logos-storage/constantine
1
0
Fork 0
mirror of https://github.com/logos-storage/constantine.git synced 2026-01-02 13:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

SWei -> SHortW, weierstrass -> shortweierstrass

Browse Source
This commit is contained in:
Mamy André-Ratsimbazafy 2020-09-27 23:02:48 +02:00
parent 51586c7272
commit 0effd66dbd
No known key found for this signature in database
GPG Key ID: 7B88AD1FE79492E1
45 changed files with 388 additions and 388 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@ -188,19 +188,19 @@ Pairing BLS12 BLS12_381
```
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
EC Add G1 ECP_SWei_Proj[Fp[BLS12_381]] 2118644.068 ops/s 472 ns/op 1416 CPU cycles (approx)
EC Mixed Addition G1 ECP_SWei_Proj[Fp[BLS12_381]] 2439024.390 ops/s 410 ns/op 1232 CPU cycles (approx)
EC Double G1 ECP_SWei_Proj[Fp[BLS12_381]] 3448275.862 ops/s 290 ns/op 871 CPU cycles (approx)
EC Add G1 ECP_ShortW_Proj[Fp[BLS12_381]] 2118644.068 ops/s 472 ns/op 1416 CPU cycles (approx)
EC Mixed Addition G1 ECP_ShortW_Proj[Fp[BLS12_381]] 2439024.390 ops/s 410 ns/op 1232 CPU cycles (approx)
EC Double G1 ECP_ShortW_Proj[Fp[BLS12_381]] 3448275.862 ops/s 290 ns/op 871 CPU cycles (approx)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
EC ScalarMul G1 (unsafe reference DoubleAdd) ECP_SWei_Proj[Fp[BLS12_381]] 7147.094 ops/s 139917 ns/op 419756 CPU cycles (approx)
EC ScalarMul G1 (unsafe reference DoubleAdd) ECP_ShortW_Proj[Fp[BLS12_381]] 7147.094 ops/s 139917 ns/op 419756 CPU cycles (approx)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
EC ScalarMul Generic G1 (window = 2, scratchsize = 4) ECP_SWei_Proj[Fp[BLS12_381]] 5048.975 ops/s 198060 ns/op 594188 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 3, scratchsize = 8) ECP_SWei_Proj[Fp[BLS12_381]] 7148.269 ops/s 139894 ns/op 419685 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 4, scratchsize = 16) ECP_SWei_Proj[Fp[BLS12_381]] 8112.735 ops/s 123263 ns/op 369791 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 5, scratchsize = 32) ECP_SWei_Proj[Fp[BLS12_381]] 8464.534 ops/s 118140 ns/op 354424 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 2, scratchsize = 4) ECP_ShortW_Proj[Fp[BLS12_381]] 5048.975 ops/s 198060 ns/op 594188 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 3, scratchsize = 8) ECP_ShortW_Proj[Fp[BLS12_381]] 7148.269 ops/s 139894 ns/op 419685 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 4, scratchsize = 16) ECP_ShortW_Proj[Fp[BLS12_381]] 8112.735 ops/s 123263 ns/op 369791 CPU cycles (approx)
EC ScalarMul Generic G1 (window = 5, scratchsize = 32) ECP_ShortW_Proj[Fp[BLS12_381]] 8464.534 ops/s 118140 ns/op 354424 CPU cycles (approx)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
EC ScalarMul G1 (endomorphism accelerated) ECP_SWei_Proj[Fp[BLS12_381]] 9679.418 ops/s 103312 ns/op 309939 CPU cycles (approx)
EC ScalarMul Window-2 G1 (endomorphism accelerated) ECP_SWei_Proj[Fp[BLS12_381]] 13089.348 ops/s 76398 ns/op 229195 CPU cycles (approx)
EC ScalarMul G1 (endomorphism accelerated) ECP_ShortW_Proj[Fp[BLS12_381]] 9679.418 ops/s 103312 ns/op 309939 CPU cycles (approx)
EC ScalarMul Window-2 G1 (endomorphism accelerated) ECP_ShortW_Proj[Fp[BLS12_381]] 13089.348 ops/s 76398 ns/op 229195 CPU cycles (approx)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
```

22
benchmarks/bench_ec_g1.nim
View File

@ -10,7 +10,7 @@ import
# Internals
../constantine/config/curves,
../constantine/arithmetic,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
# Helpers
../helpers/static_for,
./bench_elliptic_template,
@ -43,19 +43,19 @@ proc main() =
separator()
staticFor i, 0, AvailableCurves.len:
const curve = AvailableCurves[i]
addBench(ECP_SWei_Proj[Fp[curve]], Iters)
mixedAddBench(ECP_SWei_Proj[Fp[curve]], Iters)
doublingBench(ECP_SWei_Proj[Fp[curve]], Iters)
addBench(ECP_ShortW_Proj[Fp[curve]], Iters)
mixedAddBench(ECP_ShortW_Proj[Fp[curve]], Iters)
doublingBench(ECP_ShortW_Proj[Fp[curve]], Iters)
separator()
scalarMulUnsafeDoubleAddBench(ECP_SWei_Proj[Fp[curve]], MulIters)
scalarMulUnsafeDoubleAddBench(ECP_ShortW_Proj[Fp[curve]], MulIters)
separator()
scalarMulGenericBench(ECP_SWei_Proj[Fp[curve]], window = 2, MulIters)
scalarMulGenericBench(ECP_SWei_Proj[Fp[curve]], window = 3, MulIters)
scalarMulGenericBench(ECP_SWei_Proj[Fp[curve]], window = 4, MulIters)
scalarMulGenericBench(ECP_SWei_Proj[Fp[curve]], window = 5, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp[curve]], window = 2, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp[curve]], window = 3, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp[curve]], window = 4, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp[curve]], window = 5, MulIters)
separator()
scalarMulEndo(ECP_SWei_Proj[Fp[curve]], MulIters)
scalarMulEndoWindow(ECP_SWei_Proj[Fp[curve]], MulIters)
scalarMulEndo(ECP_ShortW_Proj[Fp[curve]], MulIters)
scalarMulEndoWindow(ECP_ShortW_Proj[Fp[curve]], MulIters)
separator()
separator()

20
benchmarks/bench_ec_g2.nim
View File

@ -11,7 +11,7 @@ import
../constantine/config/curves,
../constantine/arithmetic,
../constantine/towers,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
# Helpers
../helpers/static_for,
./bench_elliptic_template,
@ -44,18 +44,18 @@ proc main() =
separator()
staticFor i, 0, AvailableCurves.len:
const curve = AvailableCurves[i]
addBench(ECP_SWei_Proj[Fp2[curve]], Iters)
mixedAddBench(ECP_SWei_Proj[Fp2[curve]], Iters)
doublingBench(ECP_SWei_Proj[Fp2[curve]], Iters)
addBench(ECP_ShortW_Proj[Fp2[curve]], Iters)
mixedAddBench(ECP_ShortW_Proj[Fp2[curve]], Iters)
doublingBench(ECP_ShortW_Proj[Fp2[curve]], Iters)
separator()
scalarMulUnsafeDoubleAddBench(ECP_SWei_Proj[Fp2[curve]], MulIters)
scalarMulUnsafeDoubleAddBench(ECP_ShortW_Proj[Fp2[curve]], MulIters)
separator()
scalarMulGenericBench(ECP_SWei_Proj[Fp2[curve]], window = 2, MulIters)
scalarMulGenericBench(ECP_SWei_Proj[Fp2[curve]], window = 3, MulIters)
scalarMulGenericBench(ECP_SWei_Proj[Fp2[curve]], window = 4, MulIters)
scalarMulGenericBench(ECP_SWei_Proj[Fp2[curve]], window = 5, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp2[curve]], window = 2, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp2[curve]], window = 3, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp2[curve]], window = 4, MulIters)
scalarMulGenericBench(ECP_ShortW_Proj[Fp2[curve]], window = 5, MulIters)
separator()
scalarMulEndo(ECP_SWei_Proj[Fp2[curve]], MulIters)
scalarMulEndo(ECP_ShortW_Proj[Fp2[curve]], MulIters)
separator()
separator()
separator()

4
benchmarks/bench_elliptic_template.nim
View File

@ -17,7 +17,7 @@ import
../constantine/config/[curves, common],
../constantine/arithmetic,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
# Helpers
../helpers/[prng_unsafe, static_for],
./platforms,
@ -140,7 +140,7 @@ proc mixedAddBench*(T: typedesc, iters: int) =
var r {.noInit.}: T
let P = rng.random_unsafe(T)
let Q = rng.random_unsafe(T)
var Qaff: ECP_SWei_Aff[T.F]
var Qaff: ECP_ShortW_Aff[T.F]
Qaff.affineFromProjective(Q)
bench("EC Mixed Addition " & G1_or_G2, T, iters):
r.madd(P, Qaff)

54
benchmarks/bench_pairing_template.nim
View File

@ -18,7 +18,7 @@ import
../constantine/arithmetic,
../constantine/io/io_bigints,
../constantine/towers,
../constantine/elliptic/[ec_weierstrass_projective, ec_weierstrass_affine],
../constantine/elliptic/[ec_shortweierstrass_projective, ec_shortweierstrass_affine],
../constantine/hash_to_curve/cofactors,
../constantine/pairing/[
cyclotomic_fp12,
@ -130,22 +130,22 @@ func random_point*(rng: var RngState, EC: typedesc): EC {.noInit.} =
proc lineDoubleBench*(C: static Curve, iters: int) =
var line: Line[Fp2[C], C.getSexticTwist()]
var T = rng.random_point(ECP_SWei_Proj[Fp2[C]])
let P = rng.random_point(ECP_SWei_Proj[Fp[C]])
var Paff: ECP_SWei_Aff[Fp[C]]
var T = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
let P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
var Paff: ECP_ShortW_Aff[Fp[C]]
Paff.affineFromProjective(P)
bench("Line double", C, iters):
line.line_double(T, Paff)
proc lineAddBench*(C: static Curve, iters: int) =
var line: Line[Fp2[C], C.getSexticTwist()]
var T = rng.random_point(ECP_SWei_Proj[Fp2[C]])
var T = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
let
P = rng.random_point(ECP_SWei_Proj[Fp[C]])
Q = rng.random_point(ECP_SWei_Proj[Fp2[C]])
P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
var
Paff: ECP_SWei_Aff[Fp[C]]
Qaff: ECP_SWei_Aff[Fp2[C]]
Paff: ECP_ShortW_Aff[Fp[C]]
Qaff: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
bench("Line add", C, iters):
@ -153,9 +153,9 @@ proc lineAddBench*(C: static Curve, iters: int) =
proc mulFp12byLine_xyz000_Bench*(C: static Curve, iters: int) =
var line: Line[Fp2[C], C.getSexticTwist()]
var T = rng.random_point(ECP_SWei_Proj[Fp2[C]])
let P = rng.random_point(ECP_SWei_Proj[Fp[C]])
var Paff: ECP_SWei_Aff[Fp[C]]
var T = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
let P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
var Paff: ECP_ShortW_Aff[Fp[C]]
Paff.affineFromProjective(P)
line.line_double(T, Paff)
@ -166,9 +166,9 @@ proc mulFp12byLine_xyz000_Bench*(C: static Curve, iters: int) =
proc mulFp12byLine_xy000z_Bench*(C: static Curve, iters: int) =
var line: Line[Fp2[C], C.getSexticTwist()]
var T = rng.random_point(ECP_SWei_Proj[Fp2[C]])
let P = rng.random_point(ECP_SWei_Proj[Fp[C]])
var Paff: ECP_SWei_Aff[Fp[C]]
var T = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
let P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
var Paff: ECP_ShortW_Aff[Fp[C]]
Paff.affineFromProjective(P)
line.line_double(T, Paff)
@ -179,11 +179,11 @@ proc mulFp12byLine_xy000z_Bench*(C: static Curve, iters: int) =
proc millerLoopBLS12Bench*(C: static Curve, iters: int) =
let
P = rng.random_point(ECP_SWei_Proj[Fp[C]])
Q = rng.random_point(ECP_SWei_Proj[Fp2[C]])
P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
var
Paff: ECP_SWei_Aff[Fp[C]]
Qaff: ECP_SWei_Aff[Fp2[C]]
Paff: ECP_ShortW_Aff[Fp[C]]
Qaff: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
@ -194,11 +194,11 @@ proc millerLoopBLS12Bench*(C: static Curve, iters: int) =
proc millerLoopBNBench*(C: static Curve, iters: int) =
let
P = rng.random_point(ECP_SWei_Proj[Fp[C]])
Q = rng.random_point(ECP_SWei_Proj[Fp2[C]])
P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
var
Paff: ECP_SWei_Aff[Fp[C]]
Qaff: ECP_SWei_Aff[Fp2[C]]
Paff: ECP_ShortW_Aff[Fp[C]]
Qaff: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
@ -238,8 +238,8 @@ proc finalExpBNBench*(C: static Curve, iters: int) =
proc pairingBLS12Bench*(C: static Curve, iters: int) =
let
P = rng.random_point(ECP_SWei_Proj[Fp[C]])
Q = rng.random_point(ECP_SWei_Proj[Fp2[C]])
P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
var f: Fp12[C]
@ -248,8 +248,8 @@ proc pairingBLS12Bench*(C: static Curve, iters: int) =
proc pairingBNBench*(C: static Curve, iters: int) =
let
P = rng.random_point(ECP_SWei_Proj[Fp[C]])
Q = rng.random_point(ECP_SWei_Proj[Fp2[C]])
P = rng.random_point(ECP_ShortW_Proj[Fp[C]])
Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]])
var f: Fp12[C]

24
constantine/elliptic/ec_endomorphism_accel.nim
View File

@ -17,8 +17,8 @@ import
../io/io_bigints,
../towers,
../isogeny/frobenius,
./ec_weierstrass_affine,
./ec_weierstrass_projective
./ec_shortweierstrass_affine,
./ec_shortweierstrass_projective
# ############################################################
#
@ -219,9 +219,9 @@ func nDimMultiScalarRecoding[M, L: static int](
k[j] += SecretWord (bji and b[0][i])
func buildLookupTable[M: static int, F](
P: ECP_SWei_Proj[F],
endomorphisms: array[M-1, ECP_SWei_Proj[F]],
lut: var array[1 shl (M-1), ECP_SWei_Proj[F]],
P: ECP_ShortW_Proj[F],
endomorphisms: array[M-1, ECP_ShortW_Proj[F]],
lut: var array[1 shl (M-1), ECP_ShortW_Proj[F]],
) =
## Build the lookup table from the base point P
## and the curve endomorphism
@ -272,7 +272,7 @@ func secretLookup[T](dst: var T, table: openArray[T], index: SecretWord) =
dst.ccopy(table[i], selector)
func scalarMulEndo*[scalBits](
P: var ECP_SWei_Proj,
P: var ECP_ShortW_Proj,
scalar: BigInt[scalBits]
) =
## Elliptic Curve Scalar Multiplication
@ -333,7 +333,7 @@ func scalarMulEndo*[scalBits](
P.cneg(isNeg0)
# 4. Precompute lookup table
var lut {.noInit.}: array[1 shl (M-1), ECP_SWei_Proj]
var lut {.noInit.}: array[1 shl (M-1), ECP_ShortW_Proj]
buildLookupTable(P, endomorphisms, lut)
# TODO: Montgomery simultaneous inversion (or other simultaneous inversion techniques)
# so that we use mixed addition formulas in the main loop
@ -395,9 +395,9 @@ func scalarMulEndo*[scalBits](
# - 0t11 -> 0b11 is 3
func buildLookupTable_m2w2[F](
P0: ECP_SWei_Proj[F],
P1: ECP_SWei_Proj[F],
lut: var array[8, ECP_SWei_Proj[F]],
P0: ECP_ShortW_Proj[F],
P1: ECP_ShortW_Proj[F],
lut: var array[8, ECP_ShortW_Proj[F]],
) =
## Build a lookup table for GLV with 2-dimensional decomposition
## and window of size 2
@ -464,7 +464,7 @@ func computeRecodedLength(bitWidth, window: int): int =
result = (lw mod window) + lw
func scalarMulGLV_m2w2*[scalBits](
P0: var ECP_SWei_Proj,
P0: var ECP_ShortW_Proj,
scalar: BigInt[scalBits]
) =
## Elliptic Curve Scalar Multiplication
@ -497,7 +497,7 @@ func scalarMulGLV_m2w2*[scalBits](
# in the GLV representation at the low low price of 1 bit
# 4. Precompute lookup table
var lut {.noInit.}: array[8, ECP_SWei_Proj]
var lut {.noInit.}: array[8, ECP_ShortW_Proj]
buildLookupTable_m2w2(P0, P1, lut)
# TODO: Montgomery simultaneous inversion (or other simultaneous inversion techniques)
# so that we use mixed addition formulas in the main loop

28
constantine/elliptic/ec_scalar_mul.nim
View File

@ -12,7 +12,7 @@ import
../arithmetic,
../towers,
../io/io_bigints,
./ec_weierstrass_projective,
./ec_shortweierstrass_projective,
./ec_endomorphism_accel
# ############################################################
@ -63,8 +63,8 @@ func getWindowLen(bufLen: int): uint =
dec result
func scalarMulPrologue(
P: var ECP_SWei_Proj,
scratchspace: var openarray[ECP_SWei_Proj]
P: var ECP_ShortW_Proj,
scratchspace: var openarray[ECP_ShortW_Proj]
): uint =
## Setup the scratchspace then set P to infinity
## Returns the fixed-window size for scalar mul with window optimization
@ -84,9 +84,9 @@ func scalarMulPrologue(
P.setInf()
func scalarMulDoubling(
P: var ECP_SWei_Proj,
P: var ECP_ShortW_Proj,
exponent: openArray[byte],
tmp: var ECP_SWei_Proj,
tmp: var ECP_ShortW_Proj,
window: uint,
acc, acc_len: var uint,
e: var int
@ -129,9 +129,9 @@ func scalarMulDoubling(
func scalarMulGeneric(
P: var ECP_SWei_Proj,
P: var ECP_ShortW_Proj,
scalar: openArray[byte],
scratchspace: var openArray[ECP_SWei_Proj]
scratchspace: var openArray[ECP_ShortW_Proj]
) =
## Elliptic Curve Scalar Multiplication
##
@ -210,7 +210,7 @@ func scalarMulGeneric(
scratchspace[0].sum(P, scratchspace[1])
P.ccopy(scratchspace[0], SecretWord(bits).isNonZero())
func scalarMulGeneric*(P: var ECP_SWei_Proj, scalar: BigInt, window: static int = 5) =
func scalarMulGeneric*(P: var ECP_ShortW_Proj, scalar: BigInt, window: static int = 5) =
## Elliptic Curve Scalar Multiplication
##
## P <- [k] P
@ -222,13 +222,13 @@ func scalarMulGeneric*(P: var ECP_SWei_Proj, scalar: BigInt, window: static int
## A window size will reserve 2^window of scratch space to accelerate
## the scalar multiplication.
var
scratchSpace: array[1 shl window, ECP_SWei_Proj]
scratchSpace: array[1 shl window, ECP_ShortW_Proj]
scalarCanonicalBE: array[(scalar.bits+7) div 8, byte] # canonical big endian representation
scalarCanonicalBE.exportRawUint(scalar, bigEndian) # Export is constant-time
P.scalarMulGeneric(scalarCanonicalBE, scratchSpace)
func scalarMul*(
P: var ECP_SWei_Proj,
P: var ECP_ShortW_Proj,
scalar: BigInt
) {.inline.} =
## Elliptic Curve Scalar Multiplication
@ -240,11 +240,11 @@ func scalarMul*(
## - Cofactor to be cleared
## - 0 <= scalar < curve order
## this will not automatically
when BigInt.bits <= ECP_SWei_Proj.F.C.getCurveOrderBitwidth() and
ECP_SWei_Proj.F.C in {BN254_Snarks, BLS12_377, BLS12_381}:
when ECP_SWei_Proj.F is Fp:
when BigInt.bits <= ECP_ShortW_Proj.F.C.getCurveOrderBitwidth() and
ECP_ShortW_Proj.F.C in {BN254_Snarks, BLS12_377, BLS12_381}:
when ECP_ShortW_Proj.F is Fp:
P.scalarMulGLV_m2w2(scalar)
elif ECP_SWei_Proj.F is Fp2:
elif ECP_ShortW_Proj.F is Fp2:
P.scalarMulEndo(scalar)
else: # Curves defined on Fp^m with m > 2
{.error: "Unreachable".}

10
constantine/elliptic/ec_weierstrass_affine.nim → constantine/elliptic/ec_shortweierstrass_affine.nim
View File

@ -20,7 +20,7 @@ import
#
# ############################################################
type ECP_SWei_Aff*[F] = object
type ECP_ShortW_Aff*[F] = object
## Elliptic curve point for a curve in Short Weierstrass form
## y² = x³ + a x + b
##
@ -80,7 +80,7 @@ func isOnCurve*[F](x, y: F): SecretBool =
return y2 == rhs
func trySetFromCoordX*[F](P: var ECP_SWei_Aff[F], x: F): SecretBool =
func trySetFromCoordX*[F](P: var ECP_ShortW_Aff[F], x: F): SecretBool =
## Try to create a point the elliptic curve
## y² = x³ + a x + b (affine coordinate)
##
@ -95,16 +95,16 @@ func trySetFromCoordX*[F](P: var ECP_SWei_Aff[F], x: F): SecretBool =
# TODO: supports non p ≡ 3 (mod 4) modulus like BLS12-377
result = sqrt_if_square(P.y)
func neg*(P: var ECP_SWei_Aff, Q: ECP_SWei_Aff) =
func neg*(P: var ECP_ShortW_Aff, Q: ECP_ShortW_Aff) =
## Negate ``P``
P.x = Q.x
P.y.neg(Q.y)
func neg*(P: var ECP_SWei_Aff) =
func neg*(P: var ECP_ShortW_Aff) =
## Negate ``P``
P.y.neg()
func cneg*(P: var ECP_SWei_Aff, ctl: CTBool) =
func cneg*(P: var ECP_ShortW_Aff, ctl: CTBool) =
## Conditional negation.
## Negate if ``ctl`` is true
var Q{.noInit.}: typeof(P)

52
constantine/elliptic/ec_weierstrass_projective.nim → constantine/elliptic/ec_shortweierstrass_projective.nim
View File

@ -11,7 +11,7 @@ import
../config/[common, curves],
../arithmetic,
../towers,
./ec_weierstrass_affine
./ec_shortweierstrass_affine
# ############################################################
#
@ -20,7 +20,7 @@ import
#
# ############################################################
type ECP_SWei_Proj*[F] = object
type ECP_ShortW_Proj*[F] = object
## Elliptic curve point for a curve in Short Weierstrass form
## y² = x³ + a x + b
##
@ -32,7 +32,7 @@ type ECP_SWei_Proj*[F] = object
## Note that projective coordinates are not unique
x*, y*, z*: F
func `==`*[F](P, Q: ECP_SWei_Proj[F]): SecretBool =
func `==`*[F](P, Q: ECP_ShortW_Proj[F]): SecretBool =
## Constant-time equality check
# Reminder: the representation is not unique
@ -46,7 +46,7 @@ func `==`*[F](P, Q: ECP_SWei_Proj[F]): SecretBool =
b.prod(Q.y, P.z)
result = result and a == b
func isInf*(P: ECP_SWei_Proj): SecretBool =
func isInf*(P: ECP_ShortW_Proj): SecretBool =
## Returns true if P is an infinity point
## and false otherwise
##
@ -56,13 +56,13 @@ func isInf*(P: ECP_SWei_Proj): SecretBool =
## Y can be anything
result = P.x.isZero() and P.z.isZero()
func setInf*(P: var ECP_SWei_Proj) =
func setInf*(P: var ECP_ShortW_Proj) =
## Set ``P`` to infinity
P.x.setZero()
P.y.setOne()
P.z.setZero()
func ccopy*(P: var ECP_SWei_Proj, Q: ECP_SWei_Proj, ctl: SecretBool) =
func ccopy*(P: var ECP_ShortW_Proj, Q: ECP_ShortW_Proj, ctl: SecretBool) =
## Constant-time conditional copy
## If ctl is true: Q is copied into P
## if ctl is false: Q is not copied and P is unmodified
@ -70,7 +70,7 @@ func ccopy*(P: var ECP_SWei_Proj, Q: ECP_SWei_Proj, ctl: SecretBool) =
for fP, fQ in fields(P, Q):
ccopy(fP, fQ, ctl)
func trySetFromCoordsXandZ*[F](P: var ECP_SWei_Proj[F], x, z: F): SecretBool =
func trySetFromCoordsXandZ*[F](P: var ECP_ShortW_Proj[F], x, z: F): SecretBool =
## Try to create a point the elliptic curve
## Y²Z = X³ + aXZ² + bZ³ (projective coordinates)
## y² = x³ + a x + b (affine coordinate)
@ -87,7 +87,7 @@ func trySetFromCoordsXandZ*[F](P: var ECP_SWei_Proj[F], x, z: F): SecretBool =
P.y *= z
P.z = z
func trySetFromCoordX*[F](P: var ECP_SWei_Proj[F], x: F): SecretBool =
func trySetFromCoordX*[F](P: var ECP_ShortW_Proj[F], x: F): SecretBool =
## Try to create a point the elliptic curve
## y² = x³ + a x + b (affine coordinate)
##
@ -104,17 +104,17 @@ func trySetFromCoordX*[F](P: var ECP_SWei_Proj[F], x: F): SecretBool =
P.x = x
P.z.setOne()
func neg*(P: var ECP_SWei_Proj, Q: ECP_SWei_Proj) =
func neg*(P: var ECP_ShortW_Proj, Q: ECP_ShortW_Proj) =
## Negate ``P``
P.x = Q.x
P.y.neg(Q.y)
P.z = Q.z
func neg*(P: var ECP_SWei_Proj) =
func neg*(P: var ECP_ShortW_Proj) =
## Negate ``P``
P.y.neg()
func cneg*(P: var ECP_SWei_Proj, ctl: CTBool) =
func cneg*(P: var ECP_ShortW_Proj, ctl: CTBool) =
## Conditional negation.
## Negate if ``ctl`` is true
var Q{.noInit.}: typeof(P)
@ -124,8 +124,8 @@ func cneg*(P: var ECP_SWei_Proj, ctl: CTBool) =
P.ccopy(Q, ctl)
func sum*[F](
r: var ECP_SWei_Proj[F],
P, Q: ECP_SWei_Proj[F]
r: var ECP_ShortW_Proj[F],
P, Q: ECP_ShortW_Proj[F]
) =
## Elliptic curve point addition for Short Weierstrass curves in projective coordinate
##
@ -223,8 +223,8 @@ func sum*[F](
{.error: "Not implemented.".}
func madd*[F](
r: var ECP_SWei_Proj[F],
P: ECP_SWei_Proj[F], Q: ECP_SWei_Aff[F]
r: var ECP_ShortW_Proj[F],
P: ECP_ShortW_Proj[F], Q: ECP_ShortW_Aff[F]
) =
## Elliptic curve mixed addition for Short Weierstrass curves
## with p in Projective coordinates and Q in affine coordinates
@ -285,8 +285,8 @@ func madd*[F](
{.error: "Not implemented.".}
func double*[F](
r: var ECP_SWei_Proj[F],
P: ECP_SWei_Proj[F]
r: var ECP_ShortW_Proj[F],
P: ECP_ShortW_Proj[F]
) =
## Elliptic curve point doubling for Short Weierstrass curves in projective coordinate
##
@ -358,25 +358,25 @@ func double*[F](
else:
{.error: "Not implemented.".}
func `+=`*[F](P: var ECP_SWei_Proj[F], Q: ECP_SWei_Proj[F]) =
func `+=`*[F](P: var ECP_ShortW_Proj[F], Q: ECP_ShortW_Proj[F]) =
## In-place point addition
# TODO test for aliasing support
var tmp {.noInit.}: ECP_SWei_Proj[F]
var tmp {.noInit.}: ECP_ShortW_Proj[F]
tmp.sum(P, Q)
P = tmp
func `+=`*[F](P: var ECP_SWei_Proj[F], Q: ECP_SWei_Aff[F]) =
func `+=`*[F](P: var ECP_ShortW_Proj[F], Q: ECP_ShortW_Aff[F]) =
## In-place mixed point addition
# used in line_addition
P.madd(P, Q)
func double*[F](P: var ECP_SWei_Proj[F]) =
var tmp {.noInit.}: ECP_SWei_Proj[F]
func double*[F](P: var ECP_ShortW_Proj[F]) =
var tmp {.noInit.}: ECP_ShortW_Proj[F]
tmp.double(P)
P = tmp
func diff*[F](r: var ECP_SWei_Proj[F],
P, Q: ECP_SWei_Proj[F]
func diff*[F](r: var ECP_ShortW_Proj[F],
P, Q: ECP_ShortW_Proj[F]
) =
## r = P - Q
## Can handle r and Q aliasing
@ -384,14 +384,14 @@ func diff*[F](r: var ECP_SWei_Proj[F],
nQ.neg()
r.sum(P, nQ)
func affineFromProjective*[F](aff: var ECP_SWei_Aff[F], proj: ECP_SWei_Proj) =
func affineFromProjective*[F](aff: var ECP_ShortW_Aff[F], proj: ECP_ShortW_Proj) =
var invZ {.noInit.}: F
invZ.inv(proj.z)
aff.x.prod(proj.x, invZ)
aff.y.prod(proj.y, invZ)
func projectiveFromAffine*[F](proj: var ECP_SWei_Proj, aff: ECP_SWei_Aff[F]) {.inline.} =
func projectiveFromAffine*[F](proj: var ECP_ShortW_Proj, aff: ECP_ShortW_Aff[F]) {.inline.} =
proj.x = aff.x
proj.y = aff.y
proj.z.setOne()

18
constantine/hash_to_curve/cofactors.nim
View File

@ -16,7 +16,7 @@ import
../towers,
../config/curves,
../io/io_bigints,
../elliptic/[ec_weierstrass_projective, ec_scalar_mul]
../elliptic/[ec_shortweierstrass_projective, ec_scalar_mul]
# ############################################################
#
@ -44,40 +44,40 @@ const Cofactor_Eff_BLS12_381_G1 = BigInt[64].fromHex"0xd201000000010001"
const Cofactor_Eff_BLS12_381_G2 = BigInt[636].fromHex"0xbc69f08f2ee75b3584c6a0ea91b352888e2a8e9145ad7689986ff031508ffe1329c2f178731db956d82bf015d1212b02ec0ec69d7477c1ae954cbc06689f6a359894c0adebbf6b4e8020005aaa95551"
## P -> (x^2 - x - 1) P + (x - 1) psi(P) + psi(psi(2P))
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp[BN254_Nogami]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp[BN254_Nogami]]) {.inline.} =
## Clear the cofactor of BN254_Nogami G1
## BN curve have a G1 cofactor of 1 so this is a no-op
discard
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp2[BN254_Nogami]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp2[BN254_Nogami]]) {.inline.} =
## Clear the cofactor of BN254_Snarks G2
# Endomorphism acceleration cannot be used if cofactor is not cleared
P.scalarMulGeneric(Cofactor_Eff_BN254_Nogami_G2)
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp[BN254_Snarks]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp[BN254_Snarks]]) {.inline.} =
## Clear the cofactor of BN254_Snarks G1
## BN curve have a G1 cofactor of 1 so this is a no-op
discard
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp2[BN254_Snarks]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp2[BN254_Snarks]]) {.inline.} =
## Clear the cofactor of BN254_Snarks G2
# Endomorphism acceleration cannot be used if cofactor is not cleared
P.scalarMulGeneric(Cofactor_Eff_BN254_Snarks_G2)
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp[BLS12_377]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp[BLS12_377]]) {.inline.} =
## Clear the cofactor of BLS12_377 G1
P.scalarMulGeneric(Cofactor_Eff_BLS12_377_G1)
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp2[BLS12_377]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp2[BLS12_377]]) {.inline.} =
## Clear the cofactor of BLS12_377 G2
# Endomorphism acceleration cannot be used if cofactor is not cleared
P.scalarMulGeneric(Cofactor_Eff_BLS12_377_G2)
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp[BLS12_381]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp[BLS12_381]]) {.inline.} =
## Clear the cofactor of BLS12_381 G1
P.scalarMulGeneric(Cofactor_Eff_BLS12_381_G1)
func clearCofactorReference*(P: var ECP_SWei_Proj[Fp2[BLS12_381]]) {.inline.} =
func clearCofactorReference*(P: var ECP_ShortW_Proj[Fp2[BLS12_381]]) {.inline.} =
## Clear the cofactor of BLS12_381 G2
# Endomorphism acceleration cannot be used if cofactor is not cleared
P.scalarMulGeneric(Cofactor_Eff_BLS12_381_G2)

16
constantine/io/io_ec.nim
View File

@ -12,8 +12,8 @@ import
../arithmetic,
../towers,
../elliptic/[
ec_weierstrass_affine,
ec_weierstrass_projective
ec_shortweierstrass_affine,
ec_shortweierstrass_projective
]
# No exceptions allowed
@ -26,7 +26,7 @@ import
#
# ############################################################
func toHex*(P: ECP_SWei_Proj): string =
func toHex*(P: ECP_ShortW_Proj): string =
## Stringify an elliptic curve point to Hex
## Note. Leading zeros are not removed.
## Result is prefixed with 0x
@ -40,7 +40,7 @@ func toHex*(P: ECP_SWei_Proj): string =
##
## This proc output may change format in the future
var aff {.noInit.}: ECP_SWei_Aff[ECP_SWei_Proj.F]
var aff {.noInit.}: ECP_ShortW_Aff[ECP_ShortW_Proj.F]
aff.affineFromProjective(P)
result = "ECP[" & $aff.F & "](\n x: "
@ -49,7 +49,7 @@ func toHex*(P: ECP_SWei_Proj): string =
result.appendHex(aff.y, bigEndian)
result &= "\n)"
func fromHex*(dst: var ECP_SWei_Proj, x, y: string): bool {.raises: [ValueError].}=
func fromHex*(dst: var ECP_ShortW_Proj, x, y: string): bool {.raises: [ValueError].}=
## Convert hex strings to a G1 curve point
## Returns `false`
## if there is no point with coordinates (`x`, `y`) on the curve
@ -60,7 +60,7 @@ func fromHex*(dst: var ECP_SWei_Proj, x, y: string): bool {.raises: [ValueError]
dst.z.setOne()
return bool(isOnCurve(dst.x, dst.y))
func fromHex*(dst: var ECP_SWei_Proj, x0, x1, y0, y1: string): bool {.raises: [ValueError].}=
func fromHex*(dst: var ECP_ShortW_Proj, x0, x1, y0, y1: string): bool {.raises: [ValueError].}=
## Convert hex strings to a G2 curve point
## Returns `false`
## if there is no point with coordinates (`x`, `y`) on the curve
@ -71,7 +71,7 @@ func fromHex*(dst: var ECP_SWei_Proj, x0, x1, y0, y1: string): bool {.raises: [V
dst.z.setOne()
return bool(isOnCurve(dst.x, dst.y))
func fromHex*(dst: var ECP_SWei_Aff, x, y: string): bool {.raises: [ValueError].}=
func fromHex*(dst: var ECP_ShortW_Aff, x, y: string): bool {.raises: [ValueError].}=
## Convert hex strings to a G1 curve point
## Returns `false`
## if there is no point with coordinates (`x`, `y`) on the curve
@ -81,7 +81,7 @@ func fromHex*(dst: var ECP_SWei_Aff, x, y: string): bool {.raises: [ValueError].
dst.y.fromHex(y)
return bool(isOnCurve(dst.x, dst.y))
func fromHex*(dst: var ECP_SWei_Aff, x0, x1, y0, y1: string): bool {.raises: [ValueError].}=
func fromHex*(dst: var ECP_ShortW_Aff, x0, x1, y0, y1: string): bool {.raises: [ValueError].}=
## Convert hex strings to a G2 curve point
## Returns `false`
## if there is no point with coordinates (`x`, `y`) on the curve

24
constantine/pairing/lines_projective.nim
View File

@ -13,8 +13,8 @@ import
../arithmetic,
../towers,
../elliptic/[
ec_weierstrass_affine,
ec_weierstrass_projective
ec_shortweierstrass_affine,
ec_shortweierstrass_projective
],
../io/io_towers
@ -78,14 +78,14 @@ func `*=`(a: var Fp2, b: Fp) =
a.c0 *= b
a.c1 *= b
func line_update(line: var Line, P: ECP_SWei_Aff) =
func line_update(line: var Line, P: ECP_ShortW_Aff) =
## Update the line evaluation with P
## after addition or doubling
## P in G1
line.x *= P.y
line.z *= P.x
func line_eval_double*(line: var Line, T: ECP_SWei_Proj) =
func line_eval_double*(line: var Line, T: ECP_ShortW_Proj) =
## Evaluate the line function for doubling
## i.e. the tangent at T
##
@ -125,7 +125,7 @@ func line_eval_double*(line: var Line, T: ECP_SWei_Proj) =
## is a constant factor on pᵏ with d the twisting degree
## and so will be elminated. QED.
var v {.noInit.}: Line.F
const b3 = 3 * ECP_SWei_Proj.F.C.getCoefB()
const b3 = 3 * ECP_ShortW_Proj.F.C.getCoefB()
template A: untyped = line.x
template B: untyped = line.y
@ -147,9 +147,9 @@ func line_eval_double*(line: var Line, T: ECP_SWei_Proj) =
B *= b3 # B = 3b Z²
C *= 3 # C = 3X²
when ECP_SWei_Proj.F.C.getSexticTwist() == M_Twist:
when ECP_ShortW_Proj.F.C.getSexticTwist() == M_Twist:
B *= SexticNonResidue # B = 3b' Z² = 3bξ Z²
elif ECP_SWei_Proj.F.C.getSexticTwist() == D_Twist:
elif ECP_ShortW_Proj.F.C.getSexticTwist() == D_Twist:
v *= SexticNonResidue # v = ξ Y²
C *= SexticNonResidue # C = 3ξ X²
else:
@ -158,7 +158,7 @@ func line_eval_double*(line: var Line, T: ECP_SWei_Proj) =
B -= v # B = 3bξ Z² - Y² (M-twist)
# B = 3b Z² - ξ Y² (D-twist)
func line_eval_add*(line: var Line, T: ECP_SWei_Proj, Q: ECP_SWei_Aff) =
func line_eval_add*(line: var Line, T: ECP_ShortW_Proj, Q: ECP_ShortW_Aff) =
## Evaluate the line function for addition
## i.e. the line between T and Q
##
@ -196,7 +196,7 @@ func line_eval_add*(line: var Line, T: ECP_SWei_Proj, Q: ECP_SWei_Aff) =
C -= v # C = Y₁-Z₁Y₂
v = A # v = X₁-Z₁X₂
when ECP_SWei_Proj.F.C.getSexticTwist() == M_Twist:
when ECP_ShortW_Proj.F.C.getSexticTwist() == M_Twist:
A *= SexticNonResidue # A = ξ (X₁ - Z₁X₂)
v *= Q.y # v = (X₁-Z₁X₂) Y₂
@ -206,7 +206,7 @@ func line_eval_add*(line: var Line, T: ECP_SWei_Proj, Q: ECP_SWei_Aff) =
C.neg() # C = -(Y₁-Z₁Y₂)
func line_double*(line: var Line, T: var ECP_SWei_Proj, P: ECP_SWei_Aff) =
func line_double*(line: var Line, T: var ECP_ShortW_Proj, P: ECP_ShortW_Aff) =
## Doubling step of the Miller loop
## T in G2, P in G1
##
@ -219,8 +219,8 @@ func line_double*(line: var Line, T: var ECP_SWei_Proj, P: ECP_SWei_Aff) =
func line_add*[C](
line: var Line,
T: var ECP_SWei_Proj[Fp2[C]],
Q: ECP_SWei_Aff[Fp2[C]], P: ECP_SWei_Aff[Fp[C]]) =
T: var ECP_ShortW_Proj[Fp2[C]],
Q: ECP_ShortW_Aff[Fp2[C]], P: ECP_ShortW_Aff[Fp[C]]) =
## Addition step of the Miller loop
## T and Q in G2, P in G1
##

22
constantine/pairing/pairing_bls12.nim
View File

@ -10,8 +10,8 @@ import
../config/[curves, type_fp],
../towers,
../elliptic/[
ec_weierstrass_affine,
ec_weierstrass_projective
ec_shortweierstrass_affine,
ec_shortweierstrass_projective
],
../isogeny/frobenius,
./lines_projective,
@ -47,8 +47,8 @@ import
func millerLoopGenericBLS12*[C](
f: var Fp12[C],
P: ECP_SWei_Aff[Fp[C]],
Q: ECP_SWei_Aff[Fp2[C]]
P: ECP_ShortW_Aff[Fp[C]],
Q: ECP_ShortW_Aff[Fp2[C]]
) =
## Generic Miller Loop for BLS12 curve
## Computes f{u,Q}(P) with u the BLS curve parameter
@ -81,7 +81,7 @@ func millerLoopGenericBLS12*[C](
# or we ensure the loop is done for a number of iterations strictly less
# than the curve order which is the case for BLS12 curves
var
T {.noInit.}: ECP_SWei_Proj[Fp2[C]]
T {.noInit.}: ECP_ShortW_Proj[Fp2[C]]
line {.noInit.}: Line[Fp2[C], C.getSexticTwist()]
nQ{.noInit.}: typeof(Q)
@ -121,14 +121,14 @@ func finalExpGeneric[C: static Curve](f: var Fp12[C]) =
## for sanity checks purposes.
f.powUnsafeExponent(C.pairing(finalexponent), window = 3)
func pairing_bls12_reference*[C](gt: var Fp12[C], P: ECP_SWei_Proj[Fp[C]], Q: ECP_SWei_Proj[Fp2[C]]) =
func pairing_bls12_reference*[C](gt: var Fp12[C], P: ECP_ShortW_Proj[Fp[C]], Q: ECP_ShortW_Proj[Fp2[C]]) =
## Compute the optimal Ate Pairing for BLS12 curves
## Input: P ∈ G1, Q ∈ G2
## Output: e(P, Q) ∈ Gt
##
## Reference implementation
var Paff {.noInit.}: ECP_SWei_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_SWei_Aff[Fp2[C]]
var Paff {.noInit.}: ECP_ShortW_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
gt.millerLoopGenericBLS12(Paff, Qaff)
@ -195,12 +195,12 @@ func finalExpHard_BLS12*[C](f: var Fp12[C]) =
# (x1)².(x+p).(x²+p²1) + 3
f *= v0
func pairing_bls12*[C](gt: var Fp12[C], P: ECP_SWei_Proj[Fp[C]], Q: ECP_SWei_Proj[Fp2[C]]) =
func pairing_bls12*[C](gt: var Fp12[C], P: ECP_ShortW_Proj[Fp[C]], Q: ECP_ShortW_Proj[Fp2[C]]) =
## Compute the optimal Ate Pairing for BLS12 curves
## Input: P ∈ G1, Q ∈ G2
## Output: e(P, Q) ∈ Gt
var Paff {.noInit.}: ECP_SWei_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_SWei_Aff[Fp2[C]]
var Paff {.noInit.}: ECP_ShortW_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
gt.millerLoopGenericBLS12(Paff, Qaff)

22
constantine/pairing/pairing_bn.nim
View File

@ -11,8 +11,8 @@ import
../towers,
../io/io_bigints,
../elliptic/[
ec_weierstrass_affine,
ec_weierstrass_projective
ec_shortweierstrass_affine,
ec_shortweierstrass_projective
],
./lines_projective,
./mul_fp12_by_lines,
@ -45,8 +45,8 @@ import
func millerLoopGenericBN*[C](
f: var Fp12[C],
P: ECP_SWei_Aff[Fp[C]],
Q: ECP_SWei_Aff[Fp2[C]]
P: ECP_ShortW_Aff[Fp[C]],
Q: ECP_ShortW_Aff[Fp2[C]]
) =
## Generic Miller Loop for BN curves
## Computes f{6u+2,Q}(P) with u the BN curve parameter
@ -80,7 +80,7 @@ func millerLoopGenericBN*[C](
# than the curve order which is the case for BN curves
var
T {.noInit.}: ECP_SWei_Proj[Fp2[C]]
T {.noInit.}: ECP_ShortW_Proj[Fp2[C]]
line {.noInit.}: Line[Fp2[C], C.getSexticTwist()]
nQ{.noInit.}: typeof(Q)
@ -133,14 +133,14 @@ func finalExpGeneric[C: static Curve](f: var Fp12[C]) =
## for sanity checks purposes.
f.powUnsafeExponent(C.pairing(finalexponent), window = 3)
func pairing_bn_reference*[C](gt: var Fp12[C], P: ECP_SWei_Proj[Fp[C]], Q: ECP_SWei_Proj[Fp2[C]]) =
func pairing_bn_reference*[C](gt: var Fp12[C], P: ECP_ShortW_Proj[Fp[C]], Q: ECP_ShortW_Proj[Fp2[C]]) =
## Compute the optimal Ate Pairing for BN curves
## Input: P ∈ G1, Q ∈ G2
## Output: e(P, Q) ∈ Gt
##
## Reference implementation
var Paff {.noInit.}: ECP_SWei_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_SWei_Aff[Fp2[C]]
var Paff {.noInit.}: ECP_ShortW_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
gt.millerLoopGenericBN(Paff, Qaff)
@ -201,12 +201,12 @@ func finalExpHard_BN*[C: static Curve](f: var Fp12[C]) =
f.frobenius_map(t2, 3) # r = f^λ₃p³
f *= t0 # r = f^(λ₀ + λ₁p + λ₂p² + λ₃p³) = f^((p⁴-p²+1)/r)
func pairing_bn*[C](gt: var Fp12[C], P: ECP_SWei_Proj[Fp[C]], Q: ECP_SWei_Proj[Fp2[C]]) =
func pairing_bn*[C](gt: var Fp12[C], P: ECP_ShortW_Proj[Fp[C]], Q: ECP_ShortW_Proj[Fp2[C]]) =
## Compute the optimal Ate Pairing for BLS12 curves
## Input: P ∈ G1, Q ∈ G2
## Output: e(P, Q) ∈ Gt
var Paff {.noInit.}: ECP_SWei_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_SWei_Aff[Fp2[C]]
var Paff {.noInit.}: ECP_ShortW_Aff[Fp[C]]
var Qaff {.noInit.}: ECP_ShortW_Aff[Fp2[C]]
Paff.affineFromProjective(P)
Qaff.affineFromProjective(Q)
gt.millerLoopGenericBN(Paff, Qaff)

26
helpers/prng_unsafe.nim
View File

@ -10,7 +10,7 @@ import
../constantine/arithmetic/bigints,
../constantine/primitives,
../constantine/config/[common, curves],
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective],
../constantine/io/io_bigints
# ############################################################
@ -226,7 +226,7 @@ func random_long01Seq[T](rng: var RngState, a: var T, C: static Curve) =
# Elliptic curves
# ------------------------------------------------------------
func random_unsafe[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or ECP_SWei_Aff[F])) =
func random_unsafe[F](rng: var RngState, a: var (ECP_ShortW_Proj[F] or ECP_ShortW_Aff[F])) =
## Initialize a random curve point with Z coordinate == 1
## Unsafe: for testing and benchmarking purposes only
var fieldElem {.noInit.}: F
@ -238,7 +238,7 @@ func random_unsafe[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or ECP_SWei_Af
rng.random_unsafe(fieldElem, F.C)
success = trySetFromCoordX(a, fieldElem)
func random_unsafe_with_randZ[F](rng: var RngState, a: var ECP_SWei_Proj[F]) =
func random_unsafe_with_randZ[F](rng: var RngState, a: var ECP_ShortW_Proj[F]) =
## Initialize a random curve point with Z coordinate being random
## Unsafe: for testing and benchmarking purposes only
var Z{.noInit.}: F
@ -251,7 +251,7 @@ func random_unsafe_with_randZ[F](rng: var RngState, a: var ECP_SWei_Proj[F]) =
rng.random_unsafe(fieldElem, F.C)
success = trySetFromCoordsXandZ(a, fieldElem, Z)
func random_highHammingWeight[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or ECP_SWei_Aff[F])) =
func random_highHammingWeight[F](rng: var RngState, a: var (ECP_ShortW_Proj[F] or ECP_ShortW_Aff[F])) =
## Initialize a random curve point with Z coordinate == 1
## This will be generated with a biaised RNG with high Hamming Weight
## to trigger carry bugs
@ -264,7 +264,7 @@ func random_highHammingWeight[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or
rng.random_highHammingWeight(fieldElem, F.C)
success = trySetFromCoordX(a, fieldElem)
func random_highHammingWeight_with_randZ[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or ECP_SWei_Aff[F])) =
func random_highHammingWeight_with_randZ[F](rng: var RngState, a: var (ECP_ShortW_Proj[F] or ECP_ShortW_Aff[F])) =
## Initialize a random curve point with Z coordinate == 1
## This will be generated with a biaised RNG with high Hamming Weight
## to trigger carry bugs
@ -278,7 +278,7 @@ func random_highHammingWeight_with_randZ[F](rng: var RngState, a: var (ECP_SWei_
rng.random_highHammingWeight(fieldElem, F.C)
success = trySetFromCoordsXandZ(a, fieldElem, Z)
func random_long01Seq[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or ECP_SWei_Aff[F])) =
func random_long01Seq[F](rng: var RngState, a: var (ECP_ShortW_Proj[F] or ECP_ShortW_Aff[F])) =
## Initialize a random curve point with Z coordinate == 1
## This will be generated with a biaised RNG
## that produces long bitstrings of 0 and 1
@ -292,7 +292,7 @@ func random_long01Seq[F](rng: var RngState, a: var (ECP_SWei_Proj[F] or ECP_SWei
rng.random_long01Seq(fieldElem, F.C)
success = trySetFromCoordX(a, fieldElem)
func random_long01Seq_with_randZ[F](rng: var RngState, a: var ECP_SWei_Proj[F]) =
func random_long01Seq_with_randZ[F](rng: var RngState, a: var ECP_ShortW_Proj[F]) =
## Initialize a random curve point with Z coordinate == 1
## This will be generated with a biaised RNG
## that produces long bitstrings of 0 and 1
@ -313,7 +313,7 @@ func random_long01Seq_with_randZ[F](rng: var RngState, a: var ECP_SWei_Proj[F])
func random_unsafe*(rng: var RngState, T: typedesc): T =
## Create a random Field or Extension Field or Curve Element
## Unsafe: for testing and benchmarking purposes only
when T is (ECP_SWei_Proj or ECP_SWei_Aff):
when T is (ECP_ShortW_Proj or ECP_ShortW_Aff):
rng.random_unsafe(result)
elif T is SomeNumber:
cast[T](rng.next()) # TODO: Rely on casting integer actually converting in C (i.e. uint64->uint32 is valid)
@ -322,7 +322,7 @@ func random_unsafe*(rng: var RngState, T: typedesc): T =
else: # Fields
rng.random_unsafe(result, T.C)
func random_unsafe_with_randZ*(rng: var RngState, T: typedesc[ECP_SWei_Proj]): T =
func random_unsafe_with_randZ*(rng: var RngState, T: typedesc[ECP_ShortW_Proj]): T =
## Create a random curve element with a random Z coordinate
## Unsafe: for testing and benchmarking purposes only
rng.random_unsafe_with_randZ(result)
@ -330,7 +330,7 @@ func random_unsafe_with_randZ*(rng: var RngState, T: typedesc[ECP_SWei_Proj]): T
func random_highHammingWeight*(rng: var RngState, T: typedesc): T =
## Create a random Field or Extension Field or Curve Element
## Skewed towards high Hamming Weight
when T is (ECP_SWei_Proj or ECP_SWei_Aff):
when T is (ECP_ShortW_Proj or ECP_ShortW_Aff):
rng.random_highHammingWeight(result)
elif T is SomeNumber:
cast[T](rng.next()) # TODO: Rely on casting integer actually converting in C (i.e. uint64->uint32 is valid)
@ -339,7 +339,7 @@ func random_highHammingWeight*(rng: var RngState, T: typedesc): T =
else: # Fields
rng.random_highHammingWeight(result, T.C)
func random_highHammingWeight_with_randZ*(rng: var RngState, T: typedesc[ECP_SWei_Proj]): T =
func random_highHammingWeight_with_randZ*(rng: var RngState, T: typedesc[ECP_ShortW_Proj]): T =
## Create a random curve element with a random Z coordinate
## Skewed towards high Hamming Weight
rng.random_highHammingWeight_with_randZ(result)
@ -347,7 +347,7 @@ func random_highHammingWeight_with_randZ*(rng: var RngState, T: typedesc[ECP_SWe
func random_long01Seq*(rng: var RngState, T: typedesc): T =
## Create a random Field or Extension Field or Curve Element
## Skewed towards long bitstrings of 0 or 1
when T is (ECP_SWei_Proj or ECP_SWei_Aff):
when T is (ECP_ShortW_Proj or ECP_ShortW_Aff):
rng.random_long01Seq(result)
elif T is SomeNumber:
cast[T](rng.next()) # TODO: Rely on casting integer actually converting in C (i.e. uint64->uint32 is valid)
@ -356,7 +356,7 @@ func random_long01Seq*(rng: var RngState, T: typedesc): T =
else: # Fields
rng.random_long01Seq(result, T.C)
func random_long01Seq_with_randZ*(rng: var RngState, T: typedesc[ECP_SWei_Proj]): T =
func random_long01Seq_with_randZ*(rng: var RngState, T: typedesc[ECP_ShortW_Proj]): T =
## Create a random curve element with a random Z coordinate
## Skewed towards long bitstrings of 0 or 1
rng.random_long01Seq_with_randZ(result)

2
tests/support/canaries.nim
View File

@ -9,7 +9,7 @@
import
../../constantine/arithmetic/bigints,
../../constantine/config/[common, curves],
../../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective]
../../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective]
# Canaries
# --------------------------------------------------------------

4
tests/support/ec_reference_scalar_mult.nim
View File

@ -10,7 +10,7 @@ import
# Internals
../../constantine/config/[common, curves],
../../constantine/arithmetic,
../../constantine/elliptic/ec_weierstrass_projective,
../../constantine/elliptic/ec_shortweierstrass_projective,
../../constantine/io/io_bigints
# Support files for testing Elliptic Curve arithmetic
@ -27,7 +27,7 @@ iterator unpack(scalarByte: byte): bool =
yield bool( scalarByte and 0b00000001)
func unsafe_ECmul_double_add*(
P: var ECP_SWei_Proj,
P: var ECP_ShortW_Proj,
scalar: BigInt,
) =
## **Unsafe** Elliptic Curve Scalar Multiplication

46
tests/t_ec_frobenius.nim
View File

@ -14,7 +14,7 @@ import
../constantine/config/[common, curves],
../constantine/[arithmetic, towers],
../constantine/io/[io_bigints, io_ec],
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
../constantine/isogeny/frobenius,
# Tests
../helpers/prng_unsafe,
@ -30,7 +30,7 @@ echo "frobenius xoshiro512** seed: ", seed
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px0, Px1, Py0, Py1: string,
Qx0, Qx1, Qy0, Qy1: string
) =
@ -55,7 +55,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
# - sage sage/frobenius_bls12_381.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "598e4c8c14c24c90834f2debedee4db3d31fed98a5134177704bfec14f46cb5",
Px1 = "c6fffa61daeb7caaf96983e70f164931d958c6820b205cdde19f2fa1eaaa7b1",
Py0 = "2f5fa252a27df56f5ca2e9c3382c17e531d317d50396f3fe952704304946a5a",
@ -68,7 +68,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 1,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "21014830dd88a0e7961e704cea531200866c5df46cb25aa3e2aac8d4fec64c6e",
Px1 = "1db17d8364def10443beab6e4a055c210d3e49c7c3af31e9cfb66d829938dca7",
Py0 = "1394ab8c346ad3eba14fa14789d3bbfc2deed5a7a510da8e9418580515d27bda",
@ -81,7 +81,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 2,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "46f2a2be9a3e19c1bb484fc37703ff64c3d7379de22249ccf0881037948beec",
Px1 = "10a5aaae14cb028f4ff4b81d41b712038b9f620a99e208c23504887e56831806",
Py0 = "2e6c3ebe0f3dada0063dc59f85fe2264dc3502bf65206336106a8d39d838a7b2",
@ -94,7 +94,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 3,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "1cf3af1d41e89d8df378aa81463a978c021f27f4a48387e74655ce2cf5c1f298",
Px1 = "36553e80e5c7c7360c7a2ae6bf1b8f68eb48804fc7eba7d2f56f09e87bbb0b1",
Py0 = "25f03e551d74b6be3268bf001905dfbe0bcbe43a2d1aac645a3ca8650b52e551",
@ -109,7 +109,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 0,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "112de13b7cd42bccdb005f2d4dc2726f360243103335ef6cf5e217e777554ae7c1deff5ddb5bcbb581fc9f13728a439",
Px1 = "10d1a8963e5c6854d5e610ece9914f9b5619c27652be1e9ec3e87687d63ed5d45b449bf59c2481e18ac6159f75966ac",
Py0 = "8aaf3a8660cf0edd6e97a2cd7837af1c63ec89e18f9bf4c64638662a661636b928a4f8097e6a2e8dfa11e13c51b075",
@ -122,7 +122,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 1,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "2f9318360b53c2d706061f527571e91679e6086a72ce8203ba1a04850f83bb192b29307e9b2d63feb1d23979e3f632",
Px1 = "3cbab0789968a3a35fa5d2e2326baa40c34d11a4af05a4109350944300ce32eef74dc5e47ba46717bd8bf87604696d",
Py0 = "14ea84922f76f2681fec869dce26141392975dcdb4f21d5fa8aec06b37bf71ba6249c219ecbaef4a266196dafb4ad19",
@ -135,7 +135,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 2,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "833ca23630be463c388ea6cfcff5b0e3b055065702a84310d2c726aee14d9e140cba05be79b5cb0441816d9e8c8370",
Px1 = "264a9755524baac8d9e53b0a45789e9dafcb6b453e965061fcfa20bb12a27d9b9417d5277ae2a499b1cfe567d75e2d",
Py0 = "5b670b9789825e2b48101b5b6e660cf9117e29c521dad54640cb356b674b3946c98cb43909c3495fb6d6d231891b7e",
@ -148,7 +148,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 3,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "14cd89e2e2755ddc086f63fd62e1f9904c3c1497243455c578a963e81b389f04e95ceafc4f47dc777579cdc82eca79b",
Px1 = "ba8801beba0654f20ccb78783efa7a911d182ec0eb99abe10f9a3d26b46fb7f90552e4ff6beb4df4611a9072be648b",
Py0 = "12e23bc97d891f2a047bac9c90e728cb89760c812156f96c95e36c40f1c830cf6ecbb5d407b189070d48a92eb461ea6",
@ -163,7 +163,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 0,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "d6904be428a0310dbd6e15a744a774bcf9800abe27536267a5383f1ddbd7783e1dc20098a8e045e3cca66b83f6d7f0f",
Px1 = "12107f6ef71d0d1e3bcba9e00a0675d3080519dd1b6c086bd660eb2d2bca8f276e283a891b5c0615064d7886af625cf2",
Py0 = "c592a3546d2d61d671070909e97860822db0a389e351c1744bdbb2c472cf52f3ca3e94068b0b6f3b0121923659131f5",
@ -176,7 +176,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 1,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "112de130b7cd42bccdb005f2d4dc2726f360243103335ef6cf5e217e777554ae7c1deff5ddb5bcbb581fc9f13728a439",
Px1 = "10d1a89a63e5c6854d5e610ece9914f9b5619c27652be1e9ec3e87687d63ed5d45b449bf59c2481e18ac6159f75966ac",
Py0 = "11261c8fcb0f4f560479547fe6b2a1c1e8b648d87e54c39f299eba8729294e99b415851d134ca31e8bb861c42e6f1022",
@ -189,7 +189,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 2,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "2f93183360b53c2d706061f527571e91679e6086a72ce8203ba1a04850f83bb192b29307e9b2d63feb1d23979e3f632",
Px1 = "3cbab0c789968a3a35fa5d2e2326baa40c34d11a4af05a4109350944300ce32eef74dc5e47ba46717bd8bf87604696d",
Py0 = "2b8d995b0f2114442b7bbdbe5732fbf94430d6d413e1f388031f3abb956e598cb6764275a75832c1670868c458378b6",
@ -202,7 +202,7 @@ suite "ψ (Psi) - Untwist-Frobenius-Twist Endomorphism on G2 vs SageMath" & " ["
test(
id = 3,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "d7d1c55ddf8bd03b7a15c3ea4f8f69aee37bf282d4aac82b7bd1fd47139250b9c708997a7ff8f603e48f0471c2cfe03",
Px1 = "d145a91934a6ad865d24ab556ae1e6c42decdd05d676b80e53365a6ff7536332859c9682e7200e40515f675415d71a3",
Py0 = "6de67fa12af93813a42612b1e9449c7b1f160c5de004ec26ea61010e48ba38dcf158d2692f347fdc6c6332bbec7106f",
@ -240,9 +240,9 @@ suite "ψ - psi(psi(P)) == psi2(P) - (Untwist-Frobenius-Twist Endomorphism)" & "
test(EC, randZ = false, gen = Long01Sequence)
test(EC, randZ = true, gen = Long01Sequence)
testAll(ECP_SWei_Proj[Fp2[BN254_Snarks]])
# testAll(ECP_SWei_Proj[Fp2[BLS12_377]])
testAll(ECP_SWei_Proj[Fp2[BLS12_381]])
testAll(ECP_ShortW_Proj[Fp2[BN254_Snarks]])
# testAll(ECP_ShortW_Proj[Fp2[BLS12_377]])
testAll(ECP_ShortW_Proj[Fp2[BLS12_381]])
suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
const Iters = 10
@ -290,9 +290,9 @@ suite "ψ²(P) - [t]ψ(P) + [p]P = Inf" & " [" & $WordBitwidth & "-bit mode]":
test(EC, randZ = false, gen = Long01Sequence)
test(EC, randZ = true, gen = Long01Sequence)
testAll(ECP_SWei_Proj[Fp2[BN254_Snarks]])
# testAll(ECP_SWei_Proj[Fp2[BLS12_377]])
testAll(ECP_SWei_Proj[Fp2[BLS12_381]])
testAll(ECP_ShortW_Proj[Fp2[BN254_Snarks]])
# testAll(ECP_ShortW_Proj[Fp2[BLS12_377]])
testAll(ECP_ShortW_Proj[Fp2[BLS12_381]])
suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding degree k=12)" & " [" & $WordBitwidth & "-bit mode]":
const Iters = 10
@ -319,6 +319,6 @@ suite "ψ⁴(P) - ψ²(P) + P = Inf (k-th cyclotomic polynomial with embedding d
test(EC, randZ = false, gen = Long01Sequence)
test(EC, randZ = true, gen = Long01Sequence)
testAll(ECP_SWei_Proj[Fp2[BN254_Snarks]])
# testAll(ECP_SWei_Proj[Fp2[BLS12_377]])
testAll(ECP_SWei_Proj[Fp2[BLS12_381]])
testAll(ECP_ShortW_Proj[Fp2[BN254_Snarks]])
# testAll(ECP_ShortW_Proj[Fp2[BLS12_377]])
testAll(ECP_ShortW_Proj[Fp2[BLS12_381]])

46
tests/t_ec_sage_bls12_377.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/[io_bigints, io_ec],
../constantine/elliptic/[ec_weierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
../constantine/elliptic/[ec_shortweierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
# Test utilities
./support/ec_reference_scalar_mult
@ -22,7 +22,7 @@ echo "\n------------------------------------------------------\n"
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px, Py: string,
scalar: string,
Qx, Qy: string
@ -58,7 +58,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
# Generated via sage sage/testgen_bls12_377.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "4e7e6dfa01ed0ceb6e66708b07cb5c6cd30a42eeb13d7b76f8d103a0a4d491450be6f526fc12f15209b792220c041e",
Py = "c782515159b7e7b9371e0e0caa387951317e993b1625d91869d4346621058a0960ef1b8b6eabb33cd5719694908a05",
scalar = "cf815cb4d44d3d691b7c82a40b4b70caa9b0e8fe9586648abf3f1e2e639ca1b",
@ -68,7 +68,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 1,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "13d735b28405253dcc0bc60bcdc13633475ffc187d38a9b97655b0d0fa1d56c4548f11ea0a795391ee85c953aaf9b83",
Py = "1693101123fd13a20f9c0569c52c29507ba1c8b6dd412660bc82e7974022f1a10f9137b4ba59d3f0aab67027cefec19",
scalar = "913aa7b9fa2f940b70b6dcf538cc08da1a369809ab86a8ee49cead0ed6bfef6",
@ -78,7 +78,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 2,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "6dd2211113cada09d3b96848cbf21ed14f6fc238b581c0afd49aa776980101e4ee279a256ce8f1428d3ed3f70afd85",
Py = "3b406b4433a3f44f8e196012f50c520e876412fbcae2651916f133c1fd3899c79f676e1abba01d84bab7ad100c9295",
scalar = "4cf47669aeb0f30b6c6c5aa02808a87dc787fba22da32875e614a54a50b6a0c",
@ -88,7 +88,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 3,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "18648abbe3261f93cbf679777eac66e419035041a967d1e6a0f0afdb92810d7122e0984f1d6efc8fe518500464ee803",
Py = "7b6f518d4d06309aad4d60d29118310b6c8b17c7bf5db2251f4701b13b89a8c0f04bb5d0386785e55ffbbd7ecc445e",
scalar = "69498486a06c18f836a8e9ed507bbb563d6d03545e03e08f628e8fbd2e5d098",
@ -98,7 +98,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 4,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "745e9944549522486f3446676cc62fb666682e10c661a13b8110b42cb9a37676b6f33a46f9495f4fafb342d5809db5",
Py = "bc595854bc42ccec60dd9ec573608d736aa59996cef1c2e8f6c5d424f525a6f3e3d4beeedfac6b959dbd71ced95b13",
scalar = "6e08d8714102a5aa3e9f46e33c70a759c27253c7b0196c3e46c7cb42671197e",
@ -108,7 +108,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 5,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "f7b56cf212a8906ed77a758164c0bd05ce1fbd3ee3c4357e7a09b3aedc748a29ace254f1f6df35b8cb74361060337f",
Py = "2640ef641d20fea19b28947833e53faceeafa57a8761b807049f3d707d70c01f1c69a57edd993d301a64517bf47f77",
scalar = "a5c46d7a52938fed7f3093d5867f65361dc8b48c83bd7db490c26736196e20e",
@ -118,7 +118,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 6,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "43b387c12e4cc91fb1a5593b7671356dceb0fe6e6ac666d5bac94f2a44c8db54976b649a678aae038b21144de04e23",
Py = "1a6366a50f1f9ba64eef73d82bec86177bf184be048a9d66326ccb0122203569ddcb8cf74445cadaff7f47a66d1b1a2",
scalar = "bddd07231bc7fe89ee4a859a00ea1f9d236be9e7fd561303d566904c1b0a07c",
@ -128,7 +128,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 7,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "6984c9385a67081f97b3d33444077466cca1d0442a4da8c083a0957578e0b21011435b126a5ab143da9da1cf5b216f",
Py = "18a87c7f5f6c5a8101773e63956b9addd4becf5177acc560d548e5331638121934842fdc9f654b3f456a7df5a2e471a",
scalar = "b72c41a6ffaff0aacb5d62e3dcb16acfec66b6a9639e19d3128fd43c18e7dbe",
@ -138,7 +138,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 8,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "efc34595823e7333616f7768bc82f407268df6f029bf4c94d15f1785dc7ccc08f22e7301dfc48dadc0ea383c8bb3e",
Py = "2459bd9f71977ef122d2102e8bfd07a5737066075058cfa8bcaa9f9690ed065919c844363ceaea6f9bb650906a535f",
scalar = "8f90f6ab0ffa6e4acc601b44c062745f2935b3dc153d0da07977470080d5c18",
@ -148,7 +148,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
test(
id = 9,
EC = ECP_SWei_Proj[Fp[BLS12_377]],
EC = ECP_ShortW_Proj[Fp[BLS12_377]],
Px = "3eec93c2a9c5fd03f0de5ede2fdac9e361090fbaea38e4a0f1828745f1d14a057d9fd7c46b9168bd95a45a182a3a62",
Py = "e912dc7e95f90d91e3274ec5639edacb88be1b092c47c13d31a29ecd579885cc09f197f8207d23b2260ab10c94d5f5",
scalar = "203300e949aff816d084a388f07c74b9152bb11b523543afd65c805a389980",
@ -159,7 +159,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_377 implementation vs Sag
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px0, Px1, Py0, Py1: string,
scalar: string,
Qx0, Qx1, Qy0, Qy1: string
@ -192,7 +192,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
# Generated via sage sage/testgen_bls12_377.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "267401f3ef554fe74ae131d56a10edf14ae40192654901b4618d2bf7af22e77c2a9b79e407348dbd4aad13ca73b33a",
Px1 = "12dcca838f46a3e0418e5dd8b978362757a16bfd78f0b77f4a1916ace353938389ae3ea228d0eb5020a0aaa58884aec",
Py0 = "11799118d2e054aabd9f74c0843fecbdc1c0d56f61c61c5854c2507ae2416e48a6b2cd3bc8bf7495a4d3d8270eafe2b",
@ -206,7 +206,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 1,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "3a3055d6a46901c1b2227a0e334ffa9f654e62a6d3608f3a672e5816f9e9b04c0e668c3e9f8c807b269422afdc7de9",
Px1 = "25803bd55f37b254865d5fc7ac9843fb306c2eb09d34ee0c4ecb705b5e10f6911f07fd707a2e28681a421f45b1a4d",
Py0 = "15a0594a3c9dddc535472c4827aa443774a06f77bec2d20837c6574aa5fac35a279bac756531fa75f979a7a97f297d6",
@ -220,7 +220,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 2,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "18ebf549cd24a64badff4ec177205be121757b68589020434aba816756d2e6fa95fdb389c8639d4bf77575122e1c04e",
Px1 = "11cd0f0976658a6f2ec113034428ef1605befdaa5642944f5c4e571b24fc166c368c30473e25ab148209be4c0b4e37",
Py0 = "1190d818317495201732feb2cfc8f507adac6273debff46bb6aea4a3f3e3fe7d28d893c90b21a6f28d2fbc72d9fc528",
@ -234,7 +234,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 3,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "52b54c30c1dcadbcb698d0cb7fd65de1eb8f7590c7afe46e019bdc9e0ef8bc4c060339220d3615e4b1f2b12ffa6d83",
Px1 = "dd53b483c2ab1aaa7ed22ef619b5e979237ae95476436f2c51c8b70da39a4e54a989f10f6d12ee098154911aa052f6",
Py0 = "2a8c96662a7c76cb7d8ca6571a5b99abfd2d7343dd668425e5fa4a8c880b313b70f09a15a825fac63ae7065c0c51d",
@ -248,7 +248,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 4,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "fb6dd822e327a60c9e55d760c4f5d26783617a06f868835c2f46e902108eaca5d60fd64c0a0c8a6dc12f9352dfef33",
Px1 = "85e97eef3b4e42a93b8421644e9334f4543a25a36ccd41d448c385146baf3b1efbaeac49c202b04cdbf8b50f3fd962",
Py0 = "8db78b315a524f17ac3d69333604e6bc8aa0b2f138f9adf7edb19f49c847eda6b64df9fe2576b7687e7b55cb5f0bd0",
@ -262,7 +262,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 5,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "b56e23f2558c3c124f024952e1858067223541f51a8885d161133beb7bf8d64f22163769e604afbf7fbfb02e1fcb43",
Px1 = "e10c4366d667b40488a9ae32daf3e2a5cc8ddf25ed407afe1a38b855f3ac4f7ea20455924e71369eed07114613b633",
Py0 = "f42d3ab4716d10384bcdfec38cba997c2bafb8d8de32a47225a3e2d2835be1ad02a63323d3dd4145db21e3cbf5cc7a",
@ -276,7 +276,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 6,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "137001541ab8a479362ee39f818fc38788231e5288ceea5ebe0c08d0bbca3be9519aa415bde98428df26d361b7311ea",
Px1 = "411b1a4f0abb9fd255a7ae26ac39c1f2c88a48f82c7623b6f225aec9755206e27084b23cbc98f31399405a6599dc54",
Py0 = "833ef097986116cab669c4fddff9b831535d100644f732fb0da0a2dce17d69beaeed67230dd66392e840679afbae1e",
@ -290,7 +290,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 7,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "1580ffccc21b057dfe4831f950cbb8f1436f999df657404ecec20225a929a5d56920e8662abc426de23402643087308",
Px1 = "8bf8ff20713a9054aa1cce9635eb3d6ac8371fc052b747a8414595708ff9462d64a0a11ff2c1c5121f4ecc5f22df5e",
Py0 = "e7a5f7df0cec03de25da415fdda485ecc1443b95352e47b23e5506b820c9bc9ea9c2d9e99dd48e1f74e1befe58ce80",
@ -304,7 +304,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 8,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "10898a074b6931cc4ada152b64dd1c6b2bb47912e6502b9e88f638e489c144f8aa9b9f915bb428e082ec84676607f40",
Px1 = "18484823648fe1699468e2d265cd2f2e381a0e67f35f8d192259e2a14573692b4e1fbdeed639e9b6eb0731be820b166",
Py0 = "1840bc6fcb224efe00e32f827fa4f9694cd4186493089c66a936e912b50346b75542b6edbe51ba95c88d3b0fcac34ed",
@ -318,7 +318,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 9,
EC = ECP_SWei_Proj[Fp2[BLS12_377]],
EC = ECP_ShortW_Proj[Fp2[BLS12_377]],
Px0 = "13c3a392307124afb5f219ba0f8062fa9b75654d3fff12bc924592d284af550f039b6ac58880d2c6fea146b3982f03c",
Px1 = "188169bc937fcc20cc9c289adef30580188f64ecb126faadb5b888f31b813727ff7046d1a19b81abeea6609b8b208c6",
Py0 = "2f9bde8fdd43c5f4de30f335a480dca3bf0858464d8368984406f10ddc1ecabb15fcfd11cebd4fef426e7ca9411221",

46
tests/t_ec_sage_bls12_381.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/[io_bigints, io_ec],
../constantine/elliptic/[ec_weierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
../constantine/elliptic/[ec_shortweierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
# Test utilities
./support/ec_reference_scalar_mult
@ -22,7 +22,7 @@ echo "\n------------------------------------------------------\n"
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px, Py: string,
scalar: string,
Qx, Qy: string
@ -58,7 +58,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
# Generated via sage sage/testgen_bls12_381.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "f9679bb02ee7f352fff6a6467a5e563ec8dd38c86a48abd9e8f7f241f1cdd29d54bc3ddea3a33b62e0d7ce22f3d244a",
Py = "50189b992cf856846b30e52205ff9ef72dc081e9680726586231cbc29a81a162120082585f401e00382d5c86fb1083f",
scalar = "f7e60a832eb77ac47374bc93251360d6c81c21add62767ff816caf11a20d8db",
@ -68,7 +68,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 1,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "17d71835ff84f150fabf5c77ac90bf7f6249143abd1f5d8a46a76f243d424d82e1e258fc7983ba8af97a2462adebe090",
Py = "d3e108ee1332067cbe4f4193eae10381acb69f493b40e53d9dee59506b49c6564c9056494a7f987982eb4069512c1c6",
scalar = "5f10367bdae7aa872d90b5ac209321ce5a15181ce22848d032a8d452055cbfd0",
@ -78,7 +78,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 2,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "f92c9572692e8f3d450483a7a9bb4694e3b54c9cd09441a4dd7f579b0a6984e47f8090c31c172b33d87f3de186d6b58",
Py = "286ede4cb2ae19ead4932d5550c5d3ec8ce3a3ada5e1ed6d202e93dd1b16d3513f0f9b62adc6323f18e272a426ee955",
scalar = "4c321d72220c098fc0fd52306de98f8be9446bf854cf1e4d8dbae62375d18faf",
@ -88,7 +88,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 3,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "ec23ff3435b8ebd5e8e0a879d432e11eb974161664b1341fd28f1ffc4c228bf6ada2ae4a565f18c9b66f67a7573502d",
Py = "10c4b647be08db0b49b75320ae891f9f9c5d7bb7c798947e800d681d205d1b24b12e4dfa993d1bd16851b00356627cc1",
scalar = "1738857afb76c55f615c2a20b44ca90dcb3267d804ec23fddea431dbee4eb37f",
@ -98,7 +98,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 4,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "df127083c2a5ef2388b02af913c0e4002a52a82db9e5ecbf23ee4f557d3b61c91ebcfe9d4973070b46bc5ea6897bca1",
Py = "318960aeea262ec23ffdd42ec1ba72ae6fa2186a1e2a0fc2659073fb7b5adfb50d581a4d998a94d1accf78b1b3a0163",
scalar = "19c47811813444020c999a2b263940b5054cf45bb8ad8e086ff126bfcd5507e1",
@ -108,7 +108,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 5,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "101123de23c0f240c583c2368c4118dc942db219c55f58cf54acd500c1fcfa06f651ad75319ebf840cbdb6bddea7fde4",
Py = "5268587d4b844b0708e0336d1bbf48da185aaf5b948eccc3b565d00a856dd55882b9bb31c52af0e275b168cb35eb7b0",
scalar = "43ffcda71e45a3e90b7502d92b30a0b06c54c95a91aa21e0438677b1c2714ecb",
@ -118,7 +118,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 6,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "1457ba1bae6eb3afae3261941c65c93e3ae7d784907d15b8d559100da5e13fd29e4a4d6e3103b781a95237b7b2d80a8e",
Py = "6a869a47cb48d01e7d29660932afd7617720262b55de5f430b8aa3d74f9fd2b9d3a07ce192425da58014764fc9532cd",
scalar = "64ad0d6c36dba5368e71f0010aebf860288f54611e5aaf18082bae7a404ebfd8",
@ -128,7 +128,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 7,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "2615f843e8fe68d4c337bcf83b2cf13cbae638edd0740f1eac520dc2146afa3b8d36c540878c1d207ef913634b1e593",
Py = "1787d6eeeceb6e7793073f0bbe7bae522529c126b650c43d5d41e732c581a57df1bfb818061b7b4e6c9145da5df2c43e",
scalar = "b0ac3d0e685583075aa46c03a00859dfbec24ccb36e2cae3806d82275adcc03",
@ -138,7 +138,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 8,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "10bc0c4e1ed87246a9d4d7d38546369f275a245f6e1d3b882e8c9a7f05bc6ee8ff97a96a54084c2bef15ed8bfefb1465",
Py = "1782377e5f588576b5ab42fea224e88873dda957202f0c6d72ce8728c2d58dc654be77226fbda385d5f269354e4a176a",
scalar = "23941bb3c3659423d6fdafb7cff52e0e02de0ac91e64c537c6203d64905b63d0",
@ -148,7 +148,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
test(
id = 9,
EC = ECP_SWei_Proj[Fp[BLS12_381]],
EC = ECP_ShortW_Proj[Fp[BLS12_381]],
Px = "be4f9f721d98a761a5562bd80ea06f369e9cbb7d33bbb2f0191d4b77d0fd2a10c4083b54157b525f36c522ca3a6ca09",
Py = "166c315ecdd20acb3c5efcc7e038b17d0b37a06ffbf77873f15fc0cd091a1e4102a8b8bf5507919453759e744391b04d",
scalar = "4203156dcf70582ea8cbd0388104f47fd5a18ae336b2fed8458e1e4e74d7baf5",
@ -159,7 +159,7 @@ suite "Scalar Multiplication (cofactor cleared): BLS12_381 implementation vs Sag
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px0, Px1, Py0, Py1: string,
scalar: string,
Qx0, Qx1, Qy0, Qy1: string
@ -192,7 +192,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
# Generated via sage sage/testgen_bls12_381.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "10fbddd49246ac4b0faa489e3474507ebc96a5da194b2f7a706fad6bf8435021e1598700088abfe0ae7343296c1b7f52",
Px1 = "324102fa5bd71d9048c3c6a6c62d1f35195d7067bf00dc5eaedd14eecc688383446aba4e8fda059d3f619f00be7890",
Py0 = "f3e974aafa7a3fb3a1209f3af4492c9d9c52f1ae738e1e08309dd0f438f131f8ddd8b934eb8ff2cb078b8c524c11fab",
@ -206,7 +206,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 1,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "4b472ab5d0995a22c95f0805eb459b147d2033b8c13c1c07c857a97e66952d4df3e3b5f346997cc7bd19886492fae83",
Px1 = "12228345592511c7327176258097c70dffad1ff53b37163cbd4747d0085ed0bcfe90b9150d2f7e49580a42110b1d9c6b",
Py0 = "19220ed4e423d3274a8e9a58624b8762d7831d6f65fcaf6718b933bf77a0c41d3bb713a2224dbc448cfc735101a5bb1e",
@ -220,7 +220,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 2,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "11c9f03cd130f7b4d6675b902d9b4dddfa41577b7673c31a508760675ca083abedfe3f6c1c69eb46737d4877adb527c6",
Px1 = "c64be8d22d478378784c4f38e386635a8ab606d2b35101ebecfe97b3bb5132d26e9a7ea9690d07a78a22f458045a8c5",
Py0 = "6253c05b48fde95024644efd87cdf0cf15414c36c35625e383ea7b5ab839eaa783563918cd9e5e391ef1512a6ac28e0",
@ -234,7 +234,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 3,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "5adc112fb04bf4ca642d5a7d7343ccd6b93546442d2fff5b9d32c15e456d54884cba49dd7f94ce4ddaad4018e55d0f2",
Px1 = "5d1c5bbf5d7a833dc76ba206bfa99c281fc37941be050e18f8c6d267b2376b3634d8ad6eb951e52a6d096315abd17d6",
Py0 = "15a959e54981fab9ac3c6f5bfd6fb60a50a916bd43d96a09922a54309b84812736581bfa728670cba864b08b9e391bb9",
@ -248,7 +248,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 4,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "99f8b62e82892d323847f64ab2b422478d207b780fbb097cdca6a1a89e70ff09213dee8534eaf63dac9f7f7feff2548",
Px1 = "12e7b53d802fa9cd897b5470614d57b1620bfe53f36158466f83e7cc6a6cccb1ac7557a8d5a2208c7c1366835c2cba59",
Py0 = "115d6b7a8bc5628690ec750207b3252d4121c20c2106d0277cd41dee7b1d4ed1ff856883719bccb545054b9a745a53e2",
@ -262,7 +262,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 5,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "7f56aa6111f341d6381090f058835b3d60200032b382108194188c40afe4225eb6fecaba734084283771923e004b5ca",
Px1 = "18abca4d9eca6d3ef3c720ca6b27f824fdd12dcac72c167f0212f707fa22752f291c9c20a4b92417d05c64207b8e6da6",
Py0 = "10e08fc323d2ef92c5fd9a0ba38e32e16068ac5a4a0f95b0390c2e8ad6caa446adebe16bbf628a0c2de007bfa1218317",
@ -276,7 +276,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 6,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "a8c5649d2df1bae84fd9e8bfcde5113937b3acea22d67ddfedaf1fb8de8c1ef4c70591cf505c24c31e54020c2c510c3",
Px1 = "a0553f98229a6a067489c3ee204161c11e96f421b3e9c145dc3865b03e9d4ff6cab14c5b5308ecd31173f954463690c",
Py0 = "b29d8dfe18dc41b4826c3a102c1bf8f306cb42433cc36ee38080f47a324c02a678f9daed0a2bc577c18b9865de029f0",
@ -290,7 +290,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 7,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "eb79d9e425feb105ec09ce60949721b12dac5e6721c8a6b505aa2d83270d2a3e6c6bcce16a1b510f6822504c5e86416",
Px1 = "9f5d2dc403a2e96c3f59c7bb98a36cc8be68500510fd88b09f55938efd192d9653f4bcfd1451518c535e9d1996a924",
Py0 = "114825899129828ee0b946811ff98a79af1b53c4511bc45a8e41a07a7d9600c824ed7c5cd608781d0a98a13e69b0c002",
@ -304,7 +304,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 8,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "17ce8a849a475599245ad6b84cf5284cd15d6346ae52a833954ec50d5cf7f0be1cd8473fdc9dfd500d7f1d80bf6fa6ca",
Px1 = "15d8128bc60c8e83846bf6748982a7188df6393a9379b2959fa7e1cb72f1c1da066fe3a6d927f97ecec3725fac65eb10",
Py0 = "a05421595b36750e134b91500962201e9f57ac068732b9fb34ec50ff22f274d395d34d133e131e6dc7bc42d66149767",
@ -318,7 +318,7 @@ suite "Scalar Multiplication G2: BLS12-381 implementation vs SageMath" & " [" &
test(
id = 9,
EC = ECP_SWei_Proj[Fp2[BLS12_381]],
EC = ECP_ShortW_Proj[Fp2[BLS12_381]],
Px0 = "13eb9e9906446be49345c08de406cd104d6bb9901ee12af0b80a8351027152d6f6d158d5a906e4a58c5602e97347cfd5",
Px1 = "1218df3f2a9cd7685325a4a7bb6a3636a458a52ea7f1e1d73c2429acb74a2a9beb838c109541120b095118c90868eb0f",
Py0 = "3ac16edac6898f11ff8ddb48fad6f59f4842cd427d72fa964171801be172b8ecd2fdffb4882d4aa6f1e730f6e53f8c5",

46
tests/t_ec_sage_bn254.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/[io_bigints, io_ec],
../constantine/elliptic/[ec_weierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
../constantine/elliptic/[ec_shortweierstrass_projective, ec_scalar_mul, ec_endomorphism_accel],
# Test utilities
./support/ec_reference_scalar_mult
@ -22,7 +22,7 @@ echo "\n------------------------------------------------------\n"
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px, Py: string,
scalar: string,
Qx, Qy: string
@ -58,7 +58,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
# Generated via sage sage/testgen_bn254_snarks.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "22d3af0f3ee310df7fc1a2a204369ac13eb4a48d969a27fcd2861506b2dc0cd7",
Py = "1c994169687886ccd28dd587c29c307fb3cab55d796d73a5be0bbf9aab69912e",
scalar = "e08a292f940cfb361cc82bc24ca564f51453708c9745a9cf8707b11c84bc448",
@ -68,7 +68,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 1,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "2724750abe620fce759b6f18729e40f891a514160d477811a44b222372cc4ea3",
Py = "105cdcbe363921790a56bf2696e73642447c60b814827ca4dba86c814912c98a",
scalar = "2f5c2960850eabadab1e5595ff0bf841206885653e7f2024248b281a86744790",
@ -78,7 +78,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 2,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "39bc19c41835082f86ca046b71875b051575072e4d6a4aeedac31eee34b07df",
Py = "1fdbf42fc20421e1e775fd93ed1888d614f7e39067e7443f21b6a4817481c346",
scalar = "29e140c33f706c0111443699b0b8396d8ead339a3d6f3c212b08749cf2a16f6b",
@ -88,7 +88,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 3,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "157a3e1ff9dabccced9746e19855a9438098be6d734f07d1c069aa1bd05b8d87",
Py = "1c96bf3e48bc1a6635d93d4f1302a0eba39bd907c5d861f2a9d0c714ee60f04d",
scalar = "29b05bd55963e262e0fa458c76297fb5be3ec1421fdb1354789f68fdce81dc2c",
@ -98,7 +98,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 4,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "2f260967d4cd5d15f98c0a0a9d5abaae0c70d3b8d83e1e884586cd6ece395fe7",
Py = "2a102c7aebdfaa999d5a99984148ada142f72f5d4158c10368a2e13dded886f6",
scalar = "1796de74c1edac90d102e7c33f3fad94304eaff4a67a018cae678774d377f6cd",
@ -108,7 +108,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 5,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "1b4ccef57f4411360a02b8228e4251896c9492ff93a69ba3720da0cd46a04e83",
Py = "1fabcb215bd7c06ead2e6b0167497efc2cdd3dbacf69bcb0244142fd63c1e405",
scalar = "116741cd19dac61c5e77877fc6fef40f363b164b501dfbdbc09e17ea51d6beb0",
@ -118,7 +118,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 6,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "2807c88d6759280d6bd83a54d349a533d1a66dc32f72cab8114ab707f10e829b",
Py = "dbf0d486aeed3d303880f324faa2605aa0219e35661bc88150470c7df1c0b61",
scalar = "2a5976268563870739ced3e6efd8cf53887e8e4426803377095708509dd156ca",
@ -128,7 +128,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 7,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "2754a174a33a55f2a31573767e9bf5381b47dca1cbebc8b68dd4df58b3f1cc2",
Py = "f222f59c8893ad87c581dacb3f8b6e7c20e7a13bc5fb6e24262a3436d663b1",
scalar = "25d596bf6caf4565fbfd22d81f9cef40c8f89b1e5939f20caa1b28056e0e4f58",
@ -138,7 +138,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 8,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "273bf6c679d8e880034590d16c007bbabc6c65ed870a263b5d1ce7375c18fd7",
Py = "2904086cb9e33657999229b082558a74c19b2b619a0499afb2e21d804d8598ee",
scalar = "67a499a389129f3902ba6140660c431a56811b53de01d043e924711bd341e53",
@ -148,7 +148,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 9,
EC = ECP_SWei_Proj[Fp[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Px = "ec892c09a5f1c68c1bfec7780a1ebd279739383f2698eeefbba745b3e717fd5",
Py = "23d273a1b9750fe1d4ebd4b7c25f4a8d7d94f6662c436305cca8ff2cdbd3f736",
scalar = "d2f09ceaa2638b7ac3d7d4aa9eff7a12e93dc85db0f9676e5f19fb86d6273e9",
@ -158,7 +158,7 @@ suite "Scalar Multiplication G1: BN254 implementation vs SageMath" & " [" & $Wor
proc test(
id: int,
EC: typedesc[ECP_SWei_Proj],
EC: typedesc[ECP_ShortW_Proj],
Px0, Px1, Py0, Py1: string,
scalar: string,
Qx0, Qx1, Qy0, Qy1: string
@ -193,7 +193,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
# Generated via sage sage/testgen_bn254_snarks.sage
test(
id = 0,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "1dcee2242ae85da43d02d38032b85836660f9a0a8777ab66c84ffbbde3ac3b25",
Px1 = "1e2eb4c305e3b6c36a4081888b7a953eb44804b8b5120306331f8c89a3bb950",
Py0 = "1db75f495edd522cae161ceeb86ca466ca2efd80ef979028d7aa39679de675fd",
@ -207,7 +207,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 1,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "5ed8c937273562944e0f1ebfb40e6511202188c1cabf588ed38735016d37b32",
Px1 = "23f75e8322c4b540cd5b8fd144a89ab5206a040f498b7b59385770bc841cf012",
Py0 = "2150beef17f5c22a65a4129390f47eece8f0c7d0c516790ea2632e7fd594ed8",
@ -221,7 +221,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 2,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "2ac4b3d0a70d6686c63d9d63cce1370eafd4dc67f616c13582c6c64f6670513e",
Px1 = "f1daeb6a2581ba6c8027a645ab5c10e303db4aee85c70c8fe11f4c1adcc7029",
Py0 = "25807ff21967759cab64844741d006e2aa0221d9836613b1239da1a167d15131",
@ -235,7 +235,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 3,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "2a028c1328bb0abf252edfbf7133b84eef2a5f20163fe61685b4b54229ca585d",
Px1 = "8f80ad79e8e7e79bbdc645d9f5b339c52dd99a901b90de2494492656f11a9d5",
Py0 = "1f04320578e31ffa2e2b59ad8fcb1aba622b5f307ac540cf2ccdab07dec56503",
@ -249,7 +249,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 4,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "1132e63c444e1abce6fc4c39bdf5be5caad586837cbf5ca9d3891482bdefe77",
Px1 = "22b71f598dab789f055fc9669ddf66f0d75f581af0e9e8863d7f95a51ef34862",
Py0 = "58e39050f64c9948d7238b99ecaee947cb934688a6e9f483c5c36b6e07aa31b",
@ -263,7 +263,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 5,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "6a20c456e80e2bfe37d8631d41ffed31cba5d1c411e816d64014d0088d16554",
Px1 = "9d1555c77222abd79e17e2806386c53aba9609375276e817f52f03dc3f75676",
Py0 = "127e76f384726e56dfaa46e6fde6dc644f5fd494d056191059e2bebc525ce835",
@ -277,7 +277,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 6,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "4c591d080257375d6189340185c6fe4c1fa796722d07e1bec0b17080b6b1154",
Px1 = "241e2f2eb2a58afc2b5410d4ccbf75b53744ca1ac0bb28d7c60449f8d06204a4",
Py0 = "eaddea52f2e884a5e2635965ca4146b12127fe8a8883e07def8e8720f410781",
@ -291,7 +291,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 7,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "115e772198e3f0003e31c0a1c48b6ac870d96020a4d634b7f14c15422d001cfe",
Px1 = "1913447ff41836e0b6a3b01be670a2457e6119e02ae35903fb71be4369e269f7",
Py0 = "14cb779c640aad2731b93b07c623c621a5585d0374f0394e5332f20ac28ca49d",
@ -305,7 +305,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 8,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "13faa1f28e6bfe89765c284e67face6ce0a29006ebc1551d4243e754c59f88ad",
Px1 = "640cebb80938dfcb998d84a8e5aafd47ffbcba0aa2f8c9b1c585baf119a8942",
Py0 = "1de793a9ef8f4dea5dad12fb09ddefa07ce197d4d7389a29ad3d8c6484582afe",
@ -319,7 +319,7 @@ suite "Scalar Multiplication G2: BN254 implementation vs SageMath" & " [" & $Wor
test(
id = 9,
EC = ECP_SWei_Proj[Fp2[BN254_Snarks]],
EC = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Px0 = "2fc3da947b78ac524a57670cef36ca89f1dad71b337bc3c18305c582a59648ad",
Px1 = "2f7cc845d8c1ef0613f919d8c47f3c62f83608a45b1e186748ac5dcccd4c6baf",
Py0 = "18ddc4718a4161f72f8d188fc61a609a3d592e186a65f4158483b719ffb05b8f",

4
tests/t_ec_template.nim
View File

@ -19,7 +19,7 @@ import
../constantine/config/[common, curves],
../constantine/arithmetic,
../constantine/towers,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult
@ -435,7 +435,7 @@ proc run_EC_mixed_add_impl*(
for _ in 0 ..< Iters:
let a = rng.random_point(EC, randZ, gen)
let b = rng.random_point(EC, randZ, gen)
var bAff: ECP_SWei_Aff[EC.F]
var bAff: ECP_ShortW_Aff[EC.F]
bAff.affineFromProjective(b)
var r_generic, r_mixed: EC

10
tests/t_ec_wstrass_prj_edge_cases.nim
View File

@ -20,13 +20,13 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/[io_bigints, io_fields, io_towers, io_ec],
../constantine/elliptic/[ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult
func testAddAssociativity[EC](a, b, c: EC) =
var tmp1{.noInit.}, tmp2{.noInit.}: ECP_SWei_Proj[Fp2[BLS12_381]]
var tmp1{.noInit.}, tmp2{.noInit.}: ECP_ShortW_Proj[Fp2[BLS12_381]]
# r0 = (a + b) + c
tmp1.sum(a, b)
@ -63,7 +63,7 @@ func testAddAssociativity[EC](a, b, c: EC) =
suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitwidth & "-bit mode]":
test "EC Add G2 is associative - #60":
var a, b, c: ECP_SWei_Proj[Fp2[BLS12_381]]
var a, b, c: ECP_ShortW_Proj[Fp2[BLS12_381]]
var ax, az, bx, bz, cx, cz: Fp2[BLS12_381]
ax.fromHex(
@ -101,7 +101,7 @@ suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitwidth & "-bit
test "EC Add G2 is associative - #65-1":
var a, b, c: ECP_SWei_Proj[Fp2[BLS12_381]]
var a, b, c: ECP_ShortW_Proj[Fp2[BLS12_381]]
var ax, az, bx, bz, cx, cz: Fp2[BLS12_381]
ax.fromHex(
@ -139,7 +139,7 @@ suite "Short Weierstrass Elliptic Curve - Edge cases [" & $WordBitwidth & "-bit
test "EC Add G2 is associative - #65-2":
var a, b, c: ECP_SWei_Proj[Fp2[BLS12_381]]
var a, b, c: ECP_ShortW_Proj[Fp2[BLS12_381]]
var ax, az, bx, bz, cx, cz: Fp2[BLS12_381]
ax.fromHex(

14
tests/t_ec_wstrass_prj_g1_add_double.nim
View File

@ -13,7 +13,7 @@ import
../constantine/config/[common, curves],
../constantine/arithmetic,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective],
# Test utilities
../helpers/prng_unsafe,
./t_ec_template
@ -22,19 +22,19 @@ const
Iters = 8
run_EC_addition_tests(
ec = ECP_SWei_Proj[Fp[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_g1_add_double_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g1_add_double_" & $BN254_Snarks
)
run_EC_addition_tests(
ec = ECP_SWei_Proj[Fp[BLS12_381]],
ec = ECP_ShortW_Proj[Fp[BLS12_381]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_g1_add_double_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g1_add_double_" & $BLS12_381
)
run_EC_addition_tests(
ec = ECP_SWei_Proj[Fp[BLS12_377]],
ec = ECP_ShortW_Proj[Fp[BLS12_377]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_g1_add_double_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g1_add_double_" & $BLS12_377
)

14
tests/t_ec_wstrass_prj_g1_mixed_add.nim
View File

@ -9,7 +9,7 @@
import
# Internals
../constantine/config/curves,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
../constantine/arithmetic,
# Test utilities
./t_ec_template
@ -18,19 +18,19 @@ const
Iters = 12
run_EC_mixed_add_impl(
ec = ECP_SWei_Proj[Fp[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp[BN254_Snarks]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_mixed_add_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_mixed_add_" & $BN254_Snarks
)
run_EC_mixed_add_impl(
ec = ECP_SWei_Proj[Fp[BLS12_381]],
ec = ECP_ShortW_Proj[Fp[BLS12_381]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_mixed_add_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_mixed_add_" & $BLS12_381
)
run_EC_mixed_add_impl(
ec = ECP_SWei_Proj[Fp[BLS12_377]],
ec = ECP_ShortW_Proj[Fp[BLS12_377]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_mixed_add_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_mixed_add_" & $BLS12_377
)

14
tests/t_ec_wstrass_prj_g1_mul_distri.nim
View File

@ -13,7 +13,7 @@ import
../constantine/config/[common, curves],
../constantine/arithmetic,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -24,19 +24,19 @@ const
ItersMul = Iters div 4
run_EC_mul_distributive_tests(
ec = ECP_SWei_Proj[Fp[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp[BN254_Snarks]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_distributive_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g1_mul_distributive_" & $BN254_Snarks
)
run_EC_mul_distributive_tests(
ec = ECP_SWei_Proj[Fp[BLS12_381]],
ec = ECP_ShortW_Proj[Fp[BLS12_381]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_distributive_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g1_mul_distributive_" & $BLS12_381
)
run_EC_mul_distributive_tests(
ec = ECP_SWei_Proj[Fp[BLS12_377]],
ec = ECP_ShortW_Proj[Fp[BLS12_377]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_distributive_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g1_mul_distributive_" & $BLS12_377
)

20
tests/t_ec_wstrass_prj_g1_mul_sanity.nim
View File

@ -13,7 +13,7 @@ import
../constantine/config/[common, curves],
../constantine/[arithmetic, primitives],
../constantine/io/[io_bigints, io_fields, io_ec],
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -24,9 +24,9 @@ const
ItersMul = Iters div 4
run_EC_mul_sanity_tests(
ec = ECP_SWei_Proj[Fp[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp[BN254_Snarks]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_sanity_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g1_mul_sanity_" & $BN254_Snarks
)
suite "Order checks on BN254_Snarks":
@ -34,7 +34,7 @@ suite "Order checks on BN254_Snarks":
var rng: RngState
let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
rng.seed(seed)
echo "test_ec_weierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
proc test(EC: typedesc, bits: static int, randZ: static bool) =
for _ in 0 ..< ItersMul:
@ -56,8 +56,8 @@ suite "Order checks on BN254_Snarks":
bool(impl.isInf())
bool(reference.isInf())
test(ECP_SWei_Proj[Fp[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
test(ECP_SWei_Proj[Fp[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)
test(ECP_ShortW_Proj[Fp[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
test(ECP_ShortW_Proj[Fp[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)
# TODO: BLS12 is using a subgroup of order "r" such as r*h = CurveOrder
# with h the curve cofactor
# instead of the full group
@ -74,13 +74,13 @@ suite "Order checks on BN254_Snarks":
bool not ay.sqrt_if_square()
run_EC_mul_sanity_tests(
ec = ECP_SWei_Proj[Fp[BLS12_381]],
ec = ECP_ShortW_Proj[Fp[BLS12_381]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_sanity_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g1_mul_sanity_" & $BLS12_381
)
run_EC_mul_sanity_tests(
ec = ECP_SWei_Proj[Fp[BLS12_377]],
ec = ECP_ShortW_Proj[Fp[BLS12_377]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_sanity_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g1_mul_sanity_" & $BLS12_377
)

14
tests/t_ec_wstrass_prj_g1_mul_vs_ref.nim
View File

@ -13,7 +13,7 @@ import
../constantine/config/[common, curves],
../constantine/arithmetic,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -24,19 +24,19 @@ const
ItersMul = Iters div 4
run_EC_mul_vs_ref_impl(
ec = ECP_SWei_Proj[Fp[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp[BN254_Snarks]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_vs_ref_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g1_mul_vs_ref_" & $BN254_Snarks
)
run_EC_mul_vs_ref_impl(
ec = ECP_SWei_Proj[Fp[BLS12_381]],
ec = ECP_ShortW_Proj[Fp[BLS12_381]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_vs_ref_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g1_mul_vs_ref_" & $BLS12_381
)
run_EC_mul_vs_ref_impl(
ec = ECP_SWei_Proj[Fp[BLS12_377]],
ec = ECP_ShortW_Proj[Fp[BLS12_377]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g1_mul_vs_ref_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g1_mul_vs_ref_" & $BLS12_377
)

6
tests/t_ec_wstrass_prj_g2_add_double_bls12_377.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective],
# Test utilities
../helpers/prng_unsafe,
./t_ec_template
@ -23,7 +23,7 @@ const
Iters = 8
run_EC_addition_tests(
ec = ECP_SWei_Proj[Fp2[BLS12_377]],
ec = ECP_ShortW_Proj[Fp2[BLS12_377]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_g2_add_double_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g2_add_double_" & $BLS12_377
)

6
tests/t_ec_wstrass_prj_g2_add_double_bls12_381.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective],
# Test utilities
../helpers/prng_unsafe,
./t_ec_template
@ -23,7 +23,7 @@ const
Iters = 8
run_EC_addition_tests(
ec = ECP_SWei_Proj[Fp2[BLS12_381]],
ec = ECP_ShortW_Proj[Fp2[BLS12_381]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_g2_add_double_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g2_add_double_" & $BLS12_381
)

6
tests/t_ec_wstrass_prj_g2_add_double_bn254_snarks.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective],
# Test utilities
../helpers/prng_unsafe,
./t_ec_template
@ -23,7 +23,7 @@ const
Iters = 8
run_EC_addition_tests(
ec = ECP_SWei_Proj[Fp2[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_g2_add_double_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g2_add_double_" & $BN254_Snarks
)

6
tests/t_ec_wstrass_prj_g2_mixed_add_bls12_377.nim
View File

@ -9,7 +9,7 @@
import
# Internals
../constantine/config/curves,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
../constantine/towers,
# Test utilities
./t_ec_template
@ -18,7 +18,7 @@ const
Iters = 12
run_EC_mixed_add_impl(
ec = ECP_SWei_Proj[Fp2[BLS12_377]],
ec = ECP_ShortW_Proj[Fp2[BLS12_377]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_mixed_add_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_mixed_add_" & $BLS12_377
)

6
tests/t_ec_wstrass_prj_g2_mixed_add_bls12_381.nim
View File

@ -9,7 +9,7 @@
import
# Internals
../constantine/config/curves,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
../constantine/towers,
# Test utilities
./t_ec_template
@ -18,7 +18,7 @@ const
Iters = 12
run_EC_mixed_add_impl(
ec = ECP_SWei_Proj[Fp2[BLS12_381]],
ec = ECP_ShortW_Proj[Fp2[BLS12_381]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_mixed_add_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_mixed_add_" & $BLS12_381
)

6
tests/t_ec_wstrass_prj_g2_mixed_add_bn254_snarks.nim
View File

@ -9,7 +9,7 @@
import
# Internals
../constantine/config/curves,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
../constantine/towers,
# Test utilities
./t_ec_template
@ -18,7 +18,7 @@ const
Iters = 12
run_EC_mixed_add_impl(
ec = ECP_SWei_Proj[Fp2[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
Iters = Iters,
moduleName = "test_ec_weierstrass_projective_mixed_add_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_mixed_add_" & $BN254_Snarks
)

6
tests/t_ec_wstrass_prj_g2_mul_distri_bls12_377.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,7 +25,7 @@ const
ItersMul = Iters div 4
run_EC_mul_distributive_tests(
ec = ECP_SWei_Proj[Fp2[BLS12_377]],
ec = ECP_ShortW_Proj[Fp2[BLS12_377]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_distributive_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g2_mul_distributive_" & $BLS12_377
)

6
tests/t_ec_wstrass_prj_g2_mul_distri_bls12_381.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,7 +25,7 @@ const
ItersMul = Iters div 4
run_EC_mul_distributive_tests(
ec = ECP_SWei_Proj[Fp2[BLS12_381]],
ec = ECP_ShortW_Proj[Fp2[BLS12_381]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_distributive_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g2_mul_distributive_" & $BLS12_381
)

6
tests/t_ec_wstrass_prj_g2_mul_distri_bn254_snarks.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,7 +25,7 @@ const
ItersMul = Iters div 4
run_EC_mul_distributive_tests(
ec = ECP_SWei_Proj[Fp2[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_distributive_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g2_mul_distributive_" & $BN254_Snarks
)

12
tests/t_ec_wstrass_prj_g2_mul_sanity_bls12_377.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,9 +25,9 @@ const
ItersMul = Iters div 4
run_EC_mul_sanity_tests(
ec = ECP_SWei_Proj[Fp2[BLS12_377]],
ec = ECP_ShortW_Proj[Fp2[BLS12_377]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_sanity_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g2_mul_sanity_" & $BLS12_377
)
# TODO: the order on E'(Fp2) for BLS curves is ??? with r the order on E(Fp)
@ -36,7 +36,7 @@ run_EC_mul_sanity_tests(
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_weierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
# echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
@ -58,5 +58,5 @@ run_EC_mul_sanity_tests(
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_SWei_Proj[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = false)
# test(ECP_SWei_Proj[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = true)
# test(ECP_ShortW_Proj[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Proj[Fp2[BLS12_377]], bits = BLS12_377.getCurveOrderBitwidth(), randZ = true)

12
tests/t_ec_wstrass_prj_g2_mul_sanity_bls12_381.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,9 +25,9 @@ const
ItersMul = Iters div 4
run_EC_mul_sanity_tests(
ec = ECP_SWei_Proj[Fp2[BLS12_381]],
ec = ECP_ShortW_Proj[Fp2[BLS12_381]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_sanity_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g2_mul_sanity_" & $BLS12_381
)
# TODO: the order on E'(Fp2) for BLS curves is ??? with r the order on E(Fp)
@ -36,7 +36,7 @@ run_EC_mul_sanity_tests(
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_weierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
# echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
@ -58,5 +58,5 @@ run_EC_mul_sanity_tests(
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_SWei_Proj[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = false)
# test(ECP_SWei_Proj[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = true)
# test(ECP_ShortW_Proj[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Proj[Fp2[BLS12_381]], bits = BLS12_381.getCurveOrderBitwidth(), randZ = true)

12
tests/t_ec_wstrass_prj_g2_mul_sanity_bn254_snarks.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,9 +25,9 @@ const
ItersMul = Iters div 4
run_EC_mul_sanity_tests(
ec = ECP_SWei_Proj[Fp2[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_sanity_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g2_mul_sanity_" & $BN254_Snarks
)
# TODO: the order on E'(Fp2) for BN curve is r(2pr) with r the order on E(Fp)
@ -36,7 +36,7 @@ run_EC_mul_sanity_tests(
# var rng: RngState
# let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
# rng.seed(seed)
# echo "test_ec_weierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
# echo "test_ec_shortweierstrass_projective_g1_mul_sanity_extra_curve_order_mul_sanity xoshiro512** seed: ", seed
#
# proc test(EC: typedesc, bits: static int, randZ: static bool) =
# for _ in 0 ..< ItersMul:
@ -58,5 +58,5 @@ run_EC_mul_sanity_tests(
# bool(impl.isInf())
# bool(reference.isInf())
#
# test(ECP_SWei_Proj[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
# test(ECP_SWei_Proj[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)
# test(ECP_ShortW_Proj[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = false)
# test(ECP_ShortW_Proj[Fp2[BN254_Snarks]], bits = BN254_Snarks.getCurveOrderBitwidth(), randZ = true)

6
tests/t_ec_wstrass_prj_g2_mul_vs_ref_bls12_377.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,7 +25,7 @@ const
ItersMul = Iters div 4
run_EC_mul_vs_ref_impl(
ec = ECP_SWei_Proj[Fp2[BLS12_377]],
ec = ECP_ShortW_Proj[Fp2[BLS12_377]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_vs_ref_" & $BLS12_377
moduleName = "test_ec_shortweierstrass_projective_g2_mul_vs_ref_" & $BLS12_377
)

6
tests/t_ec_wstrass_prj_g2_mul_vs_ref_bls12_381.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,7 +25,7 @@ const
ItersMul = Iters div 4
run_EC_mul_vs_ref_impl(
ec = ECP_SWei_Proj[Fp2[BLS12_381]],
ec = ECP_ShortW_Proj[Fp2[BLS12_381]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_vs_ref_" & $BLS12_381
moduleName = "test_ec_shortweierstrass_projective_g2_mul_vs_ref_" & $BLS12_381
)

6
tests/t_ec_wstrass_prj_g2_mul_vs_ref_bn254_snarks.nim
View File

@ -14,7 +14,7 @@ import
../constantine/arithmetic,
../constantine/towers,
../constantine/io/io_bigints,
../constantine/elliptic/[ec_weierstrass_affine, ec_weierstrass_projective, ec_scalar_mul],
../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul],
# Test utilities
../helpers/prng_unsafe,
./support/ec_reference_scalar_mult,
@ -25,7 +25,7 @@ const
ItersMul = Iters div 4
run_EC_mul_vs_ref_impl(
ec = ECP_SWei_Proj[Fp2[BN254_Snarks]],
ec = ECP_ShortW_Proj[Fp2[BN254_Snarks]],
ItersMul = ItersMul,
moduleName = "test_ec_weierstrass_projective_g2_mul_vs_ref_" & $BN254_Snarks
moduleName = "test_ec_shortweierstrass_projective_g2_mul_vs_ref_" & $BN254_Snarks
)

18
tests/t_pairing_bls12_381_line_functions.nim
View File

@ -16,8 +16,8 @@ import
../constantine/config/curves,
../constantine/io/io_towers,
../constantine/elliptic/[
ec_weierstrass_affine,
ec_weierstrass_projective,
ec_shortweierstrass_affine,
ec_shortweierstrass_projective,
ec_scalar_mul],
../constantine/pairing/lines_projective,
# Test utilities
@ -69,9 +69,9 @@ suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitwidth & "-bit mod
test "Line double - lt,t(P)":
proc test_line_double(C: static Curve, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters:
let P = rng.random_point(ECP_SWei_Aff[Fp[C]], gen)
var T = rng.random_point(ECP_SWei_Proj[Fp2[C]], randZ, gen)
let Q = rng.random_point(ECP_SWei_Proj[Fp2[C]], randZ, gen)
let P = rng.random_point(ECP_ShortW_Aff[Fp[C]], gen)
var T = rng.random_point(ECP_ShortW_Proj[Fp2[C]], randZ, gen)
let Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]], randZ, gen)
var l: Line[Fp2[C], C.getSexticTwist()]
var T2: typeof(Q)
@ -91,15 +91,15 @@ suite "Pairing - Line Functions on BLS12-381" & " [" & $WordBitwidth & "-bit mod
test "Line add - lt,q(P)":
proc test_line_add(C: static Curve, randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters:
let P = rng.random_point(ECP_SWei_Aff[Fp[C]], gen)
let Q = rng.random_point(ECP_SWei_Proj[Fp2[C]], randZ, gen)
var T = rng.random_point(ECP_SWei_Proj[Fp2[C]], randZ, gen)
let P = rng.random_point(ECP_ShortW_Aff[Fp[C]], gen)
let Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]], randZ, gen)
var T = rng.random_point(ECP_ShortW_Proj[Fp2[C]], randZ, gen)
var l: Line[Fp2[C], C.getSexticTwist()]
var TQ{.noInit.}: typeof(T)
TQ.sum(T, Q)
var Qaff{.noInit.}: ECP_SWei_Aff[Fp2[C]]
var Qaff{.noInit.}: ECP_ShortW_Aff[Fp2[C]]
Qaff.affineFromProjective(Q)
l.line_add(T, Qaff, P)

8
tests/t_pairing_template.nim
View File

@ -14,14 +14,14 @@ import
../constantine/[arithmetic, primitives],
../constantine/towers,
../constantine/config/curves,
../constantine/elliptic/ec_weierstrass_projective,
../constantine/elliptic/ec_shortweierstrass_projective,
../constantine/hash_to_curve/cofactors,
# Test utilities
../helpers/[prng_unsafe, static_for]
export
prng_unsafe, times, unittest,
ec_weierstrass_projective, arithmetic, towers,
ec_shortweierstrass_projective, arithmetic, towers,
primitives
type
@ -61,8 +61,8 @@ template runPairingTests*(Iters: static int, C: static Curve, pairing_fn: untype
proc test_bilinearity_double_impl(randZ: bool, gen: RandomGen) =
for _ in 0 ..< Iters:
let P = rng.random_point(ECP_SWei_Proj[Fp[C]], randZ, gen)
let Q = rng.random_point(ECP_SWei_Proj[Fp2[C]], randZ, gen)
let P = rng.random_point(ECP_ShortW_Proj[Fp[C]], randZ, gen)
let Q = rng.random_point(ECP_ShortW_Proj[Fp2[C]], randZ, gen)
var P2: typeof(P)
var Q2: typeof(Q)