 is never the best - 0, - // window 17 is unbeaten in [1045626.18, 1577434.48] - 1045626, - // window 18 is unbeaten in [1577434.48, 17350594.23] - 1577434, - // window 19 is never the best - 0, - // window 20 is never the best - 0, - // window 21 is unbeaten in [17350594.23, inf] - 17350594, - // window 22 is never the best - 0}; - }; - - template<> - struct multiexp_params::g2_type<>> { - - constexpr static const std::array fixed_base_exp_window_table = { - // window 1 is unbeaten in [-inf, 4.74] - 1, - // window 2 is unbeaten in [4.74, 10.67] - 5, - // window 3 is unbeaten in [10.67, 25.53] - 11, - // window 4 is unbeaten in [25.53, 60.67] - 26, - // window 5 is unbeaten in [60.67, 145.77] - 61, - // window 6 is unbeaten in [145.77, 356.76] - 146, - // window 7 is unbeaten in [356.76, 823.08] - 357, - // window 8 is unbeaten in [823.08, 1589.45] - 823, - // window 9 is unbeaten in [1589.45, 4135.70] - 1589, - // window 10 is unbeaten in [4135.70, 14297.74] - 4136, - // window 11 is unbeaten in [14297.74, 16744.85] - 14298, - // window 12 is unbeaten in [16744.85, 51768.98] - 16745, - // window 13 is unbeaten in [51768.98, 99811.01] - 51769, - // window 14 is unbeaten in [99811.01, 193306.72] - 99811, - // window 15 is unbeaten in [193306.72, 907184.68] - 193307, - // window 16 is never the best - 0, - // window 17 is unbeaten in [907184.68, 1389682.59] - 907185, - // window 18 is unbeaten in [1389682.59, 6752695.74] - 1389683, - // window 19 is never the best - 0, - // window 20 is unbeaten in [6752695.74, 193642894.51] - 6752696, - // window 21 is unbeaten in [193642894.51, 226760202.29] - 193642895, - // window 22 is unbeaten in [226760202.29, inf] - 226760202}; - }; - - /************************* EDWARDS-183 definitions ***********************************/ - - constexpr std::array const - multiexp_params::g1_type<>>::fixed_base_exp_window_table; - constexpr std::array const - multiexp_params::g2_type<>>::fixed_base_exp_window_table; - - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_MULTIEXP_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/params/wnaf/edwards.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/params/wnaf/edwards.hpp deleted file mode 100644 index d17de422ba..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/curves/params/wnaf/edwards.hpp +++ /dev/null @@ -1,67 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_CURVES_EDWARDS_WNAF_PARAMS_HPP -#define CRYPTO3_ALGEBRA_CURVES_EDWARDS_WNAF_PARAMS_HPP - -#include - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace curves { - - template - struct wnaf_params; - - /************************* EDWARDS-183 ***********************************/ - - template<> - struct wnaf_params::g1_type<>> { - - constexpr static const std::array wnaf_window_table = {9, 14, 24, 117}; - }; - - template<> - struct wnaf_params::g2_type<>> { - - constexpr static const std::array wnaf_window_table = {6, 12, 42, 97}; - }; - - /************************* EDWARDS-183 definitions ***********************************/ - - constexpr std::array const - wnaf_params::g1_type<>>::wnaf_window_table; - constexpr std::array const - wnaf_params::g2_type<>>::wnaf_window_table; - - } // namespace curves - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_CURVES_EDWARDS_WNAF_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/curves/vesta.hpp b/libs/algebra/include/nil/crypto3/algebra/curves/vesta.hpp old mode 100755 new mode 100644 diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/arithmetic_params/edwards.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/arithmetic_params/edwards.hpp deleted file mode 100644 index 9144052d2b..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/fields/arithmetic_params/edwards.hpp +++ /dev/null @@ -1,213 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_FIELDS_EDWARDS_ARITHMETIC_PARAMS_HPP -#define CRYPTO3_ALGEBRA_FIELDS_EDWARDS_ARITHMETIC_PARAMS_HPP - -#include - -#include -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace fields { - - template - struct arithmetic_params> : public params> { - private: - typedef params> policy_type; - - public: - typedef typename policy_type::modular_type modular_type; - typedef typename policy_type::modular_backend modular_backend; - typedef typename policy_type::integral_type integral_type; - - constexpr static const std::size_t s = 0x1F; - constexpr static const integral_type t = 0x81ABF93A5472B62717249DAC685A836DD6D217_cppui_modular152; - constexpr static const integral_type t_minus_1_over_2 = - 0x40D5FC9D2A395B138B924ED6342D41B6EB690B_cppui_modular151; - constexpr static const integral_type arithmetic_generator = 0x01; - constexpr static const integral_type geometric_generator = 0x02; - constexpr static const integral_type multiplicative_generator = 0x3D; - constexpr static const integral_type root_of_unity = - 0x30FEC8F966ACFB3EC66B728E26AE7A5C00AAE9A96D8FE8_cppui_modular182; - constexpr static const integral_type nqr = 0x17; - constexpr static const integral_type nqr_to_t = - 0x1B6CA5BFFDB95045F86768636493E1C6488D1BD4605D82_cppui_modular181; - constexpr static const integral_type Rsquared = - 0x3E0DBC8EEC1F76E0BF35FF926AC105F6D1824A80E54068_cppui_modular182; - constexpr static const integral_type Rcubed = - 0xB4AC1B77CA0D59F20E4D04D7048823FE112E6248253AD_cppui_modular180; - - constexpr static const integral_type modulus = policy_type::modulus; - constexpr static const integral_type group_order = - 0x206AFE4E951CAD89C5C9276B1A16A0DB75B485C0000000_cppui_modular182; - }; - - template - struct arithmetic_params>> - : public params> { - private: - typedef params> policy_type; - - public: - typedef typename policy_type::modular_type modular_type; - typedef typename policy_type::modular_backend modular_backend; - typedef typename policy_type::integral_type integral_type; - typedef typename policy_type::extended_integral_type extended_integral_type; - - constexpr static const std::size_t s = 0x1F; - constexpr static const extended_integral_type t = - 0x8514C337908664095AA1E4077718C1F93B49FEBD3E1DE5A3BF284A7BC8C90EE457BC1D3D59409F6A8049FB3D3B1E20915D50941493A9E2B4B0685ACA3C9847645_cppui_modular516; - constexpr static const extended_integral_type t_minus_1_over_2 = - 0x428A619BC8433204AD50F203BB8C60FC9DA4FF5E9F0EF2D1DF94253DE46487722BDE0E9EACA04FB54024FD9E9D8F1048AEA84A0A49D4F15A58342D651E4C23B22_cppui_modular515; - constexpr static const std::array nqr = {0x17, 0x00, 0x00}; - constexpr static const std::array nqr_to_t = { - 0x118228ECB464A2F6EB8DACC18FA757E45B3989330150C_cppui_modular177, 0x00, 0x00}; - - constexpr static const integral_type modulus = policy_type::modulus; - constexpr static const extended_integral_type group_order = - 0x214530CDE421990256A87901DDC6307E4ED27FAF4F877968EFCA129EF23243B915EF074F565027DAA0127ECF4EC788245754250524EA78AD2C1A16B28F2611D9140000000_cppui_modular546; - }; - - template - struct arithmetic_params> : public params> { - private: - typedef params> policy_type; - - public: - typedef typename policy_type::modular_type modular_type; - typedef typename policy_type::modular_backend modular_backend; - typedef typename policy_type::integral_type integral_type; - - constexpr static const std::size_t s = 0x1F; - constexpr static const integral_type t = 0x206AFE4E951CAD89C5C927725C25983BCAA64F_cppui_modular150; - constexpr static const integral_type t_minus_1_over_2 = - 0x10357F274A8E56C4E2E493B92E12CC1DE55327_cppui_modular149; - constexpr static const integral_type arithmetic_generator = 0x01; - constexpr static const integral_type geometric_generator = 0x02; - constexpr static const integral_type multiplicative_generator = 0x13; - constexpr static const integral_type root_of_unity = - 0x74269BCA66AFEC88761200401AECDBB2F967D2689CEE0_cppui_modular179; - constexpr static const integral_type nqr = 0x0B; - constexpr static const integral_type nqr_to_t = - 0xDD9F9CD9D463B4BE2359BF98F83964B0CA0C9B9EB2CA9_cppui_modular180; - constexpr static const integral_type Rsquared = - 0x67DC2BC868E4573FB10E45FEF0D1D70518837BA19AB13_cppui_modular179; - constexpr static const integral_type Rcubed = - 0x96567C1A3452F0CC48A73504E02D6B598A5139B464B62_cppui_modular180; - - constexpr static const integral_type modulus = policy_type::modulus; - constexpr static const integral_type group_order = - 0x81ABF93A5472B62717249DC9709660EF2A993C0000000_cppui_modular181; - }; - - constexpr std::size_t const arithmetic_params>::s; - constexpr std::size_t const arithmetic_params>>::s; - constexpr std::size_t const arithmetic_params>::s; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::t; - constexpr typename arithmetic_params>>::extended_integral_type const - arithmetic_params>>::t; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::t; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::t_minus_1_over_2; - constexpr typename arithmetic_params>>::extended_integral_type const - arithmetic_params>>::t_minus_1_over_2; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::t_minus_1_over_2; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::arithmetic_generator; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::arithmetic_generator; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::geometric_generator; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::geometric_generator; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::multiplicative_generator; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::multiplicative_generator; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::root_of_unity; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::root_of_unity; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::nqr; - constexpr std::array>>::integral_type, 3> const - arithmetic_params>>::nqr; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::nqr; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::nqr_to_t; - constexpr std::array>>::integral_type, 3> const - arithmetic_params>>::nqr_to_t; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::nqr_to_t; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::Rsquared; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::Rsquared; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::Rcubed; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::Rcubed; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::modulus; - constexpr typename arithmetic_params>>::integral_type const - arithmetic_params>>::modulus; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::modulus; - - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::group_order; - constexpr typename arithmetic_params>>::extended_integral_type const - arithmetic_params>>::group_order; - constexpr typename arithmetic_params>::integral_type const - arithmetic_params>::group_order; - - } // namespace fields - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_FIELDS_EDWARDS_ARITHMETIC_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp3.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp3.hpp deleted file mode 100644 index b36d26703b..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp3.hpp +++ /dev/null @@ -1,145 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_FIELDS_EDWARDS_FP3_EXTENSION_PARAMS_HPP -#define CRYPTO3_ALGEBRA_FIELDS_EDWARDS_FP3_EXTENSION_PARAMS_HPP - -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace fields { - - template - class fp3; - namespace detail { - - template - class fp3_extension_params; - - /************************* EDWARDS ***********************************/ - - template - class fp3_extension_params> - : public params> { - - typedef fields::edwards_base_field base_field_type; - typedef params policy_type; - - public: - typedef typename policy_type::integral_type integral_type; - typedef typename policy_type::extended_integral_type extended_integral_type; - - constexpr static const integral_type modulus = policy_type::modulus; - - typedef base_field_type non_residue_field_type; - typedef typename non_residue_field_type::value_type non_residue_type; - typedef base_field_type underlying_field_type; - typedef typename underlying_field_type::value_type underlying_type; - - constexpr static const std::size_t s = 0x1F; - constexpr static const extended_integral_type t = - 0x8514C337908664095AA1E4077718C1F93B49FEBD3E1DE5A3BF284A7BC8C90EE457BC1D3D59409F6A8049FB3D3B1E20915D50941493A9E2B4B0685ACA3C9847645_cppui_modular516; - constexpr static const extended_integral_type t_minus_1_over_2 = - 0x428A619BC8433204AD50F203BB8C60FC9DA4FF5E9F0EF2D1DF94253DE46487722BDE0E9EACA04FB54024FD9E9D8F1048AEA84A0A49D4F15A58342D651E4C23B22_cppui_modular515; - constexpr static const std::array nqr = {0x17, 0x00, 0x00}; - constexpr static const std::array nqr_to_t = { - 0x118228ECB464A2F6EB8DACC18FA757E45B3989330150C_cppui_modular177, 0x00, 0x00}; - - constexpr static const extended_integral_type group_order = - 0x214530CDE421990256A87901DDC6307E4ED27FAF4F877968EFCA129EF23243B915EF074F565027DAA0127ECF4EC788245754250524EA78AD2C1A16B28F2611D9140000000_cppui_modular546; - - /*constexpr static const std::array Frobenius_coeffs_c1 = - {non_residue_type(0x01), - non_residue_type(0xB35E3665A18365954D018902935D4419423F84321BC3D_cppui_modular180), - non_residue_type(0x35A01936D02124BA36C236460AF76D755745133CDE43C3_cppui_modular182)}; - - constexpr static const std::array Frobenius_coeffs_c2 = - {non_residue_type(0x01), - non_residue_type(0x35A01936D02124BA36C236460AF76D755745133CDE43C3_cppui_modular182), - non_residue_type(0xB35E3665A18365954D018902935D4419423F84321BC3D_cppui_modular180)};*/ - - constexpr static const std::array Frobenius_coeffs_c1 = { - 0x01, 0xB35E3665A18365954D018902935D4419423F84321BC3D_cppui_modular180, - 0x35A01936D02124BA36C236460AF76D755745133CDE43C3_cppui_modular182}; - - constexpr static const std::array Frobenius_coeffs_c2 = { - 0x01, 0x35A01936D02124BA36C236460AF76D755745133CDE43C3_cppui_modular182, - 0xB35E3665A18365954D018902935D4419423F84321BC3D_cppui_modular180}; - - constexpr static const non_residue_type non_residue = non_residue_type(0x3Du); - }; - - template - constexpr typename fp3_extension_params>::non_residue_type const - fp3_extension_params>::non_residue; - - template - constexpr typename std::size_t const fp3_extension_params>::s; - - template - constexpr typename fp3_extension_params>::extended_integral_type const - fp3_extension_params>::t; - - template - constexpr typename fp3_extension_params>::extended_integral_type const - fp3_extension_params>::t_minus_1_over_2; - - template - constexpr std::array>::integral_type, - 3> const fp3_extension_params>::nqr; - - template - constexpr std::array>::integral_type, - 3> const fp3_extension_params>::nqr_to_t; - - template - constexpr typename fp3_extension_params>::extended_integral_type const - fp3_extension_params>::group_order; - - template - constexpr typename fp3_extension_params>::integral_type const - fp3_extension_params>::modulus; - - template - constexpr std::array>::integral_type, - 3> const - fp3_extension_params>::Frobenius_coeffs_c1; - template - constexpr std::array>::integral_type, - 3> const - fp3_extension_params>::Frobenius_coeffs_c2; - - } // namespace detail - } // namespace fields - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_FIELDS_EDWARDS_FP3_EXTENSION_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp6_2over3.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp6_2over3.hpp deleted file mode 100644 index fa964fd6af..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/fields/detail/extension_params/edwards/fp6_2over3.hpp +++ /dev/null @@ -1,101 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_FIELDS_EDWARDS_FP6_2OVER3_EXTENSION_PARAMS_HPP -#define CRYPTO3_ALGEBRA_FIELDS_EDWARDS_FP6_2OVER3_EXTENSION_PARAMS_HPP - -#include -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace fields { - namespace detail { - - template - class fp6_2over3_extension_params; - - /************************* EDWARDS ***********************************/ - - template - class fp6_2over3_extension_params> - : public params> { - - typedef fields::edwards_base_field base_field_type; - typedef params policy_type; - - public: - typedef typename policy_type::integral_type integral_type; - - constexpr static const integral_type modulus = policy_type::modulus; - - typedef base_field_type non_residue_field_type; - typedef typename non_residue_field_type::value_type non_residue_type; - typedef fields::fp3 underlying_field_type; - typedef typename underlying_field_type::value_type underlying_type; - // typedef element_fp3> underlying_type; - - /*constexpr static const std::array Frobenius_coeffs_c1 = - {non_residue_type(0x01), - non_residue_type(0xB35E3665A18365954D018902935D4419423F84321BC3E_cppui_modular180), - non_residue_type(0xB35E3665A18365954D018902935D4419423F84321BC3D_cppui_modular180), - non_residue_type(0x40D5FC9D2A395B138B924ED6342D41B6EB690B80000000_cppui_modular183), - non_residue_type(0x35A01936D02124BA36C236460AF76D755745133CDE43C3_cppui_modular182), - non_residue_type(0x35A01936D02124BA36C236460AF76D755745133CDE43C4_cppui_modular182)};*/ - - constexpr static const std::array Frobenius_coeffs_c1 = { - 0x01, - 0xB35E3665A18365954D018902935D4419423F84321BC3E_cppui_modular180, - 0xB35E3665A18365954D018902935D4419423F84321BC3D_cppui_modular180, - 0x40D5FC9D2A395B138B924ED6342D41B6EB690B80000000_cppui_modular183, - 0x35A01936D02124BA36C236460AF76D755745133CDE43C3_cppui_modular182, - 0x35A01936D02124BA36C236460AF76D755745133CDE43C4_cppui_modular182}; - - constexpr static const non_residue_type non_residue = non_residue_type(0x3D); - }; - - template - constexpr typename fp6_2over3_extension_params>::non_residue_type const - fp6_2over3_extension_params>::non_residue; - - template - constexpr typename fp6_2over3_extension_params>::integral_type const - fp6_2over3_extension_params>::modulus; - - template - constexpr std::array< - typename fp6_2over3_extension_params>::integral_type, 6> const - fp6_2over3_extension_params>::Frobenius_coeffs_c1; - } // namespace detail - } // namespace fields - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_FIELDS_EDWARDS_FP6_2OVER3_EXTENSION_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/edwards/base_field.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/edwards/base_field.hpp deleted file mode 100644 index 721d75e1fd..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/fields/edwards/base_field.hpp +++ /dev/null @@ -1,98 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_FIELDS_EDWARDS_BASE_FIELD_HPP -#define CRYPTO3_ALGEBRA_FIELDS_EDWARDS_BASE_FIELD_HPP - -#include - -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace fields { - - /*! - * @brief IETF IPsec groups - * @tparam Version - */ - template - struct edwards_base_field; - - template<> - struct edwards_base_field<183> : public field<183> { - typedef field<183> policy_type; - - constexpr static const std::size_t modulus_bits = policy_type::modulus_bits; - typedef typename policy_type::integral_type integral_type; - - typedef typename policy_type::extended_integral_type extended_integral_type; - - constexpr static const std::size_t number_bits = policy_type::number_bits; - - constexpr static const integral_type modulus = - 0x40D5FC9D2A395B138B924ED6342D41B6EB690B80000001_cppui_modular183; - constexpr static const integral_type group_order_minus_one_half = - 0x206AFE4E951CAD89C5C9276B1A16A0DB75B485C0000000_cppui_modular183; - - typedef typename policy_type::modular_backend modular_backend; - constexpr static const modular_params_type modulus_params = modulus.backend(); - typedef boost::multiprecision::number< - boost::multiprecision::backends::modular_adaptor>> - modular_type; - - typedef typename detail::element_fp>> value_type; - - constexpr static const std::size_t value_bits = modulus_bits; - constexpr static const std::size_t arity = 1; - }; - - constexpr typename std::size_t const edwards_base_field<183>::modulus_bits; - - constexpr typename std::size_t const edwards_base_field<183>::number_bits; - - constexpr typename std::size_t const edwards_base_field<183>::value_bits; - - constexpr typename edwards_base_field<183>::integral_type const edwards_base_field<183>::modulus; - constexpr typename edwards_base_field<183>::integral_type const edwards_base_field<183>::group_order_minus_one_half; - - constexpr typename edwards_base_field<183>::modular_params_type const edwards_base_field<183>::modulus_params; - - template - using edwards_fq = edwards_base_field; - - template - using edwards = edwards_base_field; - - } // namespace fields - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_FIELDS_EDWARDS_BASE_FIELD_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/edwards/scalar_field.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/edwards/scalar_field.hpp deleted file mode 100644 index 38f1350e34..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/fields/edwards/scalar_field.hpp +++ /dev/null @@ -1,93 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_FIELDS_EDWARDS_SCALAR_FIELD_HPP -#define CRYPTO3_ALGEBRA_FIELDS_EDWARDS_SCALAR_FIELD_HPP - -#include - -#include -#include - - - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace fields { - - /*! - * @brief IETF IPsec groups - * @tparam Version - */ - template - struct edwards_scalar_field; - - template<> - struct edwards_scalar_field<183> : public field<181> { - typedef field<181> policy_type; - - constexpr static const std::size_t modulus_bits = policy_type::modulus_bits; - typedef typename policy_type::integral_type integral_type; - - typedef typename policy_type::extended_integral_type extended_integral_type; - - constexpr static const std::size_t number_bits = policy_type::number_bits; - - constexpr static const integral_type modulus = - 0x10357F274A8E56C4E2E493B92E12CC1DE5532780000001_cppui_modular181; - - typedef typename policy_type::modular_backend modular_backend; - constexpr static const modular_params_type modulus_params = modulus.backend(); - typedef boost::multiprecision::number< - boost::multiprecision::backends::modular_adaptor< - modular_backend, - boost::multiprecision::backends::modular_params_ct>> - modular_type; - - typedef typename detail::element_fp>> value_type; - - constexpr static const std::size_t value_bits = modulus_bits; - constexpr static const std::size_t arity = 1; - }; - - constexpr typename std::size_t const edwards_scalar_field<183>::modulus_bits; - - constexpr typename std::size_t const edwards_scalar_field<183>::number_bits; - - constexpr typename std::size_t const edwards_scalar_field<183>::value_bits; - - constexpr typename edwards_scalar_field<183>::integral_type const edwards_scalar_field<183>::modulus; - - constexpr typename edwards_scalar_field<183>::modular_params_type const edwards_scalar_field<183>::modulus_params; - - template - using edwards_fr = edwards_scalar_field; - } // namespace fields - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_FIELDS_EDWARDS_SCALAR_FIELD_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/fp3.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/fp3.hpp index 971108c2d9..76e7ca91d1 100644 --- a/libs/algebra/include/nil/crypto3/algebra/fields/fp3.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/fields/fp3.hpp @@ -27,13 +27,7 @@ #define CRYPTO3_ALGEBRA_FIELDS_FP3_EXTENSION_HPP #include -#include -/*#include -#include */ #include -/*#include -#include -#include */ #include diff --git a/libs/algebra/include/nil/crypto3/algebra/fields/fp6_2over3.hpp b/libs/algebra/include/nil/crypto3/algebra/fields/fp6_2over3.hpp index a80d4c5f27..41c892fd23 100644 --- a/libs/algebra/include/nil/crypto3/algebra/fields/fp6_2over3.hpp +++ b/libs/algebra/include/nil/crypto3/algebra/fields/fp6_2over3.hpp @@ -27,13 +27,7 @@ #define CRYPTO3_ALGEBRA_FIELDS_FP6_2OVER3_EXTENSION_HPP #include -#include -//#include -//#include #include -/*#include -#include -#include */ #include diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/params.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/params.hpp deleted file mode 100644 index aa526541d9..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/params.hpp +++ /dev/null @@ -1,88 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_PAIRING_PARAMS_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_PAIRING_PARAMS_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - namespace detail { - - template - class pairing_params; - - template<> - class pairing_params> { - using curve_type = curves::edwards<183>; - - public: - using integral_type = typename curve_type::base_field_type::integral_type; - using extended_integral_type = typename curve_type::base_field_type::extended_integral_type; - - constexpr static const std::size_t integral_type_max_bits = - curve_type::base_field_type::modulus_bits; - - constexpr static const integral_type ate_loop_count = - integral_type(0xE841DEEC0A9E39280000003_cppui_modular92); - - constexpr static const integral_type final_exponent_last_chunk_abs_of_w0 = - integral_type(0x3A1077BB02A78E4A00000003_cppui_modular94); - constexpr static const bool final_exponent_last_chunk_is_w0_neg = true; - - constexpr static const integral_type final_exponent_last_chunk_w1 = integral_type(0x4); - - constexpr static const extended_integral_type final_exponent = extended_integral_type( - 0x11128FF78CE1BA3ED7BDC08DC0E8027077FC9348F971A3EF1053C9D33B1AA7CEBA86030D02292F9F5E784FDE9EE9D0176DBE7DA7ECBBCB64CDC0ACD4E64D7156C2F84EE1AAFA1098707148DB1E4797E330E5D507E78D8246A4843B4A174E7CD7CA937BDC5D67A6176F9A48984764500000000_cppui_modular913); - - using g2_field_type_value = typename curve_type::template g2_type<>::field_type::value_type; - - constexpr static const g2_field_type_value twist = - curve_type::template g2_type<>::value_type::twist; - }; - - constexpr typename pairing_params>::integral_type const - pairing_params>::ate_loop_count; - constexpr typename pairing_params>::integral_type const - pairing_params>::final_exponent_last_chunk_abs_of_w0; - - constexpr typename pairing_params>::integral_type const - pairing_params>::final_exponent_last_chunk_w1; - - constexpr typename pairing_params>::extended_integral_type const - pairing_params>::final_exponent; - - constexpr bool const pairing_params>::final_exponent_last_chunk_is_w0_neg; - - } // namespace detail - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_PAIRING_PARAMS_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/types.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/types.hpp deleted file mode 100644 index 31f84e4a84..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/detail/edwards/183/types.hpp +++ /dev/null @@ -1,107 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TYPES_POLICY_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TYPES_POLICY_HPP - -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - namespace detail { - - template - class types_policy; - - // Copy of the bls12<381> version - template<> - class types_policy> { - using curve_type = curves::edwards<183>; - - public: - using integral_type = typename curve_type::base_field_type::integral_type; - using extended_integral_type = typename curve_type::base_field_type::extended_integral_type; - - using g1_field_value_type = typename curve_type::base_field_type::value_type; - using g2_field_value_type = typename curve_type::template g2_type<>::field_type::value_type; - - struct Fq_conic_coefficients { - - g1_field_value_type c_ZZ; - g1_field_value_type c_XY; - g1_field_value_type c_XZ; - - bool operator==(const Fq_conic_coefficients &other) const { - return (this->c_ZZ == other.c_ZZ && this->c_XY == other.c_XY && - this->c_XZ == other.c_XZ); - } - }; - - struct Fq3_conic_coefficients { - g2_field_value_type c_ZZ; - g2_field_value_type c_XY; - g2_field_value_type c_XZ; - - bool operator==(const Fq3_conic_coefficients &other) const { - return (this->c_ZZ == other.c_ZZ && this->c_XY == other.c_XY && - this->c_XZ == other.c_XZ); - } - }; - - using tate_g1_precomp = std::vector; - using ate_g2_precomputed_type = std::vector; - - struct ate_g1_precomputed_type { - g1_field_value_type P_XY; - g1_field_value_type P_XZ; - g1_field_value_type P_ZZplusYZ; - - bool operator==(const ate_g1_precomputed_type &other) const { - return (this->P_XY == other.P_XY && this->P_XZ == other.P_XZ && - this->P_ZZplusYZ == other.P_ZZplusYZ); - } - }; - - struct tate_g2_precomp { - g2_field_value_type y0, eta; - - bool operator==(const tate_g2_precomp &other) const { - return (this->y0 == other.y0 && this->eta == other.eta); - } - }; - - using g1_precomputed_type = ate_g1_precomputed_type; - using g2_precomputed_type = ate_g2_precomputed_type; - }; - - } // namespace detail - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil - -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TYPES_POLICY_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards.hpp deleted file mode 100644 index 0e0055c1e8..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards.hpp +++ /dev/null @@ -1,61 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_POLICY_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_POLICY_HPP - -#include -#include -#include -#include -#include -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template<> - struct pairing_policy> { - using curve_type = curves::edwards<183>; - - using precompute_g1 = pairing::edwards_ate_precompute_g1<183>; - using precompute_g2 = pairing::edwards_ate_precompute_g2<183>; - using miller_loop = pairing::edwards_ate_miller_loop<183>; - using double_miller_loop = pairing::edwards_ate_double_miller_loop<183>; - using final_exponentiation = pairing::edwards_final_exponentiation<183>; - - using g1_precomputed_type = typename precompute_g1::g1_precomputed_type; - using g2_precomputed_type = typename precompute_g2::g2_precomputed_type; - }; - - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_POLICY_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_double_miller_loop.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_double_miller_loop.hpp deleted file mode 100644 index 8506292433..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_double_miller_loop.hpp +++ /dev/null @@ -1,107 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_DOUBLE_MILLER_LOOP_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_DOUBLE_MILLER_LOOP_HPP - -#include -#include - -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_ate_double_miller_loop; - - template<> - class edwards_ate_double_miller_loop<183> { - using curve_type = curves::edwards<183>; - - using params_type = detail::pairing_params; - typedef detail::types_policy policy_type; - using gt_type = typename curve_type::gt_type; - - public: - static typename gt_type::value_type - process(const typename policy_type::ate_g1_precomputed_type &prec_P1, - const typename policy_type::ate_g2_precomputed_type &prec_Q1, - const typename policy_type::ate_g1_precomputed_type &prec_P2, - const typename policy_type::ate_g2_precomputed_type &prec_Q2) { - - typename gt_type::value_type f = gt_type::value_type::one(); - - bool found_one = false; - std::size_t idx = 0; - - const typename policy_type::integral_type &loop_count = params_type::ate_loop_count; - - for (long i = params_type::integral_type_max_bits - 1; i >= 0; --i) { - const bool bit = boost::multiprecision::bit_test(loop_count, i); - if (!found_one) { - /* this skips the MSB itself */ - found_one |= bit; - continue; - } - - /* code below gets executed for all bits (EXCEPT the MSB itself) of - param_p (skipping leading zeros) in MSB to LSB - order */ - typename policy_type::Fq3_conic_coefficients cc1 = prec_Q1[idx]; - typename policy_type::Fq3_conic_coefficients cc2 = prec_Q2[idx]; - ++idx; - - typename gt_type::value_type g_RR_at_P1 = typename gt_type::value_type( - prec_P1.P_XY * cc1.c_XY + prec_P1.P_XZ * cc1.c_XZ, prec_P1.P_ZZplusYZ * cc1.c_ZZ); - - typename gt_type::value_type g_RR_at_P2 = typename gt_type::value_type( - prec_P2.P_XY * cc2.c_XY + prec_P2.P_XZ * cc2.c_XZ, prec_P2.P_ZZplusYZ * cc2.c_ZZ); - f = f.squared() * g_RR_at_P1 * g_RR_at_P2; - - if (bit) { - cc1 = prec_Q1[idx]; - cc2 = prec_Q2[idx]; - ++idx; - typename gt_type::value_type g_RQ_at_P1 = typename gt_type::value_type( - prec_P1.P_ZZplusYZ * cc1.c_ZZ, prec_P1.P_XY * cc1.c_XY + prec_P1.P_XZ * cc1.c_XZ); - typename gt_type::value_type g_RQ_at_P2 = typename gt_type::value_type( - prec_P2.P_ZZplusYZ * cc2.c_ZZ, prec_P2.P_XY * cc2.c_XY + prec_P2.P_XZ * cc2.c_XZ); - f = f * g_RQ_at_P1 * g_RQ_at_P2; - } - } - - return f; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_DOUBLE_MILLER_LOOP_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_miller_loop.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_miller_loop.hpp deleted file mode 100644 index 0333c9c45a..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_miller_loop.hpp +++ /dev/null @@ -1,94 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_MILLER_LOOP_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_MILLER_LOOP_HPP - -#include -#include - -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_ate_miller_loop; - - template<> - class edwards_ate_miller_loop<183> { - using curve_type = curves::edwards<183>; - - using params_type = detail::pairing_params; - typedef detail::types_policy policy_type; - using gt_type = typename curve_type::gt_type; - - public: - static typename gt_type::value_type process(const policy_type::ate_g1_precomputed_type &prec_P, - const policy_type::ate_g2_precomputed_type &prec_Q) { - - typename gt_type::value_type f = gt_type::value_type::one(); - - bool found_one = false; - std::size_t idx = 0; - - const typename policy_type::integral_type &loop_count = params_type::ate_loop_count; - - for (long i = params_type::integral_type_max_bits - 1; i >= 0; --i) { - const bool bit = boost::multiprecision::bit_test(loop_count, i); - if (!found_one) { - /* this skips the MSB itself */ - found_one |= bit; - continue; - } - - /* code below gets executed for all bits (EXCEPT the MSB itself) of - param_p (skipping leading zeros) in MSB to LSB - order */ - typename policy_type::Fq3_conic_coefficients cc = prec_Q[idx++]; - - typename gt_type::value_type g_RR_at_P = typename gt_type::value_type( - prec_P.P_XY * cc.c_XY + prec_P.P_XZ * cc.c_XZ, prec_P.P_ZZplusYZ * cc.c_ZZ); - f = f.squared() * g_RR_at_P; - if (bit) { - cc = prec_Q[idx++]; - typename gt_type::value_type g_RQ_at_P = typename gt_type::value_type( - prec_P.P_ZZplusYZ * cc.c_ZZ, prec_P.P_XY * cc.c_XY + prec_P.P_XZ * cc.c_XZ); - f = f * g_RQ_at_P; - } - } - - return f; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_MILLER_LOOP_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g1.hpp deleted file mode 100644 index 8f7d8cd749..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g1.hpp +++ /dev/null @@ -1,69 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_PRECOMPUTE_G1_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_PRECOMPUTE_G1_HPP - -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_ate_precompute_g1; - - template<> - class edwards_ate_precompute_g1<183> { - using curve_type = curves::edwards<183>; - - typedef detail::types_policy policy_type; - - using g1_type = typename curve_type::template g1_type<>; - using g1_affine_type = typename curve_type::template g1_type; - - public: - using g1_precomputed_type = typename policy_type::ate_g1_precomputed_type; - - static typename policy_type::ate_g1_precomputed_type - process(const typename g1_type::value_type &P) { - - typename g1_affine_type::value_type Pcopy = P.to_affine(); - typename policy_type::ate_g1_precomputed_type result; - result.P_XY = Pcopy.X * Pcopy.Y; - result.P_XZ = Pcopy.X; // P.X * P.Z but P.Z = 1 - result.P_ZZplusYZ = - (g1_type::field_type::value_type::one() + Pcopy.Y); // (P.Z + P.Y) * P.Z but P.Z = - - return result; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_ATE_PRECOMPUTE_G1_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g2.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g2.hpp deleted file mode 100644 index b9ec6cc7f6..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/ate_precompute_g2.hpp +++ /dev/null @@ -1,204 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_BLS12_ATE_PRECOMPUTE_G2_HPP -#define CRYPTO3_ALGEBRA_PAIRING_BLS12_ATE_PRECOMPUTE_G2_HPP - -#include -#include - -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_ate_precompute_g2; - - template<> - class edwards_ate_precompute_g2<183> { - using curve_type = curves::edwards<183>; - - using params_type = detail::pairing_params; - typedef detail::types_policy policy_type; - - using base_field_type = typename curve_type::base_field_type; - using g2_type = typename curve_type::template g2_type<>; - using g2_affine_type = typename curve_type::template g2_type; - - using g2_field_type_value = typename g2_type::field_type::value_type; - - struct extended_g2_projective { - g2_field_type_value X; - g2_field_type_value Y; - g2_field_type_value Z; - g2_field_type_value T; - }; - - static void - doubling_step_for_flipped_miller_loop(extended_g2_projective ¤t, - typename policy_type::Fq3_conic_coefficients &cc) { - - const g2_field_type_value &X = current.X, &Y = current.Y, &Z = current.Z, &T = current.T; - const g2_field_type_value A = X.squared(); // A = X1^2 - const g2_field_type_value B = Y.squared(); // B = Y1^2 - const g2_field_type_value C = Z.squared(); // C = Z1^2 - const g2_field_type_value D = (X + Y).squared(); // D = (X1+Y1)^2 - const g2_field_type_value E = (Y + Z).squared(); // E = (Y1+Z1)^2 - const g2_field_type_value F = D - (A + B); // F = D-(A+B) - const g2_field_type_value G = E - (B + C); // G = E-(B+C) - const g2_field_type_value H = - g2_type::value_type::mul_by_a(A); // param_twist_coeff_a is 1 * X for us - // H = twisted_a * A - const g2_field_type_value I = H + B; // I = H+B - const g2_field_type_value J = C - I; // J = C-I - const g2_field_type_value K = J + C; // K = J+C - - cc.c_ZZ = Y * (T - X); // c_ZZ = 2*Y1*(T1-X1) - cc.c_ZZ = cc.c_ZZ + cc.c_ZZ; - // c_XY = 2*(C-a * A * delta_3-B)+G (a = 1 for us) - cc.c_XY = C - g2_type::value_type::mul_by_a(A) - B; // param_twist_coeff_a is 1 * X for us - cc.c_XY = cc.c_XY + cc.c_XY + G; - // c_XZ = 2*(a*X1*T1*delta_3-B) (a = 1 for us) - cc.c_XZ = g2_type::value_type::mul_by_a(X * T) - B; // param_twist_coeff_a is 1 * X for us - cc.c_XZ = cc.c_XZ + cc.c_XZ; - - current.X = F * K; // X3 = F*K - current.Y = I * (B - H); // Y3 = I*(B-H) - current.Z = I * K; // Z3 = I*K - current.T = F * (B - H); // T3 = F*(B-H) - } - - static void - full_addition_step_for_flipped_miller_loop(const extended_g2_projective &base, - extended_g2_projective ¤t, - typename policy_type::Fq3_conic_coefficients &cc) { - - const g2_field_type_value &X1 = current.X, &Y1 = current.Y, &Z1 = current.Z, &T1 = current.T; - const g2_field_type_value &X2 = base.X, &Y2 = base.Y, &Z2 = base.Z, &T2 = base.T; - - const g2_field_type_value A = X1 * X2; // A = X1*X2 - const g2_field_type_value B = Y1 * Y2; // B = Y1*Y2 - const g2_field_type_value C = Z1 * T2; // C = Z1*T2 - const g2_field_type_value D = T1 * Z2; // D = T1*Z2 - const g2_field_type_value E = D + C; // E = D+C - const g2_field_type_value F = (X1 - Y1) * (X2 + Y2) + B - A; // F = (X1-Y1)*(X2+Y2)+B-A - // G = B + twisted_a * A - const g2_field_type_value G = - B + g2_type::value_type::mul_by_a(A); // param_twist_coeff_a is 1*X for us - - const g2_field_type_value H = D - C; // H = D-C - const g2_field_type_value I = T1 * T2; // I = T1*T2 - - // c_ZZ = delta_3* ((T1-X1)*(T2+X2)-I+A) - cc.c_ZZ = g2_type::value_type::mul_by_a((T1 - X1) * (T2 + X2) - I + - A); // param_twist_coeff_a is 1*X for us - - cc.c_XY = X1 * Z2 - X2 * Z1 + F; // c_XY = X1*Z2-X2*Z1+F - cc.c_XZ = (Y1 - T1) * (Y2 + T2) - B + I - H; // c_XZ = (Y1-T1)*(Y2+T2)-B+I-H - current.X = E * F; // X3 = E*F - current.Y = G * H; // Y3 = G*H - current.Z = F * G; // Z3 = F*G - current.T = E * H; // T3 = E*H - } - - static void - mixed_addition_step_for_flipped_miller_loop(const extended_g2_projective &base, - extended_g2_projective ¤t, - typename policy_type::Fq3_conic_coefficients &cc) { - - const g2_field_type_value &X1 = current.X, &Y1 = current.Y, &Z1 = current.Z, &T1 = current.T; - const g2_field_type_value &X2 = base.X, &Y2 = base.Y, &T2 = base.T; - - const g2_field_type_value A = X1 * X2; // A = X1*X2 - const g2_field_type_value B = Y1 * Y2; // B = Y1*Y2 - const g2_field_type_value C = Z1 * T2; // C = Z1*T2 - const g2_field_type_value E = T1 + C; // E = T1+C - const g2_field_type_value F = (X1 - Y1) * (X2 + Y2) + B - A; // F = (X1-Y1)*(X2+Y2)+B-A - // G = B + twisted_a * A - const g2_field_type_value G = - B + g2_type::value_type::mul_by_a(A); // param_twist_coeff_a is 1*X for us - const g2_field_type_value H = T1 - C; // H = T1-C - const g2_field_type_value I = T1 * T2; // I = T1*T2 - - // c_ZZ = delta_3* ((T1-X1)*(T2+X2)-I+A) - cc.c_ZZ = g2_type::value_type::mul_by_a((T1 - X1) * (T2 + X2) - I + - A); // param_twist_coeff_a is 1*X for us - - cc.c_XY = X1 - X2 * Z1 + F; // c_XY = X1*Z2-X2*Z1+F - cc.c_XZ = (Y1 - T1) * (Y2 + T2) - B + I - H; // c_XZ = (Y1-T1)*(Y2+T2)-B+I-H - current.X = E * F; // X3 = E*F - current.Y = G * H; // Y3 = G*H - current.Z = F * G; // Z3 = F*G - current.T = E * H; // T3 = E*H - } - - public: - using g2_precomputed_type = typename policy_type::ate_g2_precomputed_type; - - static g2_precomputed_type process(const typename g2_type::value_type &Q) { - - g2_precomputed_type result; - typename g2_affine_type::value_type Qcopy = Q.to_affine(); - extended_g2_projective Q_ext; - Q_ext.X = Qcopy.X; - Q_ext.Y = Qcopy.Y; - Q_ext.Z = Qcopy.Z; - Q_ext.T = Qcopy.X * Qcopy.Y; - - extended_g2_projective R = Q_ext; - - const typename policy_type::integral_type &loop_count = params_type::ate_loop_count; - - bool found_one = false; - for (long i = params_type::integral_type_max_bits - 1; i >= 0; --i) { - const bool bit = boost::multiprecision::bit_test(loop_count, i); - if (!found_one) { - /* this skips the MSB itself */ - found_one |= bit; - continue; - } - - typename policy_type::Fq3_conic_coefficients cc; - doubling_step_for_flipped_miller_loop(R, cc); - result.push_back(cc); - if (bit) { - mixed_addition_step_for_flipped_miller_loop(Q_ext, R, cc); - result.push_back(cc); - } - } - - return result; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_BLS12_ATE_PRECOMPUTE_G2_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/final_exponentiation.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/final_exponentiation.hpp deleted file mode 100644 index 81ad4d8d7f..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/final_exponentiation.hpp +++ /dev/null @@ -1,103 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_FINAL_EXPONENTIATION_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_FINAL_EXPONENTIATION_HPP - -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_final_exponentiation; - - template<> - class edwards_final_exponentiation<183> { - using curve_type = curves::edwards<183>; - - using params_type = detail::pairing_params; - typedef detail::types_policy policy_type; - - using base_field_type = typename curve_type::base_field_type; - using gt_type = typename curve_type::gt_type; - - static typename gt_type::value_type - final_exponentiation_last_chunk(const typename gt_type::value_type &elt, - const typename gt_type::value_type &elt_inv) { - - const typename gt_type::value_type elt_q = elt.Frobenius_map(1); - - typename gt_type::value_type w1_part = - elt_q.cyclotomic_exp(params_type::final_exponent_last_chunk_w1); - typename gt_type::value_type w0_part = gt_type::value_type::zero(); - - if (params_type::final_exponent_last_chunk_is_w0_neg) { - w0_part = elt_inv.cyclotomic_exp(params_type::final_exponent_last_chunk_abs_of_w0); - } else { - w0_part = elt.cyclotomic_exp(params_type::final_exponent_last_chunk_abs_of_w0); - } - - return w1_part * w0_part; - } - - static typename gt_type::value_type - final_exponentiation_first_chunk(const typename gt_type::value_type &elt, - const typename gt_type::value_type &elt_inv) { - - /* (q^3-1)*(q+1) */ - - /* elt_q3 = elt^(q^3) */ - const typename gt_type::value_type elt_q3 = elt.Frobenius_map(3); - /* elt_q3_over_elt = elt^(q^3-1) */ - const typename gt_type::value_type elt_q3_over_elt = elt_q3 * elt_inv; - /* alpha = elt^((q^3-1) * q) */ - const typename gt_type::value_type alpha = elt_q3_over_elt.Frobenius_map(1); - /* beta = elt^((q^3-1)*(q+1) */ - const typename gt_type::value_type beta = alpha * elt_q3_over_elt; - - return beta; - } - - public: - static typename gt_type::value_type process(const typename gt_type::value_type &elt) { - - const typename gt_type::value_type elt_inv = elt.inversed(); - const typename gt_type::value_type elt_to_first_chunk = - final_exponentiation_first_chunk(elt, elt_inv); - const typename gt_type::value_type elt_inv_to_first_chunk = - final_exponentiation_first_chunk(elt_inv, elt); - return final_exponentiation_last_chunk(elt_to_first_chunk, elt_inv_to_first_chunk); - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_FINAL_EXPONENTIATION_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_miller_loop.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_miller_loop.hpp deleted file mode 100644 index 1b083bcf47..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_miller_loop.hpp +++ /dev/null @@ -1,92 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_MILLER_LOOP_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_MILLER_LOOP_HPP - -#include -#include - -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_tate_miller_loop; - - template<> - class edwards_tate_miller_loop<183> { - using curve_type = curves::edwards<183>; - - using params_type = detail::pairing_params; - typedef detail::types_policy policy_type; - using gt_type = typename curve_type::gt_type; - - public: - static typename gt_type::value_type process(const policy_type::tate_g1_precomp &prec_P, - const policy_type::tate_g2_precomp &prec_Q) { - - typename gt_type::value_type f = gt_type::value_type::one(); - - bool found_one = false; - std::size_t idx = 0; - for (long i = policy_type::scalar_field_bits - 1; i >= 0; --i) { - const bool bit = - boost::multiprecision::bit_test(policy_type::scalar_field_modulus, i); - if (!found_one) { - /* this skips the MSB itself */ - found_one |= bit; - continue; - } - - /* code below gets executed for all bits (EXCEPT the MSB itself) of - policy_type::scalar_field_modulus (skipping leading zeros) in MSB to LSB - order */ - typename policy_type::Fq_conic_coefficients cc = prec_P[idx++]; - typename gt_type::value_type g_RR_at_Q = typename gt_type::value_type( - Fq3(cc.c_XZ, Fq(0l), Fq(0l)) + cc.c_XY * prec_Q.y0, cc.c_ZZ * prec_Q.eta); - f = f.squared() * g_RR_at_Q; - if (bit) { - cc = prec_P[idx++]; - - typename gt_type::value_type g_RP_at_Q = typename gt_type::value_type( - Fq3(cc.c_XZ, Fq(0l), Fq(0l)) + cc.c_XY * prec_Q.y0, cc.c_ZZ * prec_Q.eta); - f = f * g_RP_at_Q; - } - } - - return f; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_MILLER_LOOP_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g1.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g1.hpp deleted file mode 100644 index 60db9aea6a..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g1.hpp +++ /dev/null @@ -1,193 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_PRECOMPUTE_G1_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_PRECOMPUTE_G1_HPP - -#include -#include - -#include -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_ate_precompute_g1; - - template<> - class edwards_ate_precompute_g1<183> { - using curve_type = curves::edwards<183>; - - using params_type = detail::pairing_params; - typedef detail::types_policy policy_type; - - using base_field_type = typename curve_type::base_field_type; - using g1_type = typename curve_type::template g1_type<>; - using g1_affine_type = typename curve_type::template g1_type; - - using g1_field_type_value = typename g1_type::field_type::value_type; - - struct extended_g1_projective { - g1_field_type_value X; - g1_field_type_value Y; - g1_field_type_value Z; - g1_field_type_value T; - }; - - static void doubling_step_for_miller_loop(extended_g1_projective ¤t, - typename policy_type::Fq_conic_coefficients &cc) { - - const g1_field_type_value &X = current.X, &Y = current.Y, &Z = current.Z, &T = current.T; - const g1_field_type_value A = X.squared(); // A = X1^2 - const g1_field_type_value B = Y.squared(); // B = Y1^2 - const g1_field_type_value C = Z.squared(); // C = Z1^2 - const g1_field_type_value D = (X + Y).squared(); // D = (X1+Y1)^2 - const g1_field_type_value E = (Y + Z).squared(); // E = (Y1+Z1)^2 - const g1_field_type_value F = D - (A + B); // F = D-(A+B) - const g1_field_type_value G = E - (B + C); // G = E-(B+C) - const g1_field_type_value &H = A; // H = A (a=1) - const g1_field_type_value I = H + B; // I = H+B - const g1_field_type_value J = C - I; // J = C-I - const g1_field_type_value K = J + C; // K = J+C - - cc.c_ZZ = Y * (T - X); // c_ZZ = 2*Y1*(T1-X1) - cc.c_ZZ = cc.c_ZZ + cc.c_ZZ; - - cc.c_XY = J + J + G; // c_XY = 2*J+G - cc.c_XZ = X * T - B; // c_XZ = 2*(X1*T1-B) (a=1) - cc.c_XZ = cc.c_XZ + cc.c_XZ; - - current.X = F * K; // X3 = F*K - current.Y = I * (B - H); // Y3 = I*(B-H) - current.Z = I * K; // Z3 = I*K - current.T = F * (B - H); // T3 = F*(B-H) - } - - static void full_addition_step_for_miller_loop(const extended_g1_projective &base, - extended_g1_projective ¤t, - typename policy_type::Fq_conic_coefficients &cc) { - - const g1_field_type_value &X1 = current.X, &Y1 = current.Y, &Z1 = current.Z, &T1 = current.T; - const g1_field_type_value &X2 = base.X, &Y2 = base.Y, &Z2 = base.Z, &T2 = base.T; - - const g1_field_type_value A = X1 * X2; // A = X1*X2 - const g1_field_type_value B = Y1 * Y2; // B = Y1*Y2 - const g1_field_type_value C = Z1 * T2; // C = Z1*T2 - const g1_field_type_value D = T1 * Z2; // D = T1*Z2 - const g1_field_type_value E = D + C; // E = D+C - const g1_field_type_value F = (X1 - Y1) * (X2 + Y2) + B - A; // F = (X1-Y1)*(X2+Y2)+B-A - const g1_field_type_value G = B + A; // G = B + A (a=1) - const g1_field_type_value H = D - C; // H = D-C - const g1_field_type_value I = T1 * T2; // I = T1*T2 - - cc.c_ZZ = (T1 - X1) * (T2 + X2) - I + A; // c_ZZ = (T1-X1)*(T2+X2)-I+A - cc.c_XY = X1 * Z2 - X2 * Z1 + F; // c_XY = X1*Z2-X2*Z1+F - cc.c_XZ = (Y1 - T1) * (Y2 + T2) - B + I - H; // c_XZ = (Y1-T1)*(Y2+T2)-B+I-H - current.X = E * F; // X3 = E*F - current.Y = G * H; // Y3 = G*H - current.Z = F * G; // Z3 = F*G - current.T = E * H; // T3 = E*H - } - - static void mixed_addition_step_for_miller_loop(const extended_g1_projective &base, - extended_g1_projective ¤t, - typename policy_type::Fq_conic_coefficients &cc) { - - const g1_field_type_value &X1 = current.X, &Y1 = current.Y, &Z1 = current.Z, &T1 = current.T; - const g1_field_type_value &X2 = base.X, &Y2 = base.Y, &T2 = base.T; - - const g1_field_type_value A = X1 * X2; // A = X1*X2 - const g1_field_type_value B = Y1 * Y2; // B = Y1*Y2 - const g1_field_type_value C = Z1 * T2; // C = Z1*T2 - const g1_field_type_value D = T1; // D = T1*Z2 - const g1_field_type_value E = D + C; // E = D+C - const g1_field_type_value F = (X1 - Y1) * (X2 + Y2) + B - A; // F = (X1-Y1)*(X2+Y2)+B-A - const g1_field_type_value G = B + A; // G = B + A (a=1) - const g1_field_type_value H = D - C; // H = D-C - const g1_field_type_value I = T1 * T2; // I = T1*T2 - - cc.c_ZZ = (T1 - X1) * (T2 + X2) - I + A; // c_ZZ = (T1-X1)*(T2+X2)-I+A - cc.c_XY = X1 - X2 * Z1 + F; // c_XY = X1*Z2-X2*Z1+F - cc.c_XZ = (Y1 - T1) * (Y2 + T2) - B + I - H; // c_XZ = (Y1-T1)*(Y2+T2)-B+I-H - current.X = E * F; // X3 = E*F - current.Y = G * H; // Y3 = G*H - current.Z = F * G; // Z3 = F*G - current.T = E * H; // T3 = E*H - } - - public: - using g1_precomputed_type = typename policy_type::tate_g1_precomp; - - static typename policy_type::tate_g1_precomp process(const typename g1_type::value_type &P) { - - typename policy_type::tate_g1_precomp result; - - typename g1_affine_type::value_type Pcopy = P.to_affine(); - - extended_g1_projective P_ext; - P_ext.X = Pcopy.X; - P_ext.Y = Pcopy.Y; - P_ext.Z = Pcopy.Z; - P_ext.T = Pcopy.X * Pcopy.Y; - - extended_g1_projective R = P_ext; - - bool found_one = false; - for (long i = params_type::scalar_field_bits; i >= 0; --i) { - const bool bit = - boost::multiprecision::bit_test(params_type::scalar_field_modulus, i); - if (!found_one) { - /* this skips the MSB itself */ - found_one |= bit; - continue; - } - - /* code below gets executed for all bits (EXCEPT the MSB itself) of - params_type::scalar_field_modulus (skipping leading zeros) in MSB to LSB - order */ - policy_type::Fq_conic_coefficients cc; - - doubling_step_for_miller_loop(R, cc); - result.push_back(cc); - - if (bit) { - mixed_addition_step_for_miller_loop(P_ext, R, cc); - result.push_back(cc); - } - } - - return result; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_PRECOMPUTE_G1_HPP diff --git a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g2.hpp b/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g2.hpp deleted file mode 100644 index ba41d82c48..0000000000 --- a/libs/algebra/include/nil/crypto3/algebra/pairing/edwards/183/tate_precompute_g2.hpp +++ /dev/null @@ -1,66 +0,0 @@ -//---------------------------------------------------------------------------// -// Copyright (c) 2020-2021 Mikhail Komarov -// Copyright (c) 2020-2021 Nikita Kaskov -// -// MIT License -// -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: -// -// The above copyright notice and this permission notice shall be included in all -// copies or substantial portions of the Software. -// -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -// SOFTWARE. -//---------------------------------------------------------------------------// - -#ifndef CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_PRECOMPUTE_G2_HPP -#define CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_PRECOMPUTE_G2_HPP - -#include -#include - -namespace nil { - namespace crypto3 { - namespace algebra { - namespace pairing { - - template - class edwards_ate_precompute_g1; - - template<> - class edwards_ate_precompute_g1<183> { - using curve_type = curves::edwards<183>; - - typedef detail::types_policy policy_type; - - using g2_type = typename curve_type::template g2_type<>; - using g2_affine_type = typename curve_type::template g2_type; - - public: - using g2_precomputed_type = typename policy_type::tate_g2_precomp; - - static typename policy_type::tate_g2_precomp process(const typename g2_type::value_type &P) { - - typename g2_affine_type::value_type Qcopy = Q.to_affine(); - typename policy_type::tate_g2_precomp result; - result.y0 = Qcopy.Y * Qcopy.Z.inversed(); - result.eta = (Qcopy.Z + Qcopy.Y) * gt::mul_by_non_residue(Qcopy.X).inversed(); - - return result; - } - }; - } // namespace pairing - } // namespace algebra - } // namespace crypto3 -} // namespace nil -#endif // CRYPTO3_ALGEBRA_PAIRING_EDWARDS_183_TATE_PRECOMPUTE_G2_HPP diff --git a/libs/algebra/test/curves.cpp b/libs/algebra/test/curves.cpp index 34c541ab01..1dd208bd17 100644 --- a/libs/algebra/test/curves.cpp +++ b/libs/algebra/test/curves.cpp @@ -34,12 +34,15 @@ #include #include +#include + +#include + #include #include #include #include -#include #include #include #include @@ -48,6 +51,8 @@ #include #include #include +#include + #include #include @@ -493,12 +498,6 @@ BOOST_DATA_TEST_CASE(curve_operation_test_babyjubjub_montgomery_affine, curve_operation_test_montgomery(data_set, fp_curve_twisted_edwards_test_init); } -BOOST_DATA_TEST_CASE(curve_operation_test_edwards_g1, string_data("curve_operation_test_edwards_g1"), data_set) { - using policy_type = curves::edwards<183>::g1_type<>; - - curve_operation_test(data_set, fp_curve_test_init); -} - BOOST_DATA_TEST_CASE(curve_operation_test_mnt4_g1, string_data("curve_operation_test_mnt4_g1"), data_set) { using policy_type = curves::mnt4<298>::g1_type<>; @@ -517,16 +516,6 @@ BOOST_DATA_TEST_CASE(curve_operation_test_mnt4_g2, string_data("curve_operation_ curve_operation_test(data_set, fp2_curve_test_init); } -// Disabled until params are reviewed. For current params g2::one is not well-formed -// https://github.com/NilFoundation/crypto3-algebra/issues/161 -/* -BOOST_DATA_TEST_CASE(curve_operation_test_edwards_g2, string_data("curve_operation_test_edwards_g2"), data_set) { - using policy_type = curves::edwards<183>::g2_type<>; - - curve_operation_test(data_set, fp3_curve_test_init); -} -*/ - BOOST_DATA_TEST_CASE(curve_operation_test_mnt6_g2, string_data("curve_operation_test_mnt6_g2"), data_set) { using policy_type = curves::mnt6<298>::g2_type<>; @@ -571,7 +560,6 @@ BOOST_DATA_TEST_CASE(curve_operation_test_alt_bn128_g2, string_data("curve_opera BOOST_DATA_TEST_CASE(curve_operation_test_secp256_r1_g1, string_data("curve_operation_test_secp256r1"), data_set) { using policy_type = curves::secp_r1<256>::g1_type<>; - curve_operation_test(data_set, fp_curve_test_init); } @@ -587,21 +575,94 @@ BOOST_DATA_TEST_CASE(curve_operation_test_edwards25519, string_data("curve_opera static_assert(std::is_same::curve_type, curves::ed25519>::value); static_assert(std::is_same::curve_type, curves::curve25519>::value); - curve_operation_test_twisted_edwards(data_set, - fp_extended_curve_twisted_edwards_test_init); + curve_operation_test_twisted_edwards(data_set, fp_extended_curve_twisted_edwards_test_init); } BOOST_DATA_TEST_CASE(curve_operation_test_pallas, string_data("curve_operation_test_pallas"), data_set) { using policy_type = curves::pallas::g1_type<>; - curve_operation_test(data_set, - fp_curve_test_init); + curve_operation_test(data_set, fp_curve_test_init); } BOOST_DATA_TEST_CASE(curve_operation_test_vesta, string_data("curve_operation_test_vesta"), data_set) { using policy_type = curves::vesta::g1_type<>; - curve_operation_test(data_set, - fp_curve_test_init); + curve_operation_test(data_set, fp_curve_test_init); +} + +/* + * Tests for "NOTE: does not handle O and pts of order 2,4" + * short Weierstrass forms + */ +template +class bls12_377_orders_2_4_runner { + using curve_type = curves::bls12_377; + using g1_type = curve_type::g1_type; + + // point of order 2 + static constexpr curve_type::base_field_type::value_type + o2_X = curve_type::base_field_type::modulus - 1, + o2_Y = 0u; + // point of order 4 + static constexpr curve_type::base_field_type::value_type + o4_X = 0x126f980765bb3d634f9d5cb49909db8af2e185fb13bdb7dc4aedcadf9d8dad86bba02eda906066c9153bdf72ddce76c_cppui_modular377, + o4_Y = 0x06e4b66bb23ef4bef715f597162d6662d8161cd062d6212d39392e17232444a0760b5dc479db98123ab3887aa3cb34e_cppui_modular377; + + public: + bool static run() { + typename g1_type::value_type o4(o4_X, o4_Y), o2(o2_X, o2_Y), check; + + BOOST_CHECK(o4.is_well_formed()); + BOOST_CHECK(o2.is_well_formed()); + + check = o4 + o4 + o4 + o4; + BOOST_CHECK_EQUAL(check, g1_type::value_type::zero()); + check = o2 + o2; + BOOST_CHECK_EQUAL(check, g1_type::value_type::zero()); + return true; + } + +}; + +using bls12_377_orders_2_4_runners = boost::mpl::list< + bls12_377_orders_2_4_runner, + bls12_377_orders_2_4_runner, + bls12_377_orders_2_4_runner >; + +/* No tests for projective_with_a4_minus_3 and jacobian_with_a4_minus_3 + * Only secp_r1 curves have a4 = -3, but these curves have cofactor = 1, + * so there are no points of order 2 and 4 */ + +BOOST_AUTO_TEST_CASE_TEMPLATE(bls12_377_order_test, runner, bls12_377_orders_2_4_runners) { + BOOST_CHECK(runner::run()); +} + +/* + * Twisted Edwards forms + * extended coordinates + */ +BOOST_AUTO_TEST_CASE(twisted_edwards_extended_order_test) { + using curve_type = curves::ed25519; + using g1_type = typename curve_type::g1_type<>; + + /* Point of order 2 */ + curve_type::base_field_type::value_type + o2_X = 0x0_cppui_modular255, + o2_Y = curve_type::base_field_type::modulus - 1; + + /* Point of order 4 */ + curve_type::base_field_type::value_type + o4_X = 0x547cdb7fb03e20f4d4b2ff66c2042858d0bce7f952d01b873b11e4d8b5f15f3d_cppui_modular255, + o4_Y = 0x0_cppui_modular255; + + typename g1_type::value_type o4(o4_X, o4_Y), o2(o2_X, o2_Y), check; + + BOOST_CHECK(o4.is_well_formed()); + BOOST_CHECK(o2.is_well_formed()); + + check = o4 + o4 + o4 + o4; + BOOST_CHECK_EQUAL(check, g1_type::value_type::zero()); + check = o2 + o2; + BOOST_CHECK_EQUAL(check, g1_type::value_type::zero()); } BOOST_AUTO_TEST_SUITE_END() diff --git a/libs/algebra/test/curves_static.cpp b/libs/algebra/test/curves_static.cpp index 7d32c784f4..13beb53626 100644 --- a/libs/algebra/test/curves_static.cpp +++ b/libs/algebra/test/curves_static.cpp @@ -38,7 +38,6 @@ #include #include // #include -#include // #include // #include #include diff --git a/libs/algebra/test/data/curves.json b/libs/algebra/test/data/curves.json index 6a1fb9f58f..84e8e884ec 100644 --- a/libs/algebra/test/data/curves.json +++ b/libs/algebra/test/data/curves.json @@ -5785,298 +5785,6 @@ ] } ], - "curve_operation_test_edwards_g1": [ - { - "constants": [ - 232740939, - 700989295 - ], - "point_coordinates": [ - [ - "2935314972851301498149157493437318406904899861921926254", - "1860660757440431687006875032445530907577120043252624447", - "4456570634730038135103448938535014238038144081207255692" - ], - [ - "2600188349459975770147673786056896765013498139440184588", - "2183698460939090261532091671458655558857050251635825042", - "5661220070941000385259893599750900287994294860812558948" - ], - [ - "5151444111724825701556916713713982222478888379781711817", - "4617122171793511721951905577357157450895343585027330073", - "2875650063350264315255305223663877676848816883342947933" - ], - [ - "3146503439778580041452229576084143138568895679236795586", - "6042233776296352212309579194771034409042482346511985872", - "115646043275162772831347792548689173284296826518370788" - ], - [ - "5138144695340603069088495111910287022419561256554460554", - "5903424996368902075266849425670159504267966157731544390", - "2147198190963764391903187061729073865176467544855804341" - ], - [ - "528921712256976054051151508851634400450034326440852417", - "3764842437460422166649583917893760361220003558731712398", - "4366436800344064865419142875422262619601763129195158652" - ], - [ - "3115016823566147595869881141589694959477697502423443980", - "1652695372668523966837768265826024210690701836102754065", - "822648866754460098033379109520851470317818163864265821" - ], - [ - "6040987708509507694068367133449606779862628246241311792", - "4269039390417246474877898279666861767584754060403640186", - "1195987974054543789228593558106611298092178149221279155" - ], - [ - "1967916151021975436007926766461402374075818940081277508", - "5190237441621765552808136541888187107220647299864176734", - "1" - ], - [ - "5608370571563196113510248069403055885833453265019097533", - "4347155233174056148026552874852172904914325504564020660", - "1" - ] - ] - }, - { - "constants": [ - 431793623, - 808178548 - ], - "point_coordinates": [ - [ - "1998783792081754031812525846166385712870223908778695309", - "5648115971745532795884536596095608206503699427996289024", - "5118747988812143711957910740018182994344395313813371753" - ], - [ - "2761782611129342812850475951444482257485791953910848761", - "3160558467057988299591081562531252654944356202464048666", - "3444465844511645762623719173663688271626183615753650587" - ], - [ - "4694558929317694923953673299814960372769151031889185345", - "1780202167525968976340229544893708199391554296075321709", - "3612694881279915271839479834154242037755666438444614856" - ], - [ - "5784923344313313172896955581066853374998868039211767437", - "2115978805524669062703000024438171634179864015353572940", - "452123696929184875720360227006796834477855221124423175" - ], - [ - "991153704578506956769552446081440839124442439822098508", - "129828147175145781163281600805960750132388806675067888", - "4311796432008624214182338685856955581025323747684776186" - ], - [ - "6021251156826734392364796761350225487367472705959972794", - "368453001980762409709006296368269661030408143140989756", - "1895215319346548123556032125426454043553861202619016731" - ], - [ - "993303203052404694229591874001395303706552042156498986", - "2939369161079917937613354634993609758244631119392821403", - "3784156007608456885161223875061151309164156639819991546" - ], - [ - "5591332917444406658036997660348484043428563236660809799", - "1162486087880959752133995439447419536264258665656185375", - "3525801304721543779485373879356173799884934829800872805" - ], - [ - "3829985226086477117625039099726142289873090432363721320", - "2108340983423813052665185852237224979827452081663812539", - "1" - ], - [ - "5374427500720804131304519774918146912211647259855983083", - "3290182613167251663162239464428845342515998075347727258", - "1" - ] - ] - }, - { - "constants": [ - 222788961, - 327822240 - ], - "point_coordinates": [ - [ - "4092400982603283328321005228762715363014624145784933066", - "2722307533482503819828850486402802347176998869238829828", - "4567840514633437857635480786170488315564434051243135067" - ], - [ - "1211510035595350827896290856761956231557794894382219132", - "4940112616186502490917133324214905351716537168707123842", - "2679877267040513427788749373190460188291821174489672648" - ], - [ - "466634154979217447583997667543977662580434143823024994", - "882211228343965668676928611032486320903574099494670427", - "5903152420005909498875334296094719589522112770112728365" - ], - [ - "4329518081618407573314373420206387742005107008964527541", - "673037850587862023433127491030376438010962653561691355", - "5436913750921523427106731804651279233722748218304059093" - ], - [ - "3373274693991707363673603089172574762235400066991311978", - "4148753784875624460357957688613823095720000500913376100", - "4237223722874556680548557202215721103854327708886753171" - ], - [ - "4756038171057011134287906329437061918864230227648264262", - "5271569723370424355623798728866922813087233064760228079", - "957631584936193803979758826169383460624676122049974535" - ], - [ - "5826725364859373600042948740317957004035745190963236838", - "4851761278378280077013726672182568038524116548527027077", - "321079468712872284319770496564769676851275646104250340" - ], - [ - "1821722512737795432260054743557178836028021808539683270", - "3039617789512916406351895430737217187870018158898402285", - "1530264476568879195354585967408470645124813717745031438" - ], - [ - "5852581312905955382368466872785536965129206737297052454", - "2453030535220729795601572566111400286332079546298408017", - "1" - ], - [ - "202479388371382367625262626718738274711178968365012351", - "1534461292872747187759424365512464321195436384572318054", - "1" - ] - ] - }, - { - "constants": [ - 759646996, - 596780357 - ], - "point_coordinates": [ - [ - "2923258896848056720587816506973709115966051494046909901", - "4834750086356618893692055183770734073186340028159805272", - "1718357117770265029426101315489247348780585852033775009" - ], - [ - "3873664445453357154760953879905749775928512239857668058", - "3904949313770484452694061867569402912322671895522876217", - "1623441482914555499586014312799102524072044164904330208" - ], - [ - "3690068870047817142636789114710812858984289992238110219", - "5614633375382503714153027695725924358147786372722393795", - "4612687249885883440866704678396053661374079319817828093" - ], - [ - "4826833759834795004279909268104549872694713483299807552", - "5458764687209669158412640011234864638223073284080073950", - "2754089031141002348024338021523441007253816340157868659" - ], - [ - "506077934819267885741198321103488080641373816997228500", - "782321176960883622220650082704021889551171896760413712", - "1682226784813067902657087667763786639763293345840365080" - ], - [ - "4369782036040439412249324510245043583790147163093358496", - "2393963749455880475706539142297837542140410302243973438", - "4796129744048362687417322601769952946793133782374285490" - ], - [ - "2229319702088127198403022944374771411060189002630021126", - "5680616217444090491345360594767939423760542836369540564", - "2739290379246987595495714189129846986051793069117182203" - ], - [ - "4269576155058115865758510043573856930725924540750434093", - "5253088444853550760756440925546360798418454841887366948", - "759222032760765862037930429185546755597551004775913635" - ], - [ - "5270835212224173281299921145705534250577306176173160662", - "1516273406259875701455477003725384910478125324446241225", - "1" - ], - [ - "3872281615419009071616799506192321032761173100339540592", - "2065705632189018015503723326326110913665704742090782902", - "1" - ] - ] - }, - { - "constants": [ - 358778197, - 1003676223 - ], - "point_coordinates": [ - [ - "4645074917547061240328444030359006204907273511817772291", - "700817396786533951976434962676341886405326414612528607", - "3088670342841946837481949798718836876489833915782993500" - ], - [ - "1915657714741071377216710925008347844563846368460696940", - "4764463033243561644187471909706418911784254951678203131", - "4716858463653399577724945048224697700243704727470130244" - ], - [ - "763613110568833734008251584967013448491649068623219400", - "5169297582942946011046269954190474815669532737838678041", - "1676816971702256188456969440548891679616447962317629323" - ], - [ - "4579816393094333081609483340495679210703759235320182207", - "919362601714828360369719723805351944156778198435203103", - "5873815688433799977274956732669640508552951015273418743" - ], - [ - "4333427949008588209113020529056593672220683984056230408", - "1682307868406290780047371276752450534163431029985605548", - "1937576954344983600625870110778362663374058329126315416" - ], - [ - "3181963431321606636492970981099336538252906932471903561", - "5900201355403854672701909978379321633099920670699660703", - "2165973501653198548091900643742722307722518566687585899" - ], - [ - "2399761045599836205474535920315330082547845480856246065", - "4109527833384351308598719592553571204520901589862190668", - "3251493665550473849818617372936090906052403218749240303" - ], - [ - "4434044605338954105491144397394143050898590027575185804", - "3743635445242928467750238218252328672892146235636360087", - "4830380179825258243675766434883810769696281161278624080" - ], - [ - "1934595672926691708207713907686651399146780015476651854", - "2421018037659263005212006005961867631642469192417665246", - "1" - ], - [ - "5655013883546502123754506631188380005230846444017268925", - "2016874705918882620842370709327518047286111424994471387", - "1" - ] - ] - } - ], "curve_operation_test_mnt4_g1": [ { "constants": [ @@ -7403,898 +7111,6 @@ ] } ], - "curve_operation_test_edwards_g2": [ - { - "constants": [ - 951071107, - 931310728 - ], - "point_coordinates": [ - [ - [ - "1461948633921308483931112096926254416722671367827515668", - "3180687536981232631371520752093839849605060903605407366", - "1237223827307038200188488900127367556569949412812996435" - ], - [ - "1018359172621624722218993589767662085560499235262803698", - "478155120825147734149361911158108654282158732930343783", - "5068650456261222461295470837440411537010815818531099712" - ], - [ - "3811246500753701920846797722520091902098183152705990241", - "132272207572770728754414439126217607871724576541134321", - "3907403928614583840895482677159460941109368204167625258" - ] - ], - [ - [ - "1081690542604544660079067607009333315751972495328942796", - "27518218289100519640151576266954873965566603582880307", - "4777943899195249926865076730742758508684082748199631369" - ], - [ - "6080715968132277619615338118561478844424710567965467074", - "4519979779811452916848931815680969907135903921411166966", - "4367029549865394627687381831366754223301756310238137653" - ], - [ - "2321823683853104080410154535493336483218250539314952229", - "2227517562826429019355185444411165896153959219800467378", - "6036278254907491943386066114632234250265947072646162717" - ] - ], - [ - [ - "2110104229208537527503678612940551713583787910498942939", - "237163601000326353020047257059676031009854971615019357", - "1006900055632267630209909319981237298998996951784164817" - ], - [ - "2865889736577201025395922243633459751505201498371893864", - "1423961639686728571607282494963566641865109871346716188", - "387273158299627975442473717895416459699333212839961399" - ], - [ - "1735578265413199419501873949766499029472758704723411955", - "816364192808688830353943751735252091154239613591284008", - "273477196725581963943129017327566980982024039632050903" - ] - ], - [ - [ - "2099977187727828179966423556785038932388451810399932148", - "5652843574979849611111225935518802406023813224205798493", - "685229614847612186357953465450495738910560573505906342" - ], - [ - "3710281515046746265304680908742160111490857672806832673", - "605151898432386440137562340531595736311925836965358653", - "4183747599631897153807223943363760058021374323902904783" - ], - [ - "5627765425679172834127853784793133485971090885015362732", - "5442176294362384282507948972967546865343076607706577041", - "4908662284381978196142371339792690757023007755767163722" - ] - ], - [ - [ - "4152429941944927363343795643427823206467242568540170041", - "5559754991523478076938810733218324005176834641804659379", - "1249408027057311613917863690878339419197553334420457716" - ], - [ - "1411067295956364236972062905409586300685937882756931987", - "3610420144826326633452577367996933652551113717238167445", - "5721314067038508153615278157739199802285192688681719251" - ], - [ - "4458960506076041251129000416367503748053540453852879676", - "874431119752921082858119745634732048649694621531361576", - "682845415981487867099791475660173655463612781993619678" - ] - ], - [ - [ - "766360633557949617575035538403184471002766778331259726", - "490881082250337147871275199123733692881416041133867501", - "2559724579741270574949025536795196005090161975828462884" - ], - [ - "2788139962620566221200274087344187067718328694511220729", - "3574610663279369930173306910086641392091022946473084575", - "4300238015371955554629539022619916381527641090131065105" - ], - [ - "6153774285383995494561469890552305582487273177675648382", - "5019091929814430100330834201845977822264848445200800051", - "5875857029004447102300144161381901507241973004226486794" - ] - ], - [ - [ - "3334173988727948500305820112187886869485562135742404865", - "5583181500654354267507812696577313378155315615649872188", - "2252332533396681551602977515174851644627677669083360035" - ], - [ - "569526648769009917690877865111125566649625180198915865", - "4056667648899593166786418402492413244409764150872964950", - "2673785188952087982171018717591750568092630285791168139" - ], - [ - "3597339619591862701891023754355388454202628439030618425", - "2781268037732241346651480660299562536353720084881567654", - "2193240884709098264360127052073436947855672665526986918" - ] - ], - [ - [ - "5499149227370076658884867419333010292579001880095915295", - "5315687970789378743080207530719804573913568252720280274", - "4301094482839385561410428598970485645999611834515849490" - ], - [ - "2702130165568268561416056593184180636454358674666091427", - "928504809140293568309437856159004589869941182046956870", - "2688018452846597008563349133822240685253464005314579992" - ], - [ - "77184582834832628729174775909102211662513094693123237", - "5257849419895926628747836560815316912964565440214847095", - "3811699799226466561686343892277211177201777392348423381" - ] - ], - [ - [ - "5201670391546345319858964502732830224352792816037195183", - "2490322056828954297445162373730583695926415809559170334", - "2334336961537167568275578650748951381197383195004176485" - ], - [ - "2364299368104022683782833224419816120237410286054636556", - "1956747846056127490833749512703199504892376364674996182", - "3045921655931662382959945375829593456052146989149035524" - ], - [ - "1", - "0", - "0" - ] - ], - [ - [ - "4453371628065670104174529058857610973598413452944197488", - "4786844486405379032274464383191329683417089982423561857", - "4422841765910740222729031576852946952871298465004586451" - ], - [ - "2886826635668289655543349519142138666405234170371469424", - "4784024773789383235880228861172001887694636380009212945", - "1539306238682514676574404619921613297290619140692461550" - ], - [ - "1", - "0", - "0" - ] - ] - ] - }, - { - "constants": [ - 504920481, - 556034188 - ], - "point_coordinates": [ - [ - [ - "3044052638333933777579673137146966261359232758128286280", - "1289751859223961059247095190244128526312348299504206996", - "3432798661133868478944335024417683807146711579803463583" - ], - [ - "4084020895942965096145636691778636870043535931233811145", - "3873210130812672431868160793371852616788704609777807089", - "847076993796242255497182820500117425944428417121506547" - ], - [ - "1238417380311574877493901700370304087284720275786641781", - "3838795835433906319185764121708396753857989728168174086", - "4572204413154781409131877265242143996358528724660060480" - ] - ], - [ - [ - "1706346600137986763781236481028191293294713075278353864", - "4139861994789114384150571253056095393698900323436766451", - "1246161985329560581468288279992972030192487228686247355" - ], - [ - "1684385831463347525023660476114414134799480744638363608", - "5979832933850762016374757410031680961740554366099942229", - "3384279660980763946577555860162347998642918412936776543" - ], - [ - "520753977656385211530422737411550712908451564239229058", - "1134197068104597268920093228550363332422174825970002574", - "5977775821070544734002009619180624362714607884998805147" - ] - ], - [ - [ - "5200436542047198068825824340455006289729234831688244776", - "3366149338666873515445948215335576001308330083465014602", - "4645800565499533785200871256627300867001696396662915957" - ], - [ - "4369572457846950371887582269758405340584033908631877792", - "28211031968469429027419492353990183181682031254497659", - "3600435768905436501750526671177829618395794914102178886" - ], - [ - "2170169347156181518065931796042263269106942058875148062", - "2210968127710889810632316571136876786502247254553161552", - "110105264986186628277273468473372711418683337504027599" - ] - ], - [ - [ - "1361253646886159062450317116351824034655266595799445582", - "5710976436447847652226806132497168167005010819706148968", - "2945532734067071160479640944077758651448179849845664896" - ], - [ - "141520730367388064672401657980029744864102521753817347", - "2004596820185552959904352903607843960045196162567941932", - "4985543040032711366806965316201005151939820478067066634" - ], - [ - "445161499349902671849721087953237347015013560335446302", - "4285225718592806086424988350133339539282321559154064670", - "3199528138878464030529644461395987829381707767943942386" - ] - ], - [ - [ - "2315128492475899591859587389346214450246138114871701204", - "3587218980683844205519450456092772012237851766576006510", - "3592916591092279474933849639285330338244212776912529884" - ], - [ - "3926326500979924892505062267965257110271772795581827543", - "6182903686860884757941782913545912736587176017865627066", - "506223437127536872173177530656957279498158511952899939" - ], - [ - "1990445268821830292999898436053951759183050803850067993", - "6109431577700382175718221434933631219672823287814702369", - "6067032021034013006524438839317364918684299212588585652" - ] - ], - [ - [ - "928743622726822203700019535277437935033139559015757641", - "5264682625763790067133451640214643374259211556469716114", - "5931244144398479839794416024556481175251324016270112056" - ], - [ - "4936008886980230567967722123435178802159208321599225593", - "4215157949141908090179611949176671955146112674782526089", - "4913010852230965980341711759871990687819382781714288016" - ], - [ - "2946929382420515789844112217538838800058512246550010670", - "5858388723684780073790512539914618614457604875897438336", - "1112258434694211734435293381106045158757851571188984992" - ] - ], - [ - [ - "6088265028406029729743312271365972812976546665318927044", - "1480131819826763621020300063941016967267269362952710875", - "3622121218093467471480629941114652737307864892189882000" - ], - [ - "3188186983789527676831122423512198137975563588202630783", - "4407047888598499475415163446264815500945096262704327337", - "1195055647425219234305151846881300910524937209846422425" - ], - [ - "3782746934696802215106397785951081226652024384743203669", - "5363203591315785667536482321528396136182039615990044449", - "2056626307050382522066105177374686671076572692012602231" - ] - ], - [ - [ - "5308496803958361865859412573458482612099332150509107235", - "857054587284156823300587421670823101252704971308788873", - "2888127769499883261573301254751622254981347963202564380" - ], - [ - "2989625497831847967519143303770832243846479374177484369", - "2808470765388383977589129553204129732960275388066958326", - "5432682672829835634328101617538904974700815012984432643" - ], - [ - "4272971483802768304386986985427708473742276669907845403", - "2809088793272833429738592372173392093196993012199740460", - "5015169863207360484347354737506140138980057077146365487" - ] - ], - [ - [ - "5153780381772012378806164782311372338411915548955980411", - "1983738407144546891252692033833809847530117755227210542", - "5257358479800922058295212056299778271033617906316499965" - ], - [ - "823234007951972772898938107362801547516088473854149409", - "391477773951465039781763455876151086448408495446723807", - "1454494416963048291117243806348784142080052058906400112" - ], - [ - "1", - "0", - "0" - ] - ], - [ - [ - "5096736713609956567170739165461701962116327186985157455", - "4336428099128497685885192558731402171539718323014136593", - "2890193081927914727483878057786122036049130691228418205" - ], - [ - "4575832221351586855080901783583407103599727916884683172", - "1950233946088588087074478039716605974056189116304056778", - "3117769645904323858366347401571891825731124701447456405" - ], - [ - "1", - "0", - "0" - ] - ] - ] - }, - { - "constants": [ - 475670783, - 531456534 - ], - "point_coordinates": [ - [ - [ - "4088726980669230888657738023388997574578910962340450579", - "1537796816723471078339581911147844908434827330460048594", - "3954022897089395312207332042122733963534151444326479326" - ], - [ - "3076337141010670090371278162129792377263967565237750713", - "2390265558475072528576694767383015252712354094153379925", - "5944595739856641775175542777856611286800770283379528480" - ], - [ - "2904698128882315221397096027035752586121526237120221030", - "4392390127009080328024721047152293555064778567699580508", - "588112762525667504300309472865994014160950822594249671" - ] - ], - [ - [ - "2236293505764244362648073878450544581587585693562024057", - "5513746067862139116467100617421363146678110835719738196", - "4544050643714772954178032980508180900170473979996374929" - ], - [ - "3193082323426353039815127397923687677414487343476357823", - "5968688408238275303429341905679838765147507824044081218", - "5868998788106313246970358540303122538266472377274048186" - ], - [ - "589450508793745885878957781686933163921254618702318322", - "4996998837036217562934056148387039933588266822540138850", - "3943736450517510458788926710566040695756259013247438354" - ] - ], - [ - [ - "1873052939010266916969967618854262515707731705569654271", - "3187102501844789305802433178944881124621800524681514192", - "1274034721036387900308945422646015322563645959139539537" - ], - [ - "4666499135972447792716865184336372187022178013653609757", - "2257567164509564480987074749376372353680287506494486634", - "5336944551068234764188811298453317030378508535419455777" - ], - [ - "4754501977750812116182818020134203340982669384726456761", - "4792581258302690461856211429065846226397958357634702240", - "398490045117684891850417420710878533265113303131791219" - ] - ], - [ - [ - "6198234452225831677961387840724963826196682103721394338", - "4988036727520056399235358120614553673297667285307602761", - "5678567533341929737236130615436290877728847399124938355" - ], - [ - "937273535827656690949013145138971244441932245974845494", - "4791918021523360833710507351946224680047977173228052617", - "810006551853414556076924432463409388070485974752338917" - ], - [ - "89638611148526514515745889898253160287504475852052849", - "2484654256260884588830591227691165725842698403617079202", - "2826288257034416626745761417081177443648764216092653495" - ] - ], - [ - [ - "2440193253935792631073234217867105224861241972306890255", - "2463050431230864526433068297790256516082715839768553579", - "5761036098141153184566203353797574963321556885725624250" - ], - [ - "5919510823187176852012090152149683649457361164099032995", - "4272814145238254783613342713168430243970406681924133284", - "6662734105694837674139165278234275889214846968669551" - ], - [ - "5020526984910001768989540942166913191346783656286184312", - "3487637299795780876863170772695281904923375024691444865", - "4232683103598356121182134008746803624867909032498875521" - ] - ], - [ - [ - "4349925266639685685626000138846822132485648374431228410", - "727895713026847985309131531683096815220047681265502344", - "1379653277830470819906599553910248137900043560328737676" - ], - [ - "3509195026649999533021732434996687503987361975553106225", - "79041451091203562845850643039556771505607291859093550", - "2104526321606924990466132536732640950470199174670336443" - ], - [ - "2404205186720073533394038639765831096835055664742564103", - "4350300606123218323943041084117202719940910103507906152", - "5383195552468152003042330571313851916709023921484098665" - ] - ], - [ - [ - "883672323787133152645664859990824096580247480286367245", - "1074662201794501709282902446667168682359337471389838593", - "492080382679228647784302509691171311304686297957851439" - ], - [ - "4435786905620902394790109878265812682489087504166028872", - "3666263681111444260062179218541777274414347019356604302", - "1481547906827988449050331520738838435977924789907638842" - ], - [ - "2574739635361919466508078830449502538319723069504035622", - "5953609322476345044155215008361229529692322524404765542", - "2415929140606258163991778782931297165483246668962646480" - ] - ], - [ - [ - "4243232404408738307774615228788145533319225814681221772", - "2897139328267466627102564907451374283548665520154623411", - "1981281887354448412229265103241609163533009584632097139" - ], - [ - "5013137807968404448468751581707438115903866028886182655", - "3469221123223376092701184912480160601036941320598855045", - "1377047912540780697108992874442844287492417873340092530" - ], - [ - "4477203351497883457611294279690565298892181669353278090", - "2570232894274747374437588736729395424797885604386047183", - "3870110646848114022518673353544787805844316204208282835" - ] - ], - [ - [ - "1511869324836568215212922222593957321975518825450396476", - "1474984243970104784527288223260547796148576599911709612", - "953401019539761128962603301180059739746111437475594440" - ], - [ - "225231995897386854029335255209395266843474083621186085", - "47405970405771332282905648874255775508785275620665407", - "2482305910582107616723860368202933821277346096074057585" - ], - [ - "1", - "0", - "0" - ] - ], - [ - [ - "6059776060629816533591061631862769915805079496742586642", - "4068583113616122585268132204572154252150003628563102990", - "627223759187411509109690091796580423272926269572721806" - ], - [ - "2656334150551649745367580426175837847031415890665948028", - "2015010894476666559751802794853583051162329592621982638", - "4365992601202113638505941152843711336053112909503022757" - ], - [ - "1", - "0", - "0" - ] - ] - ] - }, - { - "constants": [ - 805479065, - 924876349 - ], - "point_coordinates": [ - [ - [ - "3277404614296909692364505180426439746987775912511212865", - "5794855655406473577410157572609813056514334807216282272", - "3950659678039845534658622697071442853160387415123216207" - ], - [ - "849023437151868296316454114138077586986025226138448066", - "4562087578855215012175448057631301253874058234518477636", - "4783514362668544123786956021639470090260207927415054131" - ], - [ - "5265181407910702700588422424174691502326226253639806822", - "1035832519393265861227491238507467149639275431212457717", - "1118448266499189612487169197537207937739697219690987885" - ] - ], - [ - [ - "5398985357694311080725318330762923786128707378642177386", - "1654130076813189212725406540749367138934679408838492526", - "3563730979460184125294890373887917217880015896144874757" - ], - [ - "1150982489938888333520644884774326108570702887373980167", - "5274683631687316087295012842330267308035297804518804146", - "5053443040869131977892888573795777211221839550903444494" - ], - [ - "5509211789156515066817149916644275514837626864971447890", - "5690678083713513846623169163589014102884928275547107968", - "5575533640620783826922575385068618157901124718946755057" - ] - ], - [ - [ - "2508120198051538150045868994168247838864896627470826243", - "3657834627916088506587615254337929252530508520500870915", - "5858953653744827448119099849639584578984537658995493051" - ], - [ - "2261316354578077230222799430550970406736857743389162071", - "1172634471148215705106800096468828803333125394388261460", - "2429754842365614810062758836963440165414202194830558539" - ], - [ - "3033409874008543057586554311767189604830850481097755949", - "4954279203359657660089278889274148007374789325864571009", - "705900145992946099412593807798685557235899909277220244" - ] - ], - [ - [ - "492594572710822047241347798833908436274180916437078123", - "5857941917514432091301249141867879427602404611280869719", - "4025850699477567149212082771462228486222006759196948436" - ], - [ - "6073507963254514114354276481121391796915797144443196110", - "2273881405838985121155625854110623336723446125364541228", - "5856884387586985574244090438614302475213716024083230672" - ], - [ - "3519250002427166967756993096651862412831908722907493925", - "4328649842303237790721907189892943889308846178807314761", - "3183705222415589819292680403610417711677327321489746145" - ] - ], - [ - [ - "4277970262135720504571411353684675100084790362251270108", - "2251872159910912909271719470744536486031592898884075542", - "4382146360957609715539025112293456644311802252312068121" - ], - [ - "2727145048425480010417077707437577470057432685346921588", - "2034630728096967975837919632688451316830501654229599392", - "141653945248913685318844303691718477674285376272359905" - ], - [ - "467464738577403591147894995124834882653190566282900139", - "1975909675198451862633686858405772974815005922050469389", - "474552312654435970930601697336264888959351160192856430" - ] - ], - [ - [ - "705034995914242545429416708591574677983459557936387910", - "265130199476733972930391005359651328524013495321383645", - "1666304186608115637289401159493830047479230319276378525" - ], - [ - "4483274362769805398775783576498154065334513019564398024", - "4419311256146349517564691599046645376092476616799192232", - "4473918371138521563783366552200811655364692765927493947" - ], - [ - "4483679105117575758172930301215003261365068684316142350", - "5798101671270168134955170860617380790947425024392626352", - "475538329566438593702455965656826774762111656343711099" - ] - ], - [ - [ - "1702689011729612670146226397685734677564779362948697671", - "1861845360787043843912491738146949664885197062617393204", - "2440112992530847428207620279797449455626072588596127562" - ], - [ - "2776037091354220992017820003738823510608932403021771933", - "3575418499259501320091052663077364542894710623410794000", - "1240297027884279548168492282110168313811191397156223569" - ], - [ - "4266491504402295709960477752899821505023716109006450650", - "2270793868363022377707596261542646658347048052534923044", - "1767108935204819425295153379416988482503015461317695764" - ] - ], - [ - [ - "536495869449826795465309168915810819538797861557818252", - "127827631607530351997578975193936039912068362268422576", - "3680909393411631051461673305661514821420168640487675389" - ], - [ - "4042841803426648074710856387782439647557631470914352980", - "5340542517257064909280226826913298194033624924626392017", - "3022050739601981240850764186471579088968019482494757971" - ], - [ - "3863112056856760570687623021988049274837115420438920274", - "6183699572486785772902276676424074862256557249202495007", - "1509277150619494145655330105802651450762415983992129728" - ] - ], - [ - [ - "4257737466732033719518537144968915968050865768723480528", - "5470921807554750133526907535961510987750247764339722496", - "2116441261796773200248778356538108987061138567337026331" - ], - [ - "6194606599965994483163039345853616354399623679474611618", - "5908725246534602783324773749537378893696928811013989076", - "1353185916401533928207461558947956642135344802805890942" - ], - [ - "1", - "0", - "0" - ] - ], - [ - [ - "3965850938389540736897237446969867879062589867508821170", - "345262470475574288125878602296382823211991266818540900", - "849668035229741581315395394566353756907032474494819755" - ], - [ - "4160950471098957191752358344016439349004415393976831109", - "3193897281057946054184527342489243262563012093789701188", - "1091904880755115744976266969554556047301264857756876001" - ], - [ - "1", - "0", - "0" - ] - ] - ] - }, - { - "constants": [ - 910160657, - 544144618 - ], - "point_coordinates": [ - [ - [ - "2777004328549955697163079680050308087973875415763758224", - "137715278861427520116180238225379913403183206472349300", - "3601187186084630458697065227295337329197408937176752257" - ], - [ - "2780721428467063823387067125763418209103215141402896758", - "5749024332585404971355693102201820360788818526858047212", - "6183993983689776810990679562318985100904064890981628413" - ], - [ - "6044772892535406614935709104210027527905071247048292412", - "1341748410694213431047487210210415622325073409462417798", - "5190318738747870967413455798258372590464512582833785650" - ] - ], - [ - [ - "4784091749062011869204020246512137985985229631681390301", - "3731534216315826787046062538971685605101294725346941571", - "4789269548505971224460282371273004001306224991344990531" - ], - [ - "1863488053738167907787492208307100654587680022952485825", - "4019249011707278660125995498806278449523917845673390595", - "3742977891895656049804935349706257771370602590698281439" - ], - [ - "1338305435463089645615154114770757342440656490044082913", - "6040873905920123553392033665503832457210623029194115431", - "6179495296470423686400270252573024391985539485746284096" - ] - ], - [ - [ - "2597953365399719287487065973640555393863975336423791887", - "574489586278392021420169844707478655890145855648581732", - "3346448394249810502225115702834612367789889958758878692" - ], - [ - "127473798569468137313566008506469911281581039581511445", - "3910340689874000734339791261196613523847026015364288596", - "1887252199746290657181090137993855423818209498443362395" - ], - [ - "1877590303047387717229610152992118386903666999051690413", - "1101941424485252127939551518855999134882697673485256531", - "5243326597838877128514122808209354232946284060765949532" - ] - ], - [ - [ - "4016954732475484932090396624991182988385403533612245078", - "2725257400339146902902796002252001185512092555250011739", - "4763013537198789705332914150618490951656759350658936901" - ], - [ - "3361209339972967105113952777584317026120907478386936026", - "473354728983487609553202901849826358863768489241946201", - "285428072039302080046874797419042208418772755734339862" - ], - [ - "903641488147669314191281072477165256096289365096414659", - "6010626092338080451214902827530600030825044069599558511", - "4413140107057718862746293915308884517102472017328818235" - ] - ], - [ - [ - "409348602306918752011615277072123117300818098198351082", - "3246566791436258556370109298366009654883791367479316726", - "4187174806524623216543159898645679514792423865072245267" - ], - [ - "5777280992783943374900234515129654009213382461566897516", - "5189604173808309285080748409714505606577080408235110452", - "4718272734546664328165632727086402655618531664402124024" - ], - [ - "1999669061551635258228328060706157185495562963799848822", - "2259137928900142525469247257146171846094172344236455718", - "257440240842114918469649601131052598977552949457427364" - ] - ], - [ - [ - "5336269154241320085869951558549700107729405000453296685", - "1886080285287206253466507796500140528596913710778721303", - "2253594873480866592306286835552442773191189515444809460" - ], - [ - "456602050659548662002132180581967939534047744889137416", - "644761573641930329826823224893259471208380267896280150", - "4004125397099720129277180823171911436375837031240840331" - ], - [ - "5555777596518834775427551175476095252028228573184534020", - "2182928721201041573386818853621025966599333706671526", - "1935590089791627599814538689382029098586809694958380950" - ] - ], - [ - [ - "1639526311169680799976989594298648925589533545785720550", - "2896024654261865406121330526627149141183983163203113037", - "2147176011766008210014803144378659701942729905314179202" - ], - [ - "5275091028518014999816383909508234702491656526447624357", - "4693507187023086959579317190243285346624101529991796030", - "4632049142955930327101576964835551920619781793722836787" - ], - [ - "882653838475606030675075167596401981292236046307597131", - "3558665690259558564484130241679965631738606688755395016", - "5354564155787039321748212835000584654256426497288769290" - ] - ], - [ - [ - "5417983409511056527201294709364533481710951887926464511", - "3179768158840132684033697311919958630057527965547682274", - "3904339465851187662459326247420854085832616730904802230" - ], - [ - "4244363529056472881288548055685683729562973841885471386", - "3460292826383547852391159114436883340855301247463469640", - "613269537664316775098267038385026846746660339035689641" - ], - [ - "4552919080341815973738358122415527109067403365832045428", - "475673203715825705706037028034894263316649697902248784", - "2439730764461802733740780434487712604599859319238989506" - ] - ], - [ - [ - "2923960580124657840169941698110832858691257333161838296", - "518069785712763411767764063223758066368884168977601600", - "2871768068676094239885897755876369370084042258863546612" - ], - [ - "4811591847096103847787787825282120187868769694892891258", - "527312204893520399530557165845986090856266693037916491", - "1054483641295633443900914474598372477739662739278591770" - ], - [ - "1", - "0", - "0" - ] - ], - [ - [ - "2707515614745323270411529808364326243332308445911195953", - "1278438150901819865348384043731372316596427993712274701", - "2949814370916742496058677556285034898698715923504119463" - ], - [ - "3510496393180657947092585952271002937450324376754991908", - "4600900900627420449824703570546263347225556324213831420", - "4438951029321769518431035191050713508047920273298462630" - ], - [ - "1", - "0", - "0" - ] - ] - ] - } - ], "curve_operation_test_mnt6_g2": [ { "constants": [ @@ -16780,4 +15596,4 @@ ] } ] -} \ No newline at end of file +}