codex-storage/constantine
1
0
Fork 0
mirror of https://github.com/codex-storage/constantine.git synced 2025-03-03 20:00:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: cleanup TODOs, unused constants

Browse Source
This commit is contained in:
Mamy Ratsimbazafy 2023-01-12 01:27:23 +01:00
parent 1f4bb174a3
commit 4052a07611
No known key found for this signature in database
GPG Key ID: 6227262F49BE273A
28 changed files with 19 additions and 356 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
constantine/math/arithmetic/assembly/limbs_asm_mul_x86.nim
View File

@ -23,9 +23,6 @@ import
# They are nice to let the compiler deals with mov
# but too constraining so we move things ourselves.
# TODO: verify that assembly generated works for small arrays
# that are passed by values
static: doAssert UseASM_X86_64 # Need 8 registers just for mul
# and 32-bit only has 8 max.

3
constantine/math/arithmetic/assembly/limbs_asm_x86.nim
View File

@ -23,9 +23,6 @@ import
# They are nice to let the compiler deals with mov
# but too constraining so we move things ourselves.
# TODO: verify that assembly generated works for small arrays
# that are passed by values
static: doAssert UseASM_X86_32
# Copy

1
constantine/math/arithmetic/limbs.nim
View File

@ -354,7 +354,6 @@ func cneg*(r: var Limbs, a: Limbs, ctl: CTBool) =
func div10*(a: var Limbs): SecretWord =
## Divide `a` by 10 in-place and return the remainder
## TODO constant-time
result = Zero
const clz = WordBitWidth - 1 - log2_vartime(10)

21
constantine/math/config/curves_derived.nim
View File

@ -95,13 +95,6 @@ macro genDerivedConstants*(mode: static DerivedConstantMode): untyped =
M
)
)
# const MyCurve_InvModExponent = primeMinus2_BE(MyCurve_Modulus)
result.add newConstStmt(
used(curve & ff & "_InvModExponent"), newCall(
bindSym"primeMinus2_BE",
M
)
)
# const MyCurve_PrimePlus1div2 = primePlus1div2(MyCurve_Modulus)
result.add newConstStmt(
used(curve & ff & "_PrimePlus1div2"), newCall(
@ -109,13 +102,6 @@ macro genDerivedConstants*(mode: static DerivedConstantMode): untyped =
M
)
)
# const MyCurve_PrimeMinus1div2_BE = primeMinus1div2_BE(MyCurve_Modulus)
result.add newConstStmt(
used(curve & ff & "_PrimeMinus1div2_BE"), newCall(
bindSym"primeMinus1div2_BE",
M
)
)
# const MyCurve_PrimeMinus3div4_BE = primeMinus3div4_BE(MyCurve_Modulus)
result.add newConstStmt(
used(curve & ff & "_PrimeMinus3div4_BE"), newCall(
@ -130,12 +116,5 @@ macro genDerivedConstants*(mode: static DerivedConstantMode): untyped =
M
)
)
# const MyCurve_PrimePlus1div4_BE = primePlus1div4_BE(MyCurve_Modulus)
result.add newConstStmt(
used(curve & ff & "_PrimePlus1div4_BE"), newCall(
bindSym"primePlus1div4_BE",
M
)
)
# echo result.toStrLit()

12
constantine/math/config/curves_prop_field_derived.nim
View File

@ -99,19 +99,11 @@ macro getMontyPrimeMinus1*(ff: type FF): untyped =
## Get (P-1)
result = bindConstant(ff, "MontyPrimeMinus1")
macro getInvModExponent*(ff: type FF): untyped =
## Get modular inversion exponent (Modulus-2 in canonical representation)
result = bindConstant(ff, "InvModExponent")
macro getPrimePlus1div2*(ff: type FF): untyped =
## Get (P+1) / 2 for an odd prime
## Warning ⚠️: Result in canonical domain (not Montgomery)
result = bindConstant(ff, "PrimePlus1div2")
macro getPrimeMinus1div2_BE*(ff: type FF): untyped =
## Get (P-1) / 2 in big-endian serialized format
result = bindConstant(ff, "PrimeMinus1div2_BE")
macro getPrimeMinus3div4_BE*(ff: type FF): untyped =
## Get (P-3) / 4 in big-endian serialized format
result = bindConstant(ff, "PrimeMinus3div4_BE")
@ -120,10 +112,6 @@ macro getPrimeMinus5div8_BE*(ff: type FF): untyped =
## Get (P-5) / 8 in big-endian serialized format
result = bindConstant(ff, "PrimeMinus5div8_BE")
macro getPrimePlus1div4_BE*(ff: type FF): untyped =
## Get (P+1) / 4 for an odd prime in big-endian serialized format
result = bindConstant(ff, "PrimePlus1div4_BE")
# ############################################################
#
# Debug info printed at compile-time

61
constantine/math/config/precompute.nim
View File

@ -371,19 +371,6 @@ func montyPrimeMinus1*(P: BigInt): BigInt =
result = P
discard result.csub(P.montyOne(), true)
func primeMinus2_BE*[bits: static int](
P: BigInt[bits]
): array[(bits+7) div 8, byte] {.noInit.} =
## Compute an input prime-2
## and return the result as a canonical byte array / octet string
## For use to precompute modular inverse exponent
## when using inversion by Little Fermat Theorem a^-1 = a^(p-2) mod p
var tmp = P
discard tmp.sub(2)
result.marshal(tmp, bigEndian)
func primePlus1div2*(P: BigInt): BigInt =
## Compute (P+1)/2, assumes P is odd
## For use in constant-time modular inversion
@ -400,25 +387,6 @@ func primePlus1div2*(P: BigInt): BigInt =
let carry = result.add(1)
doAssert not carry
func primeMinus1div2_BE*[bits: static int](
P: BigInt[bits]
): array[(bits+7) div 8, byte] {.noInit.} =
## For an input prime `p`, compute (p-1)/2
## and return the result as a canonical byte array / octet string
## For use to check if a number is a square (quadratic residue)
## in a field by Euler's criterion
##
# Output size:
# - (bits + 7) div 8: bits => byte conversion rounded up
# - (bits + 7 - 1): dividing by 2 means 1 bit is unused
# => TODO: reduce the output size (to potentially save a byte and corresponding multiplication/squarings)
var tmp = P
discard tmp.sub(1)
tmp.shiftRight(1)
result.marshal(tmp, bigEndian)
func primeMinus3div4_BE*[bits: static int](
P: BigInt[bits]
): array[(bits+7) div 8, byte] {.noInit.} =
@ -457,35 +425,6 @@ func primeMinus5div8_BE*[bits: static int](
result.marshal(tmp, bigEndian)
func primePlus1Div4_BE*[bits: static int](
P: BigInt[bits]
): array[(bits+7) div 8, byte] {.noInit.} =
## For an input prime `p`, compute (p+1)/4
## and return the result as a canonical byte array / octet string
## For use to check if a number is a square (quadratic residue)
## in a field by Euler's criterion
##
# Output size:
# - (bits + 7) div 8: bits => byte conversion rounded up
# - (bits + 7 - 1): dividing by 4 means 2 bits are unused
# but we also add 1 to an odd number so using an extra bit
# => TODO: reduce the output size (to potentially save a byte and corresponding multiplication/squarings)
checkOdd(P)
# First we do P+1/2 in a way that guarantees no overflow
var tmp = primePlus1div2(P)
# then divide by 2
tmp.shiftRight(1)
result.marshal(tmp, bigEndian)
func toCanonicalIntRepr*[bits: static int](
a: BigInt[bits]
): array[(bits+7) div 8, byte] {.noInit.} =
## Export a bigint to its canonical BigEndian representation
## (octet-string)
result.marshal(a, bigEndian)
# ############################################################
#
# Compile-time Conversion to Montgomery domain

2
constantine/math/config/type_ff.nim
View File

@ -19,7 +19,7 @@ type
## P being the prime modulus of the Curve C
## Internally, data is stored in Montgomery n-residue form
## with the magic constant chosen for convenient division (a power of 2 depending on P bitsize)
# TODO, pseudo mersenne priles like 2²⁵⁵-19 have very fast modular reduction
# TODO, pseudo mersenne primes like 2²⁵⁵-19 have very fast modular reduction
# and don't need Montgomery representation
mres*: matchingBigInt(C)

5
constantine/math/constants/bls12_377_sqrt.nim
View File

@ -70,11 +70,6 @@ func precompute_tonelli_shanks_addchain*(
x11010111 .prod(x111, x11010000)
# 18 operations
# TODO: we can accumulate in a partially reduced
# doubled-size `r` to avoid the final substractions.
# and only reduce at the end.
# This requires the number of op to be less than log2(p) == 381
# 18 + 18 = 36 operations
r.square_repeated(x11010111, 8)
r *= x11101

5
constantine/math/constants/bls12_381_sqrt.nim
View File

@ -93,11 +93,6 @@ func invsqrt_addchain*(r: var Fp[BLS12_381], a: Fp[BLS12_381]) {.addchain.} =
x11111111 .prod(x10100, x11101011)
# 36 operations
# TODO: we can accumulate in a partially reduced
# doubled-size `r` to avoid the final substractions.
# and only reduce at the end.
# This requires the number of op to be less than log2(p) == 381
# 36 + 22 = 58 operations
r.prod(x10111111, x11100001)
r.square_repeated(8)

5
constantine/math/constants/bw6_761_sqrt.nim
View File

@ -91,11 +91,6 @@ func invsqrt_addchain*(r: var Fp[BW6_761], a: Fp[BW6_761]) {.addchain.} =
x11111111 .prod(a, x11111110)
# 35 operations
# TODO: we can accumulate in a partially reduced
# doubled-size `r` to avoid the final substractions.
# and only reduce at the end.
# This requires the number of op to be less than log2(p) == 381
# 35 + 8 = 43 operations
r.prod(x100001, x11111111)
r.square_repeated(3)

3
constantine/math/elliptic/ec_shortweierstrass_projective.nim
View File

@ -189,8 +189,6 @@ func sum*[F; G: static Subgroup](
#
# Cost: 12M + 3 mul(a) + 2 mul(3b) + 23 a
# TODO: static doAssert odd order
when F.C.getCoefA() == 0:
var t0 {.noInit.}, t1 {.noInit.}, t2 {.noInit.}, t3 {.noInit.}, t4 {.noInit.}: F
var x3 {.noInit.}, y3 {.noInit.}, z3 {.noInit.}: F
@ -263,7 +261,6 @@ func madd*[F; G: static Subgroup](
##
## ``r`` may alias P
# TODO: static doAssert odd order
when F.C.getCoefA() == 0:
var t0 {.noInit.}, t1 {.noInit.}, t2 {.noInit.}, t3 {.noInit.}, t4 {.noInit.}: F
var x3 {.noInit.}, y3 {.noInit.}, z3 {.noInit.}: F

1
constantine/math/io/io_fields.nim
View File

@ -103,7 +103,6 @@ func toDecimal*(f: FF): string =
## You MUST NOT use it for production.
##
## This function is NOT constant-time at the moment.
# TODO constant-time
f.toBig().toDecimal()
func fromDecimal*(dst: var FF, decimalString: string) =

2
constantine/platforms/abstractions.nim
View File

@ -52,8 +52,6 @@ const
One* = SecretWord(1)
MaxWord* = SecretWord(high(BaseType))
# TODO, we restrict assembly to 64-bit words
# We need to support register spills for large limbs
const CttASM {.booldefine.} = true
const UseASM_X86_32* = CttASM and X86 and GCC_Compatible
const UseASM_X86_64* = WordBitWidth == 64 and UseASM_X86_32

2
constantine/platforms/bithacks.nim
View File

@ -48,7 +48,6 @@ func log2impl_vartime(x: uint32): uint32 =
## using De Bruijn multiplication
## Works at compile-time.
## ⚠️ not constant-time, table accesses are not uniform.
## TODO: at runtime BitScanReverse or CountLeadingZero are more efficient
# https://graphics.stanford.edu/%7Eseander/bithacks.html#IntegerLogDeBruijn
const lookup: array[32, uint8] = [0'u8, 9, 1, 10, 13, 21, 2, 29, 11, 14, 16, 18,
22, 25, 3, 30, 8, 12, 20, 28, 15, 17, 24, 7, 19, 27, 23, 6, 26, 5, 4, 31]
@ -65,7 +64,6 @@ func log2impl_vartime(x: uint64): uint64 {.inline.} =
## using De Bruijn multiplication
## Works at compile-time.
## ⚠️ not constant-time, table accesses are not uniform.
## TODO: at runtime BitScanReverse or CountLeadingZero are more efficient
# https://graphics.stanford.edu/%7Eseander/bithacks.html#IntegerLogDeBruijn
const lookup: array[64, uint8] = [0'u8, 58, 1, 59, 47, 53, 2, 60, 39, 48, 27, 54,
33, 42, 3, 61, 51, 37, 40, 49, 18, 28, 20, 55, 30, 34, 11, 43, 14, 22, 4, 62,

1
constantine/platforms/compilers/extended_precision.nim
View File

@ -81,7 +81,6 @@ when sizeof(int) == 8:
when defined(vcc):
from ./extended_precision_x86_64_msvc import mul, muladd1, muladd2, smul
elif GCCCompatible:
# TODO: constant-time div2n1n
when X86:
from ./extended_precision_64bit_uint128 import mul, muladd1, muladd2, smul
else:

37
constantine/platforms/gpu/bindings/llvm_abi.nim
View File

@ -26,7 +26,7 @@ static: echo "[Constantine] Using library " & libLLVM
# also link to libLLVM, for example if they implement a virtual machine (for the EVM, for Snarks/zero-knowledge, ...).
# Hence Constantine should always use LLVM context to "namespace" its own codegen and avoid collisions in the global context.
{.push used, cdecl, dynlib: libLLVM.}
{.push cdecl, dynlib: libLLVM.}
# ############################################################
#
@ -59,14 +59,14 @@ type
proc createContext*(): ContextRef {.importc: "LLVMContextCreate".}
proc dispose*(ctx: ContextRef) {.importc: "LLVMContextDispose".}
proc dispose(msg: LLVMstring) {.importc: "LLVMDisposeMessage".}
proc dispose(msg: LLVMstring) {.used, importc: "LLVMDisposeMessage".}
## cstring in LLVM are owned by LLVM and must be destroyed with a specific function
proc dispose(buf: MemoryBufferRef){.importc: "LLVMDisposeMemoryBuffer".}
proc getBufferStart(buf: MemoryBufferRef): ptr byte {.importc: "LLVMGetBufferStart".}
proc getBufferSize(buf: MemoryBufferRef): csize_t {.importc: "LLVMGetBufferSize".}
proc dispose(buf: MemoryBufferRef){.used, importc: "LLVMDisposeMemoryBuffer".}
proc getBufferStart(buf: MemoryBufferRef): ptr byte {.used, importc: "LLVMGetBufferStart".}
proc getBufferSize(buf: MemoryBufferRef): csize_t {.used, importc: "LLVMGetBufferSize".}
proc dispose(msg: ErrorMessageString) {.importc: "LLVMDisposeErrorMessage".}
proc getErrorMessage(err: ErrorRef): ErrorMessageString {.importc: "LLVMGetErrorMessage".}
proc dispose(msg: ErrorMessageString) {.used, importc: "LLVMDisposeErrorMessage".}
proc getErrorMessage(err: ErrorRef): ErrorMessageString {.used, importc: "LLVMGetErrorMessage".}
# ############################################################
#
@ -76,7 +76,7 @@ proc getErrorMessage(err: ErrorRef): ErrorMessageString {.importc: "LLVMGetError
# {.push header: "<llvm-c/Core.h>".}
proc createModule(name: cstring, ctx: ContextRef): ModuleRef {.importc: "LLVMModuleCreateWithNameInContext".}
proc createModule(name: cstring, ctx: ContextRef): ModuleRef {.used, importc: "LLVMModuleCreateWithNameInContext".}
proc dispose*(m: ModuleRef) {.importc: "LLVMDisposeModule".}
## Destroys a module
## Note: destroying an Execution Engine will also destroy modules attached to it
@ -126,6 +126,7 @@ proc verify(module: ModuleRef, failureAction: VerifierFailureAction, msg: var LL
# proc initializeNativeTarget*(): LlvmBool {.discardable, importc: "LLVMInitializeNativeTarget".}
# proc initializeNativeAsmPrinter*(): LlvmBool {.discardable, importc: "LLVMInitializeNativeAsmPrinter".}
{.push used.}
proc initializeX86AsmPrinter() {.importc: "LLVMInitializeX86AsmPrinter".}
proc initializeX86Target() {.importc: "LLVMInitializeX86Target".}
proc initializeX86TargetInfo() {.importc: "LLVMInitializeX86TargetInfo".}
@ -135,6 +136,7 @@ proc initializeNVPTXAsmPrinter() {.importc: "LLVMInitializeNVPTXAsmPrinter".}
proc initializeNVPTXTarget() {.importc: "LLVMInitializeNVPTXTarget".}
proc initializeNVPTXTargetInfo() {.importc: "LLVMInitializeNVPTXTargetInfo".}
proc initializeNVPTXTargetMC() {.importc: "LLVMInitializeNVPTXTargetMC".}
{.pop.}
proc getTargetFromName*(name: cstring): TargetRef {.importc: "LLVMGetTargetFromName".}
proc getTargetFromTriple*(triple: cstring, target: var TargetRef, errorMessage: var LLVMstring
@ -235,11 +237,12 @@ proc populateModulePassManager*(pmb: PassManagerBuilderRef, legacyPM: PassManage
proc createPassBuilderOptions*(): PassBuilderOptionsRef {.importc: "LLVMCreatePassBuilderOptions".}
proc dispose*(pbo: PassBuilderOptionsRef) {.importc: "LLVMDisposePassBuilderOptions".}
proc runPasses(module: ModuleRef, passes: cstring, machine: TargetMachineRef, pbo: PassBuilderOptionsRef): ErrorRef {.importc: "LLVMRunPasses".}
proc runPasses(module: ModuleRef, passes: cstring, machine: TargetMachineRef, pbo: PassBuilderOptionsRef): ErrorRef {.used, importc: "LLVMRunPasses".}
# https://llvm.org/docs/doxygen/group__LLVMCInitialization.html
# header: "<llvm-c/Initialization.h>"
{.push used.}
proc getGlobalPassRegistry(): PassRegistryRef {.importc: "LLVMGetGlobalPassRegistry".}
proc initializeCore(registry: PassRegistryRef) {.importc: "LLVMInitializeCore".}
@ -255,6 +258,7 @@ proc initializeAnalysis(registry: PassRegistryRef) {.importc: "LLVMInitializeAna
proc initializeIPA(registry: PassRegistryRef) {.importc: "LLVMInitializeIPA".}
proc initializeCodeGen(registry: PassRegistryRef) {.importc: "LLVMInitializeCodeGen".}
proc initializeTarget(registry: PassRegistryRef) {.importc: "LLVMInitializeTarget".}
{.pop.}
# https://llvm.org/doxygen/group__LLVMCTarget.html
proc addTargetLibraryInfo*(tli: TargetLibraryInfoRef, pm: PassManagerRef) {.importc: "LLVMAddTargetLibraryInfo".}
@ -356,14 +360,6 @@ proc addFunction*(m: ModuleRef, name: cstring, ty: TypeRef): ValueRef {.importc:
## Declare a function `name` in a module.
## Returns a handle to specify its instructions
# TODO: Function and Parameter attributes:
# - https://www.llvm.org/docs/LangRef.html?highlight=attribute#function-attributes
# - https://www.llvm.org/docs/LangRef.html?highlight=attribute#parameter-attributes
#
# We can use attributes to specify additional guarantees of Constantine code, for instance:
# - "pure" function with: nounwind, readonly
# - pointer particularities: readonly, writeonly, noalias, inalloca, byval
proc getReturnType*(functionTy: TypeRef): TypeRef {.importc: "LLVMGetReturnType".}
proc countParamTypes*(functionTy: TypeRef): uint32 {.importc: "LLVMCountParamTypes".}
@ -392,14 +388,11 @@ proc toLLVMstring(v: ValueRef): LLVMstring {.used, importc: "LLVMPrintValueToStr
# ------------------------------------------------------------
# https://llvm.org/doxygen/group__LLVMCCoreValueConstant.html
proc constInt(ty: TypeRef, n: culonglong, signExtend: LlvmBool): ValueRef {.importc: "LLVMConstInt".}
proc constInt(ty: TypeRef, n: culonglong, signExtend: LlvmBool): ValueRef {.used, importc: "LLVMConstInt".}
proc constReal*(ty: TypeRef, n: cdouble): ValueRef {.importc: "LLVMConstReal".}
proc constNull*(ty: TypeRef): ValueRef {.importc: "LLVMConstNull".}
proc constAllOnes*(ty: TypeRef): ValueRef {.importc: "LLVMConstAllOnes".}
proc constStruct(
constantVals: openArray[ValueRef],
packed: LlvmBool): ValueRef {.wrapOpenArrayLenType: cuint, importc: "LLVMConstStruct".}
proc constArray*(
ty: TypeRef,
constantVals: openArray[ValueRef],
@ -460,7 +453,7 @@ proc position*(builder: BuilderRef, blck: BasicBlockRef, instr: ValueRef) {.impo
proc positionBefore*(builder: BuilderRef, instr: ValueRef) {.importc: "LLVMPositionBuilderBefore".}
proc positionAtEnd*(builder: BuilderRef, blck: BasicBlockRef) {.importc: "LLVMPositionBuilderAtEnd".}
proc getInsertBlock(builder: BuilderRef): BasicBlockRef {.importc: "LLVMGetInsertBlock".}
proc getInsertBlock(builder: BuilderRef): BasicBlockRef {.used, importc: "LLVMGetInsertBlock".}
## This function is not documented and probably for special use
## However due to https://github.com/llvm/llvm-project/issues/59875
## it's our workaround to get the context of a Builder

1
constantine/platforms/gpu/ir.nim
View File

@ -268,7 +268,6 @@ func getNumWords*(cm: CurveMetadata, field: Field): int {.inline.} =
return cm.fr.modulus.len
func getModulus*(cm: CurveMetadata, field: Field): lent seq[ConstValueRef] {.inline.} =
# TODO: replace static typing, the returned type is incorrect for 64-bit
case field
of fp:
return cm.fp.modulus

5
constantine/platforms/gpu/llvm.nim
View File

@ -144,8 +144,6 @@ template emitToString*(t: TargetMachineRef, m: ModuleRef, codegen: CodeGenFileTy
proc initializePasses* =
let registry = getGlobalPassRegistry()
# TODO: Some passes in llc aren't exposed
# https://github.com/llvm/llvm-project/blob/main/llvm/tools/llc/llc.cpp
registry.initializeCore()
registry.initializeTransformUtils()
registry.initializeScalarOpts()
@ -206,7 +204,4 @@ proc getName*(v: ValueRef): string =
proc constInt*(ty: TypeRef, n: uint64, signExtend = false): ConstValueRef {.inline.} =
ConstValueRef constInt(ty, culonglong(n), LlvmBool(signExtend))
proc constStruct*(constantVals: openArray[ValueRef], packed = false): ConstValueRef {.inline.} =
ConstValueRef constStruct(constantVals, LlvmBool(packed))
proc getTypeOf*(v: ConstValueRef): TypeRef {.borrow.}

3
constantine/platforms/isa/macro_assembler_x86.nim
View File

@ -125,8 +125,6 @@ func hash(od: OperandDesc): Hash =
except:
raise newException(Defect, "Broke Nim")
# TODO: remove the need of OperandArray
func len*(opArray: OperandArray): int =
opArray.buf.len
@ -592,7 +590,6 @@ func codeFragment(a: var Assembler_x86, instr: string, op0: Operand, op1: Operan
a.operands.incl op0.desc
func reuseRegister*(reg: OperandArray): OperandReuse =
# TODO: disable the reg input
doAssert reg.buf[0].desc.constraint == InputOutput
result.asmId = reg.buf[0].desc.asmId

6
helpers/prng_unsafe.nim
View File

@ -383,7 +383,7 @@ func random_unsafe*(rng: var RngState, T: typedesc): T =
when T is ECP:
rng.random_unsafe(result)
elif T is SomeNumber:
cast[T](rng.next()) # TODO: Rely on casting integer actually converting in C (i.e. uint64->uint32 is valid)
cast[T](rng.next())
elif T is BigInt:
rng.random_unsafe(result)
else: # Fields
@ -400,7 +400,7 @@ func random_highHammingWeight*(rng: var RngState, T: typedesc): T =
when T is ECP:
rng.random_highHammingWeight(result)
elif T is SomeNumber:
cast[T](rng.next()) # TODO: Rely on casting integer actually converting in C (i.e. uint64->uint32 is valid)
cast[T](rng.next())
elif T is BigInt:
rng.random_highHammingWeight(result)
else: # Fields
@ -417,7 +417,7 @@ func random_long01Seq*(rng: var RngState, T: typedesc): T =
when T is ECP:
rng.random_long01Seq(result)
elif T is SomeNumber:
cast[T](rng.next()) # TODO: Rely on casting integer actually converting in C (i.e. uint64->uint32 is valid)
cast[T](rng.next())
elif T is BigInt:
rng.random_long01Seq(result)
else: # Fields

5
tests/math/t_ec_shortw_jac_g1_mul_sanity.nim
View File

@ -58,11 +58,6 @@ suite "Order checks on BN254_Snarks":
test(ECP_ShortW_Jac[Fp[BN254_Snarks], G1], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
test(ECP_ShortW_Jac[Fp[BN254_Snarks], G1], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)
# TODO: BLS12 is using a subgroup of order "r" such as r*h = CurveOrder
# with h the curve cofactor
# instead of the full group
# test(Fp[BLS12_381], bits = BLS12_381.getCurveOrderBitwidth(), randZ = false)
# test(Fp[BLS12_381], bits = BLS12_381.getCurveOrderBitwidth(), randZ = true)
test "Not a point on the curve / not a square - #67":
var ax, ay: Fp[BN254_Snarks]

31
tests/math/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim
View File

@ -23,34 +23,3 @@ run_EC_mul_sanity_tests(
ItersMul = ItersMul,
moduleName = "test_ec_shortweierstrass_jacobian_g2_mul_sanity_" & $BLS12_377
)
# TODO: the order on E'(Fp2) for BLS curves is ??? with r the order on E(Fp)
#
# test "EC mul [Order]P == Inf":
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_shortweierstrass_jacobian_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
# when randZ:
# let a = rng.random_unsafe_with_randZ(EC)
# else:
# let a = rng.random_unsafe(EC)
#
# let exponent = F.C.getCurveOrder()
#
# var
# impl = a
# reference = a
#
# impl.scalarMulGeneric(exponent)
# reference.unsafe_ECmul_double_add(exponent)
#
# check:
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_ShortW_Jac[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Jac[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = true)

31
tests/math/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim
View File

@ -23,34 +23,3 @@ run_EC_mul_sanity_tests(
ItersMul = ItersMul,
moduleName = "test_ec_shortweierstrass_jacobian_g2_mul_sanity_" & $BLS12_381
)
# TODO: the order on E'(Fp2) for BLS curves is ??? with r the order on E(Fp)
#
# test "EC mul [Order]P == Inf":
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_shortweierstrass_jacobian_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
# when randZ:
# let a = rng.random_unsafe_with_randZ(EC)
# else:
# let a = rng.random_unsafe(EC)
#
# let exponent = F.C.getCurveOrder()
#
# var
# impl = a
# reference = a
#
# impl.scalarMulGeneric(exponent)
# reference.unsafe_ECmul_double_add(exponent)
#
# check:
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_ShortW_Jac[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Jac[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = true)

31
tests/math/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim
View File

@ -23,34 +23,3 @@ run_EC_mul_sanity_tests(
ItersMul = ItersMul,
moduleName = "test_ec_shortweierstrass_jacobian_g2_mul_sanity_" & $BN254_Snarks
)
# TODO: the order on E'(Fp2) for BN curve is r(2pr) with r the order on E(Fp)
#
# test "EC mul [Order]P == Inf":
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_shortweierstrass_jacobian_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
# when randZ:
# let a = rng.random_unsafe_with_randZ(EC)
# else:
# let a = rng.random_unsafe(EC)
#
# let exponent = F.C.getCurveOrder()
#
# var
# impl = a
# reference = a
#
# impl.scalarMulGeneric(exponent)
# reference.unsafe_ECmul_double_add(exponent)
#
# check:
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_ShortW_Jac[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Jac[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)

5
tests/math/t_ec_shortw_prj_g1_mul_sanity.nim
View File

@ -58,11 +58,6 @@ suite "Order checks on BN254_Snarks":
test(ECP_ShortW_Prj[Fp[BN254_Snarks], G1], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
test(ECP_ShortW_Prj[Fp[BN254_Snarks], G1], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)
# TODO: BLS12 is using a subgroup of order "r" such as r*h = CurveOrder
# with h the curve cofactor
# instead of the full group
# test(Fp[BLS12_381], bits = BLS12_381.getCurveOrderBitwidth(), randZ = G1)
# test(Fp[BLS12_381], bits = BLS12_381.getCurveOrderBitwidth(), randZ = true)
test "Not a point on the curve / not a square - #67":
var ax, ay: Fp[BN254_Snarks]

31
tests/math/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim
View File

@ -23,34 +23,3 @@ run_EC_mul_sanity_tests(
ItersMul = ItersMul,
moduleName = "test_ec_shortweierstrass_projective_g2_mul_sanity_" & $BLS12_377
)
# TODO: the order on E'(Fp2) for BLS curves is ??? with r the order on E(Fp)
#
# test "EC mul [Order]P == Inf":
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
# when randZ:
# let a = rng.random_unsafe_with_randZ(EC)
# else:
# let a = rng.random_unsafe(EC)
#
# let exponent = F.C.getCurveOrder()
#
# var
# impl = a
# reference = a
#
# impl.scalarMulGeneric(exponent)
# reference.unsafe_ECmul_double_add(exponent)
#
# check:
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_ShortW_Prj[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Prj[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = true)

31
tests/math/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim
View File

@ -23,34 +23,3 @@ run_EC_mul_sanity_tests(
ItersMul = ItersMul,
moduleName = "test_ec_shortweierstrass_projective_g2_mul_sanity_" & $BLS12_381
)
# TODO: the order on E'(Fp2) for BLS curves is ??? with r the order on E(Fp)
#
# test "EC mul [Order]P == Inf":
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
# when randZ:
# let a = rng.random_unsafe_with_randZ(EC)
# else:
# let a = rng.random_unsafe(EC)
#
# let exponent = F.C.getCurveOrder()
#
# var
# impl = a
# reference = a
#
# impl.scalarMulGeneric(exponent)
# reference.unsafe_ECmul_double_add(exponent)
#
# check:
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_ShortW_Prj[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Prj[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = true)

31
tests/math/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim
View File

@ -23,34 +23,3 @@ run_EC_mul_sanity_tests(
ItersMul = ItersMul,
moduleName = "test_ec_shortweierstrass_projective_g2_mul_sanity_" & $BN254_Snarks
)
# TODO: the order on E'(Fp2) for BN curve is r(2pr) with r the order on E(Fp)
#
# test "EC mul [Order]P == Inf":
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
# when randZ:
# let a = rng.random_unsafe_with_randZ(EC)
# else:
# let a = rng.random_unsafe(EC)
#
# let exponent = F.C.getCurveOrder()
#
# var
# impl = a
# reference = a
#
# impl.scalarMulGeneric(exponent)
# reference.unsafe_ECmul_double_add(exponent)
#
# check:
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_ShortW_Prj[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Prj[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)