diff --git a/README.md b/README.md index 61ce308..4ca36af 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ > “A cryptographic system should be secure even if everything about the system, except the key, is public knowledge.”\ > — Auguste Kerckhoffs -This library provides [constant-time](https://en.wikipedia.org/wiki/Timing_attack) implementation of elliptic curve cryptography -with a particular focus on pairing-based cryptography. +This library provides [constant-time](https://en.wikipedia.org/wiki/Timing_attack) implementation of cryptography protocols +with a particular focus on pairing-based cryptography as used in blockchains and zero-knowledge protocols. The implementations are accompanied with SAGE code used as reference implementation and test vectors generators before writing highly optimized routines implemented in the [Nim language](https://nim-lang.org/) @@ -26,7 +26,63 @@ The library focuses on following properties: - performance - generated code size, datatype size and stack usage -in this order +in this order. + +## Protocols + +Protocols are a set of routines, designed for specific goals or a combination thereof: +- confidentiality: only the intended receiver of a message can read it +- authentication: the other party in the communication is the expected part +- integrity: the received message has not been tampered with +- non-repudiation: the sender of a message cannot repudiated it + +Protocols to address these goals, (authenticated) encryption, signature, traitor-tracing, etc +are designed.\ +Note: some goals might be mutually exclusive, for example "plausible deniability" and "non-repudiation". + +After [installation](#installation), the available high-level protocols are: + +- [x] Ethereum EVM precompiles on BN254_Snarks (also called alt_bn128 or bn256 in Ethereum) + + `import constantine/ethereum_evm_precompiles` +- [ ] BLS signature on BLS12-381 G2 as used in Ethereum 2. + Cryptographic suite: `BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_` + + This scheme is also used in the following blockchains: + Algorand, Chia, Dfinity, Filecoin, Tezos, Zcash. + They may have their pubkeys on G1 and signatures on G2 like Ethereum or the other way around. + + > Parameter discussion: + > + > As Ethereum validators' pubkeys are duplicated, stored and transmitter over and over in the protocol, + having them be as small as possible was important. + On another hand, BLS signatures were first popularized due to their succinctness. + And having signatures on G1 is useful when short signatures are desired, in embedded for example. +- [ ] SHA256 hash +- ... + +## Curves supported in the backend + +_The backend, unlike protocols, is not public. Here be dragons._ + +At the moment the following curves are implemented, adding a new curve only requires adding the prime modulus +and its bitsize in [constantine/config/curves.nim](constantine/backend/config/curves_declaration.nim). + +The following curves are configured: + +- Pairing-Friendly curves + - BN254_Nogami + - BN254_Snarks (Zero-Knowledge Proofs, Snarks, Starks, Zcash, Ethereum 1) + - BLS12-377 (Zexe) + - BLS12-381 (Algorand, Chia Networks, Dfinity, Ethereum 2, Filecoin, Zcash Sapling) + - BW6-671 (Celo, EY Blockchain) (Pairings are WIP)\ + BLS12-377 is embedded in BW6-761 for one layer proof composition in zk-SNARKS. +- Embedded curves + - Jubjub, a curve embedded in BLS12-381 scalar field to be used in zk-SNARKS circuits. + - Bandersnatch, a more efficient curve embedded in BLS12-381 scalar field to be used in zk-SNARKS circuits. +- Other curves + - Curve25519, used in ed25519 and X25519 from TLS 1.3 protocol and the Signal protocol. + With Ristretto, it can be used in bulletproofs. ## Installation @@ -42,62 +98,7 @@ generated incorrect add-with-carry code. On x86-64, inline assembly is used to workaround compilers having issues optimizing large integer arithmetic, and also ensure constant-time code. -This can be deactivated with `"-d:CttASM=false"`: -- at a significant performance cost with GCC (~50% slower than Clang). -- at misssed opportunity on recent CPUs that support MULX/ADCX/ADOX instructions (~60% faster than Clang). -- There is a 2.4x perf ratio between using plain GCC vs GCC with inline assembly. -## Why Nim - -The Nim language offers the following benefits for cryptography: -- Compilation to machine code via C or C++ or alternatively compilation to Javascript. Easy FFI to those languages. - - Obscure embedded devices with proprietary C compilers can be targeted. - - WASM can be targeted. -- Performance reachable in C is reachable in Nim, easily. -- Rich type system: generics, dependent types, mutability-tracking and side-effect analysis, borrow-checking, compiler enforced distinct types (Miles != Meters, SecretBool != bool and SecretWord != uint64). -- Compile-time evaluation, including parsing hex string, converting them to BigInt or Finite Field elements and doing bigint operations. -- Assembly support either inline or ``__attribute__((naked))`` or a simple `{.compile: "myasm.S".}` away -- No GC if no GC-ed types are used (automatic memory management is set at the type level and optimized for latency/soft-realtime by default and can be totally deactivated). -- Procedural macros working directly on AST to - - create generic curve configuration, - - derive constants - - write a size-independent inline assembly code generator -- Upcoming proof system for formal verification via Z3 ([DrNim](https://nim-lang.org/docs/drnim.html), [Correct-by-Construction RFC](https://github.com/nim-lang/RFCs/issues/222)) - -## Curves supported - -At the moment the following curves are supported, adding a new curve only requires adding the prime modulus -and its bitsize in [constantine/config/curves.nim](constantine/config/curves_declaration.nim). - -The following curves are configured: - -### Pairing-Friendly curves - -Supports: -- [x] Field arithmetics -- [x] Curve arithmetic -- [x] Pairing -- [x] Multi-Pairing -- [x] Hash-To-Curve - -Families: -- BN: Barreto-Naehrig -- BLS: Barreto-Lynn-Scott - -Curves: -- BN254_Nogami -- BN254_Snarks (Zero-Knowledge Proofs, Snarks, Starks, Zcash, Ethereum 1) -- BLS12-377 (Zexe) -- BLS12-381 (Algorand, Chia Networks, Dfinity, Ethereum 2, Filecoin, Zcash Sapling) -- BW6-671 (Celo, EY Blockchain) (Pairings are WIP)\ - BLS12-377 is embedded in BW6-761 for one layer proof composition in zk-SNARKS. - -### Other curves - -- Curve25519, used in ed25519 and X25519 from TLS 1.3 protocol and the Signal protocol. - With Ristretto, it can be used in bulletproofs. -- Jubjub, a curve embedded in BLS12-381 scalar field to be used in zk-SNARKS circuits. -- Bandersnatch, a more efficient curve embedded in BLS12-381 scalar field to be used in zk-SNARKS circuits. ## Security Hardening an implementation against all existing and upcoming attack vectors is an extremely complex task. @@ -176,118 +177,57 @@ nimble bench_fp_clang_noasm # Using Clang only (acceptable) nimble bench_fp_gcc # Using GCC only (slowest) nimble bench_fp2 # ... -nimble bench_ec_g1 -nimble bench_ec_g2 -nimble bench_pairing_bn254_nogami -nimble bench_pairing_bn254_snarks -nimble bench_pairing_bls12_377 -nimble bench_pairing_bls12_381 +nimble bench_ec_g1_clang +nimble bench_ec_g2_clang +nimble bench_pairing_bn254_nogami_clang +nimble bench_pairing_bn254_snarks_clang +nimble bench_pairing_bls12_377_clang +nimble bench_pairing_bls12_381_clang # And per-curve summaries -nimble bench_summary_bn254_nogami -nimble bench_summary_bn254_snarks -nimble bench_summary_bls12_377 -nimble bench_summary_bls12_381 +nimble bench_summary_bn254_nogami_clang +nimble bench_summary_bn254_snarks_clang +nimble bench_summary_bls12_377_clang +nimble bench_summary_bls12_381_clang ``` As mentioned in the [Compiler caveats](#compiler-caveats) section, GCC is up to 2x slower than Clang due to mishandling of carries and register usage. -On my machine i9-9980XE (overclocked @ 3.9 GHz, nominal clock 3.0 GHz), for Clang + Assembly, **all being constant-time** (including scalar multiplication, square root and inversion). - -#### BN254_Snarks (Clang + inline assembly) - -``` --------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fr[BN254_Snarks] 66666666.667 ops/s 15 ns/op 47 CPU cycles (approx) -Squaring Fr[BN254_Snarks] 71428571.429 ops/s 14 ns/op 42 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fp[BN254_Snarks] 66666666.667 ops/s 15 ns/op 47 CPU cycles (approx) -Squaring Fp[BN254_Snarks] 71428571.429 ops/s 14 ns/op 42 CPU cycles (approx) -Inversion Fp[BN254_Snarks] 189537.528 ops/s 5276 ns/op 15828 CPU cycles (approx) -Square Root + isSquare Fp[BN254_Snarks] 189358.076 ops/s 5281 ns/op 15843 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fp2[BN254_Snarks] 18867924.528 ops/s 53 ns/op 160 CPU cycles (approx) -Squaring Fp2[BN254_Snarks] 25641025.641 ops/s 39 ns/op 119 CPU cycles (approx) -Inversion Fp2[BN254_Snarks] 186776.242 ops/s 5354 ns/op 16064 CPU cycles (approx) -Square Root + isSquare Fp2[BN254_Snarks] 92790.201 ops/s 10777 ns/op 32332 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G1 ECP_ShortW_Prj[Fp[BN254_Snarks]] 3731343.284 ops/s 268 ns/op 806 CPU cycles (approx) -EC Mixed Addition G1 ECP_ShortW_Prj[Fp[BN254_Snarks]] 3952569.170 ops/s 253 ns/op 761 CPU cycles (approx) -EC Double G1 ECP_ShortW_Prj[Fp[BN254_Snarks]] 6024096.386 ops/s 166 ns/op 500 CPU cycles (approx) -EC ScalarMul 254-bit G1 ECP_ShortW_Prj[Fp[BN254_Snarks]] 23140.113 ops/s 43215 ns/op 129647 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G1 ECP_ShortW_Jac[Fp[BN254_Snarks]] 2985074.627 ops/s 335 ns/op 1005 CPU cycles (approx) -EC Mixed Addition G1 ECP_ShortW_Jac[Fp[BN254_Snarks]] 4184100.418 ops/s 239 ns/op 718 CPU cycles (approx) -EC Double G1 ECP_ShortW_Jac[Fp[BN254_Snarks]] 6410256.410 ops/s 156 ns/op 469 CPU cycles (approx) -EC ScalarMul 254-bit G1 ECP_ShortW_Jac[Fp[BN254_Snarks]] 21458.307 ops/s 46602 ns/op 139809 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G2 ECP_ShortW_Prj[Fp2[BN254_Snarks]] 1061571.125 ops/s 942 ns/op 2826 CPU cycles (approx) -EC Mixed Addition G2 ECP_ShortW_Prj[Fp2[BN254_Snarks]] 1183431.953 ops/s 845 ns/op 2536 CPU cycles (approx) -EC Double G2 ECP_ShortW_Prj[Fp2[BN254_Snarks]] 1821493.625 ops/s 549 ns/op 1649 CPU cycles (approx) -EC ScalarMul 254-bit G2 ECP_ShortW_Prj[Fp2[BN254_Snarks]] 9259.602 ops/s 107996 ns/op 323995 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G2 ECP_ShortW_Jac[Fp2[BN254_Snarks]] 1092896.175 ops/s 915 ns/op 2747 CPU cycles (approx) -EC Mixed Addition G2 ECP_ShortW_Jac[Fp2[BN254_Snarks]] 1577287.066 ops/s 634 ns/op 1904 CPU cycles (approx) -EC Double G2 ECP_ShortW_Jac[Fp2[BN254_Snarks]] 2570694.087 ops/s 389 ns/op 1167 CPU cycles (approx) -EC ScalarMul 254-bit G2 ECP_ShortW_Jac[Fp2[BN254_Snarks]] 10358.615 ops/s 96538 ns/op 289621 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fp12[BN254_Snarks] 691085.003 ops/s 1447 ns/op 4342 CPU cycles (approx) -Squaring Fp12[BN254_Snarks] 893655.049 ops/s 1119 ns/op 3357 CPU cycles (approx) -Inversion Fp12[BN254_Snarks] 121876.904 ops/s 8205 ns/op 24617 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -Miller Loop BN BN254_Snarks 4635.102 ops/s 215745 ns/op 647249 CPU cycles (approx) -Final Exponentiation BN BN254_Snarks 4011.038 ops/s 249312 ns/op 747950 CPU cycles (approx) -Pairing BN BN254_Snarks 2158.047 ops/s 463382 ns/op 1390175 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -``` +On my machine i9-11980HK (8 cores 2.6GHz, turbo 5GHz), for Clang + Assembly, **all being constant-time** (including scalar multiplication, square root and inversion). #### BLS12_381 (Clang + inline Assembly) ``` -------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fr[BLS12_381] 66666666.667 ops/s 15 ns/op 47 CPU cycles (approx) -Squaring Fr[BLS12_381] 71428571.429 ops/s 14 ns/op 43 CPU cycles (approx) +EC ScalarMul 255-bit G1 ECP_ShortW_Prj[Fp[BLS12_381]] 16086.740 ops/s 62163 ns/op 205288 CPU cycles (approx) +EC ScalarMul 255-bit G1 ECP_ShortW_Jac[Fp[BLS12_381]] 16670.834 ops/s 59985 ns/op 198097 CPU cycles (approx) +EC ScalarMul 255-bit G2 ECP_ShortW_Prj[Fp2[BLS12_381]] 8333.403 ops/s 119999 ns/op 396284 CPU cycles (approx) +EC ScalarMul 255-bit G2 ECP_ShortW_Jac[Fp2[BLS12_381]] 9300.682 ops/s 107519 ns/op 355071 CPU cycles (approx) -------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fp[BLS12_381] 35714285.714 ops/s 28 ns/op 84 CPU cycles (approx) -Squaring Fp[BLS12_381] 35714285.714 ops/s 28 ns/op 84 CPU cycles (approx) -Inversion Fp[BLS12_381] 70131.145 ops/s 14259 ns/op 42780 CPU cycles (approx) -Square Root + isSquare Fp[BLS12_381] 69793.412 ops/s 14328 ns/op 42986 CPU cycles (approx) +Miller Loop BLS12 BLS12_381 5102.223 ops/s 195993 ns/op 647251 CPU cycles (approx) +Final Exponentiation BLS12 BLS12_381 4209.109 ops/s 237580 ns/op 784588 CPU cycles (approx) +Pairing BLS12 BLS12_381 2343.045 ops/s 426795 ns/op 1409453 CPU cycles (approx) -------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fp2[BLS12_381] 10526315.789 ops/s 95 ns/op 287 CPU cycles (approx) -Squaring Fp2[BLS12_381] 14084507.042 ops/s 71 ns/op 213 CPU cycles (approx) -Inversion Fp2[BLS12_381] 69376.995 ops/s 14414 ns/op 43242 CPU cycles (approx) -Square Root + isSquare Fp2[BLS12_381] 34526.810 ops/s 28963 ns/op 86893 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G1 ECP_ShortW_Prj[Fp[BLS12_381]] 2127659.574 ops/s 470 ns/op 1412 CPU cycles (approx) -EC Mixed Addition G1 ECP_ShortW_Prj[Fp[BLS12_381]] 2415458.937 ops/s 414 ns/op 1243 CPU cycles (approx) -EC Double G1 ECP_ShortW_Prj[Fp[BLS12_381]] 3412969.283 ops/s 293 ns/op 881 CPU cycles (approx) -EC ScalarMul 255-bit G1 ECP_ShortW_Prj[Fp[BLS12_381]] 13218.596 ops/s 75651 ns/op 226959 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G1 ECP_ShortW_Jac[Fp[BLS12_381]] 1757469.244 ops/s 569 ns/op 1708 CPU cycles (approx) -EC Mixed Addition G1 ECP_ShortW_Jac[Fp[BLS12_381]] 2433090.024 ops/s 411 ns/op 1235 CPU cycles (approx) -EC Double G1 ECP_ShortW_Jac[Fp[BLS12_381]] 3636363.636 ops/s 275 ns/op 826 CPU cycles (approx) -EC ScalarMul 255-bit G1 ECP_ShortW_Jac[Fp[BLS12_381]] 12390.499 ops/s 80707 ns/op 242126 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G2 ECP_ShortW_Prj[Fp2[BLS12_381]] 710227.273 ops/s 1408 ns/op 4225 CPU cycles (approx) -EC Mixed Addition G2 ECP_ShortW_Prj[Fp2[BLS12_381]] 800640.512 ops/s 1249 ns/op 3748 CPU cycles (approx) -EC Double G2 ECP_ShortW_Prj[Fp2[BLS12_381]] 1179245.283 ops/s 848 ns/op 2545 CPU cycles (approx) -EC ScalarMul 255-bit G2 ECP_ShortW_Prj[Fp2[BLS12_381]] 6179.171 ops/s 161834 ns/op 485514 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -EC Add G2 ECP_ShortW_Jac[Fp2[BLS12_381]] 631711.939 ops/s 1583 ns/op 4751 CPU cycles (approx) -EC Mixed Addition G2 ECP_ShortW_Jac[Fp2[BLS12_381]] 900900.901 ops/s 1110 ns/op 3332 CPU cycles (approx) -EC Double G2 ECP_ShortW_Jac[Fp2[BLS12_381]] 1501501.502 ops/s 666 ns/op 1999 CPU cycles (approx) -EC ScalarMul 255-bit G2 ECP_ShortW_Jac[Fp2[BLS12_381]] 6067.519 ops/s 164812 ns/op 494446 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -Multiplication Fp12[BLS12_381] 504540.868 ops/s 1982 ns/op 5949 CPU cycles (approx) -Squaring Fp12[BLS12_381] 688231.246 ops/s 1453 ns/op 4360 CPU cycles (approx) -Inversion Fp12[BLS12_381] 54279.976 ops/s 18423 ns/op 55271 CPU cycles (approx) --------------------------------------------------------------------------------------------------------------------------------------------------------- -Miller Loop BLS12 BLS12_381 3856.953 ops/s 259272 ns/op 777833 CPU cycles (approx) -Final Exponentiation BLS12 BLS12_381 2526.465 ops/s 395810 ns/op 1187454 CPU cycles (approx) -Pairing BLS12 BLS12_381 1548.870 ops/s 645632 ns/op 1936937 CPU cycles (approx) +Hash to G2 (Draft #11) BLS12_381 6558.495 ops/s 152474 ns/op 503531 CPU cycles (approx) -------------------------------------------------------------------------------------------------------------------------------------------------------- ``` +## Why Nim + +The Nim language offers the following benefits for cryptography: +- Compilation to machine code via C or C++ or alternatively compilation to Javascript. Easy FFI to those languages. + - Obscure embedded devices with proprietary C compilers can be targeted. + - WASM can be targeted. +- Performance reachable in C is reachable in Nim, easily. +- Rich type system: generics, dependent types, mutability-tracking and side-effect analysis, borrow-checking, compiler enforced distinct types (Miles != Meters, SecretBool != bool and SecretWord != uint64). +- Compile-time evaluation, including parsing hex string, converting them to BigInt or Finite Field elements and doing bigint operations. +- Assembly support either inline or ``__attribute__((naked))`` or a simple `{.compile: "myasm.S".}` away +- No GC if no GC-ed types are used (automatic memory management is set at the type level and optimized for latency/soft-realtime by default and can be totally deactivated). +- Procedural macros working directly on AST to + - create generic curve configuration, + - derive constants + - write a size-independent inline assembly code generator +- Upcoming proof system for formal verification via Z3 ([DrNim](https://nim-lang.org/docs/drnim.html), [Correct-by-Construction RFC](https://github.com/nim-lang/RFCs/issues/222)) ### Compiler caveats Unfortunately compilers and in particular GCC are not very good at optimizing big integers and/or cryptographic code even when using intrinsics like `addcarry_u64`. @@ -346,9 +286,6 @@ add256: adcq %rax, 24(%rdi) retq ``` - -As a workaround key procedures use inline assembly. - ### Inline assembly While using intrinsics significantly improve code readability, portability, auditability and maintainability, @@ -357,6 +294,15 @@ and also to use dedicated large integer instructions MULX, ADCX, ADOX that compi The speed improvement on finite field arithmetic is up 60% with MULX, ADCX, ADOX on BLS12-381 (6 limbs). +Finally assembly is a requirement to ensure constant-time property and to avoid compilers turning careful +branchless code into branches, see [Fighting the compiler (wiki)](https://github.com/mratsim/constantine/wiki/Constant-time-arithmetics#fighting-the-compiler) + +In summary, pure C/C++/Nim implies: +- a smart compiler might unravel the constant time bit manipulation and reintroduce branches. +- a significant performance cost with GCC (~50% slower than Clang). +- missed opportunities on recent CPUs that support MULX/ADCX/ADOX instructions (~60% faster than Clang). +- 2.4x perf ratio between using plain GCC vs GCC with inline assembly. + ## Sizes: code size, stack usage Thanks to 10x smaller key sizes for the same security level as RSA, elliptic curve cryptography @@ -369,15 +315,6 @@ At the moment Constantine is optimized for 32-bit and 64-bit CPUs. When performance and code size conflicts, a careful and informed default is chosen. In the future, a compile-time flag that goes beyond the compiler `-Os` might be provided. - -### Example tradeoff - -Unrolling Montgomery Multiplication brings about 15% performance improvement -which translate to ~15% on all operations in Constantine as field multiplication bottlenecks -all cryptographic primitives. -This is considered a worthwhile tradeoff on all but the most constrained CPUs -with those CPUs probably being 8-bit or 16-bit. - ## License Licensed and distributed under either of diff --git a/benchmarks/bench_blueprint.nim b/benchmarks/bench_blueprint.nim index e7a0faa..b11ad0c 100644 --- a/benchmarks/bench_blueprint.nim +++ b/benchmarks/bench_blueprint.nim @@ -14,7 +14,7 @@ import # Internal - ../constantine/config/common, + ../constantine/backend/config/common, # Helpers ../helpers/prng_unsafe, ./platforms, diff --git a/benchmarks/bench_ec_g1.nim b/benchmarks/bench_ec_g1.nim index b1cf4a3..79a3eb5 100644 --- a/benchmarks/bench_ec_g1.nim +++ b/benchmarks/bench_ec_g1.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/elliptic/[ + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/elliptic/[ ec_shortweierstrass_projective, ec_shortweierstrass_jacobian], # Helpers diff --git a/benchmarks/bench_ec_g2.nim b/benchmarks/bench_ec_g2.nim index b332747..5290b18 100644 --- a/benchmarks/bench_ec_g2.nim +++ b/benchmarks/bench_ec_g2.nim @@ -8,10 +8,10 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, - ../constantine/elliptic/[ + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, + ../constantine/backend/elliptic/[ ec_shortweierstrass_projective, ec_shortweierstrass_jacobian], # Helpers diff --git a/benchmarks/bench_elliptic_template.nim b/benchmarks/bench_elliptic_template.nim index 02f7190..68b2702 100644 --- a/benchmarks/bench_elliptic_template.nim +++ b/benchmarks/bench_elliptic_template.nim @@ -14,10 +14,10 @@ import # Internals - ../constantine/config/[curves, common], - ../constantine/arithmetic, - ../constantine/io/io_bigints, - ../constantine/elliptic/[ + ../constantine/backend/config/[curves, common], + ../constantine/backend/arithmetic, + ../constantine/backend/io/io_bigints, + ../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_shortweierstrass_jacobian, @@ -27,7 +27,7 @@ import ./platforms, ./bench_blueprint, # Reference unsafe scalar multiplication - ../tests/support/ec_reference_scalar_mult + ../tests/backend/support/ec_reference_scalar_mult export notes proc separator*() = separator(177) diff --git a/benchmarks/bench_fields_template.nim b/benchmarks/bench_fields_template.nim index 67aa0bb..bb9b462 100644 --- a/benchmarks/bench_fields_template.nim +++ b/benchmarks/bench_fields_template.nim @@ -14,10 +14,10 @@ import # Internals - ../constantine/config/[common, curves], - ../constantine/arithmetic, - ../constantine/towers, - ../constantine/curves/zoo_square_roots, + ../constantine/backend/config/[common, curves], + ../constantine/backend/arithmetic, + ../constantine/backend/towers, + ../constantine/backend/curves/zoo_square_roots, # Helpers ../helpers/prng_unsafe, ./bench_blueprint diff --git a/benchmarks/bench_fp.nim b/benchmarks/bench_fp.nim index 4e97804..8566024 100644 --- a/benchmarks/bench_fp.nim +++ b/benchmarks/bench_fp.nim @@ -8,10 +8,10 @@ import # Internals - ../constantine/config/[curves, common], - ../constantine/arithmetic, - ../constantine/io/io_bigints, - ../constantine/curves/zoo_square_roots, + ../constantine/backend/config/[curves, common], + ../constantine/backend/arithmetic, + ../constantine/backend/io/io_bigints, + ../constantine/backend/curves/zoo_square_roots, # Helpers ../helpers/static_for, ./bench_fields_template diff --git a/benchmarks/bench_fp12.nim b/benchmarks/bench_fp12.nim index 2a35eed..8fd3b7f 100644 --- a/benchmarks/bench_fp12.nim +++ b/benchmarks/bench_fp12.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/curves, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_fields_template, diff --git a/benchmarks/bench_fp2.nim b/benchmarks/bench_fp2.nim index 78e9da7..71ba783 100644 --- a/benchmarks/bench_fp2.nim +++ b/benchmarks/bench_fp2.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/curves, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_fields_template, diff --git a/benchmarks/bench_fp4.nim b/benchmarks/bench_fp4.nim index c3fa0c2..089cca8 100644 --- a/benchmarks/bench_fp4.nim +++ b/benchmarks/bench_fp4.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/curves, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_fields_template, diff --git a/benchmarks/bench_fp6.nim b/benchmarks/bench_fp6.nim index 00151e0..1d0a892 100644 --- a/benchmarks/bench_fp6.nim +++ b/benchmarks/bench_fp6.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/curves, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_fields_template, diff --git a/benchmarks/bench_fp_double_precision.nim b/benchmarks/bench_fp_double_precision.nim index 7a1d100..eef7e3c 100644 --- a/benchmarks/bench_fp_double_precision.nim +++ b/benchmarks/bench_fp_double_precision.nim @@ -14,9 +14,9 @@ import # Internals - ../constantine/config/[curves, common], - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/[curves, common], + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/[prng_unsafe, static_for], ./platforms, diff --git a/benchmarks/bench_hash_to_curve.nim b/benchmarks/bench_hash_to_curve.nim index 5757c63..541f8ce 100644 --- a/benchmarks/bench_hash_to_curve.nim +++ b/benchmarks/bench_hash_to_curve.nim @@ -8,13 +8,13 @@ import # Internals - ../constantine/config/[common, curves, type_bigint, type_ff], - ../constantine/[towers, hashes], - ../constantine/io/[io_bigints, io_ec], - ../constantine/elliptic/[ + ../constantine/backend/config/[common, curves, type_bigint, type_ff], + ../constantine/backend/[towers, hashes], + ../constantine/backend/io/[io_bigints, io_ec], + ../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective], - ../constantine/hash_to_curve/hash_to_curve, + ../constantine/backend/hash_to_curve/hash_to_curve, # Helpers ../helpers/prng_unsafe, ./bench_blueprint diff --git a/benchmarks/bench_pairing_bls12_377.nim b/benchmarks/bench_pairing_bls12_377.nim index d5897d1..fc5594e 100644 --- a/benchmarks/bench_pairing_bls12_377.nim +++ b/benchmarks/bench_pairing_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_pairing_template, diff --git a/benchmarks/bench_pairing_bls12_381.nim b/benchmarks/bench_pairing_bls12_381.nim index 84d27a5..a280e0c 100644 --- a/benchmarks/bench_pairing_bls12_381.nim +++ b/benchmarks/bench_pairing_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_pairing_template, diff --git a/benchmarks/bench_pairing_bn254_nogami.nim b/benchmarks/bench_pairing_bn254_nogami.nim index 7177581..0152133 100644 --- a/benchmarks/bench_pairing_bn254_nogami.nim +++ b/benchmarks/bench_pairing_bn254_nogami.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_pairing_template, diff --git a/benchmarks/bench_pairing_bn254_snarks.nim b/benchmarks/bench_pairing_bn254_snarks.nim index a5cae37..9b1330c 100644 --- a/benchmarks/bench_pairing_bn254_snarks.nim +++ b/benchmarks/bench_pairing_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_pairing_template, diff --git a/benchmarks/bench_pairing_template.nim b/benchmarks/bench_pairing_template.nim index ff16507..4ea6f21 100644 --- a/benchmarks/bench_pairing_template.nim +++ b/benchmarks/bench_pairing_template.nim @@ -14,18 +14,18 @@ import # Internals - ../constantine/config/[curves, common], - ../constantine/arithmetic, - ../constantine/towers, - ../constantine/ec_shortweierstrass, - ../constantine/curves/zoo_subgroups, - ../constantine/pairing/[ + ../constantine/backend/config/[curves, common], + ../constantine/backend/arithmetic, + ../constantine/backend/towers, + ../constantine/backend/ec_shortweierstrass, + ../constantine/backend/curves/zoo_subgroups, + ../constantine/backend/pairing/[ cyclotomic_subgroup, lines_eval, pairing_bls12, pairing_bn ], - ../constantine/curves/zoo_pairings, + ../constantine/backend/curves/zoo_pairings, # Helpers ../helpers/prng_unsafe, ./bench_blueprint diff --git a/benchmarks/bench_sha256.nim b/benchmarks/bench_sha256.nim index b10d6da..98882e9 100644 --- a/benchmarks/bench_sha256.nim +++ b/benchmarks/bench_sha256.nim @@ -1,6 +1,6 @@ import # Internals - ../constantine/hashes, + ../constantine/backend/hashes, # Helpers ../helpers/prng_unsafe, ./bench_blueprint diff --git a/benchmarks/bench_summary_bls12_377.nim b/benchmarks/bench_summary_bls12_377.nim index b7d465c..2759b32 100644 --- a/benchmarks/bench_summary_bls12_377.nim +++ b/benchmarks/bench_summary_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_summary_template, diff --git a/benchmarks/bench_summary_bls12_381.nim b/benchmarks/bench_summary_bls12_381.nim index 56d4eb2..788bbb2 100644 --- a/benchmarks/bench_summary_bls12_381.nim +++ b/benchmarks/bench_summary_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_summary_template, diff --git a/benchmarks/bench_summary_bn254_nogami.nim b/benchmarks/bench_summary_bn254_nogami.nim index f968dfc..129c098 100644 --- a/benchmarks/bench_summary_bn254_nogami.nim +++ b/benchmarks/bench_summary_bn254_nogami.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_summary_template, diff --git a/benchmarks/bench_summary_bn254_snarks.nim b/benchmarks/bench_summary_bn254_snarks.nim index be20e68..6450095 100644 --- a/benchmarks/bench_summary_bn254_snarks.nim +++ b/benchmarks/bench_summary_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/arithmetic, - ../constantine/towers, + ../constantine/backend/config/curves, + ../constantine/backend/arithmetic, + ../constantine/backend/towers, # Helpers ../helpers/static_for, ./bench_summary_template, diff --git a/benchmarks/bench_summary_template.nim b/benchmarks/bench_summary_template.nim index 2fdf9b7..99cf85c 100644 --- a/benchmarks/bench_summary_template.nim +++ b/benchmarks/bench_summary_template.nim @@ -14,21 +14,21 @@ import # Internals - ../constantine/config/[curves, common], - ../constantine/[arithmetic, hashes, towers], - ../constantine/elliptic/[ + ../constantine/backend/config/[curves, common], + ../constantine/backend/[arithmetic, hashes, towers], + ../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_shortweierstrass_jacobian, ec_scalar_mul, ec_endomorphism_accel], - ../constantine/curves/zoo_subgroups, - ../constantine/hash_to_curve/hash_to_curve, - ../constantine/pairing/[ + ../constantine/backend/curves/zoo_subgroups, + ../constantine/backend/hash_to_curve/hash_to_curve, + ../constantine/backend/pairing/[ cyclotomic_subgroup, pairing_bls12, pairing_bn ], - ../constantine/curves/zoo_pairings, + ../constantine/backend/curves/zoo_pairings, # Helpers ../helpers/[prng_unsafe, static_for], ./bench_blueprint diff --git a/constantine.nimble b/constantine.nimble index b73bf30..9bc685f 100644 --- a/constantine.nimble +++ b/constantine.nimble @@ -23,194 +23,194 @@ const buildParallel = "test_parallel.txt" const testDesc: seq[tuple[path: string, useGMP: bool]] = @[ # Primitives # ---------------------------------------------------------- - ("tests/t_primitives.nim", false), - ("tests/t_primitives_extended_precision.nim", false), + ("tests/backend/t_primitives.nim", false), + ("tests/backend/t_primitives_extended_precision.nim", false), # Big ints # ---------------------------------------------------------- - ("tests/t_io_bigints.nim", false), - ("tests/t_io_unsaturated.nim", false), - ("tests/t_bigints.nim", false), - ("tests/t_bigints_multimod.nim", false), - ("tests/t_bigints_mod_vs_gmp.nim", true), - ("tests/t_bigints_mul_vs_gmp.nim", true), - ("tests/t_bigints_mul_high_words_vs_gmp.nim", true), + ("tests/backend/t_io_bigints.nim", false), + ("tests/backend/t_io_unsaturated.nim", false), + ("tests/backend/t_bigints.nim", false), + ("tests/backend/t_bigints_multimod.nim", false), + ("tests/backend/t_bigints_mod_vs_gmp.nim", true), + ("tests/backend/t_bigints_mul_vs_gmp.nim", true), + ("tests/backend/t_bigints_mul_high_words_vs_gmp.nim", true), # Field # ---------------------------------------------------------- - ("tests/t_io_fields", false), - ("tests/t_finite_fields.nim", false), - ("tests/t_finite_fields_conditional_arithmetic.nim", false), - ("tests/t_finite_fields_mulsquare.nim", false), - ("tests/t_finite_fields_sqrt.nim", false), - ("tests/t_finite_fields_powinv.nim", false), - ("tests/t_finite_fields_vs_gmp.nim", true), - ("tests/t_fp_cubic_root.nim", false), + ("tests/backend/t_io_fields", false), + ("tests/backend/t_finite_fields.nim", false), + ("tests/backend/t_finite_fields_conditional_arithmetic.nim", false), + ("tests/backend/t_finite_fields_mulsquare.nim", false), + ("tests/backend/t_finite_fields_sqrt.nim", false), + ("tests/backend/t_finite_fields_powinv.nim", false), + ("tests/backend/t_finite_fields_vs_gmp.nim", true), + ("tests/backend/t_fp_cubic_root.nim", false), # Double-precision finite fields # ---------------------------------------------------------- - ("tests/t_finite_fields_double_precision.nim", false), + ("tests/backend/t_finite_fields_double_precision.nim", false), # Towers of extension fields # ---------------------------------------------------------- - ("tests/t_fp2.nim", false), - ("tests/t_fp2_sqrt.nim", false), - ("tests/t_fp4.nim", false), - ("tests/t_fp6_bn254_snarks.nim", false), - ("tests/t_fp6_bls12_377.nim", false), - ("tests/t_fp6_bls12_381.nim", false), - ("tests/t_fp6_bw6_761.nim", false), - ("tests/t_fp12_bn254_snarks.nim", false), - ("tests/t_fp12_bls12_377.nim", false), - ("tests/t_fp12_bls12_381.nim", false), - ("tests/t_fp12_exponentiation.nim", false), - ("tests/t_fp12_anti_regression.nim", false), + ("tests/backend/t_fp2.nim", false), + ("tests/backend/t_fp2_sqrt.nim", false), + ("tests/backend/t_fp4.nim", false), + ("tests/backend/t_fp6_bn254_snarks.nim", false), + ("tests/backend/t_fp6_bls12_377.nim", false), + ("tests/backend/t_fp6_bls12_381.nim", false), + ("tests/backend/t_fp6_bw6_761.nim", false), + ("tests/backend/t_fp12_bn254_snarks.nim", false), + ("tests/backend/t_fp12_bls12_377.nim", false), + ("tests/backend/t_fp12_bls12_381.nim", false), + ("tests/backend/t_fp12_exponentiation.nim", false), + ("tests/backend/t_fp12_anti_regression.nim", false), - ("tests/t_fp4_frobenius.nim", false), - ("tests/t_fp6_frobenius.nim", false), - ("tests/t_fp12_frobenius.nim", false), + ("tests/backend/t_fp4_frobenius.nim", false), + ("tests/backend/t_fp6_frobenius.nim", false), + ("tests/backend/t_fp12_frobenius.nim", false), # Elliptic curve arithmetic # ---------------------------------------------------------- - ("tests/t_ec_conversion.nim", false), + ("tests/backend/t_ec_conversion.nim", false), # Elliptic curve arithmetic G1 # ---------------------------------------------------------- - # ("tests/t_ec_shortw_prj_g1_add_double.nim", false), - # ("tests/t_ec_shortw_prj_g1_mul_sanity.nim", false), - # ("tests/t_ec_shortw_prj_g1_mul_distri.nim", false), - ("tests/t_ec_shortw_prj_g1_mul_vs_ref.nim", false), - ("tests/t_ec_shortw_prj_g1_mixed_add.nim", false), + # ("tests/backend/t_ec_shortw_prj_g1_add_double.nim", false), + # ("tests/backend/t_ec_shortw_prj_g1_mul_sanity.nim", false), + # ("tests/backend/t_ec_shortw_prj_g1_mul_distri.nim", false), + ("tests/backend/t_ec_shortw_prj_g1_mul_vs_ref.nim", false), + ("tests/backend/t_ec_shortw_prj_g1_mixed_add.nim", false), - # ("tests/t_ec_shortw_jac_g1_add_double.nim", false), - # ("tests/t_ec_shortw_jac_g1_mul_sanity.nim", false), - # ("tests/t_ec_shortw_jac_g1_mul_distri.nim", false), - ("tests/t_ec_shortw_jac_g1_mul_vs_ref.nim", false), - ("tests/t_ec_shortw_jac_g1_mixed_add.nim", false), + # ("tests/backend/t_ec_shortw_jac_g1_add_double.nim", false), + # ("tests/backend/t_ec_shortw_jac_g1_mul_sanity.nim", false), + # ("tests/backend/t_ec_shortw_jac_g1_mul_distri.nim", false), + ("tests/backend/t_ec_shortw_jac_g1_mul_vs_ref.nim", false), + ("tests/backend/t_ec_shortw_jac_g1_mixed_add.nim", false), - ("tests/t_ec_twedwards_prj_add_double", false), - ("tests/t_ec_twedwards_prj_mul_sanity", false), - ("tests/t_ec_twedwards_prj_mul_distri", false), + ("tests/backend/t_ec_twedwards_prj_add_double", false), + ("tests/backend/t_ec_twedwards_prj_mul_sanity", false), + ("tests/backend/t_ec_twedwards_prj_mul_distri", false), # Elliptic curve arithmetic G2 # ---------------------------------------------------------- - # ("tests/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim", false), - ("tests/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim", false), - ("tests/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim", false), - # ("tests/t_ec_shortw_prj_g2_add_double_bls12_381.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim", false), - ("tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim", false), - ("tests/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_add_double_bls12_381.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim", false), - # ("tests/t_ec_shortw_prj_g2_add_double_bls12_377.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim", false), - ("tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim", false), - ("tests/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_add_double_bls12_377.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim", false), - # ("tests/t_ec_shortw_prj_g2_add_double_bw6_761.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim", false), - # ("tests/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim", false), - ("tests/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim", false), - ("tests/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_add_double_bw6_761.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim", false), + # ("tests/backend/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim", false), + ("tests/backend/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim", false), - # ("tests/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim", false), - ("tests/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim", false), - ("tests/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim", false), - # ("tests/t_ec_shortw_jac_g2_add_double_bls12_381.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim", false), - ("tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim", false), - ("tests/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_add_double_bls12_381.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim", false), - # ("tests/t_ec_shortw_jac_g2_add_double_bls12_377.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim", false), - ("tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim", false), - ("tests/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_add_double_bls12_377.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim", false), - # ("tests/t_ec_shortw_jac_g2_add_double_bw6_761.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim", false), - # ("tests/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim", false), - ("tests/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim", false), - ("tests/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_add_double_bw6_761.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim", false), + # ("tests/backend/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim", false), + ("tests/backend/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim", false), # Elliptic curve arithmetic vs Sagemath # ---------------------------------------------------------- - ("tests/t_ec_frobenius.nim", false), - ("tests/t_ec_sage_bn254_nogami.nim", false), - ("tests/t_ec_sage_bn254_snarks.nim", false), - ("tests/t_ec_sage_bls12_377.nim", false), - ("tests/t_ec_sage_bls12_381.nim", false), + ("tests/backend/t_ec_frobenius.nim", false), + ("tests/backend/t_ec_sage_bn254_nogami.nim", false), + ("tests/backend/t_ec_sage_bn254_snarks.nim", false), + ("tests/backend/t_ec_sage_bls12_377.nim", false), + ("tests/backend/t_ec_sage_bls12_381.nim", false), # Edge cases highlighted by past bugs # ---------------------------------------------------------- - ("tests/t_ec_shortw_prj_edge_cases.nim", false), + ("tests/backend/t_ec_shortw_prj_edge_cases.nim", false), # Subgroups and cofactors # ---------------------------------------------------------- - ("tests/t_ec_subgroups_bn254_nogami.nim", false), - ("tests/t_ec_subgroups_bn254_snarks.nim", false), - ("tests/t_ec_subgroups_bls12_377.nim", false), - ("tests/t_ec_subgroups_bls12_381.nim", false), + ("tests/backend/t_ec_subgroups_bn254_nogami.nim", false), + ("tests/backend/t_ec_subgroups_bn254_snarks.nim", false), + ("tests/backend/t_ec_subgroups_bls12_377.nim", false), + ("tests/backend/t_ec_subgroups_bls12_381.nim", false), - ("tests/t_pairing_bn254_nogami_gt_subgroup.nim", false), - ("tests/t_pairing_bn254_snarks_gt_subgroup.nim", false), - ("tests/t_pairing_bls12_377_gt_subgroup.nim", false), - ("tests/t_pairing_bls12_381_gt_subgroup.nim", false), - ("tests/t_pairing_bw6_761_gt_subgroup.nim", false), + ("tests/backend/t_pairing_bn254_nogami_gt_subgroup.nim", false), + ("tests/backend/t_pairing_bn254_snarks_gt_subgroup.nim", false), + ("tests/backend/t_pairing_bls12_377_gt_subgroup.nim", false), + ("tests/backend/t_pairing_bls12_381_gt_subgroup.nim", false), + ("tests/backend/t_pairing_bw6_761_gt_subgroup.nim", false), # Pairing # ---------------------------------------------------------- - # ("tests/t_pairing_bls12_377_line_functions.nim", false), - # ("tests/t_pairing_bls12_381_line_functions.nim", false), - ("tests/t_pairing_mul_fp12_by_lines.nim", false), - ("tests/t_pairing_cyclotomic_subgroup.nim", false), - ("tests/t_pairing_bn254_nogami_optate.nim", false), - ("tests/t_pairing_bn254_snarks_optate.nim", false), - ("tests/t_pairing_bls12_377_optate.nim", false), - ("tests/t_pairing_bls12_381_optate.nim", false), - ("tests/t_pairing_bls12_381_multi.nim", false), + # ("tests/backend/t_pairing_bls12_377_line_functions.nim", false), + # ("tests/backend/t_pairing_bls12_381_line_functions.nim", false), + ("tests/backend/t_pairing_mul_fp12_by_lines.nim", false), + ("tests/backend/t_pairing_cyclotomic_subgroup.nim", false), + ("tests/backend/t_pairing_bn254_nogami_optate.nim", false), + ("tests/backend/t_pairing_bn254_snarks_optate.nim", false), + ("tests/backend/t_pairing_bls12_377_optate.nim", false), + ("tests/backend/t_pairing_bls12_381_optate.nim", false), + ("tests/backend/t_pairing_bls12_381_multi.nim", false), + + # Hashing to elliptic curves + # ---------------------------------------------------------- + ("tests/backend/t_hash_to_field.nim", false), + ("tests/backend/t_hash_to_curve.nim", false), + + # Prime order fields + # ---------------------------------------------------------- + ("tests/backend/t_fr.nim", false), # Hashing vs OpenSSL # ---------------------------------------------------------- ("tests/t_hash_sha256_vs_openssl.nim", true), # skip OpenSSL tests on Windows - # Hashing to elliptic curves - # ---------------------------------------------------------- - ("tests/t_hash_to_field.nim", false), - ("tests/t_hash_to_curve.nim", false), - - # Prime order fields - # ---------------------------------------------------------- - ("tests/t_fr.nim", false), - # Protocols # ---------------------------------------------------------- ("tests/t_sig_bls_lowlevel.nim", false), - ("tests/protocols/t_ethereum_evm_precompiles.nim", false), + ("tests/t_ethereum_evm_precompiles.nim", false), ] # For temporary (hopefully) investigation that can only be reproduced in CI const useDebug = [ - "tests/t_bigints.nim", - "tests/t_hash_sha256_vs_openssl.nim", + "tests/backend/t_bigints.nim", + "tests/backend/t_hash_sha256_vs_openssl.nim", ] # Tests that uses sequences require Nim GC, stack scanning and nil pointer passed to openarray # In particular the tests that uses the json test vectors, don't sanitize them. # we do use gc:none to help const skipSanitizers = [ - "tests/t_ec_sage_bn254_nogami.nim", - "tests/t_ec_sage_bn254_snarks.nim", - "tests/t_ec_sage_bls12_377.nim", - "tests/t_ec_sage_bls12_381.nim", - "tests/t_hash_to_field.nim", - "tests/t_hash_to_curve.nim", - "tests/t_sig_bls_lowlevel.nim", + "tests/backend/t_ec_sage_bn254_nogami.nim", + "tests/backend/t_ec_sage_bn254_snarks.nim", + "tests/backend/t_ec_sage_bls12_377.nim", + "tests/backend/t_ec_sage_bls12_381.nim", + "tests/backend/t_hash_to_field.nim", + "tests/backend/t_hash_to_curve.nim", + "tests/backend/t_sig_bls_lowlevel.nim", "tests/protocols/t_ethereum_evm_precompiles.nim" ] diff --git a/constantine/protocols/README.md b/constantine/README.md similarity index 76% rename from constantine/protocols/README.md rename to constantine/README.md index e335a26..1daafb4 100644 --- a/constantine/protocols/README.md +++ b/constantine/README.md @@ -1,16 +1,19 @@ # Constantine-backed protocols +This folder stores protocol implemented on top of Constantine. + ## Ethereum Virtual Machine -For Zero-Knowledge Proofs as described in +Constantine implements precompiles primitives for the Ethereum virtual machine + +- ECADD on BN254_Snarks (called `alt_bn128` in Ethereum), address 0x6, spec [EIP-196](https://eips.ethereum.org/EIPS/eip-196) and pricing [EIP-1108](https://eips.ethereum.org/EIPS/eip-1108) +- ECMUL on BN254_Snarks (called `alt_bn128` in Ethereum), address 0x7, spec [EIP-196](https://eips.ethereum.org/EIPS/eip-196) and pricing [EIP-1108](https://eips.ethereum.org/EIPS/eip-1108) +- ECPAIRING on BN254_Snarks (called `alt_bn128` in Ethereum), address 0x8, spec [EIP-197](https://eips.ethereum.org/EIPS/eip-197) and pricing [EIP-1108](https://eips.ethereum.org/EIPS/eip-1108) + +Their main use-case is for use zero-knowledge proofs and zkRollups and be compatible with work on Zcash - Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture\ Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, Madars Virza\ https://eprint.iacr.org/2013/879.pdf -Constantine-backed precompiles for - -- ECADD on BN254_Snarks (called `alt_bn128` in Ethereum), address 0x6, spec [EIP-196](https://eips.ethereum.org/EIPS/eip-196) and pricing [EIP-1108](https://eips.ethereum.org/EIPS/eip-1108) -- ECMUL on BN254_Snarks (called `alt_bn128` in Ethereum), address 0x7, spec [EIP-196](https://eips.ethereum.org/EIPS/eip-196) and pricing [EIP-1108](https://eips.ethereum.org/EIPS/eip-1108) -- ECPAIRING on BN254_Snarks (called `alt_bn128` in Ethereum), address 0x8, spec [EIP-197](https://eips.ethereum.org/EIPS/eip-197) and pricing [EIP-1108](https://eips.ethereum.org/EIPS/eip-1108) diff --git a/constantine/arithmetic.nim b/constantine/backend/arithmetic.nim similarity index 100% rename from constantine/arithmetic.nim rename to constantine/backend/arithmetic.nim diff --git a/constantine/arithmetic/README.md b/constantine/backend/arithmetic/README.md similarity index 100% rename from constantine/arithmetic/README.md rename to constantine/backend/arithmetic/README.md diff --git a/constantine/arithmetic/assembly/limbs_asm_modular_dbl_prec_x86.nim b/constantine/backend/arithmetic/assembly/limbs_asm_modular_dbl_prec_x86.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_modular_dbl_prec_x86.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_modular_dbl_prec_x86.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_modular_x86.nim b/constantine/backend/arithmetic/assembly/limbs_asm_modular_x86.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_modular_x86.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_modular_x86.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_mul_mont_x86.nim b/constantine/backend/arithmetic/assembly/limbs_asm_mul_mont_x86.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_mul_mont_x86.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_mul_mont_x86.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_mul_mont_x86_adx_bmi2.nim b/constantine/backend/arithmetic/assembly/limbs_asm_mul_mont_x86_adx_bmi2.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_mul_mont_x86_adx_bmi2.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_mul_mont_x86_adx_bmi2.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_mul_x86.nim b/constantine/backend/arithmetic/assembly/limbs_asm_mul_x86.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_mul_x86.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_mul_x86.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_mul_x86_adx_bmi2.nim b/constantine/backend/arithmetic/assembly/limbs_asm_mul_x86_adx_bmi2.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_mul_x86_adx_bmi2.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_mul_x86_adx_bmi2.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_redc_mont_x86.nim b/constantine/backend/arithmetic/assembly/limbs_asm_redc_mont_x86.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_redc_mont_x86.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_redc_mont_x86.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_redc_mont_x86_adx_bmi2.nim b/constantine/backend/arithmetic/assembly/limbs_asm_redc_mont_x86_adx_bmi2.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_redc_mont_x86_adx_bmi2.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_redc_mont_x86_adx_bmi2.nim diff --git a/constantine/arithmetic/assembly/limbs_asm_x86.nim b/constantine/backend/arithmetic/assembly/limbs_asm_x86.nim similarity index 100% rename from constantine/arithmetic/assembly/limbs_asm_x86.nim rename to constantine/backend/arithmetic/assembly/limbs_asm_x86.nim diff --git a/constantine/arithmetic/bigints.nim b/constantine/backend/arithmetic/bigints.nim similarity index 100% rename from constantine/arithmetic/bigints.nim rename to constantine/backend/arithmetic/bigints.nim diff --git a/constantine/arithmetic/bigints_montgomery.nim b/constantine/backend/arithmetic/bigints_montgomery.nim similarity index 100% rename from constantine/arithmetic/bigints_montgomery.nim rename to constantine/backend/arithmetic/bigints_montgomery.nim diff --git a/constantine/arithmetic/finite_fields.nim b/constantine/backend/arithmetic/finite_fields.nim similarity index 100% rename from constantine/arithmetic/finite_fields.nim rename to constantine/backend/arithmetic/finite_fields.nim diff --git a/constantine/arithmetic/finite_fields_double_precision.nim b/constantine/backend/arithmetic/finite_fields_double_precision.nim similarity index 100% rename from constantine/arithmetic/finite_fields_double_precision.nim rename to constantine/backend/arithmetic/finite_fields_double_precision.nim diff --git a/constantine/arithmetic/finite_fields_square_root.nim b/constantine/backend/arithmetic/finite_fields_square_root.nim similarity index 100% rename from constantine/arithmetic/finite_fields_square_root.nim rename to constantine/backend/arithmetic/finite_fields_square_root.nim diff --git a/constantine/arithmetic/limbs.nim b/constantine/backend/arithmetic/limbs.nim similarity index 100% rename from constantine/arithmetic/limbs.nim rename to constantine/backend/arithmetic/limbs.nim diff --git a/constantine/arithmetic/limbs_division.nim b/constantine/backend/arithmetic/limbs_division.nim similarity index 100% rename from constantine/arithmetic/limbs_division.nim rename to constantine/backend/arithmetic/limbs_division.nim diff --git a/constantine/arithmetic/limbs_extmul.nim b/constantine/backend/arithmetic/limbs_extmul.nim similarity index 100% rename from constantine/arithmetic/limbs_extmul.nim rename to constantine/backend/arithmetic/limbs_extmul.nim diff --git a/constantine/arithmetic/limbs_invmod.nim b/constantine/backend/arithmetic/limbs_invmod.nim similarity index 100% rename from constantine/arithmetic/limbs_invmod.nim rename to constantine/backend/arithmetic/limbs_invmod.nim diff --git a/constantine/arithmetic/limbs_montgomery.nim b/constantine/backend/arithmetic/limbs_montgomery.nim similarity index 100% rename from constantine/arithmetic/limbs_montgomery.nim rename to constantine/backend/arithmetic/limbs_montgomery.nim diff --git a/constantine/arithmetic/limbs_unsaturated.nim b/constantine/backend/arithmetic/limbs_unsaturated.nim similarity index 100% rename from constantine/arithmetic/limbs_unsaturated.nim rename to constantine/backend/arithmetic/limbs_unsaturated.nim diff --git a/constantine/config/README.md b/constantine/backend/config/README.md similarity index 100% rename from constantine/config/README.md rename to constantine/backend/config/README.md diff --git a/constantine/config/common.nim b/constantine/backend/config/common.nim similarity index 98% rename from constantine/config/common.nim rename to constantine/backend/config/common.nim index 8acee3f..a7b46b2 100644 --- a/constantine/config/common.nim +++ b/constantine/backend/config/common.nim @@ -13,7 +13,7 @@ # ############################################################ import ../primitives -import ../../metering/tracer +import ../../../metering/tracer export tracer diff --git a/constantine/config/curves.nim b/constantine/backend/config/curves.nim similarity index 100% rename from constantine/config/curves.nim rename to constantine/backend/config/curves.nim diff --git a/constantine/config/curves_declaration.nim b/constantine/backend/config/curves_declaration.nim similarity index 100% rename from constantine/config/curves_declaration.nim rename to constantine/backend/config/curves_declaration.nim diff --git a/constantine/config/curves_derived.nim b/constantine/backend/config/curves_derived.nim similarity index 100% rename from constantine/config/curves_derived.nim rename to constantine/backend/config/curves_derived.nim diff --git a/constantine/config/curves_parser_curve.nim b/constantine/backend/config/curves_parser_curve.nim similarity index 100% rename from constantine/config/curves_parser_curve.nim rename to constantine/backend/config/curves_parser_curve.nim diff --git a/constantine/config/curves_parser_field.nim b/constantine/backend/config/curves_parser_field.nim similarity index 100% rename from constantine/config/curves_parser_field.nim rename to constantine/backend/config/curves_parser_field.nim diff --git a/constantine/config/curves_prop_curve.nim b/constantine/backend/config/curves_prop_curve.nim similarity index 100% rename from constantine/config/curves_prop_curve.nim rename to constantine/backend/config/curves_prop_curve.nim diff --git a/constantine/config/curves_prop_field_core.nim b/constantine/backend/config/curves_prop_field_core.nim similarity index 100% rename from constantine/config/curves_prop_field_core.nim rename to constantine/backend/config/curves_prop_field_core.nim diff --git a/constantine/config/curves_prop_field_derived.nim b/constantine/backend/config/curves_prop_field_derived.nim similarity index 100% rename from constantine/config/curves_prop_field_derived.nim rename to constantine/backend/config/curves_prop_field_derived.nim diff --git a/constantine/config/precompute.nim b/constantine/backend/config/precompute.nim similarity index 100% rename from constantine/config/precompute.nim rename to constantine/backend/config/precompute.nim diff --git a/constantine/config/type_bigint.nim b/constantine/backend/config/type_bigint.nim similarity index 100% rename from constantine/config/type_bigint.nim rename to constantine/backend/config/type_bigint.nim diff --git a/constantine/config/type_ff.nim b/constantine/backend/config/type_ff.nim similarity index 100% rename from constantine/config/type_ff.nim rename to constantine/backend/config/type_ff.nim diff --git a/constantine/curves/README.md b/constantine/backend/curves/README.md similarity index 100% rename from constantine/curves/README.md rename to constantine/backend/curves/README.md diff --git a/constantine/curves/bandersnatch_sqrt.nim b/constantine/backend/curves/bandersnatch_sqrt.nim similarity index 100% rename from constantine/curves/bandersnatch_sqrt.nim rename to constantine/backend/curves/bandersnatch_sqrt.nim diff --git a/constantine/curves/bls12_377_endomorphisms.nim b/constantine/backend/curves/bls12_377_endomorphisms.nim similarity index 100% rename from constantine/curves/bls12_377_endomorphisms.nim rename to constantine/backend/curves/bls12_377_endomorphisms.nim diff --git a/constantine/curves/bls12_377_frobenius.nim b/constantine/backend/curves/bls12_377_frobenius.nim similarity index 100% rename from constantine/curves/bls12_377_frobenius.nim rename to constantine/backend/curves/bls12_377_frobenius.nim diff --git a/constantine/curves/bls12_377_g2_params.nim b/constantine/backend/curves/bls12_377_g2_params.nim similarity index 100% rename from constantine/curves/bls12_377_g2_params.nim rename to constantine/backend/curves/bls12_377_g2_params.nim diff --git a/constantine/curves/bls12_377_pairing.nim b/constantine/backend/curves/bls12_377_pairing.nim similarity index 100% rename from constantine/curves/bls12_377_pairing.nim rename to constantine/backend/curves/bls12_377_pairing.nim diff --git a/constantine/curves/bls12_377_sqrt.nim b/constantine/backend/curves/bls12_377_sqrt.nim similarity index 100% rename from constantine/curves/bls12_377_sqrt.nim rename to constantine/backend/curves/bls12_377_sqrt.nim diff --git a/constantine/curves/bls12_377_subgroups.nim b/constantine/backend/curves/bls12_377_subgroups.nim similarity index 100% rename from constantine/curves/bls12_377_subgroups.nim rename to constantine/backend/curves/bls12_377_subgroups.nim diff --git a/constantine/curves/bls12_381_endomorphisms.nim b/constantine/backend/curves/bls12_381_endomorphisms.nim similarity index 100% rename from constantine/curves/bls12_381_endomorphisms.nim rename to constantine/backend/curves/bls12_381_endomorphisms.nim diff --git a/constantine/curves/bls12_381_frobenius.nim b/constantine/backend/curves/bls12_381_frobenius.nim similarity index 100% rename from constantine/curves/bls12_381_frobenius.nim rename to constantine/backend/curves/bls12_381_frobenius.nim diff --git a/constantine/curves/bls12_381_g2_hash_to_curve.nim b/constantine/backend/curves/bls12_381_g2_hash_to_curve.nim similarity index 100% rename from constantine/curves/bls12_381_g2_hash_to_curve.nim rename to constantine/backend/curves/bls12_381_g2_hash_to_curve.nim diff --git a/constantine/curves/bls12_381_g2_params.nim b/constantine/backend/curves/bls12_381_g2_params.nim similarity index 100% rename from constantine/curves/bls12_381_g2_params.nim rename to constantine/backend/curves/bls12_381_g2_params.nim diff --git a/constantine/curves/bls12_381_pairing.nim b/constantine/backend/curves/bls12_381_pairing.nim similarity index 100% rename from constantine/curves/bls12_381_pairing.nim rename to constantine/backend/curves/bls12_381_pairing.nim diff --git a/constantine/curves/bls12_381_sqrt.nim b/constantine/backend/curves/bls12_381_sqrt.nim similarity index 100% rename from constantine/curves/bls12_381_sqrt.nim rename to constantine/backend/curves/bls12_381_sqrt.nim diff --git a/constantine/curves/bls12_381_sqrt_fp2.nim b/constantine/backend/curves/bls12_381_sqrt_fp2.nim similarity index 100% rename from constantine/curves/bls12_381_sqrt_fp2.nim rename to constantine/backend/curves/bls12_381_sqrt_fp2.nim diff --git a/constantine/curves/bls12_381_subgroups.nim b/constantine/backend/curves/bls12_381_subgroups.nim similarity index 100% rename from constantine/curves/bls12_381_subgroups.nim rename to constantine/backend/curves/bls12_381_subgroups.nim diff --git a/constantine/curves/bn254_nogami_endomorphisms.nim b/constantine/backend/curves/bn254_nogami_endomorphisms.nim similarity index 100% rename from constantine/curves/bn254_nogami_endomorphisms.nim rename to constantine/backend/curves/bn254_nogami_endomorphisms.nim diff --git a/constantine/curves/bn254_nogami_frobenius.nim b/constantine/backend/curves/bn254_nogami_frobenius.nim similarity index 100% rename from constantine/curves/bn254_nogami_frobenius.nim rename to constantine/backend/curves/bn254_nogami_frobenius.nim diff --git a/constantine/curves/bn254_nogami_g2_params.nim b/constantine/backend/curves/bn254_nogami_g2_params.nim similarity index 100% rename from constantine/curves/bn254_nogami_g2_params.nim rename to constantine/backend/curves/bn254_nogami_g2_params.nim diff --git a/constantine/curves/bn254_nogami_pairing.nim b/constantine/backend/curves/bn254_nogami_pairing.nim similarity index 100% rename from constantine/curves/bn254_nogami_pairing.nim rename to constantine/backend/curves/bn254_nogami_pairing.nim diff --git a/constantine/curves/bn254_nogami_sqrt.nim b/constantine/backend/curves/bn254_nogami_sqrt.nim similarity index 100% rename from constantine/curves/bn254_nogami_sqrt.nim rename to constantine/backend/curves/bn254_nogami_sqrt.nim diff --git a/constantine/curves/bn254_nogami_sqrt_fp2.nim b/constantine/backend/curves/bn254_nogami_sqrt_fp2.nim similarity index 100% rename from constantine/curves/bn254_nogami_sqrt_fp2.nim rename to constantine/backend/curves/bn254_nogami_sqrt_fp2.nim diff --git a/constantine/curves/bn254_nogami_subgroups.nim b/constantine/backend/curves/bn254_nogami_subgroups.nim similarity index 100% rename from constantine/curves/bn254_nogami_subgroups.nim rename to constantine/backend/curves/bn254_nogami_subgroups.nim diff --git a/constantine/curves/bn254_snarks_endomorphisms.nim b/constantine/backend/curves/bn254_snarks_endomorphisms.nim similarity index 100% rename from constantine/curves/bn254_snarks_endomorphisms.nim rename to constantine/backend/curves/bn254_snarks_endomorphisms.nim diff --git a/constantine/curves/bn254_snarks_frobenius.nim b/constantine/backend/curves/bn254_snarks_frobenius.nim similarity index 100% rename from constantine/curves/bn254_snarks_frobenius.nim rename to constantine/backend/curves/bn254_snarks_frobenius.nim diff --git a/constantine/curves/bn254_snarks_g2_params.nim b/constantine/backend/curves/bn254_snarks_g2_params.nim similarity index 100% rename from constantine/curves/bn254_snarks_g2_params.nim rename to constantine/backend/curves/bn254_snarks_g2_params.nim diff --git a/constantine/curves/bn254_snarks_pairing.nim b/constantine/backend/curves/bn254_snarks_pairing.nim similarity index 100% rename from constantine/curves/bn254_snarks_pairing.nim rename to constantine/backend/curves/bn254_snarks_pairing.nim diff --git a/constantine/curves/bn254_snarks_sqrt.nim b/constantine/backend/curves/bn254_snarks_sqrt.nim similarity index 100% rename from constantine/curves/bn254_snarks_sqrt.nim rename to constantine/backend/curves/bn254_snarks_sqrt.nim diff --git a/constantine/curves/bn254_snarks_sqrt_fp2.nim b/constantine/backend/curves/bn254_snarks_sqrt_fp2.nim similarity index 100% rename from constantine/curves/bn254_snarks_sqrt_fp2.nim rename to constantine/backend/curves/bn254_snarks_sqrt_fp2.nim diff --git a/constantine/curves/bn254_snarks_subgroups.nim b/constantine/backend/curves/bn254_snarks_subgroups.nim similarity index 100% rename from constantine/curves/bn254_snarks_subgroups.nim rename to constantine/backend/curves/bn254_snarks_subgroups.nim diff --git a/constantine/curves/bw6_761_endomorphisms.nim b/constantine/backend/curves/bw6_761_endomorphisms.nim similarity index 100% rename from constantine/curves/bw6_761_endomorphisms.nim rename to constantine/backend/curves/bw6_761_endomorphisms.nim diff --git a/constantine/curves/bw6_761_frobenius.nim b/constantine/backend/curves/bw6_761_frobenius.nim similarity index 100% rename from constantine/curves/bw6_761_frobenius.nim rename to constantine/backend/curves/bw6_761_frobenius.nim diff --git a/constantine/curves/bw6_761_g2_params.nim b/constantine/backend/curves/bw6_761_g2_params.nim similarity index 100% rename from constantine/curves/bw6_761_g2_params.nim rename to constantine/backend/curves/bw6_761_g2_params.nim diff --git a/constantine/curves/bw6_761_pairing.nim b/constantine/backend/curves/bw6_761_pairing.nim similarity index 100% rename from constantine/curves/bw6_761_pairing.nim rename to constantine/backend/curves/bw6_761_pairing.nim diff --git a/constantine/curves/bw6_761_sqrt.nim b/constantine/backend/curves/bw6_761_sqrt.nim similarity index 100% rename from constantine/curves/bw6_761_sqrt.nim rename to constantine/backend/curves/bw6_761_sqrt.nim diff --git a/constantine/curves/bw6_761_subgroups.nim b/constantine/backend/curves/bw6_761_subgroups.nim similarity index 100% rename from constantine/curves/bw6_761_subgroups.nim rename to constantine/backend/curves/bw6_761_subgroups.nim diff --git a/constantine/curves/curve25519_sqrt.nim b/constantine/backend/curves/curve25519_sqrt.nim similarity index 100% rename from constantine/curves/curve25519_sqrt.nim rename to constantine/backend/curves/curve25519_sqrt.nim diff --git a/constantine/curves/jubjub_sqrt.nim b/constantine/backend/curves/jubjub_sqrt.nim similarity index 100% rename from constantine/curves/jubjub_sqrt.nim rename to constantine/backend/curves/jubjub_sqrt.nim diff --git a/constantine/curves/zoo_endomorphisms.nim b/constantine/backend/curves/zoo_endomorphisms.nim similarity index 100% rename from constantine/curves/zoo_endomorphisms.nim rename to constantine/backend/curves/zoo_endomorphisms.nim diff --git a/constantine/curves/zoo_frobenius.nim b/constantine/backend/curves/zoo_frobenius.nim similarity index 100% rename from constantine/curves/zoo_frobenius.nim rename to constantine/backend/curves/zoo_frobenius.nim diff --git a/constantine/curves/zoo_g2_params.nim b/constantine/backend/curves/zoo_g2_params.nim similarity index 100% rename from constantine/curves/zoo_g2_params.nim rename to constantine/backend/curves/zoo_g2_params.nim diff --git a/constantine/curves/zoo_hash_to_curve.nim b/constantine/backend/curves/zoo_hash_to_curve.nim similarity index 100% rename from constantine/curves/zoo_hash_to_curve.nim rename to constantine/backend/curves/zoo_hash_to_curve.nim diff --git a/constantine/curves/zoo_pairings.nim b/constantine/backend/curves/zoo_pairings.nim similarity index 100% rename from constantine/curves/zoo_pairings.nim rename to constantine/backend/curves/zoo_pairings.nim diff --git a/constantine/curves/zoo_square_roots.nim b/constantine/backend/curves/zoo_square_roots.nim similarity index 100% rename from constantine/curves/zoo_square_roots.nim rename to constantine/backend/curves/zoo_square_roots.nim diff --git a/constantine/curves/zoo_square_roots_fp2.nim b/constantine/backend/curves/zoo_square_roots_fp2.nim similarity index 100% rename from constantine/curves/zoo_square_roots_fp2.nim rename to constantine/backend/curves/zoo_square_roots_fp2.nim diff --git a/constantine/curves/zoo_subgroups.nim b/constantine/backend/curves/zoo_subgroups.nim similarity index 100% rename from constantine/curves/zoo_subgroups.nim rename to constantine/backend/curves/zoo_subgroups.nim diff --git a/constantine/ec_shortweierstrass.nim b/constantine/backend/ec_shortweierstrass.nim similarity index 100% rename from constantine/ec_shortweierstrass.nim rename to constantine/backend/ec_shortweierstrass.nim diff --git a/constantine/elliptic/README.md b/constantine/backend/elliptic/README.md similarity index 100% rename from constantine/elliptic/README.md rename to constantine/backend/elliptic/README.md diff --git a/constantine/elliptic/ec_endomorphism_accel.nim b/constantine/backend/elliptic/ec_endomorphism_accel.nim similarity index 100% rename from constantine/elliptic/ec_endomorphism_accel.nim rename to constantine/backend/elliptic/ec_endomorphism_accel.nim diff --git a/constantine/elliptic/ec_scalar_mul.nim b/constantine/backend/elliptic/ec_scalar_mul.nim similarity index 100% rename from constantine/elliptic/ec_scalar_mul.nim rename to constantine/backend/elliptic/ec_scalar_mul.nim diff --git a/constantine/elliptic/ec_shortweierstrass_affine.nim b/constantine/backend/elliptic/ec_shortweierstrass_affine.nim similarity index 100% rename from constantine/elliptic/ec_shortweierstrass_affine.nim rename to constantine/backend/elliptic/ec_shortweierstrass_affine.nim diff --git a/constantine/elliptic/ec_shortweierstrass_jacobian.nim b/constantine/backend/elliptic/ec_shortweierstrass_jacobian.nim similarity index 100% rename from constantine/elliptic/ec_shortweierstrass_jacobian.nim rename to constantine/backend/elliptic/ec_shortweierstrass_jacobian.nim diff --git a/constantine/elliptic/ec_shortweierstrass_projective.nim b/constantine/backend/elliptic/ec_shortweierstrass_projective.nim similarity index 100% rename from constantine/elliptic/ec_shortweierstrass_projective.nim rename to constantine/backend/elliptic/ec_shortweierstrass_projective.nim diff --git a/constantine/elliptic/ec_twistededwards_affine.nim b/constantine/backend/elliptic/ec_twistededwards_affine.nim similarity index 100% rename from constantine/elliptic/ec_twistededwards_affine.nim rename to constantine/backend/elliptic/ec_twistededwards_affine.nim diff --git a/constantine/elliptic/ec_twistededwards_projective.nim b/constantine/backend/elliptic/ec_twistededwards_projective.nim similarity index 100% rename from constantine/elliptic/ec_twistededwards_projective.nim rename to constantine/backend/elliptic/ec_twistededwards_projective.nim diff --git a/constantine/hash_to_curve/README.md b/constantine/backend/hash_to_curve/README.md similarity index 100% rename from constantine/hash_to_curve/README.md rename to constantine/backend/hash_to_curve/README.md diff --git a/constantine/hash_to_curve/h2c_hash_to_field.nim b/constantine/backend/hash_to_curve/h2c_hash_to_field.nim similarity index 100% rename from constantine/hash_to_curve/h2c_hash_to_field.nim rename to constantine/backend/hash_to_curve/h2c_hash_to_field.nim diff --git a/constantine/hash_to_curve/h2c_map_to_isocurve_swu.nim b/constantine/backend/hash_to_curve/h2c_map_to_isocurve_swu.nim similarity index 100% rename from constantine/hash_to_curve/h2c_map_to_isocurve_swu.nim rename to constantine/backend/hash_to_curve/h2c_map_to_isocurve_swu.nim diff --git a/constantine/hash_to_curve/hash_to_curve.nim b/constantine/backend/hash_to_curve/hash_to_curve.nim similarity index 100% rename from constantine/hash_to_curve/hash_to_curve.nim rename to constantine/backend/hash_to_curve/hash_to_curve.nim diff --git a/constantine/hashes.nim b/constantine/backend/hashes.nim similarity index 100% rename from constantine/hashes.nim rename to constantine/backend/hashes.nim diff --git a/constantine/hashes/h_sha256.nim b/constantine/backend/hashes/h_sha256.nim similarity index 100% rename from constantine/hashes/h_sha256.nim rename to constantine/backend/hashes/h_sha256.nim diff --git a/constantine/io/README.md b/constantine/backend/io/README.md similarity index 100% rename from constantine/io/README.md rename to constantine/backend/io/README.md diff --git a/constantine/io/endians.nim b/constantine/backend/io/endians.nim similarity index 100% rename from constantine/io/endians.nim rename to constantine/backend/io/endians.nim diff --git a/constantine/io/io_bigints.nim b/constantine/backend/io/io_bigints.nim similarity index 100% rename from constantine/io/io_bigints.nim rename to constantine/backend/io/io_bigints.nim diff --git a/constantine/io/io_ec.nim b/constantine/backend/io/io_ec.nim similarity index 100% rename from constantine/io/io_ec.nim rename to constantine/backend/io/io_ec.nim diff --git a/constantine/io/io_fields.nim b/constantine/backend/io/io_fields.nim similarity index 100% rename from constantine/io/io_fields.nim rename to constantine/backend/io/io_fields.nim diff --git a/constantine/io/io_towers.nim b/constantine/backend/io/io_towers.nim similarity index 100% rename from constantine/io/io_towers.nim rename to constantine/backend/io/io_towers.nim diff --git a/constantine/isogeny/README.md b/constantine/backend/isogeny/README.md similarity index 100% rename from constantine/isogeny/README.md rename to constantine/backend/isogeny/README.md diff --git a/constantine/isogeny/frobenius.nim b/constantine/backend/isogeny/frobenius.nim similarity index 100% rename from constantine/isogeny/frobenius.nim rename to constantine/backend/isogeny/frobenius.nim diff --git a/constantine/isogeny/h2c_isogeny_maps.nim b/constantine/backend/isogeny/h2c_isogeny_maps.nim similarity index 100% rename from constantine/isogeny/h2c_isogeny_maps.nim rename to constantine/backend/isogeny/h2c_isogeny_maps.nim diff --git a/constantine/pairing/README.md b/constantine/backend/pairing/README.md similarity index 100% rename from constantine/pairing/README.md rename to constantine/backend/pairing/README.md diff --git a/constantine/pairing/cyclotomic_subgroup.nim b/constantine/backend/pairing/cyclotomic_subgroup.nim similarity index 100% rename from constantine/pairing/cyclotomic_subgroup.nim rename to constantine/backend/pairing/cyclotomic_subgroup.nim diff --git a/constantine/pairing/lines_eval.nim b/constantine/backend/pairing/lines_eval.nim similarity index 100% rename from constantine/pairing/lines_eval.nim rename to constantine/backend/pairing/lines_eval.nim diff --git a/constantine/pairing/miller_loops.nim b/constantine/backend/pairing/miller_loops.nim similarity index 100% rename from constantine/pairing/miller_loops.nim rename to constantine/backend/pairing/miller_loops.nim diff --git a/constantine/pairing/multi_pairing.md b/constantine/backend/pairing/multi_pairing.md similarity index 100% rename from constantine/pairing/multi_pairing.md rename to constantine/backend/pairing/multi_pairing.md diff --git a/constantine/pairing/pairing_bls12.nim b/constantine/backend/pairing/pairing_bls12.nim similarity index 100% rename from constantine/pairing/pairing_bls12.nim rename to constantine/backend/pairing/pairing_bls12.nim diff --git a/constantine/pairing/pairing_bn.nim b/constantine/backend/pairing/pairing_bn.nim similarity index 100% rename from constantine/pairing/pairing_bn.nim rename to constantine/backend/pairing/pairing_bn.nim diff --git a/constantine/pairing/pairing_bw6_761.nim b/constantine/backend/pairing/pairing_bw6_761.nim similarity index 100% rename from constantine/pairing/pairing_bw6_761.nim rename to constantine/backend/pairing/pairing_bw6_761.nim diff --git a/constantine/primitives.nim b/constantine/backend/primitives.nim similarity index 100% rename from constantine/primitives.nim rename to constantine/backend/primitives.nim diff --git a/constantine/primitives/README.md b/constantine/backend/primitives/README.md similarity index 100% rename from constantine/primitives/README.md rename to constantine/backend/primitives/README.md diff --git a/constantine/primitives/addcarry_subborrow.nim b/constantine/backend/primitives/addcarry_subborrow.nim similarity index 100% rename from constantine/primitives/addcarry_subborrow.nim rename to constantine/backend/primitives/addcarry_subborrow.nim diff --git a/constantine/primitives/bithacks.nim b/constantine/backend/primitives/bithacks.nim similarity index 100% rename from constantine/primitives/bithacks.nim rename to constantine/backend/primitives/bithacks.nim diff --git a/constantine/primitives/constant_time.nim b/constantine/backend/primitives/constant_time.nim similarity index 100% rename from constantine/primitives/constant_time.nim rename to constantine/backend/primitives/constant_time.nim diff --git a/constantine/primitives/constant_time_types.nim b/constantine/backend/primitives/constant_time_types.nim similarity index 100% rename from constantine/primitives/constant_time_types.nim rename to constantine/backend/primitives/constant_time_types.nim diff --git a/constantine/primitives/cpuinfo_x86.nim b/constantine/backend/primitives/cpuinfo_x86.nim similarity index 100% rename from constantine/primitives/cpuinfo_x86.nim rename to constantine/backend/primitives/cpuinfo_x86.nim diff --git a/constantine/primitives/extended_precision.nim b/constantine/backend/primitives/extended_precision.nim similarity index 100% rename from constantine/primitives/extended_precision.nim rename to constantine/backend/primitives/extended_precision.nim diff --git a/constantine/primitives/extended_precision_64bit_uint128.nim b/constantine/backend/primitives/extended_precision_64bit_uint128.nim similarity index 100% rename from constantine/primitives/extended_precision_64bit_uint128.nim rename to constantine/backend/primitives/extended_precision_64bit_uint128.nim diff --git a/constantine/primitives/extended_precision_x86_64_gcc.nim b/constantine/backend/primitives/extended_precision_x86_64_gcc.nim similarity index 100% rename from constantine/primitives/extended_precision_x86_64_gcc.nim rename to constantine/backend/primitives/extended_precision_x86_64_gcc.nim diff --git a/constantine/primitives/extended_precision_x86_64_msvc.nim b/constantine/backend/primitives/extended_precision_x86_64_msvc.nim similarity index 100% rename from constantine/primitives/extended_precision_x86_64_msvc.nim rename to constantine/backend/primitives/extended_precision_x86_64_msvc.nim diff --git a/constantine/primitives/macro_assembler_x86.nim b/constantine/backend/primitives/macro_assembler_x86.nim similarity index 100% rename from constantine/primitives/macro_assembler_x86.nim rename to constantine/backend/primitives/macro_assembler_x86.nim diff --git a/constantine/primitives/multiplexers.nim b/constantine/backend/primitives/multiplexers.nim similarity index 100% rename from constantine/primitives/multiplexers.nim rename to constantine/backend/primitives/multiplexers.nim diff --git a/constantine/primitives/static_for.nim b/constantine/backend/primitives/static_for.nim similarity index 100% rename from constantine/primitives/static_for.nim rename to constantine/backend/primitives/static_for.nim diff --git a/constantine/tower_field_extensions/README.md b/constantine/backend/tower_field_extensions/README.md similarity index 100% rename from constantine/tower_field_extensions/README.md rename to constantine/backend/tower_field_extensions/README.md diff --git a/constantine/tower_field_extensions/assembly/fp2_asm_x86_adx_bmi2.nim b/constantine/backend/tower_field_extensions/assembly/fp2_asm_x86_adx_bmi2.nim similarity index 100% rename from constantine/tower_field_extensions/assembly/fp2_asm_x86_adx_bmi2.nim rename to constantine/backend/tower_field_extensions/assembly/fp2_asm_x86_adx_bmi2.nim diff --git a/constantine/tower_field_extensions/exponentiations.nim b/constantine/backend/tower_field_extensions/exponentiations.nim similarity index 100% rename from constantine/tower_field_extensions/exponentiations.nim rename to constantine/backend/tower_field_extensions/exponentiations.nim diff --git a/constantine/tower_field_extensions/extension_fields.nim b/constantine/backend/tower_field_extensions/extension_fields.nim similarity index 100% rename from constantine/tower_field_extensions/extension_fields.nim rename to constantine/backend/tower_field_extensions/extension_fields.nim diff --git a/constantine/tower_field_extensions/square_root_fp2.nim b/constantine/backend/tower_field_extensions/square_root_fp2.nim similarity index 100% rename from constantine/tower_field_extensions/square_root_fp2.nim rename to constantine/backend/tower_field_extensions/square_root_fp2.nim diff --git a/constantine/towers.nim b/constantine/backend/towers.nim similarity index 100% rename from constantine/towers.nim rename to constantine/backend/towers.nim diff --git a/constantine/protocols/ethereum_evm_precompiles.nim b/constantine/ethereum_evm_precompiles.nim similarity index 97% rename from constantine/protocols/ethereum_evm_precompiles.nim rename to constantine/ethereum_evm_precompiles.nim index 62d3816..d75f483 100644 --- a/constantine/protocols/ethereum_evm_precompiles.nim +++ b/constantine/ethereum_evm_precompiles.nim @@ -7,13 +7,13 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../config/[common, curves], - ../arithmetic, ../towers, - ../arithmetic/limbs_montgomery, - ../ec_shortweierstrass, - ../pairing/[pairing_bn, miller_loops, cyclotomic_subgroup], - ../curves/zoo_subgroups, - ../io/[io_bigints, io_fields] + ./backend/config/[common, curves], + ./backend/[arithmetic, towers], + ./backend/arithmetic/limbs_montgomery, + ./backend/ec_shortweierstrass, + ./backend/pairing/[pairing_bn, miller_loops, cyclotomic_subgroup], + ./backend/curves/zoo_subgroups, + ./backend/io/[io_bigints, io_fields] # ############################################################ # diff --git a/constantine/signatures/README.md b/constantine/signatures/README.md deleted file mode 100644 index 5e2fdf0..0000000 --- a/constantine/signatures/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# Signature schemes - -This folder will hold the implementations of signature schemes. - -In particular: - - BLS (Boneh-Lynn-Shacham) - - ECDSA (Elliptic Curve Digital Signature Algorithm) - -Note: The BLS signature scheme should not be confused - with the BLS family of elliptic curve (Barreto-Lynn-Scott) - -## References - -### Normative references - -#### ECDSA - -- RFC 6979 Deterministic Usage of the Digital Signature Algorithm (DSA) and - Elliptic Curve Digital Signature Algorithm (ECDSA)\ - https://tools.ietf.org/html/rfc6979 - -#### BLS signatures - -- BLS Signature Scheme\ - (Draft, expires Feb 9, 2020)\ - https://tools.ietf.org/html/draft-irtf-cfrg-bls-signature-00 \ - https://github.com/cfrg/draft-irtf-cfrg-bls-signature diff --git a/formal_verification/README.md b/formal_verification/README.md deleted file mode 100644 index eaa230d..0000000 --- a/formal_verification/README.md +++ /dev/null @@ -1,14 +0,0 @@ -# Formal verification - -This folder will hold code related to formal verification. - -## References - -- Fiat Crypto: Synthesizing Correct-by-Construction Code for Cryptographic Primitives - https://github.com/mit-plv/fiat-crypto - -- [Andres Erbsen, Jade Philipoom, Jason Gross, Robert Sloan, Adam Chlipala. Simple High-Level Code For Cryptographic Arithmetic -- With Proofs, Without Compromises. To Appear in Proceedings of the IEEE Symposium on Security & Privacy 2019 (S&P'19). May 2019.](http://adam.chlipala.net/papers/FiatCryptoSP19/FiatCryptoSP19.pdf). This paper describes multiple field arithmetic implementations, and an older version of the compilation pipeline (preserved [here](https://github.com/mit-plv/fiat-crypto/tree/sp2019latest)). It is somewhat space-constrained, so some details are best read about in theses below. -- [Jade Philipoom. Correct-by-Construction Finite Field Arithmetic in Coq. MIT Master's Thesis. February 2018.](http://adam.chlipala.net/theses/jadep_meng.pdf) Chapters 3 and 4 contain a detailed walkthrough of the field arithmetic implementations (again, targeting the previous compilation pipeline). -- [Andres Erbsen. Crafting Certified Elliptic CurveCryptography Implementations in Coq. MIT Master's Thesis. June 2017.]( -http://adam.chlipala.net/theses/andreser_meng.pdf) Section 3 contains a whirlwind introduction to synthesizing field arithmetic code using coq, without assuming Coq skills, but covering a tiny fraction of the overall library. Sections 5 and 6 contain the only write-up on the ellitpic-curve library in this repository. -- The newest compilation pipeline does not have a separate document yet, but this README does go over it in some detail. diff --git a/formal_verification/bls12_381_q_64.c b/formal_verification/bls12_381_q_64.c deleted file mode 100644 index 2699187..0000000 --- a/formal_verification/bls12_381_q_64.c +++ /dev/null @@ -1,2920 +0,0 @@ -/* Autogenerated */ -/* curve description: test */ -/* requested operations: (all) */ -/* m = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab (from "0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab") */ -/* machine_wordsize = 64 (from "64") */ -/* */ -/* NOTE: In addition to the bounds specified above each function, all */ -/* functions synthesized for this Montgomery arithmetic require the */ -/* input to be strictly less than the prime modulus (m), and also */ -/* require the input to be in the unique saturated representation. */ -/* All functions also ensure that these two properties are true of */ -/* return values. */ - -#include -typedef unsigned char fiat_bls12_381_q_uint1; -typedef signed char fiat_bls12_381_q_int1; -typedef signed __int128 fiat_bls12_381_q_int128; -typedef unsigned __int128 fiat_bls12_381_q_uint128; - -#if (-1 & 3) != 3 -#error "This code only works on a two's complement system" -#endif - - -/* - * The function fiat_bls12_381_q_addcarryx_u64 is an addition with carry. - * Postconditions: - * out1 = (arg1 + arg2 + arg3) mod 2^64 - * out2 = ⌊(arg1 + arg2 + arg3) / 2^64⌋ - * - * Input Bounds: - * arg1: [0x0 ~> 0x1] - * arg2: [0x0 ~> 0xffffffffffffffff] - * arg3: [0x0 ~> 0xffffffffffffffff] - * Output Bounds: - * out1: [0x0 ~> 0xffffffffffffffff] - * out2: [0x0 ~> 0x1] - */ -static void fiat_bls12_381_q_addcarryx_u64(uint64_t* out1, fiat_bls12_381_q_uint1* out2, fiat_bls12_381_q_uint1 arg1, uint64_t arg2, uint64_t arg3) { - fiat_bls12_381_q_uint128 x1 = ((arg1 + (fiat_bls12_381_q_uint128)arg2) + arg3); - uint64_t x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - fiat_bls12_381_q_uint1 x3 = (fiat_bls12_381_q_uint1)(x1 >> 64); - *out1 = x2; - *out2 = x3; -} - -/* - * The function fiat_bls12_381_q_subborrowx_u64 is a subtraction with borrow. - * Postconditions: - * out1 = (-arg1 + arg2 + -arg3) mod 2^64 - * out2 = -⌊(-arg1 + arg2 + -arg3) / 2^64⌋ - * - * Input Bounds: - * arg1: [0x0 ~> 0x1] - * arg2: [0x0 ~> 0xffffffffffffffff] - * arg3: [0x0 ~> 0xffffffffffffffff] - * Output Bounds: - * out1: [0x0 ~> 0xffffffffffffffff] - * out2: [0x0 ~> 0x1] - */ -static void fiat_bls12_381_q_subborrowx_u64(uint64_t* out1, fiat_bls12_381_q_uint1* out2, fiat_bls12_381_q_uint1 arg1, uint64_t arg2, uint64_t arg3) { - fiat_bls12_381_q_int128 x1 = ((arg2 - (fiat_bls12_381_q_int128)arg1) - arg3); - fiat_bls12_381_q_int1 x2 = (fiat_bls12_381_q_int1)(x1 >> 64); - uint64_t x3 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - *out1 = x3; - *out2 = (fiat_bls12_381_q_uint1)(0x0 - x2); -} - -/* - * The function fiat_bls12_381_q_mulx_u64 is a multiplication, returning the full double-width result. - * Postconditions: - * out1 = (arg1 * arg2) mod 2^64 - * out2 = ⌊arg1 * arg2 / 2^64⌋ - * - * Input Bounds: - * arg1: [0x0 ~> 0xffffffffffffffff] - * arg2: [0x0 ~> 0xffffffffffffffff] - * Output Bounds: - * out1: [0x0 ~> 0xffffffffffffffff] - * out2: [0x0 ~> 0xffffffffffffffff] - */ -static void fiat_bls12_381_q_mulx_u64(uint64_t* out1, uint64_t* out2, uint64_t arg1, uint64_t arg2) { - fiat_bls12_381_q_uint128 x1 = ((fiat_bls12_381_q_uint128)arg1 * arg2); - uint64_t x2 = (uint64_t)(x1 & UINT64_C(0xffffffffffffffff)); - uint64_t x3 = (uint64_t)(x1 >> 64); - *out1 = x2; - *out2 = x3; -} - -/* - * The function fiat_bls12_381_q_cmovznz_u64 is a single-word conditional move. - * Postconditions: - * out1 = (if arg1 = 0 then arg2 else arg3) - * - * Input Bounds: - * arg1: [0x0 ~> 0x1] - * arg2: [0x0 ~> 0xffffffffffffffff] - * arg3: [0x0 ~> 0xffffffffffffffff] - * Output Bounds: - * out1: [0x0 ~> 0xffffffffffffffff] - */ -static void fiat_bls12_381_q_cmovznz_u64(uint64_t* out1, fiat_bls12_381_q_uint1 arg1, uint64_t arg2, uint64_t arg3) { - fiat_bls12_381_q_uint1 x1 = (!(!arg1)); - uint64_t x2 = ((fiat_bls12_381_q_int1)(0x0 - x1) & UINT64_C(0xffffffffffffffff)); - uint64_t x3 = ((x2 & arg3) | ((~x2) & arg2)); - *out1 = x3; -} - -/* - * The function fiat_bls12_381_q_mul multiplies two field elements in the Montgomery domain. - * Preconditions: - * 0 ≤ eval arg1 < m - * 0 ≤ eval arg2 < m - * Postconditions: - * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg2)) mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_mul(uint64_t out1[6], const uint64_t arg1[6], const uint64_t arg2[6]) { - uint64_t x1 = (arg1[1]); - uint64_t x2 = (arg1[2]); - uint64_t x3 = (arg1[3]); - uint64_t x4 = (arg1[4]); - uint64_t x5 = (arg1[5]); - uint64_t x6 = (arg1[0]); - uint64_t x7; - uint64_t x8; - fiat_bls12_381_q_mulx_u64(&x7, &x8, x6, (arg2[5])); - uint64_t x9; - uint64_t x10; - fiat_bls12_381_q_mulx_u64(&x9, &x10, x6, (arg2[4])); - uint64_t x11; - uint64_t x12; - fiat_bls12_381_q_mulx_u64(&x11, &x12, x6, (arg2[3])); - uint64_t x13; - uint64_t x14; - fiat_bls12_381_q_mulx_u64(&x13, &x14, x6, (arg2[2])); - uint64_t x15; - uint64_t x16; - fiat_bls12_381_q_mulx_u64(&x15, &x16, x6, (arg2[1])); - uint64_t x17; - uint64_t x18; - fiat_bls12_381_q_mulx_u64(&x17, &x18, x6, (arg2[0])); - uint64_t x19; - fiat_bls12_381_q_uint1 x20; - fiat_bls12_381_q_addcarryx_u64(&x19, &x20, 0x0, x18, x15); - uint64_t x21; - fiat_bls12_381_q_uint1 x22; - fiat_bls12_381_q_addcarryx_u64(&x21, &x22, x20, x16, x13); - uint64_t x23; - fiat_bls12_381_q_uint1 x24; - fiat_bls12_381_q_addcarryx_u64(&x23, &x24, x22, x14, x11); - uint64_t x25; - fiat_bls12_381_q_uint1 x26; - fiat_bls12_381_q_addcarryx_u64(&x25, &x26, x24, x12, x9); - uint64_t x27; - fiat_bls12_381_q_uint1 x28; - fiat_bls12_381_q_addcarryx_u64(&x27, &x28, x26, x10, x7); - uint64_t x29; - fiat_bls12_381_q_uint1 x30; - fiat_bls12_381_q_addcarryx_u64(&x29, &x30, x28, x8, 0x0); - uint64_t x31; - uint64_t x32; - fiat_bls12_381_q_mulx_u64(&x31, &x32, x17, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x33; - uint64_t x34; - fiat_bls12_381_q_mulx_u64(&x33, &x34, x31, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x35; - uint64_t x36; - fiat_bls12_381_q_mulx_u64(&x35, &x36, x31, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x37; - uint64_t x38; - fiat_bls12_381_q_mulx_u64(&x37, &x38, x31, UINT64_C(0x64774b84f38512bf)); - uint64_t x39; - uint64_t x40; - fiat_bls12_381_q_mulx_u64(&x39, &x40, x31, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x41; - uint64_t x42; - fiat_bls12_381_q_mulx_u64(&x41, &x42, x31, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x43; - uint64_t x44; - fiat_bls12_381_q_mulx_u64(&x43, &x44, x31, UINT64_C(0xb9feffffffffaaab)); - uint64_t x45; - fiat_bls12_381_q_uint1 x46; - fiat_bls12_381_q_addcarryx_u64(&x45, &x46, 0x0, x44, x41); - uint64_t x47; - fiat_bls12_381_q_uint1 x48; - fiat_bls12_381_q_addcarryx_u64(&x47, &x48, x46, x42, x39); - uint64_t x49; - fiat_bls12_381_q_uint1 x50; - fiat_bls12_381_q_addcarryx_u64(&x49, &x50, x48, x40, x37); - uint64_t x51; - fiat_bls12_381_q_uint1 x52; - fiat_bls12_381_q_addcarryx_u64(&x51, &x52, x50, x38, x35); - uint64_t x53; - fiat_bls12_381_q_uint1 x54; - fiat_bls12_381_q_addcarryx_u64(&x53, &x54, x52, x36, x33); - uint64_t x55; - fiat_bls12_381_q_uint1 x56; - fiat_bls12_381_q_addcarryx_u64(&x55, &x56, x54, x34, 0x0); - uint64_t x57; - fiat_bls12_381_q_uint1 x58; - fiat_bls12_381_q_addcarryx_u64(&x57, &x58, 0x0, x17, x43); - uint64_t x59; - fiat_bls12_381_q_uint1 x60; - fiat_bls12_381_q_addcarryx_u64(&x59, &x60, x58, x19, x45); - uint64_t x61; - fiat_bls12_381_q_uint1 x62; - fiat_bls12_381_q_addcarryx_u64(&x61, &x62, x60, x21, x47); - uint64_t x63; - fiat_bls12_381_q_uint1 x64; - fiat_bls12_381_q_addcarryx_u64(&x63, &x64, x62, x23, x49); - uint64_t x65; - fiat_bls12_381_q_uint1 x66; - fiat_bls12_381_q_addcarryx_u64(&x65, &x66, x64, x25, x51); - uint64_t x67; - fiat_bls12_381_q_uint1 x68; - fiat_bls12_381_q_addcarryx_u64(&x67, &x68, x66, x27, x53); - uint64_t x69; - fiat_bls12_381_q_uint1 x70; - fiat_bls12_381_q_addcarryx_u64(&x69, &x70, x68, x29, x55); - uint64_t x71; - fiat_bls12_381_q_uint1 x72; - fiat_bls12_381_q_addcarryx_u64(&x71, &x72, x70, 0x0, 0x0); - uint64_t x73; - uint64_t x74; - fiat_bls12_381_q_mulx_u64(&x73, &x74, x1, (arg2[5])); - uint64_t x75; - uint64_t x76; - fiat_bls12_381_q_mulx_u64(&x75, &x76, x1, (arg2[4])); - uint64_t x77; - uint64_t x78; - fiat_bls12_381_q_mulx_u64(&x77, &x78, x1, (arg2[3])); - uint64_t x79; - uint64_t x80; - fiat_bls12_381_q_mulx_u64(&x79, &x80, x1, (arg2[2])); - uint64_t x81; - uint64_t x82; - fiat_bls12_381_q_mulx_u64(&x81, &x82, x1, (arg2[1])); - uint64_t x83; - uint64_t x84; - fiat_bls12_381_q_mulx_u64(&x83, &x84, x1, (arg2[0])); - uint64_t x85; - fiat_bls12_381_q_uint1 x86; - fiat_bls12_381_q_addcarryx_u64(&x85, &x86, 0x0, x84, x81); - uint64_t x87; - fiat_bls12_381_q_uint1 x88; - fiat_bls12_381_q_addcarryx_u64(&x87, &x88, x86, x82, x79); - uint64_t x89; - fiat_bls12_381_q_uint1 x90; - fiat_bls12_381_q_addcarryx_u64(&x89, &x90, x88, x80, x77); - uint64_t x91; - fiat_bls12_381_q_uint1 x92; - fiat_bls12_381_q_addcarryx_u64(&x91, &x92, x90, x78, x75); - uint64_t x93; - fiat_bls12_381_q_uint1 x94; - fiat_bls12_381_q_addcarryx_u64(&x93, &x94, x92, x76, x73); - uint64_t x95; - fiat_bls12_381_q_uint1 x96; - fiat_bls12_381_q_addcarryx_u64(&x95, &x96, x94, x74, 0x0); - uint64_t x97; - fiat_bls12_381_q_uint1 x98; - fiat_bls12_381_q_addcarryx_u64(&x97, &x98, 0x0, x59, x83); - uint64_t x99; - fiat_bls12_381_q_uint1 x100; - fiat_bls12_381_q_addcarryx_u64(&x99, &x100, x98, x61, x85); - uint64_t x101; - fiat_bls12_381_q_uint1 x102; - fiat_bls12_381_q_addcarryx_u64(&x101, &x102, x100, x63, x87); - uint64_t x103; - fiat_bls12_381_q_uint1 x104; - fiat_bls12_381_q_addcarryx_u64(&x103, &x104, x102, x65, x89); - uint64_t x105; - fiat_bls12_381_q_uint1 x106; - fiat_bls12_381_q_addcarryx_u64(&x105, &x106, x104, x67, x91); - uint64_t x107; - fiat_bls12_381_q_uint1 x108; - fiat_bls12_381_q_addcarryx_u64(&x107, &x108, x106, x69, x93); - uint64_t x109; - fiat_bls12_381_q_uint1 x110; - fiat_bls12_381_q_addcarryx_u64(&x109, &x110, x108, (fiat_bls12_381_q_uint1)x71, x95); - uint64_t x111; - uint64_t x112; - fiat_bls12_381_q_mulx_u64(&x111, &x112, x97, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x113; - uint64_t x114; - fiat_bls12_381_q_mulx_u64(&x113, &x114, x111, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x115; - uint64_t x116; - fiat_bls12_381_q_mulx_u64(&x115, &x116, x111, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x117; - uint64_t x118; - fiat_bls12_381_q_mulx_u64(&x117, &x118, x111, UINT64_C(0x64774b84f38512bf)); - uint64_t x119; - uint64_t x120; - fiat_bls12_381_q_mulx_u64(&x119, &x120, x111, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x121; - uint64_t x122; - fiat_bls12_381_q_mulx_u64(&x121, &x122, x111, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x123; - uint64_t x124; - fiat_bls12_381_q_mulx_u64(&x123, &x124, x111, UINT64_C(0xb9feffffffffaaab)); - uint64_t x125; - fiat_bls12_381_q_uint1 x126; - fiat_bls12_381_q_addcarryx_u64(&x125, &x126, 0x0, x124, x121); - uint64_t x127; - fiat_bls12_381_q_uint1 x128; - fiat_bls12_381_q_addcarryx_u64(&x127, &x128, x126, x122, x119); - uint64_t x129; - fiat_bls12_381_q_uint1 x130; - fiat_bls12_381_q_addcarryx_u64(&x129, &x130, x128, x120, x117); - uint64_t x131; - fiat_bls12_381_q_uint1 x132; - fiat_bls12_381_q_addcarryx_u64(&x131, &x132, x130, x118, x115); - uint64_t x133; - fiat_bls12_381_q_uint1 x134; - fiat_bls12_381_q_addcarryx_u64(&x133, &x134, x132, x116, x113); - uint64_t x135; - fiat_bls12_381_q_uint1 x136; - fiat_bls12_381_q_addcarryx_u64(&x135, &x136, x134, x114, 0x0); - uint64_t x137; - fiat_bls12_381_q_uint1 x138; - fiat_bls12_381_q_addcarryx_u64(&x137, &x138, 0x0, x97, x123); - uint64_t x139; - fiat_bls12_381_q_uint1 x140; - fiat_bls12_381_q_addcarryx_u64(&x139, &x140, x138, x99, x125); - uint64_t x141; - fiat_bls12_381_q_uint1 x142; - fiat_bls12_381_q_addcarryx_u64(&x141, &x142, x140, x101, x127); - uint64_t x143; - fiat_bls12_381_q_uint1 x144; - fiat_bls12_381_q_addcarryx_u64(&x143, &x144, x142, x103, x129); - uint64_t x145; - fiat_bls12_381_q_uint1 x146; - fiat_bls12_381_q_addcarryx_u64(&x145, &x146, x144, x105, x131); - uint64_t x147; - fiat_bls12_381_q_uint1 x148; - fiat_bls12_381_q_addcarryx_u64(&x147, &x148, x146, x107, x133); - uint64_t x149; - fiat_bls12_381_q_uint1 x150; - fiat_bls12_381_q_addcarryx_u64(&x149, &x150, x148, x109, x135); - uint64_t x151; - fiat_bls12_381_q_uint1 x152; - fiat_bls12_381_q_addcarryx_u64(&x151, &x152, x150, x110, 0x0); - uint64_t x153; - uint64_t x154; - fiat_bls12_381_q_mulx_u64(&x153, &x154, x2, (arg2[5])); - uint64_t x155; - uint64_t x156; - fiat_bls12_381_q_mulx_u64(&x155, &x156, x2, (arg2[4])); - uint64_t x157; - uint64_t x158; - fiat_bls12_381_q_mulx_u64(&x157, &x158, x2, (arg2[3])); - uint64_t x159; - uint64_t x160; - fiat_bls12_381_q_mulx_u64(&x159, &x160, x2, (arg2[2])); - uint64_t x161; - uint64_t x162; - fiat_bls12_381_q_mulx_u64(&x161, &x162, x2, (arg2[1])); - uint64_t x163; - uint64_t x164; - fiat_bls12_381_q_mulx_u64(&x163, &x164, x2, (arg2[0])); - uint64_t x165; - fiat_bls12_381_q_uint1 x166; - fiat_bls12_381_q_addcarryx_u64(&x165, &x166, 0x0, x164, x161); - uint64_t x167; - fiat_bls12_381_q_uint1 x168; - fiat_bls12_381_q_addcarryx_u64(&x167, &x168, x166, x162, x159); - uint64_t x169; - fiat_bls12_381_q_uint1 x170; - fiat_bls12_381_q_addcarryx_u64(&x169, &x170, x168, x160, x157); - uint64_t x171; - fiat_bls12_381_q_uint1 x172; - fiat_bls12_381_q_addcarryx_u64(&x171, &x172, x170, x158, x155); - uint64_t x173; - fiat_bls12_381_q_uint1 x174; - fiat_bls12_381_q_addcarryx_u64(&x173, &x174, x172, x156, x153); - uint64_t x175; - fiat_bls12_381_q_uint1 x176; - fiat_bls12_381_q_addcarryx_u64(&x175, &x176, x174, x154, 0x0); - uint64_t x177; - fiat_bls12_381_q_uint1 x178; - fiat_bls12_381_q_addcarryx_u64(&x177, &x178, 0x0, x139, x163); - uint64_t x179; - fiat_bls12_381_q_uint1 x180; - fiat_bls12_381_q_addcarryx_u64(&x179, &x180, x178, x141, x165); - uint64_t x181; - fiat_bls12_381_q_uint1 x182; - fiat_bls12_381_q_addcarryx_u64(&x181, &x182, x180, x143, x167); - uint64_t x183; - fiat_bls12_381_q_uint1 x184; - fiat_bls12_381_q_addcarryx_u64(&x183, &x184, x182, x145, x169); - uint64_t x185; - fiat_bls12_381_q_uint1 x186; - fiat_bls12_381_q_addcarryx_u64(&x185, &x186, x184, x147, x171); - uint64_t x187; - fiat_bls12_381_q_uint1 x188; - fiat_bls12_381_q_addcarryx_u64(&x187, &x188, x186, x149, x173); - uint64_t x189; - fiat_bls12_381_q_uint1 x190; - fiat_bls12_381_q_addcarryx_u64(&x189, &x190, x188, x151, x175); - uint64_t x191; - uint64_t x192; - fiat_bls12_381_q_mulx_u64(&x191, &x192, x177, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x193; - uint64_t x194; - fiat_bls12_381_q_mulx_u64(&x193, &x194, x191, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x195; - uint64_t x196; - fiat_bls12_381_q_mulx_u64(&x195, &x196, x191, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x197; - uint64_t x198; - fiat_bls12_381_q_mulx_u64(&x197, &x198, x191, UINT64_C(0x64774b84f38512bf)); - uint64_t x199; - uint64_t x200; - fiat_bls12_381_q_mulx_u64(&x199, &x200, x191, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x201; - uint64_t x202; - fiat_bls12_381_q_mulx_u64(&x201, &x202, x191, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x203; - uint64_t x204; - fiat_bls12_381_q_mulx_u64(&x203, &x204, x191, UINT64_C(0xb9feffffffffaaab)); - uint64_t x205; - fiat_bls12_381_q_uint1 x206; - fiat_bls12_381_q_addcarryx_u64(&x205, &x206, 0x0, x204, x201); - uint64_t x207; - fiat_bls12_381_q_uint1 x208; - fiat_bls12_381_q_addcarryx_u64(&x207, &x208, x206, x202, x199); - uint64_t x209; - fiat_bls12_381_q_uint1 x210; - fiat_bls12_381_q_addcarryx_u64(&x209, &x210, x208, x200, x197); - uint64_t x211; - fiat_bls12_381_q_uint1 x212; - fiat_bls12_381_q_addcarryx_u64(&x211, &x212, x210, x198, x195); - uint64_t x213; - fiat_bls12_381_q_uint1 x214; - fiat_bls12_381_q_addcarryx_u64(&x213, &x214, x212, x196, x193); - uint64_t x215; - fiat_bls12_381_q_uint1 x216; - fiat_bls12_381_q_addcarryx_u64(&x215, &x216, x214, x194, 0x0); - uint64_t x217; - fiat_bls12_381_q_uint1 x218; - fiat_bls12_381_q_addcarryx_u64(&x217, &x218, 0x0, x177, x203); - uint64_t x219; - fiat_bls12_381_q_uint1 x220; - fiat_bls12_381_q_addcarryx_u64(&x219, &x220, x218, x179, x205); - uint64_t x221; - fiat_bls12_381_q_uint1 x222; - fiat_bls12_381_q_addcarryx_u64(&x221, &x222, x220, x181, x207); - uint64_t x223; - fiat_bls12_381_q_uint1 x224; - fiat_bls12_381_q_addcarryx_u64(&x223, &x224, x222, x183, x209); - uint64_t x225; - fiat_bls12_381_q_uint1 x226; - fiat_bls12_381_q_addcarryx_u64(&x225, &x226, x224, x185, x211); - uint64_t x227; - fiat_bls12_381_q_uint1 x228; - fiat_bls12_381_q_addcarryx_u64(&x227, &x228, x226, x187, x213); - uint64_t x229; - fiat_bls12_381_q_uint1 x230; - fiat_bls12_381_q_addcarryx_u64(&x229, &x230, x228, x189, x215); - uint64_t x231; - fiat_bls12_381_q_uint1 x232; - fiat_bls12_381_q_addcarryx_u64(&x231, &x232, x230, x190, 0x0); - uint64_t x233; - uint64_t x234; - fiat_bls12_381_q_mulx_u64(&x233, &x234, x3, (arg2[5])); - uint64_t x235; - uint64_t x236; - fiat_bls12_381_q_mulx_u64(&x235, &x236, x3, (arg2[4])); - uint64_t x237; - uint64_t x238; - fiat_bls12_381_q_mulx_u64(&x237, &x238, x3, (arg2[3])); - uint64_t x239; - uint64_t x240; - fiat_bls12_381_q_mulx_u64(&x239, &x240, x3, (arg2[2])); - uint64_t x241; - uint64_t x242; - fiat_bls12_381_q_mulx_u64(&x241, &x242, x3, (arg2[1])); - uint64_t x243; - uint64_t x244; - fiat_bls12_381_q_mulx_u64(&x243, &x244, x3, (arg2[0])); - uint64_t x245; - fiat_bls12_381_q_uint1 x246; - fiat_bls12_381_q_addcarryx_u64(&x245, &x246, 0x0, x244, x241); - uint64_t x247; - fiat_bls12_381_q_uint1 x248; - fiat_bls12_381_q_addcarryx_u64(&x247, &x248, x246, x242, x239); - uint64_t x249; - fiat_bls12_381_q_uint1 x250; - fiat_bls12_381_q_addcarryx_u64(&x249, &x250, x248, x240, x237); - uint64_t x251; - fiat_bls12_381_q_uint1 x252; - fiat_bls12_381_q_addcarryx_u64(&x251, &x252, x250, x238, x235); - uint64_t x253; - fiat_bls12_381_q_uint1 x254; - fiat_bls12_381_q_addcarryx_u64(&x253, &x254, x252, x236, x233); - uint64_t x255; - fiat_bls12_381_q_uint1 x256; - fiat_bls12_381_q_addcarryx_u64(&x255, &x256, x254, x234, 0x0); - uint64_t x257; - fiat_bls12_381_q_uint1 x258; - fiat_bls12_381_q_addcarryx_u64(&x257, &x258, 0x0, x219, x243); - uint64_t x259; - fiat_bls12_381_q_uint1 x260; - fiat_bls12_381_q_addcarryx_u64(&x259, &x260, x258, x221, x245); - uint64_t x261; - fiat_bls12_381_q_uint1 x262; - fiat_bls12_381_q_addcarryx_u64(&x261, &x262, x260, x223, x247); - uint64_t x263; - fiat_bls12_381_q_uint1 x264; - fiat_bls12_381_q_addcarryx_u64(&x263, &x264, x262, x225, x249); - uint64_t x265; - fiat_bls12_381_q_uint1 x266; - fiat_bls12_381_q_addcarryx_u64(&x265, &x266, x264, x227, x251); - uint64_t x267; - fiat_bls12_381_q_uint1 x268; - fiat_bls12_381_q_addcarryx_u64(&x267, &x268, x266, x229, x253); - uint64_t x269; - fiat_bls12_381_q_uint1 x270; - fiat_bls12_381_q_addcarryx_u64(&x269, &x270, x268, x231, x255); - uint64_t x271; - uint64_t x272; - fiat_bls12_381_q_mulx_u64(&x271, &x272, x257, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x273; - uint64_t x274; - fiat_bls12_381_q_mulx_u64(&x273, &x274, x271, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x275; - uint64_t x276; - fiat_bls12_381_q_mulx_u64(&x275, &x276, x271, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x277; - uint64_t x278; - fiat_bls12_381_q_mulx_u64(&x277, &x278, x271, UINT64_C(0x64774b84f38512bf)); - uint64_t x279; - uint64_t x280; - fiat_bls12_381_q_mulx_u64(&x279, &x280, x271, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x281; - uint64_t x282; - fiat_bls12_381_q_mulx_u64(&x281, &x282, x271, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x283; - uint64_t x284; - fiat_bls12_381_q_mulx_u64(&x283, &x284, x271, UINT64_C(0xb9feffffffffaaab)); - uint64_t x285; - fiat_bls12_381_q_uint1 x286; - fiat_bls12_381_q_addcarryx_u64(&x285, &x286, 0x0, x284, x281); - uint64_t x287; - fiat_bls12_381_q_uint1 x288; - fiat_bls12_381_q_addcarryx_u64(&x287, &x288, x286, x282, x279); - uint64_t x289; - fiat_bls12_381_q_uint1 x290; - fiat_bls12_381_q_addcarryx_u64(&x289, &x290, x288, x280, x277); - uint64_t x291; - fiat_bls12_381_q_uint1 x292; - fiat_bls12_381_q_addcarryx_u64(&x291, &x292, x290, x278, x275); - uint64_t x293; - fiat_bls12_381_q_uint1 x294; - fiat_bls12_381_q_addcarryx_u64(&x293, &x294, x292, x276, x273); - uint64_t x295; - fiat_bls12_381_q_uint1 x296; - fiat_bls12_381_q_addcarryx_u64(&x295, &x296, x294, x274, 0x0); - uint64_t x297; - fiat_bls12_381_q_uint1 x298; - fiat_bls12_381_q_addcarryx_u64(&x297, &x298, 0x0, x257, x283); - uint64_t x299; - fiat_bls12_381_q_uint1 x300; - fiat_bls12_381_q_addcarryx_u64(&x299, &x300, x298, x259, x285); - uint64_t x301; - fiat_bls12_381_q_uint1 x302; - fiat_bls12_381_q_addcarryx_u64(&x301, &x302, x300, x261, x287); - uint64_t x303; - fiat_bls12_381_q_uint1 x304; - fiat_bls12_381_q_addcarryx_u64(&x303, &x304, x302, x263, x289); - uint64_t x305; - fiat_bls12_381_q_uint1 x306; - fiat_bls12_381_q_addcarryx_u64(&x305, &x306, x304, x265, x291); - uint64_t x307; - fiat_bls12_381_q_uint1 x308; - fiat_bls12_381_q_addcarryx_u64(&x307, &x308, x306, x267, x293); - uint64_t x309; - fiat_bls12_381_q_uint1 x310; - fiat_bls12_381_q_addcarryx_u64(&x309, &x310, x308, x269, x295); - uint64_t x311; - fiat_bls12_381_q_uint1 x312; - fiat_bls12_381_q_addcarryx_u64(&x311, &x312, x310, x270, 0x0); - uint64_t x313; - uint64_t x314; - fiat_bls12_381_q_mulx_u64(&x313, &x314, x4, (arg2[5])); - uint64_t x315; - uint64_t x316; - fiat_bls12_381_q_mulx_u64(&x315, &x316, x4, (arg2[4])); - uint64_t x317; - uint64_t x318; - fiat_bls12_381_q_mulx_u64(&x317, &x318, x4, (arg2[3])); - uint64_t x319; - uint64_t x320; - fiat_bls12_381_q_mulx_u64(&x319, &x320, x4, (arg2[2])); - uint64_t x321; - uint64_t x322; - fiat_bls12_381_q_mulx_u64(&x321, &x322, x4, (arg2[1])); - uint64_t x323; - uint64_t x324; - fiat_bls12_381_q_mulx_u64(&x323, &x324, x4, (arg2[0])); - uint64_t x325; - fiat_bls12_381_q_uint1 x326; - fiat_bls12_381_q_addcarryx_u64(&x325, &x326, 0x0, x324, x321); - uint64_t x327; - fiat_bls12_381_q_uint1 x328; - fiat_bls12_381_q_addcarryx_u64(&x327, &x328, x326, x322, x319); - uint64_t x329; - fiat_bls12_381_q_uint1 x330; - fiat_bls12_381_q_addcarryx_u64(&x329, &x330, x328, x320, x317); - uint64_t x331; - fiat_bls12_381_q_uint1 x332; - fiat_bls12_381_q_addcarryx_u64(&x331, &x332, x330, x318, x315); - uint64_t x333; - fiat_bls12_381_q_uint1 x334; - fiat_bls12_381_q_addcarryx_u64(&x333, &x334, x332, x316, x313); - uint64_t x335; - fiat_bls12_381_q_uint1 x336; - fiat_bls12_381_q_addcarryx_u64(&x335, &x336, x334, x314, 0x0); - uint64_t x337; - fiat_bls12_381_q_uint1 x338; - fiat_bls12_381_q_addcarryx_u64(&x337, &x338, 0x0, x299, x323); - uint64_t x339; - fiat_bls12_381_q_uint1 x340; - fiat_bls12_381_q_addcarryx_u64(&x339, &x340, x338, x301, x325); - uint64_t x341; - fiat_bls12_381_q_uint1 x342; - fiat_bls12_381_q_addcarryx_u64(&x341, &x342, x340, x303, x327); - uint64_t x343; - fiat_bls12_381_q_uint1 x344; - fiat_bls12_381_q_addcarryx_u64(&x343, &x344, x342, x305, x329); - uint64_t x345; - fiat_bls12_381_q_uint1 x346; - fiat_bls12_381_q_addcarryx_u64(&x345, &x346, x344, x307, x331); - uint64_t x347; - fiat_bls12_381_q_uint1 x348; - fiat_bls12_381_q_addcarryx_u64(&x347, &x348, x346, x309, x333); - uint64_t x349; - fiat_bls12_381_q_uint1 x350; - fiat_bls12_381_q_addcarryx_u64(&x349, &x350, x348, x311, x335); - uint64_t x351; - uint64_t x352; - fiat_bls12_381_q_mulx_u64(&x351, &x352, x337, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x353; - uint64_t x354; - fiat_bls12_381_q_mulx_u64(&x353, &x354, x351, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x355; - uint64_t x356; - fiat_bls12_381_q_mulx_u64(&x355, &x356, x351, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x357; - uint64_t x358; - fiat_bls12_381_q_mulx_u64(&x357, &x358, x351, UINT64_C(0x64774b84f38512bf)); - uint64_t x359; - uint64_t x360; - fiat_bls12_381_q_mulx_u64(&x359, &x360, x351, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x361; - uint64_t x362; - fiat_bls12_381_q_mulx_u64(&x361, &x362, x351, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x363; - uint64_t x364; - fiat_bls12_381_q_mulx_u64(&x363, &x364, x351, UINT64_C(0xb9feffffffffaaab)); - uint64_t x365; - fiat_bls12_381_q_uint1 x366; - fiat_bls12_381_q_addcarryx_u64(&x365, &x366, 0x0, x364, x361); - uint64_t x367; - fiat_bls12_381_q_uint1 x368; - fiat_bls12_381_q_addcarryx_u64(&x367, &x368, x366, x362, x359); - uint64_t x369; - fiat_bls12_381_q_uint1 x370; - fiat_bls12_381_q_addcarryx_u64(&x369, &x370, x368, x360, x357); - uint64_t x371; - fiat_bls12_381_q_uint1 x372; - fiat_bls12_381_q_addcarryx_u64(&x371, &x372, x370, x358, x355); - uint64_t x373; - fiat_bls12_381_q_uint1 x374; - fiat_bls12_381_q_addcarryx_u64(&x373, &x374, x372, x356, x353); - uint64_t x375; - fiat_bls12_381_q_uint1 x376; - fiat_bls12_381_q_addcarryx_u64(&x375, &x376, x374, x354, 0x0); - uint64_t x377; - fiat_bls12_381_q_uint1 x378; - fiat_bls12_381_q_addcarryx_u64(&x377, &x378, 0x0, x337, x363); - uint64_t x379; - fiat_bls12_381_q_uint1 x380; - fiat_bls12_381_q_addcarryx_u64(&x379, &x380, x378, x339, x365); - uint64_t x381; - fiat_bls12_381_q_uint1 x382; - fiat_bls12_381_q_addcarryx_u64(&x381, &x382, x380, x341, x367); - uint64_t x383; - fiat_bls12_381_q_uint1 x384; - fiat_bls12_381_q_addcarryx_u64(&x383, &x384, x382, x343, x369); - uint64_t x385; - fiat_bls12_381_q_uint1 x386; - fiat_bls12_381_q_addcarryx_u64(&x385, &x386, x384, x345, x371); - uint64_t x387; - fiat_bls12_381_q_uint1 x388; - fiat_bls12_381_q_addcarryx_u64(&x387, &x388, x386, x347, x373); - uint64_t x389; - fiat_bls12_381_q_uint1 x390; - fiat_bls12_381_q_addcarryx_u64(&x389, &x390, x388, x349, x375); - uint64_t x391; - fiat_bls12_381_q_uint1 x392; - fiat_bls12_381_q_addcarryx_u64(&x391, &x392, x390, x350, 0x0); - uint64_t x393; - uint64_t x394; - fiat_bls12_381_q_mulx_u64(&x393, &x394, x5, (arg2[5])); - uint64_t x395; - uint64_t x396; - fiat_bls12_381_q_mulx_u64(&x395, &x396, x5, (arg2[4])); - uint64_t x397; - uint64_t x398; - fiat_bls12_381_q_mulx_u64(&x397, &x398, x5, (arg2[3])); - uint64_t x399; - uint64_t x400; - fiat_bls12_381_q_mulx_u64(&x399, &x400, x5, (arg2[2])); - uint64_t x401; - uint64_t x402; - fiat_bls12_381_q_mulx_u64(&x401, &x402, x5, (arg2[1])); - uint64_t x403; - uint64_t x404; - fiat_bls12_381_q_mulx_u64(&x403, &x404, x5, (arg2[0])); - uint64_t x405; - fiat_bls12_381_q_uint1 x406; - fiat_bls12_381_q_addcarryx_u64(&x405, &x406, 0x0, x404, x401); - uint64_t x407; - fiat_bls12_381_q_uint1 x408; - fiat_bls12_381_q_addcarryx_u64(&x407, &x408, x406, x402, x399); - uint64_t x409; - fiat_bls12_381_q_uint1 x410; - fiat_bls12_381_q_addcarryx_u64(&x409, &x410, x408, x400, x397); - uint64_t x411; - fiat_bls12_381_q_uint1 x412; - fiat_bls12_381_q_addcarryx_u64(&x411, &x412, x410, x398, x395); - uint64_t x413; - fiat_bls12_381_q_uint1 x414; - fiat_bls12_381_q_addcarryx_u64(&x413, &x414, x412, x396, x393); - uint64_t x415; - fiat_bls12_381_q_uint1 x416; - fiat_bls12_381_q_addcarryx_u64(&x415, &x416, x414, x394, 0x0); - uint64_t x417; - fiat_bls12_381_q_uint1 x418; - fiat_bls12_381_q_addcarryx_u64(&x417, &x418, 0x0, x379, x403); - uint64_t x419; - fiat_bls12_381_q_uint1 x420; - fiat_bls12_381_q_addcarryx_u64(&x419, &x420, x418, x381, x405); - uint64_t x421; - fiat_bls12_381_q_uint1 x422; - fiat_bls12_381_q_addcarryx_u64(&x421, &x422, x420, x383, x407); - uint64_t x423; - fiat_bls12_381_q_uint1 x424; - fiat_bls12_381_q_addcarryx_u64(&x423, &x424, x422, x385, x409); - uint64_t x425; - fiat_bls12_381_q_uint1 x426; - fiat_bls12_381_q_addcarryx_u64(&x425, &x426, x424, x387, x411); - uint64_t x427; - fiat_bls12_381_q_uint1 x428; - fiat_bls12_381_q_addcarryx_u64(&x427, &x428, x426, x389, x413); - uint64_t x429; - fiat_bls12_381_q_uint1 x430; - fiat_bls12_381_q_addcarryx_u64(&x429, &x430, x428, x391, x415); - uint64_t x431; - uint64_t x432; - fiat_bls12_381_q_mulx_u64(&x431, &x432, x417, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x433; - uint64_t x434; - fiat_bls12_381_q_mulx_u64(&x433, &x434, x431, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x435; - uint64_t x436; - fiat_bls12_381_q_mulx_u64(&x435, &x436, x431, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x437; - uint64_t x438; - fiat_bls12_381_q_mulx_u64(&x437, &x438, x431, UINT64_C(0x64774b84f38512bf)); - uint64_t x439; - uint64_t x440; - fiat_bls12_381_q_mulx_u64(&x439, &x440, x431, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x441; - uint64_t x442; - fiat_bls12_381_q_mulx_u64(&x441, &x442, x431, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x443; - uint64_t x444; - fiat_bls12_381_q_mulx_u64(&x443, &x444, x431, UINT64_C(0xb9feffffffffaaab)); - uint64_t x445; - fiat_bls12_381_q_uint1 x446; - fiat_bls12_381_q_addcarryx_u64(&x445, &x446, 0x0, x444, x441); - uint64_t x447; - fiat_bls12_381_q_uint1 x448; - fiat_bls12_381_q_addcarryx_u64(&x447, &x448, x446, x442, x439); - uint64_t x449; - fiat_bls12_381_q_uint1 x450; - fiat_bls12_381_q_addcarryx_u64(&x449, &x450, x448, x440, x437); - uint64_t x451; - fiat_bls12_381_q_uint1 x452; - fiat_bls12_381_q_addcarryx_u64(&x451, &x452, x450, x438, x435); - uint64_t x453; - fiat_bls12_381_q_uint1 x454; - fiat_bls12_381_q_addcarryx_u64(&x453, &x454, x452, x436, x433); - uint64_t x455; - fiat_bls12_381_q_uint1 x456; - fiat_bls12_381_q_addcarryx_u64(&x455, &x456, x454, x434, 0x0); - uint64_t x457; - fiat_bls12_381_q_uint1 x458; - fiat_bls12_381_q_addcarryx_u64(&x457, &x458, 0x0, x417, x443); - uint64_t x459; - fiat_bls12_381_q_uint1 x460; - fiat_bls12_381_q_addcarryx_u64(&x459, &x460, x458, x419, x445); - uint64_t x461; - fiat_bls12_381_q_uint1 x462; - fiat_bls12_381_q_addcarryx_u64(&x461, &x462, x460, x421, x447); - uint64_t x463; - fiat_bls12_381_q_uint1 x464; - fiat_bls12_381_q_addcarryx_u64(&x463, &x464, x462, x423, x449); - uint64_t x465; - fiat_bls12_381_q_uint1 x466; - fiat_bls12_381_q_addcarryx_u64(&x465, &x466, x464, x425, x451); - uint64_t x467; - fiat_bls12_381_q_uint1 x468; - fiat_bls12_381_q_addcarryx_u64(&x467, &x468, x466, x427, x453); - uint64_t x469; - fiat_bls12_381_q_uint1 x470; - fiat_bls12_381_q_addcarryx_u64(&x469, &x470, x468, x429, x455); - uint64_t x471; - fiat_bls12_381_q_uint1 x472; - fiat_bls12_381_q_addcarryx_u64(&x471, &x472, x470, x430, 0x0); - uint64_t x473; - fiat_bls12_381_q_uint1 x474; - fiat_bls12_381_q_subborrowx_u64(&x473, &x474, 0x0, x459, UINT64_C(0xb9feffffffffaaab)); - uint64_t x475; - fiat_bls12_381_q_uint1 x476; - fiat_bls12_381_q_subborrowx_u64(&x475, &x476, x474, x461, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x477; - fiat_bls12_381_q_uint1 x478; - fiat_bls12_381_q_subborrowx_u64(&x477, &x478, x476, x463, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x479; - fiat_bls12_381_q_uint1 x480; - fiat_bls12_381_q_subborrowx_u64(&x479, &x480, x478, x465, UINT64_C(0x64774b84f38512bf)); - uint64_t x481; - fiat_bls12_381_q_uint1 x482; - fiat_bls12_381_q_subborrowx_u64(&x481, &x482, x480, x467, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x483; - fiat_bls12_381_q_uint1 x484; - fiat_bls12_381_q_subborrowx_u64(&x483, &x484, x482, x469, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x485; - fiat_bls12_381_q_uint1 x486; - fiat_bls12_381_q_subborrowx_u64(&x485, &x486, x484, x471, 0x0); - uint64_t x487; - fiat_bls12_381_q_cmovznz_u64(&x487, x486, x473, x459); - uint64_t x488; - fiat_bls12_381_q_cmovznz_u64(&x488, x486, x475, x461); - uint64_t x489; - fiat_bls12_381_q_cmovznz_u64(&x489, x486, x477, x463); - uint64_t x490; - fiat_bls12_381_q_cmovznz_u64(&x490, x486, x479, x465); - uint64_t x491; - fiat_bls12_381_q_cmovznz_u64(&x491, x486, x481, x467); - uint64_t x492; - fiat_bls12_381_q_cmovznz_u64(&x492, x486, x483, x469); - out1[0] = x487; - out1[1] = x488; - out1[2] = x489; - out1[3] = x490; - out1[4] = x491; - out1[5] = x492; -} - -/* - * The function fiat_bls12_381_q_square squares a field element in the Montgomery domain. - * Preconditions: - * 0 ≤ eval arg1 < m - * Postconditions: - * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg1)) mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_square(uint64_t out1[6], const uint64_t arg1[6]) { - uint64_t x1 = (arg1[1]); - uint64_t x2 = (arg1[2]); - uint64_t x3 = (arg1[3]); - uint64_t x4 = (arg1[4]); - uint64_t x5 = (arg1[5]); - uint64_t x6 = (arg1[0]); - uint64_t x7; - uint64_t x8; - fiat_bls12_381_q_mulx_u64(&x7, &x8, x6, (arg1[5])); - uint64_t x9; - uint64_t x10; - fiat_bls12_381_q_mulx_u64(&x9, &x10, x6, (arg1[4])); - uint64_t x11; - uint64_t x12; - fiat_bls12_381_q_mulx_u64(&x11, &x12, x6, (arg1[3])); - uint64_t x13; - uint64_t x14; - fiat_bls12_381_q_mulx_u64(&x13, &x14, x6, (arg1[2])); - uint64_t x15; - uint64_t x16; - fiat_bls12_381_q_mulx_u64(&x15, &x16, x6, (arg1[1])); - uint64_t x17; - uint64_t x18; - fiat_bls12_381_q_mulx_u64(&x17, &x18, x6, (arg1[0])); - uint64_t x19; - fiat_bls12_381_q_uint1 x20; - fiat_bls12_381_q_addcarryx_u64(&x19, &x20, 0x0, x18, x15); - uint64_t x21; - fiat_bls12_381_q_uint1 x22; - fiat_bls12_381_q_addcarryx_u64(&x21, &x22, x20, x16, x13); - uint64_t x23; - fiat_bls12_381_q_uint1 x24; - fiat_bls12_381_q_addcarryx_u64(&x23, &x24, x22, x14, x11); - uint64_t x25; - fiat_bls12_381_q_uint1 x26; - fiat_bls12_381_q_addcarryx_u64(&x25, &x26, x24, x12, x9); - uint64_t x27; - fiat_bls12_381_q_uint1 x28; - fiat_bls12_381_q_addcarryx_u64(&x27, &x28, x26, x10, x7); - uint64_t x29; - fiat_bls12_381_q_uint1 x30; - fiat_bls12_381_q_addcarryx_u64(&x29, &x30, x28, x8, 0x0); - uint64_t x31; - uint64_t x32; - fiat_bls12_381_q_mulx_u64(&x31, &x32, x17, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x33; - uint64_t x34; - fiat_bls12_381_q_mulx_u64(&x33, &x34, x31, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x35; - uint64_t x36; - fiat_bls12_381_q_mulx_u64(&x35, &x36, x31, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x37; - uint64_t x38; - fiat_bls12_381_q_mulx_u64(&x37, &x38, x31, UINT64_C(0x64774b84f38512bf)); - uint64_t x39; - uint64_t x40; - fiat_bls12_381_q_mulx_u64(&x39, &x40, x31, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x41; - uint64_t x42; - fiat_bls12_381_q_mulx_u64(&x41, &x42, x31, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x43; - uint64_t x44; - fiat_bls12_381_q_mulx_u64(&x43, &x44, x31, UINT64_C(0xb9feffffffffaaab)); - uint64_t x45; - fiat_bls12_381_q_uint1 x46; - fiat_bls12_381_q_addcarryx_u64(&x45, &x46, 0x0, x44, x41); - uint64_t x47; - fiat_bls12_381_q_uint1 x48; - fiat_bls12_381_q_addcarryx_u64(&x47, &x48, x46, x42, x39); - uint64_t x49; - fiat_bls12_381_q_uint1 x50; - fiat_bls12_381_q_addcarryx_u64(&x49, &x50, x48, x40, x37); - uint64_t x51; - fiat_bls12_381_q_uint1 x52; - fiat_bls12_381_q_addcarryx_u64(&x51, &x52, x50, x38, x35); - uint64_t x53; - fiat_bls12_381_q_uint1 x54; - fiat_bls12_381_q_addcarryx_u64(&x53, &x54, x52, x36, x33); - uint64_t x55; - fiat_bls12_381_q_uint1 x56; - fiat_bls12_381_q_addcarryx_u64(&x55, &x56, x54, x34, 0x0); - uint64_t x57; - fiat_bls12_381_q_uint1 x58; - fiat_bls12_381_q_addcarryx_u64(&x57, &x58, 0x0, x17, x43); - uint64_t x59; - fiat_bls12_381_q_uint1 x60; - fiat_bls12_381_q_addcarryx_u64(&x59, &x60, x58, x19, x45); - uint64_t x61; - fiat_bls12_381_q_uint1 x62; - fiat_bls12_381_q_addcarryx_u64(&x61, &x62, x60, x21, x47); - uint64_t x63; - fiat_bls12_381_q_uint1 x64; - fiat_bls12_381_q_addcarryx_u64(&x63, &x64, x62, x23, x49); - uint64_t x65; - fiat_bls12_381_q_uint1 x66; - fiat_bls12_381_q_addcarryx_u64(&x65, &x66, x64, x25, x51); - uint64_t x67; - fiat_bls12_381_q_uint1 x68; - fiat_bls12_381_q_addcarryx_u64(&x67, &x68, x66, x27, x53); - uint64_t x69; - fiat_bls12_381_q_uint1 x70; - fiat_bls12_381_q_addcarryx_u64(&x69, &x70, x68, x29, x55); - uint64_t x71; - fiat_bls12_381_q_uint1 x72; - fiat_bls12_381_q_addcarryx_u64(&x71, &x72, x70, 0x0, 0x0); - uint64_t x73; - uint64_t x74; - fiat_bls12_381_q_mulx_u64(&x73, &x74, x1, (arg1[5])); - uint64_t x75; - uint64_t x76; - fiat_bls12_381_q_mulx_u64(&x75, &x76, x1, (arg1[4])); - uint64_t x77; - uint64_t x78; - fiat_bls12_381_q_mulx_u64(&x77, &x78, x1, (arg1[3])); - uint64_t x79; - uint64_t x80; - fiat_bls12_381_q_mulx_u64(&x79, &x80, x1, (arg1[2])); - uint64_t x81; - uint64_t x82; - fiat_bls12_381_q_mulx_u64(&x81, &x82, x1, (arg1[1])); - uint64_t x83; - uint64_t x84; - fiat_bls12_381_q_mulx_u64(&x83, &x84, x1, (arg1[0])); - uint64_t x85; - fiat_bls12_381_q_uint1 x86; - fiat_bls12_381_q_addcarryx_u64(&x85, &x86, 0x0, x84, x81); - uint64_t x87; - fiat_bls12_381_q_uint1 x88; - fiat_bls12_381_q_addcarryx_u64(&x87, &x88, x86, x82, x79); - uint64_t x89; - fiat_bls12_381_q_uint1 x90; - fiat_bls12_381_q_addcarryx_u64(&x89, &x90, x88, x80, x77); - uint64_t x91; - fiat_bls12_381_q_uint1 x92; - fiat_bls12_381_q_addcarryx_u64(&x91, &x92, x90, x78, x75); - uint64_t x93; - fiat_bls12_381_q_uint1 x94; - fiat_bls12_381_q_addcarryx_u64(&x93, &x94, x92, x76, x73); - uint64_t x95; - fiat_bls12_381_q_uint1 x96; - fiat_bls12_381_q_addcarryx_u64(&x95, &x96, x94, x74, 0x0); - uint64_t x97; - fiat_bls12_381_q_uint1 x98; - fiat_bls12_381_q_addcarryx_u64(&x97, &x98, 0x0, x59, x83); - uint64_t x99; - fiat_bls12_381_q_uint1 x100; - fiat_bls12_381_q_addcarryx_u64(&x99, &x100, x98, x61, x85); - uint64_t x101; - fiat_bls12_381_q_uint1 x102; - fiat_bls12_381_q_addcarryx_u64(&x101, &x102, x100, x63, x87); - uint64_t x103; - fiat_bls12_381_q_uint1 x104; - fiat_bls12_381_q_addcarryx_u64(&x103, &x104, x102, x65, x89); - uint64_t x105; - fiat_bls12_381_q_uint1 x106; - fiat_bls12_381_q_addcarryx_u64(&x105, &x106, x104, x67, x91); - uint64_t x107; - fiat_bls12_381_q_uint1 x108; - fiat_bls12_381_q_addcarryx_u64(&x107, &x108, x106, x69, x93); - uint64_t x109; - fiat_bls12_381_q_uint1 x110; - fiat_bls12_381_q_addcarryx_u64(&x109, &x110, x108, (fiat_bls12_381_q_uint1)x71, x95); - uint64_t x111; - uint64_t x112; - fiat_bls12_381_q_mulx_u64(&x111, &x112, x97, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x113; - uint64_t x114; - fiat_bls12_381_q_mulx_u64(&x113, &x114, x111, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x115; - uint64_t x116; - fiat_bls12_381_q_mulx_u64(&x115, &x116, x111, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x117; - uint64_t x118; - fiat_bls12_381_q_mulx_u64(&x117, &x118, x111, UINT64_C(0x64774b84f38512bf)); - uint64_t x119; - uint64_t x120; - fiat_bls12_381_q_mulx_u64(&x119, &x120, x111, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x121; - uint64_t x122; - fiat_bls12_381_q_mulx_u64(&x121, &x122, x111, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x123; - uint64_t x124; - fiat_bls12_381_q_mulx_u64(&x123, &x124, x111, UINT64_C(0xb9feffffffffaaab)); - uint64_t x125; - fiat_bls12_381_q_uint1 x126; - fiat_bls12_381_q_addcarryx_u64(&x125, &x126, 0x0, x124, x121); - uint64_t x127; - fiat_bls12_381_q_uint1 x128; - fiat_bls12_381_q_addcarryx_u64(&x127, &x128, x126, x122, x119); - uint64_t x129; - fiat_bls12_381_q_uint1 x130; - fiat_bls12_381_q_addcarryx_u64(&x129, &x130, x128, x120, x117); - uint64_t x131; - fiat_bls12_381_q_uint1 x132; - fiat_bls12_381_q_addcarryx_u64(&x131, &x132, x130, x118, x115); - uint64_t x133; - fiat_bls12_381_q_uint1 x134; - fiat_bls12_381_q_addcarryx_u64(&x133, &x134, x132, x116, x113); - uint64_t x135; - fiat_bls12_381_q_uint1 x136; - fiat_bls12_381_q_addcarryx_u64(&x135, &x136, x134, x114, 0x0); - uint64_t x137; - fiat_bls12_381_q_uint1 x138; - fiat_bls12_381_q_addcarryx_u64(&x137, &x138, 0x0, x97, x123); - uint64_t x139; - fiat_bls12_381_q_uint1 x140; - fiat_bls12_381_q_addcarryx_u64(&x139, &x140, x138, x99, x125); - uint64_t x141; - fiat_bls12_381_q_uint1 x142; - fiat_bls12_381_q_addcarryx_u64(&x141, &x142, x140, x101, x127); - uint64_t x143; - fiat_bls12_381_q_uint1 x144; - fiat_bls12_381_q_addcarryx_u64(&x143, &x144, x142, x103, x129); - uint64_t x145; - fiat_bls12_381_q_uint1 x146; - fiat_bls12_381_q_addcarryx_u64(&x145, &x146, x144, x105, x131); - uint64_t x147; - fiat_bls12_381_q_uint1 x148; - fiat_bls12_381_q_addcarryx_u64(&x147, &x148, x146, x107, x133); - uint64_t x149; - fiat_bls12_381_q_uint1 x150; - fiat_bls12_381_q_addcarryx_u64(&x149, &x150, x148, x109, x135); - uint64_t x151; - fiat_bls12_381_q_uint1 x152; - fiat_bls12_381_q_addcarryx_u64(&x151, &x152, x150, x110, 0x0); - uint64_t x153; - uint64_t x154; - fiat_bls12_381_q_mulx_u64(&x153, &x154, x2, (arg1[5])); - uint64_t x155; - uint64_t x156; - fiat_bls12_381_q_mulx_u64(&x155, &x156, x2, (arg1[4])); - uint64_t x157; - uint64_t x158; - fiat_bls12_381_q_mulx_u64(&x157, &x158, x2, (arg1[3])); - uint64_t x159; - uint64_t x160; - fiat_bls12_381_q_mulx_u64(&x159, &x160, x2, (arg1[2])); - uint64_t x161; - uint64_t x162; - fiat_bls12_381_q_mulx_u64(&x161, &x162, x2, (arg1[1])); - uint64_t x163; - uint64_t x164; - fiat_bls12_381_q_mulx_u64(&x163, &x164, x2, (arg1[0])); - uint64_t x165; - fiat_bls12_381_q_uint1 x166; - fiat_bls12_381_q_addcarryx_u64(&x165, &x166, 0x0, x164, x161); - uint64_t x167; - fiat_bls12_381_q_uint1 x168; - fiat_bls12_381_q_addcarryx_u64(&x167, &x168, x166, x162, x159); - uint64_t x169; - fiat_bls12_381_q_uint1 x170; - fiat_bls12_381_q_addcarryx_u64(&x169, &x170, x168, x160, x157); - uint64_t x171; - fiat_bls12_381_q_uint1 x172; - fiat_bls12_381_q_addcarryx_u64(&x171, &x172, x170, x158, x155); - uint64_t x173; - fiat_bls12_381_q_uint1 x174; - fiat_bls12_381_q_addcarryx_u64(&x173, &x174, x172, x156, x153); - uint64_t x175; - fiat_bls12_381_q_uint1 x176; - fiat_bls12_381_q_addcarryx_u64(&x175, &x176, x174, x154, 0x0); - uint64_t x177; - fiat_bls12_381_q_uint1 x178; - fiat_bls12_381_q_addcarryx_u64(&x177, &x178, 0x0, x139, x163); - uint64_t x179; - fiat_bls12_381_q_uint1 x180; - fiat_bls12_381_q_addcarryx_u64(&x179, &x180, x178, x141, x165); - uint64_t x181; - fiat_bls12_381_q_uint1 x182; - fiat_bls12_381_q_addcarryx_u64(&x181, &x182, x180, x143, x167); - uint64_t x183; - fiat_bls12_381_q_uint1 x184; - fiat_bls12_381_q_addcarryx_u64(&x183, &x184, x182, x145, x169); - uint64_t x185; - fiat_bls12_381_q_uint1 x186; - fiat_bls12_381_q_addcarryx_u64(&x185, &x186, x184, x147, x171); - uint64_t x187; - fiat_bls12_381_q_uint1 x188; - fiat_bls12_381_q_addcarryx_u64(&x187, &x188, x186, x149, x173); - uint64_t x189; - fiat_bls12_381_q_uint1 x190; - fiat_bls12_381_q_addcarryx_u64(&x189, &x190, x188, x151, x175); - uint64_t x191; - uint64_t x192; - fiat_bls12_381_q_mulx_u64(&x191, &x192, x177, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x193; - uint64_t x194; - fiat_bls12_381_q_mulx_u64(&x193, &x194, x191, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x195; - uint64_t x196; - fiat_bls12_381_q_mulx_u64(&x195, &x196, x191, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x197; - uint64_t x198; - fiat_bls12_381_q_mulx_u64(&x197, &x198, x191, UINT64_C(0x64774b84f38512bf)); - uint64_t x199; - uint64_t x200; - fiat_bls12_381_q_mulx_u64(&x199, &x200, x191, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x201; - uint64_t x202; - fiat_bls12_381_q_mulx_u64(&x201, &x202, x191, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x203; - uint64_t x204; - fiat_bls12_381_q_mulx_u64(&x203, &x204, x191, UINT64_C(0xb9feffffffffaaab)); - uint64_t x205; - fiat_bls12_381_q_uint1 x206; - fiat_bls12_381_q_addcarryx_u64(&x205, &x206, 0x0, x204, x201); - uint64_t x207; - fiat_bls12_381_q_uint1 x208; - fiat_bls12_381_q_addcarryx_u64(&x207, &x208, x206, x202, x199); - uint64_t x209; - fiat_bls12_381_q_uint1 x210; - fiat_bls12_381_q_addcarryx_u64(&x209, &x210, x208, x200, x197); - uint64_t x211; - fiat_bls12_381_q_uint1 x212; - fiat_bls12_381_q_addcarryx_u64(&x211, &x212, x210, x198, x195); - uint64_t x213; - fiat_bls12_381_q_uint1 x214; - fiat_bls12_381_q_addcarryx_u64(&x213, &x214, x212, x196, x193); - uint64_t x215; - fiat_bls12_381_q_uint1 x216; - fiat_bls12_381_q_addcarryx_u64(&x215, &x216, x214, x194, 0x0); - uint64_t x217; - fiat_bls12_381_q_uint1 x218; - fiat_bls12_381_q_addcarryx_u64(&x217, &x218, 0x0, x177, x203); - uint64_t x219; - fiat_bls12_381_q_uint1 x220; - fiat_bls12_381_q_addcarryx_u64(&x219, &x220, x218, x179, x205); - uint64_t x221; - fiat_bls12_381_q_uint1 x222; - fiat_bls12_381_q_addcarryx_u64(&x221, &x222, x220, x181, x207); - uint64_t x223; - fiat_bls12_381_q_uint1 x224; - fiat_bls12_381_q_addcarryx_u64(&x223, &x224, x222, x183, x209); - uint64_t x225; - fiat_bls12_381_q_uint1 x226; - fiat_bls12_381_q_addcarryx_u64(&x225, &x226, x224, x185, x211); - uint64_t x227; - fiat_bls12_381_q_uint1 x228; - fiat_bls12_381_q_addcarryx_u64(&x227, &x228, x226, x187, x213); - uint64_t x229; - fiat_bls12_381_q_uint1 x230; - fiat_bls12_381_q_addcarryx_u64(&x229, &x230, x228, x189, x215); - uint64_t x231; - fiat_bls12_381_q_uint1 x232; - fiat_bls12_381_q_addcarryx_u64(&x231, &x232, x230, x190, 0x0); - uint64_t x233; - uint64_t x234; - fiat_bls12_381_q_mulx_u64(&x233, &x234, x3, (arg1[5])); - uint64_t x235; - uint64_t x236; - fiat_bls12_381_q_mulx_u64(&x235, &x236, x3, (arg1[4])); - uint64_t x237; - uint64_t x238; - fiat_bls12_381_q_mulx_u64(&x237, &x238, x3, (arg1[3])); - uint64_t x239; - uint64_t x240; - fiat_bls12_381_q_mulx_u64(&x239, &x240, x3, (arg1[2])); - uint64_t x241; - uint64_t x242; - fiat_bls12_381_q_mulx_u64(&x241, &x242, x3, (arg1[1])); - uint64_t x243; - uint64_t x244; - fiat_bls12_381_q_mulx_u64(&x243, &x244, x3, (arg1[0])); - uint64_t x245; - fiat_bls12_381_q_uint1 x246; - fiat_bls12_381_q_addcarryx_u64(&x245, &x246, 0x0, x244, x241); - uint64_t x247; - fiat_bls12_381_q_uint1 x248; - fiat_bls12_381_q_addcarryx_u64(&x247, &x248, x246, x242, x239); - uint64_t x249; - fiat_bls12_381_q_uint1 x250; - fiat_bls12_381_q_addcarryx_u64(&x249, &x250, x248, x240, x237); - uint64_t x251; - fiat_bls12_381_q_uint1 x252; - fiat_bls12_381_q_addcarryx_u64(&x251, &x252, x250, x238, x235); - uint64_t x253; - fiat_bls12_381_q_uint1 x254; - fiat_bls12_381_q_addcarryx_u64(&x253, &x254, x252, x236, x233); - uint64_t x255; - fiat_bls12_381_q_uint1 x256; - fiat_bls12_381_q_addcarryx_u64(&x255, &x256, x254, x234, 0x0); - uint64_t x257; - fiat_bls12_381_q_uint1 x258; - fiat_bls12_381_q_addcarryx_u64(&x257, &x258, 0x0, x219, x243); - uint64_t x259; - fiat_bls12_381_q_uint1 x260; - fiat_bls12_381_q_addcarryx_u64(&x259, &x260, x258, x221, x245); - uint64_t x261; - fiat_bls12_381_q_uint1 x262; - fiat_bls12_381_q_addcarryx_u64(&x261, &x262, x260, x223, x247); - uint64_t x263; - fiat_bls12_381_q_uint1 x264; - fiat_bls12_381_q_addcarryx_u64(&x263, &x264, x262, x225, x249); - uint64_t x265; - fiat_bls12_381_q_uint1 x266; - fiat_bls12_381_q_addcarryx_u64(&x265, &x266, x264, x227, x251); - uint64_t x267; - fiat_bls12_381_q_uint1 x268; - fiat_bls12_381_q_addcarryx_u64(&x267, &x268, x266, x229, x253); - uint64_t x269; - fiat_bls12_381_q_uint1 x270; - fiat_bls12_381_q_addcarryx_u64(&x269, &x270, x268, x231, x255); - uint64_t x271; - uint64_t x272; - fiat_bls12_381_q_mulx_u64(&x271, &x272, x257, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x273; - uint64_t x274; - fiat_bls12_381_q_mulx_u64(&x273, &x274, x271, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x275; - uint64_t x276; - fiat_bls12_381_q_mulx_u64(&x275, &x276, x271, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x277; - uint64_t x278; - fiat_bls12_381_q_mulx_u64(&x277, &x278, x271, UINT64_C(0x64774b84f38512bf)); - uint64_t x279; - uint64_t x280; - fiat_bls12_381_q_mulx_u64(&x279, &x280, x271, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x281; - uint64_t x282; - fiat_bls12_381_q_mulx_u64(&x281, &x282, x271, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x283; - uint64_t x284; - fiat_bls12_381_q_mulx_u64(&x283, &x284, x271, UINT64_C(0xb9feffffffffaaab)); - uint64_t x285; - fiat_bls12_381_q_uint1 x286; - fiat_bls12_381_q_addcarryx_u64(&x285, &x286, 0x0, x284, x281); - uint64_t x287; - fiat_bls12_381_q_uint1 x288; - fiat_bls12_381_q_addcarryx_u64(&x287, &x288, x286, x282, x279); - uint64_t x289; - fiat_bls12_381_q_uint1 x290; - fiat_bls12_381_q_addcarryx_u64(&x289, &x290, x288, x280, x277); - uint64_t x291; - fiat_bls12_381_q_uint1 x292; - fiat_bls12_381_q_addcarryx_u64(&x291, &x292, x290, x278, x275); - uint64_t x293; - fiat_bls12_381_q_uint1 x294; - fiat_bls12_381_q_addcarryx_u64(&x293, &x294, x292, x276, x273); - uint64_t x295; - fiat_bls12_381_q_uint1 x296; - fiat_bls12_381_q_addcarryx_u64(&x295, &x296, x294, x274, 0x0); - uint64_t x297; - fiat_bls12_381_q_uint1 x298; - fiat_bls12_381_q_addcarryx_u64(&x297, &x298, 0x0, x257, x283); - uint64_t x299; - fiat_bls12_381_q_uint1 x300; - fiat_bls12_381_q_addcarryx_u64(&x299, &x300, x298, x259, x285); - uint64_t x301; - fiat_bls12_381_q_uint1 x302; - fiat_bls12_381_q_addcarryx_u64(&x301, &x302, x300, x261, x287); - uint64_t x303; - fiat_bls12_381_q_uint1 x304; - fiat_bls12_381_q_addcarryx_u64(&x303, &x304, x302, x263, x289); - uint64_t x305; - fiat_bls12_381_q_uint1 x306; - fiat_bls12_381_q_addcarryx_u64(&x305, &x306, x304, x265, x291); - uint64_t x307; - fiat_bls12_381_q_uint1 x308; - fiat_bls12_381_q_addcarryx_u64(&x307, &x308, x306, x267, x293); - uint64_t x309; - fiat_bls12_381_q_uint1 x310; - fiat_bls12_381_q_addcarryx_u64(&x309, &x310, x308, x269, x295); - uint64_t x311; - fiat_bls12_381_q_uint1 x312; - fiat_bls12_381_q_addcarryx_u64(&x311, &x312, x310, x270, 0x0); - uint64_t x313; - uint64_t x314; - fiat_bls12_381_q_mulx_u64(&x313, &x314, x4, (arg1[5])); - uint64_t x315; - uint64_t x316; - fiat_bls12_381_q_mulx_u64(&x315, &x316, x4, (arg1[4])); - uint64_t x317; - uint64_t x318; - fiat_bls12_381_q_mulx_u64(&x317, &x318, x4, (arg1[3])); - uint64_t x319; - uint64_t x320; - fiat_bls12_381_q_mulx_u64(&x319, &x320, x4, (arg1[2])); - uint64_t x321; - uint64_t x322; - fiat_bls12_381_q_mulx_u64(&x321, &x322, x4, (arg1[1])); - uint64_t x323; - uint64_t x324; - fiat_bls12_381_q_mulx_u64(&x323, &x324, x4, (arg1[0])); - uint64_t x325; - fiat_bls12_381_q_uint1 x326; - fiat_bls12_381_q_addcarryx_u64(&x325, &x326, 0x0, x324, x321); - uint64_t x327; - fiat_bls12_381_q_uint1 x328; - fiat_bls12_381_q_addcarryx_u64(&x327, &x328, x326, x322, x319); - uint64_t x329; - fiat_bls12_381_q_uint1 x330; - fiat_bls12_381_q_addcarryx_u64(&x329, &x330, x328, x320, x317); - uint64_t x331; - fiat_bls12_381_q_uint1 x332; - fiat_bls12_381_q_addcarryx_u64(&x331, &x332, x330, x318, x315); - uint64_t x333; - fiat_bls12_381_q_uint1 x334; - fiat_bls12_381_q_addcarryx_u64(&x333, &x334, x332, x316, x313); - uint64_t x335; - fiat_bls12_381_q_uint1 x336; - fiat_bls12_381_q_addcarryx_u64(&x335, &x336, x334, x314, 0x0); - uint64_t x337; - fiat_bls12_381_q_uint1 x338; - fiat_bls12_381_q_addcarryx_u64(&x337, &x338, 0x0, x299, x323); - uint64_t x339; - fiat_bls12_381_q_uint1 x340; - fiat_bls12_381_q_addcarryx_u64(&x339, &x340, x338, x301, x325); - uint64_t x341; - fiat_bls12_381_q_uint1 x342; - fiat_bls12_381_q_addcarryx_u64(&x341, &x342, x340, x303, x327); - uint64_t x343; - fiat_bls12_381_q_uint1 x344; - fiat_bls12_381_q_addcarryx_u64(&x343, &x344, x342, x305, x329); - uint64_t x345; - fiat_bls12_381_q_uint1 x346; - fiat_bls12_381_q_addcarryx_u64(&x345, &x346, x344, x307, x331); - uint64_t x347; - fiat_bls12_381_q_uint1 x348; - fiat_bls12_381_q_addcarryx_u64(&x347, &x348, x346, x309, x333); - uint64_t x349; - fiat_bls12_381_q_uint1 x350; - fiat_bls12_381_q_addcarryx_u64(&x349, &x350, x348, x311, x335); - uint64_t x351; - uint64_t x352; - fiat_bls12_381_q_mulx_u64(&x351, &x352, x337, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x353; - uint64_t x354; - fiat_bls12_381_q_mulx_u64(&x353, &x354, x351, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x355; - uint64_t x356; - fiat_bls12_381_q_mulx_u64(&x355, &x356, x351, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x357; - uint64_t x358; - fiat_bls12_381_q_mulx_u64(&x357, &x358, x351, UINT64_C(0x64774b84f38512bf)); - uint64_t x359; - uint64_t x360; - fiat_bls12_381_q_mulx_u64(&x359, &x360, x351, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x361; - uint64_t x362; - fiat_bls12_381_q_mulx_u64(&x361, &x362, x351, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x363; - uint64_t x364; - fiat_bls12_381_q_mulx_u64(&x363, &x364, x351, UINT64_C(0xb9feffffffffaaab)); - uint64_t x365; - fiat_bls12_381_q_uint1 x366; - fiat_bls12_381_q_addcarryx_u64(&x365, &x366, 0x0, x364, x361); - uint64_t x367; - fiat_bls12_381_q_uint1 x368; - fiat_bls12_381_q_addcarryx_u64(&x367, &x368, x366, x362, x359); - uint64_t x369; - fiat_bls12_381_q_uint1 x370; - fiat_bls12_381_q_addcarryx_u64(&x369, &x370, x368, x360, x357); - uint64_t x371; - fiat_bls12_381_q_uint1 x372; - fiat_bls12_381_q_addcarryx_u64(&x371, &x372, x370, x358, x355); - uint64_t x373; - fiat_bls12_381_q_uint1 x374; - fiat_bls12_381_q_addcarryx_u64(&x373, &x374, x372, x356, x353); - uint64_t x375; - fiat_bls12_381_q_uint1 x376; - fiat_bls12_381_q_addcarryx_u64(&x375, &x376, x374, x354, 0x0); - uint64_t x377; - fiat_bls12_381_q_uint1 x378; - fiat_bls12_381_q_addcarryx_u64(&x377, &x378, 0x0, x337, x363); - uint64_t x379; - fiat_bls12_381_q_uint1 x380; - fiat_bls12_381_q_addcarryx_u64(&x379, &x380, x378, x339, x365); - uint64_t x381; - fiat_bls12_381_q_uint1 x382; - fiat_bls12_381_q_addcarryx_u64(&x381, &x382, x380, x341, x367); - uint64_t x383; - fiat_bls12_381_q_uint1 x384; - fiat_bls12_381_q_addcarryx_u64(&x383, &x384, x382, x343, x369); - uint64_t x385; - fiat_bls12_381_q_uint1 x386; - fiat_bls12_381_q_addcarryx_u64(&x385, &x386, x384, x345, x371); - uint64_t x387; - fiat_bls12_381_q_uint1 x388; - fiat_bls12_381_q_addcarryx_u64(&x387, &x388, x386, x347, x373); - uint64_t x389; - fiat_bls12_381_q_uint1 x390; - fiat_bls12_381_q_addcarryx_u64(&x389, &x390, x388, x349, x375); - uint64_t x391; - fiat_bls12_381_q_uint1 x392; - fiat_bls12_381_q_addcarryx_u64(&x391, &x392, x390, x350, 0x0); - uint64_t x393; - uint64_t x394; - fiat_bls12_381_q_mulx_u64(&x393, &x394, x5, (arg1[5])); - uint64_t x395; - uint64_t x396; - fiat_bls12_381_q_mulx_u64(&x395, &x396, x5, (arg1[4])); - uint64_t x397; - uint64_t x398; - fiat_bls12_381_q_mulx_u64(&x397, &x398, x5, (arg1[3])); - uint64_t x399; - uint64_t x400; - fiat_bls12_381_q_mulx_u64(&x399, &x400, x5, (arg1[2])); - uint64_t x401; - uint64_t x402; - fiat_bls12_381_q_mulx_u64(&x401, &x402, x5, (arg1[1])); - uint64_t x403; - uint64_t x404; - fiat_bls12_381_q_mulx_u64(&x403, &x404, x5, (arg1[0])); - uint64_t x405; - fiat_bls12_381_q_uint1 x406; - fiat_bls12_381_q_addcarryx_u64(&x405, &x406, 0x0, x404, x401); - uint64_t x407; - fiat_bls12_381_q_uint1 x408; - fiat_bls12_381_q_addcarryx_u64(&x407, &x408, x406, x402, x399); - uint64_t x409; - fiat_bls12_381_q_uint1 x410; - fiat_bls12_381_q_addcarryx_u64(&x409, &x410, x408, x400, x397); - uint64_t x411; - fiat_bls12_381_q_uint1 x412; - fiat_bls12_381_q_addcarryx_u64(&x411, &x412, x410, x398, x395); - uint64_t x413; - fiat_bls12_381_q_uint1 x414; - fiat_bls12_381_q_addcarryx_u64(&x413, &x414, x412, x396, x393); - uint64_t x415; - fiat_bls12_381_q_uint1 x416; - fiat_bls12_381_q_addcarryx_u64(&x415, &x416, x414, x394, 0x0); - uint64_t x417; - fiat_bls12_381_q_uint1 x418; - fiat_bls12_381_q_addcarryx_u64(&x417, &x418, 0x0, x379, x403); - uint64_t x419; - fiat_bls12_381_q_uint1 x420; - fiat_bls12_381_q_addcarryx_u64(&x419, &x420, x418, x381, x405); - uint64_t x421; - fiat_bls12_381_q_uint1 x422; - fiat_bls12_381_q_addcarryx_u64(&x421, &x422, x420, x383, x407); - uint64_t x423; - fiat_bls12_381_q_uint1 x424; - fiat_bls12_381_q_addcarryx_u64(&x423, &x424, x422, x385, x409); - uint64_t x425; - fiat_bls12_381_q_uint1 x426; - fiat_bls12_381_q_addcarryx_u64(&x425, &x426, x424, x387, x411); - uint64_t x427; - fiat_bls12_381_q_uint1 x428; - fiat_bls12_381_q_addcarryx_u64(&x427, &x428, x426, x389, x413); - uint64_t x429; - fiat_bls12_381_q_uint1 x430; - fiat_bls12_381_q_addcarryx_u64(&x429, &x430, x428, x391, x415); - uint64_t x431; - uint64_t x432; - fiat_bls12_381_q_mulx_u64(&x431, &x432, x417, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x433; - uint64_t x434; - fiat_bls12_381_q_mulx_u64(&x433, &x434, x431, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x435; - uint64_t x436; - fiat_bls12_381_q_mulx_u64(&x435, &x436, x431, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x437; - uint64_t x438; - fiat_bls12_381_q_mulx_u64(&x437, &x438, x431, UINT64_C(0x64774b84f38512bf)); - uint64_t x439; - uint64_t x440; - fiat_bls12_381_q_mulx_u64(&x439, &x440, x431, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x441; - uint64_t x442; - fiat_bls12_381_q_mulx_u64(&x441, &x442, x431, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x443; - uint64_t x444; - fiat_bls12_381_q_mulx_u64(&x443, &x444, x431, UINT64_C(0xb9feffffffffaaab)); - uint64_t x445; - fiat_bls12_381_q_uint1 x446; - fiat_bls12_381_q_addcarryx_u64(&x445, &x446, 0x0, x444, x441); - uint64_t x447; - fiat_bls12_381_q_uint1 x448; - fiat_bls12_381_q_addcarryx_u64(&x447, &x448, x446, x442, x439); - uint64_t x449; - fiat_bls12_381_q_uint1 x450; - fiat_bls12_381_q_addcarryx_u64(&x449, &x450, x448, x440, x437); - uint64_t x451; - fiat_bls12_381_q_uint1 x452; - fiat_bls12_381_q_addcarryx_u64(&x451, &x452, x450, x438, x435); - uint64_t x453; - fiat_bls12_381_q_uint1 x454; - fiat_bls12_381_q_addcarryx_u64(&x453, &x454, x452, x436, x433); - uint64_t x455; - fiat_bls12_381_q_uint1 x456; - fiat_bls12_381_q_addcarryx_u64(&x455, &x456, x454, x434, 0x0); - uint64_t x457; - fiat_bls12_381_q_uint1 x458; - fiat_bls12_381_q_addcarryx_u64(&x457, &x458, 0x0, x417, x443); - uint64_t x459; - fiat_bls12_381_q_uint1 x460; - fiat_bls12_381_q_addcarryx_u64(&x459, &x460, x458, x419, x445); - uint64_t x461; - fiat_bls12_381_q_uint1 x462; - fiat_bls12_381_q_addcarryx_u64(&x461, &x462, x460, x421, x447); - uint64_t x463; - fiat_bls12_381_q_uint1 x464; - fiat_bls12_381_q_addcarryx_u64(&x463, &x464, x462, x423, x449); - uint64_t x465; - fiat_bls12_381_q_uint1 x466; - fiat_bls12_381_q_addcarryx_u64(&x465, &x466, x464, x425, x451); - uint64_t x467; - fiat_bls12_381_q_uint1 x468; - fiat_bls12_381_q_addcarryx_u64(&x467, &x468, x466, x427, x453); - uint64_t x469; - fiat_bls12_381_q_uint1 x470; - fiat_bls12_381_q_addcarryx_u64(&x469, &x470, x468, x429, x455); - uint64_t x471; - fiat_bls12_381_q_uint1 x472; - fiat_bls12_381_q_addcarryx_u64(&x471, &x472, x470, x430, 0x0); - uint64_t x473; - fiat_bls12_381_q_uint1 x474; - fiat_bls12_381_q_subborrowx_u64(&x473, &x474, 0x0, x459, UINT64_C(0xb9feffffffffaaab)); - uint64_t x475; - fiat_bls12_381_q_uint1 x476; - fiat_bls12_381_q_subborrowx_u64(&x475, &x476, x474, x461, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x477; - fiat_bls12_381_q_uint1 x478; - fiat_bls12_381_q_subborrowx_u64(&x477, &x478, x476, x463, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x479; - fiat_bls12_381_q_uint1 x480; - fiat_bls12_381_q_subborrowx_u64(&x479, &x480, x478, x465, UINT64_C(0x64774b84f38512bf)); - uint64_t x481; - fiat_bls12_381_q_uint1 x482; - fiat_bls12_381_q_subborrowx_u64(&x481, &x482, x480, x467, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x483; - fiat_bls12_381_q_uint1 x484; - fiat_bls12_381_q_subborrowx_u64(&x483, &x484, x482, x469, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x485; - fiat_bls12_381_q_uint1 x486; - fiat_bls12_381_q_subborrowx_u64(&x485, &x486, x484, x471, 0x0); - uint64_t x487; - fiat_bls12_381_q_cmovznz_u64(&x487, x486, x473, x459); - uint64_t x488; - fiat_bls12_381_q_cmovznz_u64(&x488, x486, x475, x461); - uint64_t x489; - fiat_bls12_381_q_cmovznz_u64(&x489, x486, x477, x463); - uint64_t x490; - fiat_bls12_381_q_cmovznz_u64(&x490, x486, x479, x465); - uint64_t x491; - fiat_bls12_381_q_cmovznz_u64(&x491, x486, x481, x467); - uint64_t x492; - fiat_bls12_381_q_cmovznz_u64(&x492, x486, x483, x469); - out1[0] = x487; - out1[1] = x488; - out1[2] = x489; - out1[3] = x490; - out1[4] = x491; - out1[5] = x492; -} - -/* - * The function fiat_bls12_381_q_add adds two field elements in the Montgomery domain. - * Preconditions: - * 0 ≤ eval arg1 < m - * 0 ≤ eval arg2 < m - * Postconditions: - * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) + eval (from_montgomery arg2)) mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_add(uint64_t out1[6], const uint64_t arg1[6], const uint64_t arg2[6]) { - uint64_t x1; - fiat_bls12_381_q_uint1 x2; - fiat_bls12_381_q_addcarryx_u64(&x1, &x2, 0x0, (arg1[0]), (arg2[0])); - uint64_t x3; - fiat_bls12_381_q_uint1 x4; - fiat_bls12_381_q_addcarryx_u64(&x3, &x4, x2, (arg1[1]), (arg2[1])); - uint64_t x5; - fiat_bls12_381_q_uint1 x6; - fiat_bls12_381_q_addcarryx_u64(&x5, &x6, x4, (arg1[2]), (arg2[2])); - uint64_t x7; - fiat_bls12_381_q_uint1 x8; - fiat_bls12_381_q_addcarryx_u64(&x7, &x8, x6, (arg1[3]), (arg2[3])); - uint64_t x9; - fiat_bls12_381_q_uint1 x10; - fiat_bls12_381_q_addcarryx_u64(&x9, &x10, x8, (arg1[4]), (arg2[4])); - uint64_t x11; - fiat_bls12_381_q_uint1 x12; - fiat_bls12_381_q_addcarryx_u64(&x11, &x12, x10, (arg1[5]), (arg2[5])); - uint64_t x13; - fiat_bls12_381_q_uint1 x14; - fiat_bls12_381_q_subborrowx_u64(&x13, &x14, 0x0, x1, UINT64_C(0xb9feffffffffaaab)); - uint64_t x15; - fiat_bls12_381_q_uint1 x16; - fiat_bls12_381_q_subborrowx_u64(&x15, &x16, x14, x3, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x17; - fiat_bls12_381_q_uint1 x18; - fiat_bls12_381_q_subborrowx_u64(&x17, &x18, x16, x5, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x19; - fiat_bls12_381_q_uint1 x20; - fiat_bls12_381_q_subborrowx_u64(&x19, &x20, x18, x7, UINT64_C(0x64774b84f38512bf)); - uint64_t x21; - fiat_bls12_381_q_uint1 x22; - fiat_bls12_381_q_subborrowx_u64(&x21, &x22, x20, x9, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x23; - fiat_bls12_381_q_uint1 x24; - fiat_bls12_381_q_subborrowx_u64(&x23, &x24, x22, x11, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x25; - fiat_bls12_381_q_uint1 x26; - fiat_bls12_381_q_subborrowx_u64(&x25, &x26, x24, x12, 0x0); - uint64_t x27; - fiat_bls12_381_q_cmovznz_u64(&x27, x26, x13, x1); - uint64_t x28; - fiat_bls12_381_q_cmovznz_u64(&x28, x26, x15, x3); - uint64_t x29; - fiat_bls12_381_q_cmovznz_u64(&x29, x26, x17, x5); - uint64_t x30; - fiat_bls12_381_q_cmovznz_u64(&x30, x26, x19, x7); - uint64_t x31; - fiat_bls12_381_q_cmovznz_u64(&x31, x26, x21, x9); - uint64_t x32; - fiat_bls12_381_q_cmovznz_u64(&x32, x26, x23, x11); - out1[0] = x27; - out1[1] = x28; - out1[2] = x29; - out1[3] = x30; - out1[4] = x31; - out1[5] = x32; -} - -/* - * The function fiat_bls12_381_q_sub subtracts two field elements in the Montgomery domain. - * Preconditions: - * 0 ≤ eval arg1 < m - * 0 ≤ eval arg2 < m - * Postconditions: - * eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) - eval (from_montgomery arg2)) mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_sub(uint64_t out1[6], const uint64_t arg1[6], const uint64_t arg2[6]) { - uint64_t x1; - fiat_bls12_381_q_uint1 x2; - fiat_bls12_381_q_subborrowx_u64(&x1, &x2, 0x0, (arg1[0]), (arg2[0])); - uint64_t x3; - fiat_bls12_381_q_uint1 x4; - fiat_bls12_381_q_subborrowx_u64(&x3, &x4, x2, (arg1[1]), (arg2[1])); - uint64_t x5; - fiat_bls12_381_q_uint1 x6; - fiat_bls12_381_q_subborrowx_u64(&x5, &x6, x4, (arg1[2]), (arg2[2])); - uint64_t x7; - fiat_bls12_381_q_uint1 x8; - fiat_bls12_381_q_subborrowx_u64(&x7, &x8, x6, (arg1[3]), (arg2[3])); - uint64_t x9; - fiat_bls12_381_q_uint1 x10; - fiat_bls12_381_q_subborrowx_u64(&x9, &x10, x8, (arg1[4]), (arg2[4])); - uint64_t x11; - fiat_bls12_381_q_uint1 x12; - fiat_bls12_381_q_subborrowx_u64(&x11, &x12, x10, (arg1[5]), (arg2[5])); - uint64_t x13; - fiat_bls12_381_q_cmovznz_u64(&x13, x12, 0x0, UINT64_C(0xffffffffffffffff)); - uint64_t x14; - fiat_bls12_381_q_uint1 x15; - fiat_bls12_381_q_addcarryx_u64(&x14, &x15, 0x0, x1, (x13 & UINT64_C(0xb9feffffffffaaab))); - uint64_t x16; - fiat_bls12_381_q_uint1 x17; - fiat_bls12_381_q_addcarryx_u64(&x16, &x17, x15, x3, (x13 & UINT64_C(0x1eabfffeb153ffff))); - uint64_t x18; - fiat_bls12_381_q_uint1 x19; - fiat_bls12_381_q_addcarryx_u64(&x18, &x19, x17, x5, (x13 & UINT64_C(0x6730d2a0f6b0f624))); - uint64_t x20; - fiat_bls12_381_q_uint1 x21; - fiat_bls12_381_q_addcarryx_u64(&x20, &x21, x19, x7, (x13 & UINT64_C(0x64774b84f38512bf))); - uint64_t x22; - fiat_bls12_381_q_uint1 x23; - fiat_bls12_381_q_addcarryx_u64(&x22, &x23, x21, x9, (x13 & UINT64_C(0x4b1ba7b6434bacd7))); - uint64_t x24; - fiat_bls12_381_q_uint1 x25; - fiat_bls12_381_q_addcarryx_u64(&x24, &x25, x23, x11, (x13 & UINT64_C(0x1a0111ea397fe69a))); - out1[0] = x14; - out1[1] = x16; - out1[2] = x18; - out1[3] = x20; - out1[4] = x22; - out1[5] = x24; -} - -/* - * The function fiat_bls12_381_q_opp negates a field element in the Montgomery domain. - * Preconditions: - * 0 ≤ eval arg1 < m - * Postconditions: - * eval (from_montgomery out1) mod m = -eval (from_montgomery arg1) mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_opp(uint64_t out1[6], const uint64_t arg1[6]) { - uint64_t x1; - fiat_bls12_381_q_uint1 x2; - fiat_bls12_381_q_subborrowx_u64(&x1, &x2, 0x0, 0x0, (arg1[0])); - uint64_t x3; - fiat_bls12_381_q_uint1 x4; - fiat_bls12_381_q_subborrowx_u64(&x3, &x4, x2, 0x0, (arg1[1])); - uint64_t x5; - fiat_bls12_381_q_uint1 x6; - fiat_bls12_381_q_subborrowx_u64(&x5, &x6, x4, 0x0, (arg1[2])); - uint64_t x7; - fiat_bls12_381_q_uint1 x8; - fiat_bls12_381_q_subborrowx_u64(&x7, &x8, x6, 0x0, (arg1[3])); - uint64_t x9; - fiat_bls12_381_q_uint1 x10; - fiat_bls12_381_q_subborrowx_u64(&x9, &x10, x8, 0x0, (arg1[4])); - uint64_t x11; - fiat_bls12_381_q_uint1 x12; - fiat_bls12_381_q_subborrowx_u64(&x11, &x12, x10, 0x0, (arg1[5])); - uint64_t x13; - fiat_bls12_381_q_cmovznz_u64(&x13, x12, 0x0, UINT64_C(0xffffffffffffffff)); - uint64_t x14; - fiat_bls12_381_q_uint1 x15; - fiat_bls12_381_q_addcarryx_u64(&x14, &x15, 0x0, x1, (x13 & UINT64_C(0xb9feffffffffaaab))); - uint64_t x16; - fiat_bls12_381_q_uint1 x17; - fiat_bls12_381_q_addcarryx_u64(&x16, &x17, x15, x3, (x13 & UINT64_C(0x1eabfffeb153ffff))); - uint64_t x18; - fiat_bls12_381_q_uint1 x19; - fiat_bls12_381_q_addcarryx_u64(&x18, &x19, x17, x5, (x13 & UINT64_C(0x6730d2a0f6b0f624))); - uint64_t x20; - fiat_bls12_381_q_uint1 x21; - fiat_bls12_381_q_addcarryx_u64(&x20, &x21, x19, x7, (x13 & UINT64_C(0x64774b84f38512bf))); - uint64_t x22; - fiat_bls12_381_q_uint1 x23; - fiat_bls12_381_q_addcarryx_u64(&x22, &x23, x21, x9, (x13 & UINT64_C(0x4b1ba7b6434bacd7))); - uint64_t x24; - fiat_bls12_381_q_uint1 x25; - fiat_bls12_381_q_addcarryx_u64(&x24, &x25, x23, x11, (x13 & UINT64_C(0x1a0111ea397fe69a))); - out1[0] = x14; - out1[1] = x16; - out1[2] = x18; - out1[3] = x20; - out1[4] = x22; - out1[5] = x24; -} - -/* - * The function fiat_bls12_381_q_from_montgomery translates a field element out of the Montgomery domain. - * Preconditions: - * 0 ≤ eval arg1 < m - * Postconditions: - * eval out1 mod m = (eval arg1 * ((2^64)⁻¹ mod m)^6) mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_from_montgomery(uint64_t out1[6], const uint64_t arg1[6]) { - uint64_t x1 = (arg1[0]); - uint64_t x2; - uint64_t x3; - fiat_bls12_381_q_mulx_u64(&x2, &x3, x1, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x4; - uint64_t x5; - fiat_bls12_381_q_mulx_u64(&x4, &x5, x2, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x6; - uint64_t x7; - fiat_bls12_381_q_mulx_u64(&x6, &x7, x2, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x8; - uint64_t x9; - fiat_bls12_381_q_mulx_u64(&x8, &x9, x2, UINT64_C(0x64774b84f38512bf)); - uint64_t x10; - uint64_t x11; - fiat_bls12_381_q_mulx_u64(&x10, &x11, x2, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x12; - uint64_t x13; - fiat_bls12_381_q_mulx_u64(&x12, &x13, x2, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x14; - uint64_t x15; - fiat_bls12_381_q_mulx_u64(&x14, &x15, x2, UINT64_C(0xb9feffffffffaaab)); - uint64_t x16; - fiat_bls12_381_q_uint1 x17; - fiat_bls12_381_q_addcarryx_u64(&x16, &x17, 0x0, x15, x12); - uint64_t x18; - fiat_bls12_381_q_uint1 x19; - fiat_bls12_381_q_addcarryx_u64(&x18, &x19, x17, x13, x10); - uint64_t x20; - fiat_bls12_381_q_uint1 x21; - fiat_bls12_381_q_addcarryx_u64(&x20, &x21, x19, x11, x8); - uint64_t x22; - fiat_bls12_381_q_uint1 x23; - fiat_bls12_381_q_addcarryx_u64(&x22, &x23, x21, x9, x6); - uint64_t x24; - fiat_bls12_381_q_uint1 x25; - fiat_bls12_381_q_addcarryx_u64(&x24, &x25, x23, x7, x4); - uint64_t x26; - fiat_bls12_381_q_uint1 x27; - fiat_bls12_381_q_addcarryx_u64(&x26, &x27, 0x0, x1, x14); - uint64_t x28; - fiat_bls12_381_q_uint1 x29; - fiat_bls12_381_q_addcarryx_u64(&x28, &x29, x27, 0x0, x16); - uint64_t x30; - fiat_bls12_381_q_uint1 x31; - fiat_bls12_381_q_addcarryx_u64(&x30, &x31, x29, 0x0, x18); - uint64_t x32; - fiat_bls12_381_q_uint1 x33; - fiat_bls12_381_q_addcarryx_u64(&x32, &x33, x31, 0x0, x20); - uint64_t x34; - fiat_bls12_381_q_uint1 x35; - fiat_bls12_381_q_addcarryx_u64(&x34, &x35, x33, 0x0, x22); - uint64_t x36; - fiat_bls12_381_q_uint1 x37; - fiat_bls12_381_q_addcarryx_u64(&x36, &x37, x35, 0x0, x24); - uint64_t x38; - fiat_bls12_381_q_uint1 x39; - fiat_bls12_381_q_addcarryx_u64(&x38, &x39, 0x0, x28, (arg1[1])); - uint64_t x40; - fiat_bls12_381_q_uint1 x41; - fiat_bls12_381_q_addcarryx_u64(&x40, &x41, x39, x30, 0x0); - uint64_t x42; - fiat_bls12_381_q_uint1 x43; - fiat_bls12_381_q_addcarryx_u64(&x42, &x43, x41, x32, 0x0); - uint64_t x44; - fiat_bls12_381_q_uint1 x45; - fiat_bls12_381_q_addcarryx_u64(&x44, &x45, x43, x34, 0x0); - uint64_t x46; - fiat_bls12_381_q_uint1 x47; - fiat_bls12_381_q_addcarryx_u64(&x46, &x47, x45, x36, 0x0); - uint64_t x48; - uint64_t x49; - fiat_bls12_381_q_mulx_u64(&x48, &x49, x38, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x50; - uint64_t x51; - fiat_bls12_381_q_mulx_u64(&x50, &x51, x48, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x52; - uint64_t x53; - fiat_bls12_381_q_mulx_u64(&x52, &x53, x48, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x54; - uint64_t x55; - fiat_bls12_381_q_mulx_u64(&x54, &x55, x48, UINT64_C(0x64774b84f38512bf)); - uint64_t x56; - uint64_t x57; - fiat_bls12_381_q_mulx_u64(&x56, &x57, x48, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x58; - uint64_t x59; - fiat_bls12_381_q_mulx_u64(&x58, &x59, x48, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x60; - uint64_t x61; - fiat_bls12_381_q_mulx_u64(&x60, &x61, x48, UINT64_C(0xb9feffffffffaaab)); - uint64_t x62; - fiat_bls12_381_q_uint1 x63; - fiat_bls12_381_q_addcarryx_u64(&x62, &x63, 0x0, x61, x58); - uint64_t x64; - fiat_bls12_381_q_uint1 x65; - fiat_bls12_381_q_addcarryx_u64(&x64, &x65, x63, x59, x56); - uint64_t x66; - fiat_bls12_381_q_uint1 x67; - fiat_bls12_381_q_addcarryx_u64(&x66, &x67, x65, x57, x54); - uint64_t x68; - fiat_bls12_381_q_uint1 x69; - fiat_bls12_381_q_addcarryx_u64(&x68, &x69, x67, x55, x52); - uint64_t x70; - fiat_bls12_381_q_uint1 x71; - fiat_bls12_381_q_addcarryx_u64(&x70, &x71, x69, x53, x50); - uint64_t x72; - fiat_bls12_381_q_uint1 x73; - fiat_bls12_381_q_addcarryx_u64(&x72, &x73, 0x0, x38, x60); - uint64_t x74; - fiat_bls12_381_q_uint1 x75; - fiat_bls12_381_q_addcarryx_u64(&x74, &x75, x73, x40, x62); - uint64_t x76; - fiat_bls12_381_q_uint1 x77; - fiat_bls12_381_q_addcarryx_u64(&x76, &x77, x75, x42, x64); - uint64_t x78; - fiat_bls12_381_q_uint1 x79; - fiat_bls12_381_q_addcarryx_u64(&x78, &x79, x77, x44, x66); - uint64_t x80; - fiat_bls12_381_q_uint1 x81; - fiat_bls12_381_q_addcarryx_u64(&x80, &x81, x79, x46, x68); - uint64_t x82; - fiat_bls12_381_q_uint1 x83; - fiat_bls12_381_q_addcarryx_u64(&x82, &x83, x25, x5, 0x0); - uint64_t x84; - fiat_bls12_381_q_uint1 x85; - fiat_bls12_381_q_addcarryx_u64(&x84, &x85, x37, 0x0, x82); - uint64_t x86; - fiat_bls12_381_q_uint1 x87; - fiat_bls12_381_q_addcarryx_u64(&x86, &x87, x47, x84, 0x0); - uint64_t x88; - fiat_bls12_381_q_uint1 x89; - fiat_bls12_381_q_addcarryx_u64(&x88, &x89, x81, x86, x70); - uint64_t x90; - fiat_bls12_381_q_uint1 x91; - fiat_bls12_381_q_addcarryx_u64(&x90, &x91, 0x0, x74, (arg1[2])); - uint64_t x92; - fiat_bls12_381_q_uint1 x93; - fiat_bls12_381_q_addcarryx_u64(&x92, &x93, x91, x76, 0x0); - uint64_t x94; - fiat_bls12_381_q_uint1 x95; - fiat_bls12_381_q_addcarryx_u64(&x94, &x95, x93, x78, 0x0); - uint64_t x96; - fiat_bls12_381_q_uint1 x97; - fiat_bls12_381_q_addcarryx_u64(&x96, &x97, x95, x80, 0x0); - uint64_t x98; - fiat_bls12_381_q_uint1 x99; - fiat_bls12_381_q_addcarryx_u64(&x98, &x99, x97, x88, 0x0); - uint64_t x100; - uint64_t x101; - fiat_bls12_381_q_mulx_u64(&x100, &x101, x90, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x102; - uint64_t x103; - fiat_bls12_381_q_mulx_u64(&x102, &x103, x100, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x104; - uint64_t x105; - fiat_bls12_381_q_mulx_u64(&x104, &x105, x100, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x106; - uint64_t x107; - fiat_bls12_381_q_mulx_u64(&x106, &x107, x100, UINT64_C(0x64774b84f38512bf)); - uint64_t x108; - uint64_t x109; - fiat_bls12_381_q_mulx_u64(&x108, &x109, x100, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x110; - uint64_t x111; - fiat_bls12_381_q_mulx_u64(&x110, &x111, x100, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x112; - uint64_t x113; - fiat_bls12_381_q_mulx_u64(&x112, &x113, x100, UINT64_C(0xb9feffffffffaaab)); - uint64_t x114; - fiat_bls12_381_q_uint1 x115; - fiat_bls12_381_q_addcarryx_u64(&x114, &x115, 0x0, x113, x110); - uint64_t x116; - fiat_bls12_381_q_uint1 x117; - fiat_bls12_381_q_addcarryx_u64(&x116, &x117, x115, x111, x108); - uint64_t x118; - fiat_bls12_381_q_uint1 x119; - fiat_bls12_381_q_addcarryx_u64(&x118, &x119, x117, x109, x106); - uint64_t x120; - fiat_bls12_381_q_uint1 x121; - fiat_bls12_381_q_addcarryx_u64(&x120, &x121, x119, x107, x104); - uint64_t x122; - fiat_bls12_381_q_uint1 x123; - fiat_bls12_381_q_addcarryx_u64(&x122, &x123, x121, x105, x102); - uint64_t x124; - fiat_bls12_381_q_uint1 x125; - fiat_bls12_381_q_addcarryx_u64(&x124, &x125, 0x0, x90, x112); - uint64_t x126; - fiat_bls12_381_q_uint1 x127; - fiat_bls12_381_q_addcarryx_u64(&x126, &x127, x125, x92, x114); - uint64_t x128; - fiat_bls12_381_q_uint1 x129; - fiat_bls12_381_q_addcarryx_u64(&x128, &x129, x127, x94, x116); - uint64_t x130; - fiat_bls12_381_q_uint1 x131; - fiat_bls12_381_q_addcarryx_u64(&x130, &x131, x129, x96, x118); - uint64_t x132; - fiat_bls12_381_q_uint1 x133; - fiat_bls12_381_q_addcarryx_u64(&x132, &x133, x131, x98, x120); - uint64_t x134; - fiat_bls12_381_q_uint1 x135; - fiat_bls12_381_q_addcarryx_u64(&x134, &x135, x71, x51, 0x0); - uint64_t x136; - fiat_bls12_381_q_uint1 x137; - fiat_bls12_381_q_addcarryx_u64(&x136, &x137, x89, 0x0, x134); - uint64_t x138; - fiat_bls12_381_q_uint1 x139; - fiat_bls12_381_q_addcarryx_u64(&x138, &x139, x99, x136, 0x0); - uint64_t x140; - fiat_bls12_381_q_uint1 x141; - fiat_bls12_381_q_addcarryx_u64(&x140, &x141, x133, x138, x122); - uint64_t x142; - fiat_bls12_381_q_uint1 x143; - fiat_bls12_381_q_addcarryx_u64(&x142, &x143, 0x0, x126, (arg1[3])); - uint64_t x144; - fiat_bls12_381_q_uint1 x145; - fiat_bls12_381_q_addcarryx_u64(&x144, &x145, x143, x128, 0x0); - uint64_t x146; - fiat_bls12_381_q_uint1 x147; - fiat_bls12_381_q_addcarryx_u64(&x146, &x147, x145, x130, 0x0); - uint64_t x148; - fiat_bls12_381_q_uint1 x149; - fiat_bls12_381_q_addcarryx_u64(&x148, &x149, x147, x132, 0x0); - uint64_t x150; - fiat_bls12_381_q_uint1 x151; - fiat_bls12_381_q_addcarryx_u64(&x150, &x151, x149, x140, 0x0); - uint64_t x152; - uint64_t x153; - fiat_bls12_381_q_mulx_u64(&x152, &x153, x142, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x154; - uint64_t x155; - fiat_bls12_381_q_mulx_u64(&x154, &x155, x152, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x156; - uint64_t x157; - fiat_bls12_381_q_mulx_u64(&x156, &x157, x152, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x158; - uint64_t x159; - fiat_bls12_381_q_mulx_u64(&x158, &x159, x152, UINT64_C(0x64774b84f38512bf)); - uint64_t x160; - uint64_t x161; - fiat_bls12_381_q_mulx_u64(&x160, &x161, x152, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x162; - uint64_t x163; - fiat_bls12_381_q_mulx_u64(&x162, &x163, x152, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x164; - uint64_t x165; - fiat_bls12_381_q_mulx_u64(&x164, &x165, x152, UINT64_C(0xb9feffffffffaaab)); - uint64_t x166; - fiat_bls12_381_q_uint1 x167; - fiat_bls12_381_q_addcarryx_u64(&x166, &x167, 0x0, x165, x162); - uint64_t x168; - fiat_bls12_381_q_uint1 x169; - fiat_bls12_381_q_addcarryx_u64(&x168, &x169, x167, x163, x160); - uint64_t x170; - fiat_bls12_381_q_uint1 x171; - fiat_bls12_381_q_addcarryx_u64(&x170, &x171, x169, x161, x158); - uint64_t x172; - fiat_bls12_381_q_uint1 x173; - fiat_bls12_381_q_addcarryx_u64(&x172, &x173, x171, x159, x156); - uint64_t x174; - fiat_bls12_381_q_uint1 x175; - fiat_bls12_381_q_addcarryx_u64(&x174, &x175, x173, x157, x154); - uint64_t x176; - fiat_bls12_381_q_uint1 x177; - fiat_bls12_381_q_addcarryx_u64(&x176, &x177, 0x0, x142, x164); - uint64_t x178; - fiat_bls12_381_q_uint1 x179; - fiat_bls12_381_q_addcarryx_u64(&x178, &x179, x177, x144, x166); - uint64_t x180; - fiat_bls12_381_q_uint1 x181; - fiat_bls12_381_q_addcarryx_u64(&x180, &x181, x179, x146, x168); - uint64_t x182; - fiat_bls12_381_q_uint1 x183; - fiat_bls12_381_q_addcarryx_u64(&x182, &x183, x181, x148, x170); - uint64_t x184; - fiat_bls12_381_q_uint1 x185; - fiat_bls12_381_q_addcarryx_u64(&x184, &x185, x183, x150, x172); - uint64_t x186; - fiat_bls12_381_q_uint1 x187; - fiat_bls12_381_q_addcarryx_u64(&x186, &x187, x123, x103, 0x0); - uint64_t x188; - fiat_bls12_381_q_uint1 x189; - fiat_bls12_381_q_addcarryx_u64(&x188, &x189, x141, 0x0, x186); - uint64_t x190; - fiat_bls12_381_q_uint1 x191; - fiat_bls12_381_q_addcarryx_u64(&x190, &x191, x151, x188, 0x0); - uint64_t x192; - fiat_bls12_381_q_uint1 x193; - fiat_bls12_381_q_addcarryx_u64(&x192, &x193, x185, x190, x174); - uint64_t x194; - fiat_bls12_381_q_uint1 x195; - fiat_bls12_381_q_addcarryx_u64(&x194, &x195, 0x0, x178, (arg1[4])); - uint64_t x196; - fiat_bls12_381_q_uint1 x197; - fiat_bls12_381_q_addcarryx_u64(&x196, &x197, x195, x180, 0x0); - uint64_t x198; - fiat_bls12_381_q_uint1 x199; - fiat_bls12_381_q_addcarryx_u64(&x198, &x199, x197, x182, 0x0); - uint64_t x200; - fiat_bls12_381_q_uint1 x201; - fiat_bls12_381_q_addcarryx_u64(&x200, &x201, x199, x184, 0x0); - uint64_t x202; - fiat_bls12_381_q_uint1 x203; - fiat_bls12_381_q_addcarryx_u64(&x202, &x203, x201, x192, 0x0); - uint64_t x204; - uint64_t x205; - fiat_bls12_381_q_mulx_u64(&x204, &x205, x194, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x206; - uint64_t x207; - fiat_bls12_381_q_mulx_u64(&x206, &x207, x204, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x208; - uint64_t x209; - fiat_bls12_381_q_mulx_u64(&x208, &x209, x204, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x210; - uint64_t x211; - fiat_bls12_381_q_mulx_u64(&x210, &x211, x204, UINT64_C(0x64774b84f38512bf)); - uint64_t x212; - uint64_t x213; - fiat_bls12_381_q_mulx_u64(&x212, &x213, x204, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x214; - uint64_t x215; - fiat_bls12_381_q_mulx_u64(&x214, &x215, x204, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x216; - uint64_t x217; - fiat_bls12_381_q_mulx_u64(&x216, &x217, x204, UINT64_C(0xb9feffffffffaaab)); - uint64_t x218; - fiat_bls12_381_q_uint1 x219; - fiat_bls12_381_q_addcarryx_u64(&x218, &x219, 0x0, x217, x214); - uint64_t x220; - fiat_bls12_381_q_uint1 x221; - fiat_bls12_381_q_addcarryx_u64(&x220, &x221, x219, x215, x212); - uint64_t x222; - fiat_bls12_381_q_uint1 x223; - fiat_bls12_381_q_addcarryx_u64(&x222, &x223, x221, x213, x210); - uint64_t x224; - fiat_bls12_381_q_uint1 x225; - fiat_bls12_381_q_addcarryx_u64(&x224, &x225, x223, x211, x208); - uint64_t x226; - fiat_bls12_381_q_uint1 x227; - fiat_bls12_381_q_addcarryx_u64(&x226, &x227, x225, x209, x206); - uint64_t x228; - fiat_bls12_381_q_uint1 x229; - fiat_bls12_381_q_addcarryx_u64(&x228, &x229, 0x0, x194, x216); - uint64_t x230; - fiat_bls12_381_q_uint1 x231; - fiat_bls12_381_q_addcarryx_u64(&x230, &x231, x229, x196, x218); - uint64_t x232; - fiat_bls12_381_q_uint1 x233; - fiat_bls12_381_q_addcarryx_u64(&x232, &x233, x231, x198, x220); - uint64_t x234; - fiat_bls12_381_q_uint1 x235; - fiat_bls12_381_q_addcarryx_u64(&x234, &x235, x233, x200, x222); - uint64_t x236; - fiat_bls12_381_q_uint1 x237; - fiat_bls12_381_q_addcarryx_u64(&x236, &x237, x235, x202, x224); - uint64_t x238; - fiat_bls12_381_q_uint1 x239; - fiat_bls12_381_q_addcarryx_u64(&x238, &x239, x175, x155, 0x0); - uint64_t x240; - fiat_bls12_381_q_uint1 x241; - fiat_bls12_381_q_addcarryx_u64(&x240, &x241, x193, 0x0, x238); - uint64_t x242; - fiat_bls12_381_q_uint1 x243; - fiat_bls12_381_q_addcarryx_u64(&x242, &x243, x203, x240, 0x0); - uint64_t x244; - fiat_bls12_381_q_uint1 x245; - fiat_bls12_381_q_addcarryx_u64(&x244, &x245, x237, x242, x226); - uint64_t x246; - fiat_bls12_381_q_uint1 x247; - fiat_bls12_381_q_addcarryx_u64(&x246, &x247, 0x0, x230, (arg1[5])); - uint64_t x248; - fiat_bls12_381_q_uint1 x249; - fiat_bls12_381_q_addcarryx_u64(&x248, &x249, x247, x232, 0x0); - uint64_t x250; - fiat_bls12_381_q_uint1 x251; - fiat_bls12_381_q_addcarryx_u64(&x250, &x251, x249, x234, 0x0); - uint64_t x252; - fiat_bls12_381_q_uint1 x253; - fiat_bls12_381_q_addcarryx_u64(&x252, &x253, x251, x236, 0x0); - uint64_t x254; - fiat_bls12_381_q_uint1 x255; - fiat_bls12_381_q_addcarryx_u64(&x254, &x255, x253, x244, 0x0); - uint64_t x256; - uint64_t x257; - fiat_bls12_381_q_mulx_u64(&x256, &x257, x246, UINT64_C(0x89f3fffcfffcfffd)); - uint64_t x258; - uint64_t x259; - fiat_bls12_381_q_mulx_u64(&x258, &x259, x256, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x260; - uint64_t x261; - fiat_bls12_381_q_mulx_u64(&x260, &x261, x256, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x262; - uint64_t x263; - fiat_bls12_381_q_mulx_u64(&x262, &x263, x256, UINT64_C(0x64774b84f38512bf)); - uint64_t x264; - uint64_t x265; - fiat_bls12_381_q_mulx_u64(&x264, &x265, x256, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x266; - uint64_t x267; - fiat_bls12_381_q_mulx_u64(&x266, &x267, x256, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x268; - uint64_t x269; - fiat_bls12_381_q_mulx_u64(&x268, &x269, x256, UINT64_C(0xb9feffffffffaaab)); - uint64_t x270; - fiat_bls12_381_q_uint1 x271; - fiat_bls12_381_q_addcarryx_u64(&x270, &x271, 0x0, x269, x266); - uint64_t x272; - fiat_bls12_381_q_uint1 x273; - fiat_bls12_381_q_addcarryx_u64(&x272, &x273, x271, x267, x264); - uint64_t x274; - fiat_bls12_381_q_uint1 x275; - fiat_bls12_381_q_addcarryx_u64(&x274, &x275, x273, x265, x262); - uint64_t x276; - fiat_bls12_381_q_uint1 x277; - fiat_bls12_381_q_addcarryx_u64(&x276, &x277, x275, x263, x260); - uint64_t x278; - fiat_bls12_381_q_uint1 x279; - fiat_bls12_381_q_addcarryx_u64(&x278, &x279, x277, x261, x258); - uint64_t x280; - fiat_bls12_381_q_uint1 x281; - fiat_bls12_381_q_addcarryx_u64(&x280, &x281, 0x0, x246, x268); - uint64_t x282; - fiat_bls12_381_q_uint1 x283; - fiat_bls12_381_q_addcarryx_u64(&x282, &x283, x281, x248, x270); - uint64_t x284; - fiat_bls12_381_q_uint1 x285; - fiat_bls12_381_q_addcarryx_u64(&x284, &x285, x283, x250, x272); - uint64_t x286; - fiat_bls12_381_q_uint1 x287; - fiat_bls12_381_q_addcarryx_u64(&x286, &x287, x285, x252, x274); - uint64_t x288; - fiat_bls12_381_q_uint1 x289; - fiat_bls12_381_q_addcarryx_u64(&x288, &x289, x287, x254, x276); - uint64_t x290; - fiat_bls12_381_q_uint1 x291; - fiat_bls12_381_q_addcarryx_u64(&x290, &x291, x227, x207, 0x0); - uint64_t x292; - fiat_bls12_381_q_uint1 x293; - fiat_bls12_381_q_addcarryx_u64(&x292, &x293, x245, 0x0, x290); - uint64_t x294; - fiat_bls12_381_q_uint1 x295; - fiat_bls12_381_q_addcarryx_u64(&x294, &x295, x255, x292, 0x0); - uint64_t x296; - fiat_bls12_381_q_uint1 x297; - fiat_bls12_381_q_addcarryx_u64(&x296, &x297, x289, x294, x278); - uint64_t x298; - fiat_bls12_381_q_uint1 x299; - fiat_bls12_381_q_addcarryx_u64(&x298, &x299, x279, x259, 0x0); - uint64_t x300; - fiat_bls12_381_q_uint1 x301; - fiat_bls12_381_q_addcarryx_u64(&x300, &x301, x297, 0x0, x298); - uint64_t x302; - fiat_bls12_381_q_uint1 x303; - fiat_bls12_381_q_subborrowx_u64(&x302, &x303, 0x0, x282, UINT64_C(0xb9feffffffffaaab)); - uint64_t x304; - fiat_bls12_381_q_uint1 x305; - fiat_bls12_381_q_subborrowx_u64(&x304, &x305, x303, x284, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x306; - fiat_bls12_381_q_uint1 x307; - fiat_bls12_381_q_subborrowx_u64(&x306, &x307, x305, x286, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x308; - fiat_bls12_381_q_uint1 x309; - fiat_bls12_381_q_subborrowx_u64(&x308, &x309, x307, x288, UINT64_C(0x64774b84f38512bf)); - uint64_t x310; - fiat_bls12_381_q_uint1 x311; - fiat_bls12_381_q_subborrowx_u64(&x310, &x311, x309, x296, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x312; - fiat_bls12_381_q_uint1 x313; - fiat_bls12_381_q_subborrowx_u64(&x312, &x313, x311, x300, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x314; - fiat_bls12_381_q_uint1 x315; - fiat_bls12_381_q_subborrowx_u64(&x314, &x315, x313, 0x0, 0x0); - uint64_t x316; - fiat_bls12_381_q_cmovznz_u64(&x316, x315, x302, x282); - uint64_t x317; - fiat_bls12_381_q_cmovznz_u64(&x317, x315, x304, x284); - uint64_t x318; - fiat_bls12_381_q_cmovznz_u64(&x318, x315, x306, x286); - uint64_t x319; - fiat_bls12_381_q_cmovznz_u64(&x319, x315, x308, x288); - uint64_t x320; - fiat_bls12_381_q_cmovznz_u64(&x320, x315, x310, x296); - uint64_t x321; - fiat_bls12_381_q_cmovznz_u64(&x321, x315, x312, x300); - out1[0] = x316; - out1[1] = x317; - out1[2] = x318; - out1[3] = x319; - out1[4] = x320; - out1[5] = x321; -} - -/* - * The function fiat_bls12_381_q_nonzero outputs a single non-zero word if the input is non-zero and zero otherwise. - * Preconditions: - * 0 ≤ eval arg1 < m - * Postconditions: - * out1 = 0 ↔ eval (from_montgomery arg1) mod m = 0 - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [0x0 ~> 0xffffffffffffffff] - */ -void fiat_bls12_381_q_nonzero(uint64_t* out1, const uint64_t arg1[6]) { - uint64_t x1 = ((arg1[0]) | ((arg1[1]) | ((arg1[2]) | ((arg1[3]) | ((arg1[4]) | ((arg1[5]) | (uint64_t)0x0)))))); - *out1 = x1; -} - -/* - * The function fiat_bls12_381_q_selectznz is a multi-limb conditional select. - * Postconditions: - * eval out1 = (if arg1 = 0 then eval arg2 else eval arg3) - * - * Input Bounds: - * arg1: [0x0 ~> 0x1] - * arg2: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * arg3: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]] - */ -void fiat_bls12_381_q_selectznz(uint64_t out1[6], fiat_bls12_381_q_uint1 arg1, const uint64_t arg2[6], const uint64_t arg3[6]) { - uint64_t x1; - fiat_bls12_381_q_cmovznz_u64(&x1, arg1, (arg2[0]), (arg3[0])); - uint64_t x2; - fiat_bls12_381_q_cmovznz_u64(&x2, arg1, (arg2[1]), (arg3[1])); - uint64_t x3; - fiat_bls12_381_q_cmovznz_u64(&x3, arg1, (arg2[2]), (arg3[2])); - uint64_t x4; - fiat_bls12_381_q_cmovznz_u64(&x4, arg1, (arg2[3]), (arg3[3])); - uint64_t x5; - fiat_bls12_381_q_cmovznz_u64(&x5, arg1, (arg2[4]), (arg3[4])); - uint64_t x6; - fiat_bls12_381_q_cmovznz_u64(&x6, arg1, (arg2[5]), (arg3[5])); - out1[0] = x1; - out1[1] = x2; - out1[2] = x3; - out1[3] = x4; - out1[4] = x5; - out1[5] = x6; -} - -/* - * The function fiat_bls12_381_q_to_bytes serializes a field element in the Montgomery domain to bytes in little-endian order. - * Preconditions: - * 0 ≤ eval arg1 < m - * Postconditions: - * out1 = map (λ x, ⌊((eval arg1 mod m) mod 2^(8 * (x + 1))) / 2^(8 * x)⌋) [0..47] - * - * Input Bounds: - * arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0x1fffffffffffffff]] - * Output Bounds: - * out1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0x1f]] - */ -void fiat_bls12_381_q_to_bytes(uint8_t out1[48], const uint64_t arg1[6]) { - uint64_t x1 = (arg1[5]); - uint64_t x2 = (arg1[4]); - uint64_t x3 = (arg1[3]); - uint64_t x4 = (arg1[2]); - uint64_t x5 = (arg1[1]); - uint64_t x6 = (arg1[0]); - uint64_t x7 = (x6 >> 8); - uint8_t x8 = (uint8_t)(x6 & UINT8_C(0xff)); - uint64_t x9 = (x7 >> 8); - uint8_t x10 = (uint8_t)(x7 & UINT8_C(0xff)); - uint64_t x11 = (x9 >> 8); - uint8_t x12 = (uint8_t)(x9 & UINT8_C(0xff)); - uint64_t x13 = (x11 >> 8); - uint8_t x14 = (uint8_t)(x11 & UINT8_C(0xff)); - uint64_t x15 = (x13 >> 8); - uint8_t x16 = (uint8_t)(x13 & UINT8_C(0xff)); - uint64_t x17 = (x15 >> 8); - uint8_t x18 = (uint8_t)(x15 & UINT8_C(0xff)); - uint8_t x19 = (uint8_t)(x17 >> 8); - uint8_t x20 = (uint8_t)(x17 & UINT8_C(0xff)); - uint8_t x21 = (uint8_t)(x19 & UINT8_C(0xff)); - uint64_t x22 = (x5 >> 8); - uint8_t x23 = (uint8_t)(x5 & UINT8_C(0xff)); - uint64_t x24 = (x22 >> 8); - uint8_t x25 = (uint8_t)(x22 & UINT8_C(0xff)); - uint64_t x26 = (x24 >> 8); - uint8_t x27 = (uint8_t)(x24 & UINT8_C(0xff)); - uint64_t x28 = (x26 >> 8); - uint8_t x29 = (uint8_t)(x26 & UINT8_C(0xff)); - uint64_t x30 = (x28 >> 8); - uint8_t x31 = (uint8_t)(x28 & UINT8_C(0xff)); - uint64_t x32 = (x30 >> 8); - uint8_t x33 = (uint8_t)(x30 & UINT8_C(0xff)); - uint8_t x34 = (uint8_t)(x32 >> 8); - uint8_t x35 = (uint8_t)(x32 & UINT8_C(0xff)); - uint8_t x36 = (uint8_t)(x34 & UINT8_C(0xff)); - uint64_t x37 = (x4 >> 8); - uint8_t x38 = (uint8_t)(x4 & UINT8_C(0xff)); - uint64_t x39 = (x37 >> 8); - uint8_t x40 = (uint8_t)(x37 & UINT8_C(0xff)); - uint64_t x41 = (x39 >> 8); - uint8_t x42 = (uint8_t)(x39 & UINT8_C(0xff)); - uint64_t x43 = (x41 >> 8); - uint8_t x44 = (uint8_t)(x41 & UINT8_C(0xff)); - uint64_t x45 = (x43 >> 8); - uint8_t x46 = (uint8_t)(x43 & UINT8_C(0xff)); - uint64_t x47 = (x45 >> 8); - uint8_t x48 = (uint8_t)(x45 & UINT8_C(0xff)); - uint8_t x49 = (uint8_t)(x47 >> 8); - uint8_t x50 = (uint8_t)(x47 & UINT8_C(0xff)); - uint8_t x51 = (uint8_t)(x49 & UINT8_C(0xff)); - uint64_t x52 = (x3 >> 8); - uint8_t x53 = (uint8_t)(x3 & UINT8_C(0xff)); - uint64_t x54 = (x52 >> 8); - uint8_t x55 = (uint8_t)(x52 & UINT8_C(0xff)); - uint64_t x56 = (x54 >> 8); - uint8_t x57 = (uint8_t)(x54 & UINT8_C(0xff)); - uint64_t x58 = (x56 >> 8); - uint8_t x59 = (uint8_t)(x56 & UINT8_C(0xff)); - uint64_t x60 = (x58 >> 8); - uint8_t x61 = (uint8_t)(x58 & UINT8_C(0xff)); - uint64_t x62 = (x60 >> 8); - uint8_t x63 = (uint8_t)(x60 & UINT8_C(0xff)); - uint8_t x64 = (uint8_t)(x62 >> 8); - uint8_t x65 = (uint8_t)(x62 & UINT8_C(0xff)); - uint8_t x66 = (uint8_t)(x64 & UINT8_C(0xff)); - uint64_t x67 = (x2 >> 8); - uint8_t x68 = (uint8_t)(x2 & UINT8_C(0xff)); - uint64_t x69 = (x67 >> 8); - uint8_t x70 = (uint8_t)(x67 & UINT8_C(0xff)); - uint64_t x71 = (x69 >> 8); - uint8_t x72 = (uint8_t)(x69 & UINT8_C(0xff)); - uint64_t x73 = (x71 >> 8); - uint8_t x74 = (uint8_t)(x71 & UINT8_C(0xff)); - uint64_t x75 = (x73 >> 8); - uint8_t x76 = (uint8_t)(x73 & UINT8_C(0xff)); - uint64_t x77 = (x75 >> 8); - uint8_t x78 = (uint8_t)(x75 & UINT8_C(0xff)); - uint8_t x79 = (uint8_t)(x77 >> 8); - uint8_t x80 = (uint8_t)(x77 & UINT8_C(0xff)); - uint8_t x81 = (uint8_t)(x79 & UINT8_C(0xff)); - uint64_t x82 = (x1 >> 8); - uint8_t x83 = (uint8_t)(x1 & UINT8_C(0xff)); - uint64_t x84 = (x82 >> 8); - uint8_t x85 = (uint8_t)(x82 & UINT8_C(0xff)); - uint64_t x86 = (x84 >> 8); - uint8_t x87 = (uint8_t)(x84 & UINT8_C(0xff)); - uint64_t x88 = (x86 >> 8); - uint8_t x89 = (uint8_t)(x86 & UINT8_C(0xff)); - uint64_t x90 = (x88 >> 8); - uint8_t x91 = (uint8_t)(x88 & UINT8_C(0xff)); - uint64_t x92 = (x90 >> 8); - uint8_t x93 = (uint8_t)(x90 & UINT8_C(0xff)); - uint8_t x94 = (uint8_t)(x92 >> 8); - uint8_t x95 = (uint8_t)(x92 & UINT8_C(0xff)); - out1[0] = x8; - out1[1] = x10; - out1[2] = x12; - out1[3] = x14; - out1[4] = x16; - out1[5] = x18; - out1[6] = x20; - out1[7] = x21; - out1[8] = x23; - out1[9] = x25; - out1[10] = x27; - out1[11] = x29; - out1[12] = x31; - out1[13] = x33; - out1[14] = x35; - out1[15] = x36; - out1[16] = x38; - out1[17] = x40; - out1[18] = x42; - out1[19] = x44; - out1[20] = x46; - out1[21] = x48; - out1[22] = x50; - out1[23] = x51; - out1[24] = x53; - out1[25] = x55; - out1[26] = x57; - out1[27] = x59; - out1[28] = x61; - out1[29] = x63; - out1[30] = x65; - out1[31] = x66; - out1[32] = x68; - out1[33] = x70; - out1[34] = x72; - out1[35] = x74; - out1[36] = x76; - out1[37] = x78; - out1[38] = x80; - out1[39] = x81; - out1[40] = x83; - out1[41] = x85; - out1[42] = x87; - out1[43] = x89; - out1[44] = x91; - out1[45] = x93; - out1[46] = x95; - out1[47] = x94; -} - -/* - * The function fiat_bls12_381_q_from_bytes deserializes a field element in the Montgomery domain from bytes in little-endian order. - * Preconditions: - * 0 ≤ bytes_eval arg1 < m - * Postconditions: - * eval out1 mod m = bytes_eval arg1 mod m - * 0 ≤ eval out1 < m - * - * Input Bounds: - * arg1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0x1f]] - * Output Bounds: - * out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0x1fffffffffffffff]] - */ -void fiat_bls12_381_q_from_bytes(uint64_t out1[6], const uint8_t arg1[48]) { - uint64_t x1 = ((uint64_t)(arg1[47]) << 56); - uint64_t x2 = ((uint64_t)(arg1[46]) << 48); - uint64_t x3 = ((uint64_t)(arg1[45]) << 40); - uint64_t x4 = ((uint64_t)(arg1[44]) << 32); - uint64_t x5 = ((uint64_t)(arg1[43]) << 24); - uint64_t x6 = ((uint64_t)(arg1[42]) << 16); - uint64_t x7 = ((uint64_t)(arg1[41]) << 8); - uint8_t x8 = (arg1[40]); - uint64_t x9 = ((uint64_t)(arg1[39]) << 56); - uint64_t x10 = ((uint64_t)(arg1[38]) << 48); - uint64_t x11 = ((uint64_t)(arg1[37]) << 40); - uint64_t x12 = ((uint64_t)(arg1[36]) << 32); - uint64_t x13 = ((uint64_t)(arg1[35]) << 24); - uint64_t x14 = ((uint64_t)(arg1[34]) << 16); - uint64_t x15 = ((uint64_t)(arg1[33]) << 8); - uint8_t x16 = (arg1[32]); - uint64_t x17 = ((uint64_t)(arg1[31]) << 56); - uint64_t x18 = ((uint64_t)(arg1[30]) << 48); - uint64_t x19 = ((uint64_t)(arg1[29]) << 40); - uint64_t x20 = ((uint64_t)(arg1[28]) << 32); - uint64_t x21 = ((uint64_t)(arg1[27]) << 24); - uint64_t x22 = ((uint64_t)(arg1[26]) << 16); - uint64_t x23 = ((uint64_t)(arg1[25]) << 8); - uint8_t x24 = (arg1[24]); - uint64_t x25 = ((uint64_t)(arg1[23]) << 56); - uint64_t x26 = ((uint64_t)(arg1[22]) << 48); - uint64_t x27 = ((uint64_t)(arg1[21]) << 40); - uint64_t x28 = ((uint64_t)(arg1[20]) << 32); - uint64_t x29 = ((uint64_t)(arg1[19]) << 24); - uint64_t x30 = ((uint64_t)(arg1[18]) << 16); - uint64_t x31 = ((uint64_t)(arg1[17]) << 8); - uint8_t x32 = (arg1[16]); - uint64_t x33 = ((uint64_t)(arg1[15]) << 56); - uint64_t x34 = ((uint64_t)(arg1[14]) << 48); - uint64_t x35 = ((uint64_t)(arg1[13]) << 40); - uint64_t x36 = ((uint64_t)(arg1[12]) << 32); - uint64_t x37 = ((uint64_t)(arg1[11]) << 24); - uint64_t x38 = ((uint64_t)(arg1[10]) << 16); - uint64_t x39 = ((uint64_t)(arg1[9]) << 8); - uint8_t x40 = (arg1[8]); - uint64_t x41 = ((uint64_t)(arg1[7]) << 56); - uint64_t x42 = ((uint64_t)(arg1[6]) << 48); - uint64_t x43 = ((uint64_t)(arg1[5]) << 40); - uint64_t x44 = ((uint64_t)(arg1[4]) << 32); - uint64_t x45 = ((uint64_t)(arg1[3]) << 24); - uint64_t x46 = ((uint64_t)(arg1[2]) << 16); - uint64_t x47 = ((uint64_t)(arg1[1]) << 8); - uint8_t x48 = (arg1[0]); - uint64_t x49 = (x48 + (x47 + (x46 + (x45 + (x44 + (x43 + (x42 + x41))))))); - uint64_t x50 = (x49 & UINT64_C(0xffffffffffffffff)); - uint64_t x51 = (x8 + (x7 + (x6 + (x5 + (x4 + (x3 + (x2 + x1))))))); - uint64_t x52 = (x16 + (x15 + (x14 + (x13 + (x12 + (x11 + (x10 + x9))))))); - uint64_t x53 = (x24 + (x23 + (x22 + (x21 + (x20 + (x19 + (x18 + x17))))))); - uint64_t x54 = (x32 + (x31 + (x30 + (x29 + (x28 + (x27 + (x26 + x25))))))); - uint64_t x55 = (x40 + (x39 + (x38 + (x37 + (x36 + (x35 + (x34 + x33))))))); - uint64_t x56 = (x55 & UINT64_C(0xffffffffffffffff)); - uint64_t x57 = (x54 & UINT64_C(0xffffffffffffffff)); - uint64_t x58 = (x53 & UINT64_C(0xffffffffffffffff)); - uint64_t x59 = (x52 & UINT64_C(0xffffffffffffffff)); - out1[0] = x50; - out1[1] = x56; - out1[2] = x57; - out1[3] = x58; - out1[4] = x59; - out1[5] = x51; -} - -void fiat_bls12_381_q_divstep(uint64_t* out1, uint64_t out2[6], uint64_t out3[6], uint64_t out4[6], uint64_t out5[6], uint64_t arg1, const uint64_t arg2[6], const uint64_t arg3[6], const uint64_t arg4[6], const uint64_t arg5[6]) { - uint64_t x1; - fiat_bls12_381_q_uint1 x2; - fiat_bls12_381_q_addcarryx_u64(&x1, &x2, 0x0, (~arg1), 0x1); - fiat_bls12_381_q_uint1 x3 = (fiat_bls12_381_q_uint1)((fiat_bls12_381_q_uint1)((fiat_bls12_381_q_uint1)(x1 >> 63) & 0x1) & (fiat_bls12_381_q_uint1)((arg3[0]) & 0x1)); - uint64_t x4; - fiat_bls12_381_q_uint1 x5; - fiat_bls12_381_q_addcarryx_u64(&x4, &x5, 0x0, (~arg1), 0x1); - uint64_t x6; - fiat_bls12_381_q_cmovznz_u64(&x6, x3, arg1, x4); - uint64_t x7; - fiat_bls12_381_q_cmovznz_u64(&x7, x3, (arg2[0]), (arg3[0])); - uint64_t x8; - fiat_bls12_381_q_cmovznz_u64(&x8, x3, (arg2[1]), (arg3[1])); - uint64_t x9; - fiat_bls12_381_q_cmovznz_u64(&x9, x3, (arg2[2]), (arg3[2])); - uint64_t x10; - fiat_bls12_381_q_cmovznz_u64(&x10, x3, (arg2[3]), (arg3[3])); - uint64_t x11; - fiat_bls12_381_q_cmovznz_u64(&x11, x3, (arg2[4]), (arg3[4])); - uint64_t x12; - fiat_bls12_381_q_cmovznz_u64(&x12, x3, (arg2[5]), (arg3[5])); - uint64_t x13; - fiat_bls12_381_q_uint1 x14; - fiat_bls12_381_q_addcarryx_u64(&x13, &x14, 0x0, 0x1, (~(arg2[0]))); - uint64_t x15; - fiat_bls12_381_q_uint1 x16; - fiat_bls12_381_q_addcarryx_u64(&x15, &x16, x14, 0x0, (~(arg2[1]))); - uint64_t x17; - fiat_bls12_381_q_uint1 x18; - fiat_bls12_381_q_addcarryx_u64(&x17, &x18, x16, 0x0, (~(arg2[2]))); - uint64_t x19; - fiat_bls12_381_q_uint1 x20; - fiat_bls12_381_q_addcarryx_u64(&x19, &x20, x18, 0x0, (~(arg2[3]))); - uint64_t x21; - fiat_bls12_381_q_uint1 x22; - fiat_bls12_381_q_addcarryx_u64(&x21, &x22, x20, 0x0, (~(arg2[4]))); - uint64_t x23; - fiat_bls12_381_q_uint1 x24; - fiat_bls12_381_q_addcarryx_u64(&x23, &x24, x22, 0x0, (~(arg2[5]))); - uint64_t x25; - fiat_bls12_381_q_cmovznz_u64(&x25, x3, (arg3[0]), x13); - uint64_t x26; - fiat_bls12_381_q_cmovznz_u64(&x26, x3, (arg3[1]), x15); - uint64_t x27; - fiat_bls12_381_q_cmovznz_u64(&x27, x3, (arg3[2]), x17); - uint64_t x28; - fiat_bls12_381_q_cmovznz_u64(&x28, x3, (arg3[3]), x19); - uint64_t x29; - fiat_bls12_381_q_cmovznz_u64(&x29, x3, (arg3[4]), x21); - uint64_t x30; - fiat_bls12_381_q_cmovznz_u64(&x30, x3, (arg3[5]), x23); - uint64_t x31; - fiat_bls12_381_q_cmovznz_u64(&x31, x3, (arg4[0]), (arg5[0])); - uint64_t x32; - fiat_bls12_381_q_cmovznz_u64(&x32, x3, (arg4[1]), (arg5[1])); - uint64_t x33; - fiat_bls12_381_q_cmovznz_u64(&x33, x3, (arg4[2]), (arg5[2])); - uint64_t x34; - fiat_bls12_381_q_cmovznz_u64(&x34, x3, (arg4[3]), (arg5[3])); - uint64_t x35; - fiat_bls12_381_q_cmovznz_u64(&x35, x3, (arg4[4]), (arg5[4])); - uint64_t x36; - fiat_bls12_381_q_cmovznz_u64(&x36, x3, (arg4[5]), (arg5[5])); - uint64_t x37; - fiat_bls12_381_q_uint1 x38; - fiat_bls12_381_q_addcarryx_u64(&x37, &x38, 0x0, x31, x31); - uint64_t x39; - fiat_bls12_381_q_uint1 x40; - fiat_bls12_381_q_addcarryx_u64(&x39, &x40, x38, x32, x32); - uint64_t x41; - fiat_bls12_381_q_uint1 x42; - fiat_bls12_381_q_addcarryx_u64(&x41, &x42, x40, x33, x33); - uint64_t x43; - fiat_bls12_381_q_uint1 x44; - fiat_bls12_381_q_addcarryx_u64(&x43, &x44, x42, x34, x34); - uint64_t x45; - fiat_bls12_381_q_uint1 x46; - fiat_bls12_381_q_addcarryx_u64(&x45, &x46, x44, x35, x35); - uint64_t x47; - fiat_bls12_381_q_uint1 x48; - fiat_bls12_381_q_addcarryx_u64(&x47, &x48, x46, x36, x36); - uint64_t x49; - fiat_bls12_381_q_uint1 x50; - fiat_bls12_381_q_subborrowx_u64(&x49, &x50, 0x0, x37, UINT64_C(0xb9feffffffffaaab)); - uint64_t x51; - fiat_bls12_381_q_uint1 x52; - fiat_bls12_381_q_subborrowx_u64(&x51, &x52, x50, x39, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x53; - fiat_bls12_381_q_uint1 x54; - fiat_bls12_381_q_subborrowx_u64(&x53, &x54, x52, x41, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x55; - fiat_bls12_381_q_uint1 x56; - fiat_bls12_381_q_subborrowx_u64(&x55, &x56, x54, x43, UINT64_C(0x64774b84f38512bf)); - uint64_t x57; - fiat_bls12_381_q_uint1 x58; - fiat_bls12_381_q_subborrowx_u64(&x57, &x58, x56, x45, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x59; - fiat_bls12_381_q_uint1 x60; - fiat_bls12_381_q_subborrowx_u64(&x59, &x60, x58, x47, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x61; - fiat_bls12_381_q_uint1 x62; - fiat_bls12_381_q_subborrowx_u64(&x61, &x62, x60, x48, 0x0); - uint64_t x63; - fiat_bls12_381_q_cmovznz_u64(&x63, x62, x49, x37); - uint64_t x64; - fiat_bls12_381_q_cmovznz_u64(&x64, x62, x51, x39); - uint64_t x65; - fiat_bls12_381_q_cmovznz_u64(&x65, x62, x53, x41); - uint64_t x66; - fiat_bls12_381_q_cmovznz_u64(&x66, x62, x55, x43); - uint64_t x67; - fiat_bls12_381_q_cmovznz_u64(&x67, x62, x57, x45); - uint64_t x68; - fiat_bls12_381_q_cmovznz_u64(&x68, x62, x59, x47); - uint64_t x69 = (arg4[5]); - uint64_t x70 = (arg4[4]); - uint64_t x71 = (arg4[3]); - uint64_t x72 = (arg4[2]); - uint64_t x73 = (arg4[1]); - uint64_t x74 = (arg4[0]); - uint64_t x75; - fiat_bls12_381_q_uint1 x76; - fiat_bls12_381_q_subborrowx_u64(&x75, &x76, 0x0, 0x0, x74); - uint64_t x77; - fiat_bls12_381_q_uint1 x78; - fiat_bls12_381_q_subborrowx_u64(&x77, &x78, x76, 0x0, x73); - uint64_t x79; - fiat_bls12_381_q_uint1 x80; - fiat_bls12_381_q_subborrowx_u64(&x79, &x80, x78, 0x0, x72); - uint64_t x81; - fiat_bls12_381_q_uint1 x82; - fiat_bls12_381_q_subborrowx_u64(&x81, &x82, x80, 0x0, x71); - uint64_t x83; - fiat_bls12_381_q_uint1 x84; - fiat_bls12_381_q_subborrowx_u64(&x83, &x84, x82, 0x0, x70); - uint64_t x85; - fiat_bls12_381_q_uint1 x86; - fiat_bls12_381_q_subborrowx_u64(&x85, &x86, x84, 0x0, x69); - uint64_t x87; - fiat_bls12_381_q_cmovznz_u64(&x87, x86, 0x0, UINT64_C(0xffffffffffffffff)); - uint64_t x88; - fiat_bls12_381_q_uint1 x89; - fiat_bls12_381_q_addcarryx_u64(&x88, &x89, 0x0, x75, (x87 & UINT64_C(0xb9feffffffffaaab))); - uint64_t x90; - fiat_bls12_381_q_uint1 x91; - fiat_bls12_381_q_addcarryx_u64(&x90, &x91, x89, x77, (x87 & UINT64_C(0x1eabfffeb153ffff))); - uint64_t x92; - fiat_bls12_381_q_uint1 x93; - fiat_bls12_381_q_addcarryx_u64(&x92, &x93, x91, x79, (x87 & UINT64_C(0x6730d2a0f6b0f624))); - uint64_t x94; - fiat_bls12_381_q_uint1 x95; - fiat_bls12_381_q_addcarryx_u64(&x94, &x95, x93, x81, (x87 & UINT64_C(0x64774b84f38512bf))); - uint64_t x96; - fiat_bls12_381_q_uint1 x97; - fiat_bls12_381_q_addcarryx_u64(&x96, &x97, x95, x83, (x87 & UINT64_C(0x4b1ba7b6434bacd7))); - uint64_t x98; - fiat_bls12_381_q_uint1 x99; - fiat_bls12_381_q_addcarryx_u64(&x98, &x99, x97, x85, (x87 & UINT64_C(0x1a0111ea397fe69a))); - uint64_t x100; - fiat_bls12_381_q_cmovznz_u64(&x100, x3, (arg5[0]), x88); - uint64_t x101; - fiat_bls12_381_q_cmovznz_u64(&x101, x3, (arg5[1]), x90); - uint64_t x102; - fiat_bls12_381_q_cmovznz_u64(&x102, x3, (arg5[2]), x92); - uint64_t x103; - fiat_bls12_381_q_cmovznz_u64(&x103, x3, (arg5[3]), x94); - uint64_t x104; - fiat_bls12_381_q_cmovznz_u64(&x104, x3, (arg5[4]), x96); - uint64_t x105; - fiat_bls12_381_q_cmovznz_u64(&x105, x3, (arg5[5]), x98); - fiat_bls12_381_q_uint1 x106 = (fiat_bls12_381_q_uint1)(x25 & 0x1); - uint64_t x107 = (uint64_t)((x6 + (fiat_bls12_381_q_uint128)0x1) & UINT64_C(0xffffffffffffffff)); - uint64_t x108; - fiat_bls12_381_q_cmovznz_u64(&x108, x106, 0x0, x7); - uint64_t x109; - fiat_bls12_381_q_cmovznz_u64(&x109, x106, 0x0, x8); - uint64_t x110; - fiat_bls12_381_q_cmovznz_u64(&x110, x106, 0x0, x9); - uint64_t x111; - fiat_bls12_381_q_cmovznz_u64(&x111, x106, 0x0, x10); - uint64_t x112; - fiat_bls12_381_q_cmovznz_u64(&x112, x106, 0x0, x11); - uint64_t x113; - fiat_bls12_381_q_cmovznz_u64(&x113, x106, 0x0, x12); - uint64_t x114; - fiat_bls12_381_q_uint1 x115; - fiat_bls12_381_q_addcarryx_u64(&x114, &x115, 0x0, x25, x108); - uint64_t x116; - fiat_bls12_381_q_uint1 x117; - fiat_bls12_381_q_addcarryx_u64(&x116, &x117, x115, x26, x109); - uint64_t x118; - fiat_bls12_381_q_uint1 x119; - fiat_bls12_381_q_addcarryx_u64(&x118, &x119, x117, x27, x110); - uint64_t x120; - fiat_bls12_381_q_uint1 x121; - fiat_bls12_381_q_addcarryx_u64(&x120, &x121, x119, x28, x111); - uint64_t x122; - fiat_bls12_381_q_uint1 x123; - fiat_bls12_381_q_addcarryx_u64(&x122, &x123, x121, x29, x112); - uint64_t x124; - fiat_bls12_381_q_uint1 x125; - fiat_bls12_381_q_addcarryx_u64(&x124, &x125, x123, x30, x113); - uint64_t x126 = ((x114 >> 1) | ((x116 << 63) & UINT64_C(0xffffffffffffffff))); - uint64_t x127 = ((x116 >> 1) | ((x118 << 63) & UINT64_C(0xffffffffffffffff))); - uint64_t x128 = ((x118 >> 1) | ((x120 << 63) & UINT64_C(0xffffffffffffffff))); - uint64_t x129 = ((x120 >> 1) | ((x122 << 63) & UINT64_C(0xffffffffffffffff))); - uint64_t x130 = ((x122 >> 1) | ((x124 << 63) & UINT64_C(0xffffffffffffffff))); - uint64_t x131 = ((x124 & UINT64_C(0x8000000000000000)) | (x124 >> 1)); - uint64_t x132; - fiat_bls12_381_q_cmovznz_u64(&x132, x106, 0x0, x31); - uint64_t x133; - fiat_bls12_381_q_cmovznz_u64(&x133, x106, 0x0, x32); - uint64_t x134; - fiat_bls12_381_q_cmovznz_u64(&x134, x106, 0x0, x33); - uint64_t x135; - fiat_bls12_381_q_cmovznz_u64(&x135, x106, 0x0, x34); - uint64_t x136; - fiat_bls12_381_q_cmovznz_u64(&x136, x106, 0x0, x35); - uint64_t x137; - fiat_bls12_381_q_cmovznz_u64(&x137, x106, 0x0, x36); - uint64_t x138; - fiat_bls12_381_q_uint1 x139; - fiat_bls12_381_q_addcarryx_u64(&x138, &x139, 0x0, x100, x132); - uint64_t x140; - fiat_bls12_381_q_uint1 x141; - fiat_bls12_381_q_addcarryx_u64(&x140, &x141, x139, x101, x133); - uint64_t x142; - fiat_bls12_381_q_uint1 x143; - fiat_bls12_381_q_addcarryx_u64(&x142, &x143, x141, x102, x134); - uint64_t x144; - fiat_bls12_381_q_uint1 x145; - fiat_bls12_381_q_addcarryx_u64(&x144, &x145, x143, x103, x135); - uint64_t x146; - fiat_bls12_381_q_uint1 x147; - fiat_bls12_381_q_addcarryx_u64(&x146, &x147, x145, x104, x136); - uint64_t x148; - fiat_bls12_381_q_uint1 x149; - fiat_bls12_381_q_addcarryx_u64(&x148, &x149, x147, x105, x137); - uint64_t x150; - fiat_bls12_381_q_uint1 x151; - fiat_bls12_381_q_subborrowx_u64(&x150, &x151, 0x0, x138, UINT64_C(0xb9feffffffffaaab)); - uint64_t x152; - fiat_bls12_381_q_uint1 x153; - fiat_bls12_381_q_subborrowx_u64(&x152, &x153, x151, x140, UINT64_C(0x1eabfffeb153ffff)); - uint64_t x154; - fiat_bls12_381_q_uint1 x155; - fiat_bls12_381_q_subborrowx_u64(&x154, &x155, x153, x142, UINT64_C(0x6730d2a0f6b0f624)); - uint64_t x156; - fiat_bls12_381_q_uint1 x157; - fiat_bls12_381_q_subborrowx_u64(&x156, &x157, x155, x144, UINT64_C(0x64774b84f38512bf)); - uint64_t x158; - fiat_bls12_381_q_uint1 x159; - fiat_bls12_381_q_subborrowx_u64(&x158, &x159, x157, x146, UINT64_C(0x4b1ba7b6434bacd7)); - uint64_t x160; - fiat_bls12_381_q_uint1 x161; - fiat_bls12_381_q_subborrowx_u64(&x160, &x161, x159, x148, UINT64_C(0x1a0111ea397fe69a)); - uint64_t x162; - fiat_bls12_381_q_uint1 x163; - fiat_bls12_381_q_subborrowx_u64(&x162, &x163, x161, x149, 0x0); - uint64_t x164; - fiat_bls12_381_q_cmovznz_u64(&x164, x163, x150, x138); - uint64_t x165; - fiat_bls12_381_q_cmovznz_u64(&x165, x163, x152, x140); - uint64_t x166; - fiat_bls12_381_q_cmovznz_u64(&x166, x163, x154, x142); - uint64_t x167; - fiat_bls12_381_q_cmovznz_u64(&x167, x163, x156, x144); - uint64_t x168; - fiat_bls12_381_q_cmovznz_u64(&x168, x163, x158, x146); - uint64_t x169; - fiat_bls12_381_q_cmovznz_u64(&x169, x163, x160, x148); - *out1 = x107; - out2[0] = x7; - out2[1] = x8; - out2[2] = x9; - out2[3] = x10; - out2[4] = x11; - out2[5] = x12; - out3[0] = x126; - out3[1] = x127; - out3[2] = x128; - out3[3] = x129; - out3[4] = x130; - out3[5] = x131; - out4[0] = x63; - out4[1] = x64; - out4[2] = x65; - out4[3] = x66; - out4[4] = x67; - out4[5] = x68; - out5[0] = x164; - out5[1] = x165; - out5[2] = x166; - out5[3] = x167; - out5[4] = x168; - out5[5] = x169; -} diff --git a/formal_verification/bls12_381_q_64.nim b/formal_verification/bls12_381_q_64.nim deleted file mode 100644 index 07cb51c..0000000 --- a/formal_verification/bls12_381_q_64.nim +++ /dev/null @@ -1,261 +0,0 @@ -## Autogenerated -## curve description: test -## requested operations: (all) -## m = 0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab (from "0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaab") -## machine_wordsize = 64 (from "64") -## -## NOTE: In addition to the bounds specified above each function, all -## functions synthesized for this Montgomery arithmetic require the -## input to be strictly less than the prime modulus (m), and also -## require the input to be in the unique saturated representation. -## All functions also ensure that these two properties are true of -## return values. - -{.compile: "bls12_381_q_64.c".} - -type - fiat_bls12_381_q_uint1*{.importc.} = cuchar - fiat_bls12_381_q_int1*{.importc.} = cchar - fiat_bls12_381_q_int128*{.importc.} = object - fiat_bls12_381_q_uint128*{.importc.} = object - - BLSNumber = array[6, uint64] - -func fiat_bls12_381_q_mul*(r: var BLSNumber, a, b: BLSNumber) {.importc.} - ## Mongomery Mul -func fiat_bls12_381_q_square*(r: var BLSNumber, a: BLSNumber) {.importc.} - ## Mongomery Square -func fiat_bls12_381_q_add*(r: var BLSNumber, a, b: BLSNumber) {.importc.} - ## Modular Add -func fiat_bls12_381_q_sub*(r: var BLSNumber, a, b: BLSNumber) {.importc.} - ## Modular Sub -func fiat_bls12_381_q_opp*(r: var BLSNumber, a: BLSNumber) {.importc.} - ## Modular Negate -func fiat_bls12_381_q_from_montgomery*(r: var BLSNumber, a: BLSNumber) {.importc.} - ## Montgomery to Canonical -func fiat_bls12_381_q_to_bytes*(r: var array[48, byte], a: BLSNumber) {.importc.} - ## Montgomery to Little-Endian -func fiat_bls12_381_q_from_bytes*(r: var BLSNumber, a: array[48, byte]) {.importc.} - ## Little-Endian to Montgomery - -# Hex conversion -# ------------------------------------------------------------------------- - -func readHexChar(c: char): uint8 {.inline.}= - ## Converts an hex char to an int - ## CT: leaks position of invalid input if any. - case c - of '0'..'9': result = uint8 ord(c) - ord('0') - of 'a'..'f': result = uint8 ord(c) - ord('a') + 10 - of 'A'..'F': result = uint8 ord(c) - ord('A') + 10 - else: - raise newException(ValueError, $c & "is not a hexadecimal character") - -func skipPrefixes(current_idx: var int, str: string, radix: static range[2..16]) {.inline.} = - ## Returns the index of the first meaningful char in `hexStr` by skipping - ## "0x" prefix - ## CT: - ## - leaks if input length < 2 - ## - leaks if input start with 0x, 0o or 0b prefix - - if str.len < 2: - return - - assert current_idx == 0, "skipPrefixes only works for prefixes (position 0 and 1 of the string)" - if str[0] == '0': - case str[1] - of {'x', 'X'}: - assert radix == 16, "Parsing mismatch, 0x prefix is only valid for a hexadecimal number (base 16)" - current_idx = 2 - of {'o', 'O'}: - assert radix == 8, "Parsing mismatch, 0o prefix is only valid for an octal number (base 8)" - current_idx = 2 - of {'b', 'B'}: - assert radix == 2, "Parsing mismatch, 0b prefix is only valid for a binary number (base 2)" - current_idx = 2 - else: discard - -func countNonBlanks(hexStr: string, startPos: int): int = - ## Count the number of non-blank characters - ## ' ' (space) and '_' (underscore) are considered blank - ## - ## CT: - ## - Leaks white-spaces and non-white spaces position - const blanks = {' ', '_'} - - for c in hexStr: - if c in blanks: - result += 1 - -func fromHex(output: var openArray[byte], hexStr: string, order: static[Endianness]) = - ## Read a hex string and store it in a byte array `output`. - ## The string may be shorter than the byte array. - ## - ## The source string must be hex big-endian. - ## The destination array can be big or little endian - var - skip = 0 - dstIdx: int - shift = 4 - skipPrefixes(skip, hexStr, 16) - - const blanks = {' ', '_'} - let nonBlanksCount = countNonBlanks(hexStr, skip) - - let maxStrSize = output.len * 2 - let size = hexStr.len - skip - nonBlanksCount - - doAssert size <= maxStrSize, "size: " & $size & " (without blanks or prefix), maxSize: " & $maxStrSize - - if size < maxStrSize: - # include extra byte if odd length - dstIdx = output.len - (size + 1) div 2 - # start with shl of 4 if length is even - shift = 4 - size mod 2 * 4 - - for srcIdx in skip ..< hexStr.len: - if hexStr[srcIdx] in blanks: - continue - - let nibble = hexStr[srcIdx].readHexChar shl shift - when order == bigEndian: - output[dstIdx] = output[dstIdx] or nibble - else: - output[output.high - dstIdx] = output[output.high - dstIdx] or nibble - shift = (shift + 4) and 4 - dstIdx += shift shr 2 - -# ------------------------------------------------------------------------- - -when isMainModule: - import std/[random, monotimes, times, strformat], ../benchmarks/platforms - - const Iters = 1_000_000 - const InvIters = 1000 - - randomize(1234) - - # warmup - proc warmup*() = - # Warmup - make sure cpu is on max perf - let start = cpuTime() - var foo = 123 - for i in 0 ..< 300_000_000: - foo += i*i mod 456 - foo = foo mod 789 - - # Compiler shouldn't optimize away the results as cpuTime rely on sideeffects - let stop = cpuTime() - echo &"\n\nWarmup: {stop - start:>4.4f} s, result {foo} (displayed to avoid compiler optimizing warmup away)\n" - - warmup() - - echo "\n⚠️ Measurements are approximate and use the CPU nominal clock: Turbo-Boost and overclocking will skew them." - echo "==========================================================================================================\n" - - proc report(op, field: string, start, stop: MonoTime, startClk, stopClk: int64, iters: int) = - echo &"{op:<15} {field:<15} {inNanoseconds((stop-start) div iters):>9} ns {(stopClk - startClk) div iters:>9} cycles" - - proc addBench() = - var aBytes, bBytes: array[48, byte] - # BN254 field modulus - aBytes.fromHex("0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47", littleEndian) - # BLS12-381 prime - 2 - bBytes.fromHex("0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaa9", littleEndian) - - var r, a, b: BLSNumber - - a.fiat_bls12_381_q_from_bytes(aBytes) - b.fiat_bls12_381_q_from_bytes(bBytes) - - let start = getMonotime() - let startClk = getTicks() - for _ in 0 ..< Iters: - r.fiat_bls12_381_q_add(a, b) - let stopClk = getTicks() - let stop = getMonotime() - report("Addition", "FiatCrypto[BLS12_381]", start, stop, startClk, stopClk, Iters) - - addBench() - - proc subBench() = - var aBytes, bBytes: array[48, byte] - # BN254 field modulus - aBytes.fromHex("0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47", littleEndian) - # BLS12-381 prime - 2 - bBytes.fromHex("0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaa9", littleEndian) - - var r, a, b: BLSNumber - - a.fiat_bls12_381_q_from_bytes(aBytes) - b.fiat_bls12_381_q_from_bytes(bBytes) - - let start = getMonotime() - let startClk = getTicks() - for _ in 0 ..< Iters: - r.fiat_bls12_381_q_add(a, b) - let stopClk = getTicks() - let stop = getMonotime() - report("Substraction", "FiatCrypto[BLS12_381]", start, stop, startClk, stopClk, Iters) - - subBench() - - proc negBench() = - var aBytes: array[48, byte] - # BN254 field modulus - aBytes.fromHex("0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47", littleEndian) - - var r, a: BLSNumber - a.fiat_bls12_381_q_from_bytes(aBytes) - - let start = getMonotime() - let startClk = getTicks() - for _ in 0 ..< Iters: - r.fiat_bls12_381_q_opp(a) - let stopClk = getTicks() - let stop = getMonotime() - report("Negation", "FiatCrypto[BLS12_381]", start, stop, startClk, stopClk, Iters) - - negBench() - - proc mulBench() = - var aBytes, bBytes: array[48, byte] - # BN254 field modulus - aBytes.fromHex("0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47", littleEndian) - # BLS12-381 prime - 2 - bBytes.fromHex("0x1a0111ea397fe69a4b1ba7b6434bacd764774b84f38512bf6730d2a0f6b0f6241eabfffeb153ffffb9feffffffffaaa9", littleEndian) - - var r, a, b: BLSNumber - - a.fiat_bls12_381_q_from_bytes(aBytes) - b.fiat_bls12_381_q_from_bytes(bBytes) - - let start = getMonotime() - let startClk = getTicks() - for _ in 0 ..< Iters: - r.fiat_bls12_381_q_mul(a, b) - let stopClk = getTicks() - let stop = getMonotime() - report("Multiplication", "FiatCrypto[BLS12_381]", start, stop, startClk, stopClk, Iters) - - mulBench() - - proc sqrBench() = - var aBytes: array[48, byte] - # BN254 field modulus - aBytes.fromHex("0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47", littleEndian) - - var r, a: BLSNumber - a.fiat_bls12_381_q_from_bytes(aBytes) - - let start = getMonotime() - let startClk = getTicks() - for _ in 0 ..< Iters: - r.fiat_bls12_381_q_square(a) - let stopClk = getTicks() - let stop = getMonotime() - report("Squaring", "FiatCrypto[BLS12_381]", start, stop, startClk, stopClk, Iters) - - sqrBench() - - # TODO: No inversion bench diff --git a/helpers/prng_unsafe.nim b/helpers/prng_unsafe.nim index 721fdee..d1999a7 100644 --- a/helpers/prng_unsafe.nim +++ b/helpers/prng_unsafe.nim @@ -7,17 +7,17 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/arithmetic, - ../constantine/primitives, - ../constantine/config/[common, curves, type_ff], - ../constantine/elliptic/[ + ../constantine/backend/arithmetic, + ../constantine/backend/primitives, + ../constantine/backend/config/[common, curves, type_ff], + ../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_shortweierstrass_jacobian, ec_twistededwards_affine, ec_twistededwards_projective], - ../constantine/io/io_bigints, - ../constantine/tower_field_extensions/extension_fields + ../constantine/backend/io/io_bigints, + ../constantine/backend/tower_field_extensions/extension_fields # ############################################################ # diff --git a/metering/m_pairings.nim b/metering/m_pairings.nim index 7a2454a..15fa6c1 100644 --- a/metering/m_pairings.nim +++ b/metering/m_pairings.nim @@ -9,11 +9,11 @@ import std/times, ./reports, ./tracer, - ../constantine/config/[common, curves], - ../constantine/[arithmetic, towers], - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/curves/zoo_subgroups, - ../constantine/pairing/pairing_bls12, + ../constantine/backend/config/[common, curves], + ../constantine/backend/[arithmetic, towers], + ../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../constantine/backend/curves/zoo_subgroups, + ../constantine/backend/pairing/pairing_bls12, # Helpers ../helpers/prng_unsafe diff --git a/research/kzg_poly_commit/fft_fr.nim b/research/kzg_poly_commit/fft_fr.nim index 41ee7d5..bac5a5b 100644 --- a/research/kzg_poly_commit/fft_fr.nim +++ b/research/kzg_poly_commit/fft_fr.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../../constantine/config/curves, - ../../constantine/[arithmetic, primitives], - ../../constantine/io/io_fields, + ../../constantine/backend/config/curves, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/io/io_fields, # Research ./strided_views, ./fft_lut diff --git a/research/kzg_poly_commit/fft_g1.nim b/research/kzg_poly_commit/fft_g1.nim index 6f61467..e4c7843 100644 --- a/research/kzg_poly_commit/fft_g1.nim +++ b/research/kzg_poly_commit/fft_g1.nim @@ -7,15 +7,15 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../../constantine/config/curves, - ../../constantine/[arithmetic, primitives], - ../../constantine/elliptic/[ + ../../constantine/backend/config/curves, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/elliptic/[ ec_scalar_mul, ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_shortweierstrass_jacobian, ], - ../../constantine/io/[io_fields, io_ec], + ../../constantine/backend/io/[io_fields, io_ec], # Research ./strided_views, ./fft_lut diff --git a/research/kzg_poly_commit/fft_lut.nim b/research/kzg_poly_commit/fft_lut.nim index 3d923d5..d3f2b4a 100644 --- a/research/kzg_poly_commit/fft_lut.nim +++ b/research/kzg_poly_commit/fft_lut.nim @@ -8,9 +8,9 @@ import std/macros, - ../../constantine/config/[curves, common], - ../../constantine/[arithmetic, primitives], - ../../constantine/io/io_fields + ../../constantine/backend/config/[curves, common], + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/io/io_fields # TODO automate this # we can precompute everything in Sage diff --git a/research/kzg_poly_commit/kzg_single_proofs.nim b/research/kzg_poly_commit/kzg_single_proofs.nim index 716b336..1fe37fd 100644 --- a/research/kzg_poly_commit/kzg_single_proofs.nim +++ b/research/kzg_poly_commit/kzg_single_proofs.nim @@ -1,15 +1,15 @@ # https://github.com/ethereum/research/blob/master/kzg_data_availability/kzg_proofs.py import - ../../constantine/config/curves, - ../../constantine/[arithmetic, primitives, towers], - ../../constantine/elliptic/[ + ../../constantine/backend/config/curves, + ../../constantine/backend/[arithmetic, primitives, towers], + ../../constantine/backend/elliptic/[ ec_scalar_mul, ec_shortweierstrass_affine, ec_shortweierstrass_projective, ], - ../../constantine/io/[io_fields, io_ec], - ../../constantine/pairing/[ + ../../constantine/backend/io/[io_fields, io_ec], + ../../constantine/backend/pairing/[ pairing_bls12, miller_loops ], diff --git a/research/kzg_poly_commit/polynomials.nim b/research/kzg_poly_commit/polynomials.nim index e88a84c..0a623f8 100644 --- a/research/kzg_poly_commit/polynomials.nim +++ b/research/kzg_poly_commit/polynomials.nim @@ -1,13 +1,13 @@ import - ../../constantine/config/curves, - ../../constantine/[arithmetic, primitives, towers], - ../../constantine/elliptic/[ + ../../constantine/backend/config/curves, + ../../constantine/backend/[arithmetic, primitives, towers], + ../../constantine/backend/elliptic/[ ec_scalar_mul, ec_shortweierstrass_affine, ec_shortweierstrass_projective, ], - ../../constantine/io/[io_fields, io_ec], - ../../constantine/pairing/[ + ../../constantine/backend/io/[io_fields, io_ec], + ../../constantine/backend/pairing/[ pairing_bls12, miller_loops, cyclotomic_subgroup diff --git a/tests/support/canaries.nim b/tests/backend/support/canaries.nim similarity index 82% rename from tests/support/canaries.nim rename to tests/backend/support/canaries.nim index 220a232..a907b1f 100644 --- a/tests/support/canaries.nim +++ b/tests/backend/support/canaries.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../../constantine/arithmetic/bigints, - ../../constantine/config/[common, curves], - ../../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective] + ../../../constantine/backend/arithmetic/bigints, + ../../../constantine/backend/config/[common, curves], + ../../../constantine/backend/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective] # Canaries # -------------------------------------------------------------- diff --git a/tests/support/ec_reference_scalar_mult.nim b/tests/backend/support/ec_reference_scalar_mult.nim similarity index 95% rename from tests/support/ec_reference_scalar_mult.nim rename to tests/backend/support/ec_reference_scalar_mult.nim index e5d98f0..2df089e 100644 --- a/tests/support/ec_reference_scalar_mult.nim +++ b/tests/backend/support/ec_reference_scalar_mult.nim @@ -8,8 +8,8 @@ import # Internals - ../../constantine/arithmetic, - ../../constantine/io/io_bigints + ../../../constantine/backend/arithmetic, + ../../../constantine/backend/io/io_bigints # Support files for testing Elliptic Curve arithmetic # ------------------------------------------------------------------------------ diff --git a/tests/t_bigints.nim b/tests/backend/t_bigints.nim similarity index 99% rename from tests/t_bigints.nim rename to tests/backend/t_bigints.nim index 9c256d6..6d667b9 100644 --- a/tests/t_bigints.nim +++ b/tests/backend/t_bigints.nim @@ -10,10 +10,10 @@ import # Standard library std/unittest, # Internal - ../constantine/io/io_bigints, - ../constantine/arithmetic, - ../constantine/config/[common, type_bigint], - ../constantine/primitives, + ../../constantine/backend/io/io_bigints, + ../../constantine/backend/arithmetic, + ../../constantine/backend/config/[common, type_bigint], + ../../constantine/backend/primitives, # Test utilities, support/canaries diff --git a/tests/t_bigints_mod_vs_gmp.nim b/tests/backend/t_bigints_mod_vs_gmp.nim similarity index 97% rename from tests/t_bigints_mod_vs_gmp.nim rename to tests/backend/t_bigints_mod_vs_gmp.nim index 4ea6ea7..b90029a 100644 --- a/tests/t_bigints_mod_vs_gmp.nim +++ b/tests/backend/t_bigints_mod_vs_gmp.nim @@ -12,9 +12,9 @@ import # Third-party gmp, stew/byteutils, # Internal - ../constantine/io/io_bigints, - ../constantine/arithmetic, - ../constantine/primitives + ../../constantine/backend/io/io_bigints, + ../../constantine/backend/arithmetic, + ../../constantine/backend/primitives echo "\n------------------------------------------------------\n" # We test up to 1024-bit, more is really slow diff --git a/tests/t_bigints_mul_high_words_vs_gmp.nim b/tests/backend/t_bigints_mul_high_words_vs_gmp.nim similarity index 97% rename from tests/t_bigints_mul_high_words_vs_gmp.nim rename to tests/backend/t_bigints_mul_high_words_vs_gmp.nim index b9a7418..13afc30 100644 --- a/tests/t_bigints_mul_high_words_vs_gmp.nim +++ b/tests/backend/t_bigints_mul_high_words_vs_gmp.nim @@ -12,10 +12,10 @@ import # Third-party gmp, stew/byteutils, # Internal - ../constantine/io/io_bigints, - ../constantine/arithmetic, - ../constantine/primitives, - ../constantine/config/[common, type_bigint] + ../../constantine/backend/io/io_bigints, + ../../constantine/backend/arithmetic, + ../../constantine/backend/primitives, + ../../constantine/backend/config/[common, type_bigint] echo "\n------------------------------------------------------\n" # We test up to 1024-bit, more is really slow diff --git a/tests/t_bigints_mul_vs_gmp.nim b/tests/backend/t_bigints_mul_vs_gmp.nim similarity index 96% rename from tests/t_bigints_mul_vs_gmp.nim rename to tests/backend/t_bigints_mul_vs_gmp.nim index cb4d3e2..855964b 100644 --- a/tests/t_bigints_mul_vs_gmp.nim +++ b/tests/backend/t_bigints_mul_vs_gmp.nim @@ -12,10 +12,10 @@ import # Third-party gmp, stew/byteutils, # Internal - ../constantine/io/io_bigints, - ../constantine/arithmetic, - ../constantine/primitives, - ../constantine/config/[common, type_bigint] + ../../constantine/backend/io/io_bigints, + ../../constantine/backend/arithmetic, + ../../constantine/backend/primitives, + ../../constantine/backend/config/[common, type_bigint] echo "\n------------------------------------------------------\n" # We test up to 1024-bit, more is really slow diff --git a/tests/t_bigints_multimod.nim b/tests/backend/t_bigints_multimod.nim similarity index 98% rename from tests/t_bigints_multimod.nim rename to tests/backend/t_bigints_multimod.nim index 94154b8..e7981d6 100644 --- a/tests/t_bigints_multimod.nim +++ b/tests/backend/t_bigints_multimod.nim @@ -10,10 +10,10 @@ import # Standard library std/unittest, # Third-party - ../constantine/config/common, - ../constantine/io/io_bigints, - ../constantine/arithmetic, - ../constantine/primitives + ../../constantine/backend/config/common, + ../../constantine/backend/io/io_bigints, + ../../constantine/backend/arithmetic, + ../../constantine/backend/primitives echo "\n------------------------------------------------------\n" diff --git a/tests/t_ec_conversion.nim b/tests/backend/t_ec_conversion.nim similarity index 91% rename from tests/t_ec_conversion.nim rename to tests/backend/t_ec_conversion.nim index 97757a9..141c115 100644 --- a/tests/t_ec_conversion.nim +++ b/tests/backend/t_ec_conversion.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/[ec_shortweierstrass_jacobian, ec_shortweierstrass_projective], - ../constantine/towers, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/[ec_shortweierstrass_jacobian, ec_shortweierstrass_projective], + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_frobenius.nim b/tests/backend/t_ec_frobenius.nim similarity index 98% rename from tests/t_ec_frobenius.nim rename to tests/backend/t_ec_frobenius.nim index bd13335..08cf6cc 100644 --- a/tests/t_ec_frobenius.nim +++ b/tests/backend/t_ec_frobenius.nim @@ -11,13 +11,13 @@ import # Standard library std/[times, unittest], # Internals - ../constantine/config/[common, curves], - ../constantine/[arithmetic, towers], - ../constantine/io/[io_bigints, io_ec], - ../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul], - ../constantine/isogeny/frobenius, + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/[arithmetic, towers], + ../../constantine/backend/io/[io_bigints, io_ec], + ../../constantine/backend/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul], + ../../constantine/backend/isogeny/frobenius, # Tests - ../helpers/prng_unsafe, + ../../helpers/prng_unsafe, ./t_ec_template echo "\n------------------------------------------------------\n" diff --git a/tests/t_ec_sage_bls12_377.nim b/tests/backend/t_ec_sage_bls12_377.nim similarity index 81% rename from tests/t_ec_sage_bls12_377.nim rename to tests/backend/t_ec_sage_bls12_377.nim index fe9c421..40ed9e3 100644 --- a/tests/t_ec_sage_bls12_377.nim +++ b/tests/backend/t_ec_sage_bls12_377.nim @@ -8,10 +8,10 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/towers, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/towers, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_sage_template diff --git a/tests/t_ec_sage_bls12_381.nim b/tests/backend/t_ec_sage_bls12_381.nim similarity index 81% rename from tests/t_ec_sage_bls12_381.nim rename to tests/backend/t_ec_sage_bls12_381.nim index 72d7d9f..096fc3c 100644 --- a/tests/t_ec_sage_bls12_381.nim +++ b/tests/backend/t_ec_sage_bls12_381.nim @@ -8,10 +8,10 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/towers, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/towers, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_sage_template diff --git a/tests/t_ec_sage_bn254_nogami.nim b/tests/backend/t_ec_sage_bn254_nogami.nim similarity index 81% rename from tests/t_ec_sage_bn254_nogami.nim rename to tests/backend/t_ec_sage_bn254_nogami.nim index 65a771b..324e55a 100644 --- a/tests/t_ec_sage_bn254_nogami.nim +++ b/tests/backend/t_ec_sage_bn254_nogami.nim @@ -8,10 +8,10 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/towers, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/towers, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_sage_template diff --git a/tests/t_ec_sage_bn254_snarks.nim b/tests/backend/t_ec_sage_bn254_snarks.nim similarity index 81% rename from tests/t_ec_sage_bn254_snarks.nim rename to tests/backend/t_ec_sage_bn254_snarks.nim index a971b79..a6f8944 100644 --- a/tests/t_ec_sage_bn254_snarks.nim +++ b/tests/backend/t_ec_sage_bn254_snarks.nim @@ -8,10 +8,10 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/towers, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/towers, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_sage_template diff --git a/tests/t_ec_sage_bw6_761_g1.nim b/tests/backend/t_ec_sage_bw6_761_g1.nim similarity index 86% rename from tests/t_ec_sage_bw6_761_g1.nim rename to tests/backend/t_ec_sage_bw6_761_g1.nim index 69ebb0a..7eed998 100644 --- a/tests/t_ec_sage_bw6_761_g1.nim +++ b/tests/backend/t_ec_sage_bw6_761_g1.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_sage_template diff --git a/tests/t_ec_sage_bw6_761_g2.nim b/tests/backend/t_ec_sage_bw6_761_g2.nim similarity index 86% rename from tests/t_ec_sage_bw6_761_g2.nim rename to tests/backend/t_ec_sage_bw6_761_g2.nim index d5fa368..661166e 100644 --- a/tests/t_ec_sage_bw6_761_g2.nim +++ b/tests/backend/t_ec_sage_bw6_761_g2.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_sage_template diff --git a/tests/t_ec_sage_template.nim b/tests/backend/t_ec_sage_template.nim similarity index 97% rename from tests/t_ec_sage_template.nim rename to tests/backend/t_ec_sage_template.nim index 3e9511a..b3ccda8 100644 --- a/tests/t_ec_sage_template.nim +++ b/tests/backend/t_ec_sage_template.nim @@ -12,10 +12,10 @@ import # 3rd party jsony, # Internals - ../constantine/config/[common, curves, type_bigint, type_ff], - ../constantine/towers, - ../constantine/io/[io_bigints, io_ec], - ../constantine/elliptic/[ + ../../constantine/backend/config/[common, curves, type_bigint, type_ff], + ../../constantine/backend/towers, + ../../constantine/backend/io/[io_bigints, io_ec], + ../../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_shortweierstrass_jacobian, diff --git a/tests/t_ec_shortw_jac_g1_add_double.nim b/tests/backend/t_ec_shortw_jac_g1_add_double.nim similarity index 91% rename from tests/t_ec_shortw_jac_g1_add_double.nim rename to tests/backend/t_ec_shortw_jac_g1_add_double.nim index b94fd0a..ccf4d22 100644 --- a/tests/t_ec_shortw_jac_g1_add_double.nim +++ b/tests/backend/t_ec_shortw_jac_g1_add_double.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g1_mixed_add.nim b/tests/backend/t_ec_shortw_jac_g1_mixed_add.nim similarity index 89% rename from tests/t_ec_shortw_jac_g1_mixed_add.nim rename to tests/backend/t_ec_shortw_jac_g1_mixed_add.nim index c1587af..f5d3be9 100644 --- a/tests/t_ec_shortw_jac_g1_mixed_add.nim +++ b/tests/backend/t_ec_shortw_jac_g1_mixed_add.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/arithmetic, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/arithmetic, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g1_mul_distri.nim b/tests/backend/t_ec_shortw_jac_g1_mul_distri.nim similarity index 91% rename from tests/t_ec_shortw_jac_g1_mul_distri.nim rename to tests/backend/t_ec_shortw_jac_g1_mul_distri.nim index 2f700b5..762f148 100644 --- a/tests/t_ec_shortw_jac_g1_mul_distri.nim +++ b/tests/backend/t_ec_shortw_jac_g1_mul_distri.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g1_mul_sanity.nim b/tests/backend/t_ec_shortw_jac_g1_mul_sanity.nim similarity index 90% rename from tests/t_ec_shortw_jac_g1_mul_sanity.nim rename to tests/backend/t_ec_shortw_jac_g1_mul_sanity.nim index 88d89ec..5b5f325 100644 --- a/tests/t_ec_shortw_jac_g1_mul_sanity.nim +++ b/tests/backend/t_ec_shortw_jac_g1_mul_sanity.nim @@ -10,12 +10,12 @@ import # Standard library std/[unittest, times], # Internals - ../constantine/config/[common, curves], - ../constantine/[arithmetic, primitives], - ../constantine/io/[io_bigints, io_fields, io_ec], - ../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_scalar_mul], + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/io/[io_bigints, io_fields, io_ec], + ../../constantine/backend/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_scalar_mul], # Test utilities - ../helpers/prng_unsafe, + ../../helpers/prng_unsafe, ./support/ec_reference_scalar_mult, ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g1_mul_vs_ref.nim b/tests/backend/t_ec_shortw_jac_g1_mul_vs_ref.nim similarity index 91% rename from tests/t_ec_shortw_jac_g1_mul_vs_ref.nim rename to tests/backend/t_ec_shortw_jac_g1_mul_vs_ref.nim index c1d9b1f..cf4a8d6 100644 --- a/tests/t_ec_shortw_jac_g1_mul_vs_ref.nim +++ b/tests/backend/t_ec_shortw_jac_g1_mul_vs_ref.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_add_double_bls12_377.nim b/tests/backend/t_ec_shortw_jac_g2_add_double_bls12_377.nim similarity index 83% rename from tests/t_ec_shortw_jac_g2_add_double_bls12_377.nim rename to tests/backend/t_ec_shortw_jac_g2_add_double_bls12_377.nim index d524d54..13c431e 100644 --- a/tests/t_ec_shortw_jac_g2_add_double_bls12_377.nim +++ b/tests/backend/t_ec_shortw_jac_g2_add_double_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_add_double_bls12_381.nim b/tests/backend/t_ec_shortw_jac_g2_add_double_bls12_381.nim similarity index 83% rename from tests/t_ec_shortw_jac_g2_add_double_bls12_381.nim rename to tests/backend/t_ec_shortw_jac_g2_add_double_bls12_381.nim index 48143a7..00f79ac 100644 --- a/tests/t_ec_shortw_jac_g2_add_double_bls12_381.nim +++ b/tests/backend/t_ec_shortw_jac_g2_add_double_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim b/tests/backend/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim similarity index 83% rename from tests/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim rename to tests/backend/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim index 1421b99..1960486 100644 --- a/tests/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_jac_g2_add_double_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_add_double_bw6_761.nim b/tests/backend/t_ec_shortw_jac_g2_add_double_bw6_761.nim similarity index 85% rename from tests/t_ec_shortw_jac_g2_add_double_bw6_761.nim rename to tests/backend/t_ec_shortw_jac_g2_add_double_bw6_761.nim index f328104..3e5a7ea 100644 --- a/tests/t_ec_shortw_jac_g2_add_double_bw6_761.nim +++ b/tests/backend/t_ec_shortw_jac_g2_add_double_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim similarity index 83% rename from tests/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim rename to tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim index f785166..c750bb5 100644 --- a/tests/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim similarity index 83% rename from tests/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim rename to tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim index 8e64a55..d4f5415 100644 --- a/tests/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim similarity index 83% rename from tests/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim rename to tests/backend/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim index b6d7156..8b2efaf 100644 --- a/tests/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim similarity index 85% rename from tests/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim rename to tests/backend/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim index 6b54af1..7b4cc49 100644 --- a/tests/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mixed_add_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim similarity index 84% rename from tests/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim index 84f104f..7904d9e 100644 --- a/tests/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim similarity index 84% rename from tests/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim index 05e3b93..2ec7dc3 100644 --- a/tests/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim similarity index 84% rename from tests/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim index 18b1304..fd7194f 100644 --- a/tests/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim similarity index 86% rename from tests/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim index bec1248..f7ba124 100644 --- a/tests/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_distri_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim similarity index 92% rename from tests/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim index 91c4671..0a9c50b 100644 --- a/tests/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim similarity index 92% rename from tests/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim index 9c97cb8..b4433f0 100644 --- a/tests/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim similarity index 92% rename from tests/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim index df0f773..2079411 100644 --- a/tests/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim similarity index 86% rename from tests/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim index 8a0ab7c..e082582 100644 --- a/tests/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_sanity_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim similarity index 84% rename from tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim index cb8f9e2..1a1e1e8 100644 --- a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim similarity index 84% rename from tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim index 8f55f02..9a3e944 100644 --- a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim similarity index 84% rename from tests/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim index bebd019..b5364c4 100644 --- a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_jacobian, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim similarity index 86% rename from tests/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim rename to tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim index f244e1b..a089384 100644 --- a/tests/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim +++ b/tests/backend/t_ec_shortw_jac_g2_mul_vs_ref_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_jacobian, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_jacobian, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_edge_cases.nim b/tests/backend/t_ec_shortw_prj_edge_cases.nim similarity index 95% rename from tests/t_ec_shortw_prj_edge_cases.nim rename to tests/backend/t_ec_shortw_prj_edge_cases.nim index fe30a33..50452bf 100644 --- a/tests/t_ec_shortw_prj_edge_cases.nim +++ b/tests/backend/t_ec_shortw_prj_edge_cases.nim @@ -16,13 +16,13 @@ import # Standard library std/[unittest, times], # Internals - ../constantine/config/[common, curves], - ../constantine/arithmetic, - ../constantine/towers, - ../constantine/io/[io_bigints, io_fields, io_towers, io_ec], - ../constantine/elliptic/[ec_shortweierstrass_projective, ec_scalar_mul], + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/arithmetic, + ../../constantine/backend/towers, + ../../constantine/backend/io/[io_bigints, io_fields, io_towers, io_ec], + ../../constantine/backend/elliptic/[ec_shortweierstrass_projective, ec_scalar_mul], # Test utilities - ../helpers/prng_unsafe, + ../../helpers/prng_unsafe, ./support/ec_reference_scalar_mult func testAddAssociativity[EC](a, b, c: EC) = diff --git a/tests/t_ec_shortw_prj_g1_add_double.nim b/tests/backend/t_ec_shortw_prj_g1_add_double.nim similarity index 91% rename from tests/t_ec_shortw_prj_g1_add_double.nim rename to tests/backend/t_ec_shortw_prj_g1_add_double.nim index 85396d5..0e3960a 100644 --- a/tests/t_ec_shortw_prj_g1_add_double.nim +++ b/tests/backend/t_ec_shortw_prj_g1_add_double.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g1_mixed_add.nim b/tests/backend/t_ec_shortw_prj_g1_mixed_add.nim similarity index 89% rename from tests/t_ec_shortw_prj_g1_mixed_add.nim rename to tests/backend/t_ec_shortw_prj_g1_mixed_add.nim index b4a27c3..76d1a12 100644 --- a/tests/t_ec_shortw_prj_g1_mixed_add.nim +++ b/tests/backend/t_ec_shortw_prj_g1_mixed_add.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/arithmetic, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/arithmetic, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g1_mul_distri.nim b/tests/backend/t_ec_shortw_prj_g1_mul_distri.nim similarity index 91% rename from tests/t_ec_shortw_prj_g1_mul_distri.nim rename to tests/backend/t_ec_shortw_prj_g1_mul_distri.nim index ed29ffa..043c827 100644 --- a/tests/t_ec_shortw_prj_g1_mul_distri.nim +++ b/tests/backend/t_ec_shortw_prj_g1_mul_distri.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g1_mul_sanity.nim b/tests/backend/t_ec_shortw_prj_g1_mul_sanity.nim similarity index 90% rename from tests/t_ec_shortw_prj_g1_mul_sanity.nim rename to tests/backend/t_ec_shortw_prj_g1_mul_sanity.nim index 467a48b..c9ec332 100644 --- a/tests/t_ec_shortw_prj_g1_mul_sanity.nim +++ b/tests/backend/t_ec_shortw_prj_g1_mul_sanity.nim @@ -10,12 +10,12 @@ import # Standard library std/[unittest, times], # Internals - ../constantine/config/[common, curves], - ../constantine/[arithmetic, primitives], - ../constantine/io/[io_bigints, io_fields, io_ec], - ../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul], + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/io/[io_bigints, io_fields, io_ec], + ../../constantine/backend/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul], # Test utilities - ../helpers/prng_unsafe, + ../../helpers/prng_unsafe, ./support/ec_reference_scalar_mult, ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g1_mul_vs_ref.nim b/tests/backend/t_ec_shortw_prj_g1_mul_vs_ref.nim similarity index 91% rename from tests/t_ec_shortw_prj_g1_mul_vs_ref.nim rename to tests/backend/t_ec_shortw_prj_g1_mul_vs_ref.nim index 7a4c3d6..3199eaf 100644 --- a/tests/t_ec_shortw_prj_g1_mul_vs_ref.nim +++ b/tests/backend/t_ec_shortw_prj_g1_mul_vs_ref.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_add_double_bls12_377.nim b/tests/backend/t_ec_shortw_prj_g2_add_double_bls12_377.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_add_double_bls12_377.nim rename to tests/backend/t_ec_shortw_prj_g2_add_double_bls12_377.nim index 1b8398e..c95d73d 100644 --- a/tests/t_ec_shortw_prj_g2_add_double_bls12_377.nim +++ b/tests/backend/t_ec_shortw_prj_g2_add_double_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_add_double_bls12_381.nim b/tests/backend/t_ec_shortw_prj_g2_add_double_bls12_381.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_add_double_bls12_381.nim rename to tests/backend/t_ec_shortw_prj_g2_add_double_bls12_381.nim index d792644..78e84fb 100644 --- a/tests/t_ec_shortw_prj_g2_add_double_bls12_381.nim +++ b/tests/backend/t_ec_shortw_prj_g2_add_double_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim b/tests/backend/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim rename to tests/backend/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim index 80c01f2..0523d1b 100644 --- a/tests/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_prj_g2_add_double_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_add_double_bw6_761.nim b/tests/backend/t_ec_shortw_prj_g2_add_double_bw6_761.nim similarity index 85% rename from tests/t_ec_shortw_prj_g2_add_double_bw6_761.nim rename to tests/backend/t_ec_shortw_prj_g2_add_double_bw6_761.nim index 78366c0..0504872 100644 --- a/tests/t_ec_shortw_prj_g2_add_double_bw6_761.nim +++ b/tests/backend/t_ec_shortw_prj_g2_add_double_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim rename to tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim index 914789f..7d9c3de 100644 --- a/tests/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim rename to tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim index 35dd080..b60b03d 100644 --- a/tests/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim rename to tests/backend/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim index 943281e..82a6f1a 100644 --- a/tests/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim similarity index 85% rename from tests/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim rename to tests/backend/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim index e5157a6..d3f236a 100644 --- a/tests/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mixed_add_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim similarity index 84% rename from tests/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim index 6aeb899..314da9b 100644 --- a/tests/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim similarity index 84% rename from tests/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim index f54d2e3..89748b9 100644 --- a/tests/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim similarity index 84% rename from tests/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim index aaf7a02..1dc6164 100644 --- a/tests/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim similarity index 86% rename from tests/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim index 13840de..1c2afe7 100644 --- a/tests/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_distri_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim similarity index 92% rename from tests/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim index 6510c21..39a2147 100644 --- a/tests/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim similarity index 92% rename from tests/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim index 72a9e43..d1d1a8e 100644 --- a/tests/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim similarity index 92% rename from tests/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim index eb22419..a23cf85 100644 --- a/tests/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim similarity index 86% rename from tests/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim index 9202547..91b0bb0 100644 --- a/tests/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_sanity_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim index 61a309f..d1258af 100644 --- a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim similarity index 83% rename from tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim index 589f573..105d396 100644 --- a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim similarity index 84% rename from tests/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim index eaeb7e5..312bdc1 100644 --- a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/curves, - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim similarity index 86% rename from tests/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim rename to tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim index 3a2ccf9..8111d35 100644 --- a/tests/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim +++ b/tests/backend/t_ec_shortw_prj_g2_mul_vs_ref_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_subgroups_bls12_377.nim b/tests/backend/t_ec_subgroups_bls12_377.nim similarity index 85% rename from tests/t_ec_subgroups_bls12_377.nim rename to tests/backend/t_ec_subgroups_bls12_377.nim index 43bd398..6599a35 100644 --- a/tests/t_ec_subgroups_bls12_377.nim +++ b/tests/backend/t_ec_subgroups_bls12_377.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_subgroups_bls12_381.nim b/tests/backend/t_ec_subgroups_bls12_381.nim similarity index 85% rename from tests/t_ec_subgroups_bls12_381.nim rename to tests/backend/t_ec_subgroups_bls12_381.nim index a0c86d0..3da853b 100644 --- a/tests/t_ec_subgroups_bls12_381.nim +++ b/tests/backend/t_ec_subgroups_bls12_381.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_subgroups_bn254_nogami.nim b/tests/backend/t_ec_subgroups_bn254_nogami.nim similarity index 85% rename from tests/t_ec_subgroups_bn254_nogami.nim rename to tests/backend/t_ec_subgroups_bn254_nogami.nim index a4b6406..951ee00 100644 --- a/tests/t_ec_subgroups_bn254_nogami.nim +++ b/tests/backend/t_ec_subgroups_bn254_nogami.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_subgroups_bn254_snarks.nim b/tests/backend/t_ec_subgroups_bn254_snarks.nim similarity index 85% rename from tests/t_ec_subgroups_bn254_snarks.nim rename to tests/backend/t_ec_subgroups_bn254_snarks.nim index ae137e9..564f5b8 100644 --- a/tests/t_ec_subgroups_bn254_snarks.nim +++ b/tests/backend/t_ec_subgroups_bn254_snarks.nim @@ -8,9 +8,9 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_shortweierstrass_projective, - ../constantine/towers, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_shortweierstrass_projective, + ../../constantine/backend/towers, # Test utilities ./t_ec_template diff --git a/tests/t_ec_template.nim b/tests/backend/t_ec_template.nim similarity index 98% rename from tests/t_ec_template.nim rename to tests/backend/t_ec_template.nim index 1f6714a..e3d4755 100644 --- a/tests/t_ec_template.nim +++ b/tests/backend/t_ec_template.nim @@ -16,20 +16,20 @@ import # Standard library std/[unittest, times], # Internals - ../constantine/config/[common, curves], - ../constantine/arithmetic, - ../constantine/towers, - ../constantine/elliptic/[ + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/arithmetic, + ../../constantine/backend/towers, + ../../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_jacobian, ec_shortweierstrass_projective, ec_twistededwards_affine, ec_twistededwards_projective, ec_scalar_mul], - ../constantine/io/[io_bigints, io_fields, io_ec], - ../constantine/curves/zoo_subgroups, + ../../constantine/backend/io/[io_bigints, io_fields, io_ec], + ../../constantine/backend/curves/zoo_subgroups, # Test utilities - ../helpers/prng_unsafe, + ../../helpers/prng_unsafe, ./support/ec_reference_scalar_mult type diff --git a/tests/t_ec_twedwards_prj_add_double.nim b/tests/backend/t_ec_twedwards_prj_add_double.nim similarity index 89% rename from tests/t_ec_twedwards_prj_add_double.nim rename to tests/backend/t_ec_twedwards_prj_add_double.nim index 2f77e1f..e9ed936 100644 --- a/tests/t_ec_twedwards_prj_add_double.nim +++ b/tests/backend/t_ec_twedwards_prj_add_double.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_twistededwards_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_twistededwards_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_twedwards_prj_mul_distri.nim b/tests/backend/t_ec_twedwards_prj_mul_distri.nim similarity index 90% rename from tests/t_ec_twedwards_prj_mul_distri.nim rename to tests/backend/t_ec_twedwards_prj_mul_distri.nim index 20ecdb7..4845145 100644 --- a/tests/t_ec_twedwards_prj_mul_distri.nim +++ b/tests/backend/t_ec_twedwards_prj_mul_distri.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_twistededwards_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_twistededwards_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_twedwards_prj_mul_sanity.nim b/tests/backend/t_ec_twedwards_prj_mul_sanity.nim similarity index 90% rename from tests/t_ec_twedwards_prj_mul_sanity.nim rename to tests/backend/t_ec_twedwards_prj_mul_sanity.nim index 4a565e1..2f742ab 100644 --- a/tests/t_ec_twedwards_prj_mul_sanity.nim +++ b/tests/backend/t_ec_twedwards_prj_mul_sanity.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_twistededwards_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_twistededwards_projective, # Test utilities ./t_ec_template diff --git a/tests/t_ec_twedwards_prj_mul_vs_ref.nim b/tests/backend/t_ec_twedwards_prj_mul_vs_ref.nim similarity index 90% rename from tests/t_ec_twedwards_prj_mul_vs_ref.nim rename to tests/backend/t_ec_twedwards_prj_mul_vs_ref.nim index eaabac5..5260963 100644 --- a/tests/t_ec_twedwards_prj_mul_vs_ref.nim +++ b/tests/backend/t_ec_twedwards_prj_mul_vs_ref.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/config/[type_ff, curves], - ../constantine/elliptic/ec_twistededwards_projective, + ../../constantine/backend/config/[type_ff, curves], + ../../constantine/backend/elliptic/ec_twistededwards_projective, # Test utilities ./t_ec_template diff --git a/tests/t_finite_fields.nim b/tests/backend/t_finite_fields.nim similarity index 97% rename from tests/t_finite_fields.nim rename to tests/backend/t_finite_fields.nim index ed91e12..6dbe88f 100644 --- a/tests/t_finite_fields.nim +++ b/tests/backend/t_finite_fields.nim @@ -7,10 +7,10 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/unittest, - ../constantine/arithmetic, - ../constantine/arithmetic/limbs_montgomery, - ../constantine/io/[io_bigints, io_fields], - ../constantine/config/curves + ../../constantine/backend/arithmetic, + ../../constantine/backend/arithmetic/limbs_montgomery, + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/config/curves static: doAssert defined(testingCurves), "This modules requires the -d:testingCurves compile option" diff --git a/tests/t_finite_fields.nim.cfg b/tests/backend/t_finite_fields.nim.cfg similarity index 100% rename from tests/t_finite_fields.nim.cfg rename to tests/backend/t_finite_fields.nim.cfg diff --git a/tests/t_finite_fields_conditional_arithmetic.nim b/tests/backend/t_finite_fields_conditional_arithmetic.nim similarity index 89% rename from tests/t_finite_fields_conditional_arithmetic.nim rename to tests/backend/t_finite_fields_conditional_arithmetic.nim index 4612723..0534cb6 100644 --- a/tests/t_finite_fields_conditional_arithmetic.nim +++ b/tests/backend/t_finite_fields_conditional_arithmetic.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/unittest, - ../constantine/arithmetic, - ../constantine/io/io_fields, - ../constantine/config/[common, curves] + ../../constantine/backend/arithmetic, + ../../constantine/backend/io/io_fields, + ../../constantine/backend/config/[common, curves] echo "\n------------------------------------------------------\n" diff --git a/tests/t_finite_fields_double_precision.nim b/tests/backend/t_finite_fields_double_precision.nim similarity index 97% rename from tests/t_finite_fields_double_precision.nim rename to tests/backend/t_finite_fields_double_precision.nim index 5f42254..89df19c 100644 --- a/tests/t_finite_fields_double_precision.nim +++ b/tests/backend/t_finite_fields_double_precision.nim @@ -10,11 +10,11 @@ import # Standard library std/[unittest, times], # Internal - ../constantine/arithmetic, - ../constantine/io/[io_bigints, io_fields], - ../constantine/config/[curves, common, type_bigint], + ../../constantine/backend/arithmetic, + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/config/[curves, common, type_bigint], # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe const Iters = 24 diff --git a/tests/t_finite_fields_double_precision.nim.cfg b/tests/backend/t_finite_fields_double_precision.nim.cfg similarity index 100% rename from tests/t_finite_fields_double_precision.nim.cfg rename to tests/backend/t_finite_fields_double_precision.nim.cfg diff --git a/tests/t_finite_fields_mulsquare.nim b/tests/backend/t_finite_fields_mulsquare.nim similarity index 97% rename from tests/t_finite_fields_mulsquare.nim rename to tests/backend/t_finite_fields_mulsquare.nim index d1fa93e..0dedafb 100644 --- a/tests/t_finite_fields_mulsquare.nim +++ b/tests/backend/t_finite_fields_mulsquare.nim @@ -10,11 +10,11 @@ import # Standard library std/[unittest, times], # Internal - ../constantine/arithmetic, - ../constantine/io/[io_bigints, io_fields], - ../constantine/config/[curves, common, type_bigint], + ../../constantine/backend/arithmetic, + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/config/[curves, common, type_bigint], # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe const Iters = 24 diff --git a/tests/t_finite_fields_mulsquare.nim.cfg b/tests/backend/t_finite_fields_mulsquare.nim.cfg similarity index 100% rename from tests/t_finite_fields_mulsquare.nim.cfg rename to tests/backend/t_finite_fields_mulsquare.nim.cfg diff --git a/tests/t_finite_fields_powinv.nim b/tests/backend/t_finite_fields_powinv.nim similarity index 97% rename from tests/t_finite_fields_powinv.nim rename to tests/backend/t_finite_fields_powinv.nim index b3386c8..20ad12d 100644 --- a/tests/t_finite_fields_powinv.nim +++ b/tests/backend/t_finite_fields_powinv.nim @@ -10,12 +10,12 @@ import # Standard library std/[unittest, times], # Internal - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/io/[io_bigints, io_fields], - ../constantine/config/curves, + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/config/curves, # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe static: doAssert defined(testingCurves), "This modules requires the -d:testingCurves compile option" diff --git a/tests/t_finite_fields_powinv.nim.cfg b/tests/backend/t_finite_fields_powinv.nim.cfg similarity index 100% rename from tests/t_finite_fields_powinv.nim.cfg rename to tests/backend/t_finite_fields_powinv.nim.cfg diff --git a/tests/t_finite_fields_sqrt.nim b/tests/backend/t_finite_fields_sqrt.nim similarity index 97% rename from tests/t_finite_fields_sqrt.nim rename to tests/backend/t_finite_fields_sqrt.nim index 262a564..21a2dc7 100644 --- a/tests/t_finite_fields_sqrt.nim +++ b/tests/backend/t_finite_fields_sqrt.nim @@ -10,11 +10,11 @@ import # Standard library std/[tables, unittest, times], # Internal - ../constantine/[arithmetic, primitives], - ../constantine/io/[io_fields], - ../constantine/config/[curves, common], + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/io/[io_fields], + ../../constantine/backend/config/[curves, common], # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe const Iters = 8 diff --git a/tests/t_finite_fields_sqrt.nim.cfg b/tests/backend/t_finite_fields_sqrt.nim.cfg similarity index 100% rename from tests/t_finite_fields_sqrt.nim.cfg rename to tests/backend/t_finite_fields_sqrt.nim.cfg diff --git a/tests/t_finite_fields_vs_gmp.nim b/tests/backend/t_finite_fields_vs_gmp.nim similarity index 97% rename from tests/t_finite_fields_vs_gmp.nim rename to tests/backend/t_finite_fields_vs_gmp.nim index 42f9e13..fd1f475 100644 --- a/tests/t_finite_fields_vs_gmp.nim +++ b/tests/backend/t_finite_fields_vs_gmp.nim @@ -12,10 +12,10 @@ import # Third-party gmp, stew/byteutils, # Internal - ../constantine/io/[io_bigints, io_fields], - ../constantine/arithmetic, - ../constantine/primitives, - ../constantine/config/curves + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/arithmetic, + ../../constantine/backend/primitives, + ../../constantine/backend/config/curves echo "\n------------------------------------------------------\n" diff --git a/tests/t_fp12_anti_regression.nim b/tests/backend/t_fp12_anti_regression.nim similarity index 97% rename from tests/t_fp12_anti_regression.nim rename to tests/backend/t_fp12_anti_regression.nim index 6783a06..3879783 100644 --- a/tests/t_fp12_anti_regression.nim +++ b/tests/backend/t_fp12_anti_regression.nim @@ -10,11 +10,11 @@ import # stdlib std/unittest, # Internals - ../constantine/config/[common, type_ff], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/io_towers, - ../constantine/towers + ../../constantine/backend/config/[common, type_ff], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/io_towers, + ../../constantine/backend/towers # ############################################################### # diff --git a/tests/t_fp12_bls12_377.nim b/tests/backend/t_fp12_bls12_377.nim similarity index 90% rename from tests/t_fp12_bls12_377.nim rename to tests/backend/t_fp12_bls12_377.nim index c300d55..8fba73c 100644 --- a/tests/t_fp12_bls12_377.nim +++ b/tests/backend/t_fp12_bls12_377.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp12_bls12_381.nim b/tests/backend/t_fp12_bls12_381.nim similarity index 90% rename from tests/t_fp12_bls12_381.nim rename to tests/backend/t_fp12_bls12_381.nim index eeb0a28..dbca253 100644 --- a/tests/t_fp12_bls12_381.nim +++ b/tests/backend/t_fp12_bls12_381.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp12_bn254_snarks.nim b/tests/backend/t_fp12_bn254_snarks.nim similarity index 90% rename from tests/t_fp12_bn254_snarks.nim rename to tests/backend/t_fp12_bn254_snarks.nim index 096a53b..e9b441d 100644 --- a/tests/t_fp12_bn254_snarks.nim +++ b/tests/backend/t_fp12_bn254_snarks.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp12_exponentiation.nim b/tests/backend/t_fp12_exponentiation.nim similarity index 95% rename from tests/t_fp12_exponentiation.nim rename to tests/backend/t_fp12_exponentiation.nim index b2a847b..34d7299 100644 --- a/tests/t_fp12_exponentiation.nim +++ b/tests/backend/t_fp12_exponentiation.nim @@ -10,13 +10,13 @@ import # Standard library std/[tables, unittest, times], # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/io_towers, + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/io_towers, # Test utilities - ../helpers/[prng_unsafe, static_for] + ../../helpers/[prng_unsafe, static_for] const Iters = 2 diff --git a/tests/t_fp12_frobenius.nim b/tests/backend/t_fp12_frobenius.nim similarity index 91% rename from tests/t_fp12_frobenius.nim rename to tests/backend/t_fp12_frobenius.nim index b9407e0..7ab4360 100644 --- a/tests/t_fp12_frobenius.nim +++ b/tests/backend/t_fp12_frobenius.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_frobenius_template diff --git a/tests/t_fp2.nim b/tests/backend/t_fp2.nim similarity index 92% rename from tests/t_fp2.nim rename to tests/backend/t_fp2.nim index 3b34549..d966177 100644 --- a/tests/t_fp2.nim +++ b/tests/backend/t_fp2.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp2_frobenius.nim b/tests/backend/t_fp2_frobenius.nim similarity index 91% rename from tests/t_fp2_frobenius.nim rename to tests/backend/t_fp2_frobenius.nim index 5d16237..23ee39c 100644 --- a/tests/t_fp2_frobenius.nim +++ b/tests/backend/t_fp2_frobenius.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_frobenius_template diff --git a/tests/t_fp2_sqrt.nim b/tests/backend/t_fp2_sqrt.nim similarity index 94% rename from tests/t_fp2_sqrt.nim rename to tests/backend/t_fp2_sqrt.nim index 652476e..8dca496 100644 --- a/tests/t_fp2_sqrt.nim +++ b/tests/backend/t_fp2_sqrt.nim @@ -10,13 +10,13 @@ import # Standard library std/[tables, unittest, times], # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/io_towers, + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/io_towers, # Test utilities - ../helpers/[prng_unsafe, static_for] + ../../helpers/[prng_unsafe, static_for] const Iters = 8 diff --git a/tests/t_fp4.nim b/tests/backend/t_fp4.nim similarity index 96% rename from tests/t_fp4.nim rename to tests/backend/t_fp4.nim index 8fc7d43..d518274 100644 --- a/tests/t_fp4.nim +++ b/tests/backend/t_fp4.nim @@ -9,9 +9,9 @@ import std/unittest, # Internals - ../constantine/towers, - ../constantine/io/io_towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/io/io_towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp4_frobenius.nim b/tests/backend/t_fp4_frobenius.nim similarity index 91% rename from tests/t_fp4_frobenius.nim rename to tests/backend/t_fp4_frobenius.nim index 812ce92..fef3980 100644 --- a/tests/t_fp4_frobenius.nim +++ b/tests/backend/t_fp4_frobenius.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_frobenius_template diff --git a/tests/t_fp6_bls12_377.nim b/tests/backend/t_fp6_bls12_377.nim similarity index 90% rename from tests/t_fp6_bls12_377.nim rename to tests/backend/t_fp6_bls12_377.nim index bd4c804..50981f6 100644 --- a/tests/t_fp6_bls12_377.nim +++ b/tests/backend/t_fp6_bls12_377.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp6_bls12_381.nim b/tests/backend/t_fp6_bls12_381.nim similarity index 90% rename from tests/t_fp6_bls12_381.nim rename to tests/backend/t_fp6_bls12_381.nim index 183cecf..8c7b57d 100644 --- a/tests/t_fp6_bls12_381.nim +++ b/tests/backend/t_fp6_bls12_381.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp6_bn254_snarks.nim b/tests/backend/t_fp6_bn254_snarks.nim similarity index 90% rename from tests/t_fp6_bn254_snarks.nim rename to tests/backend/t_fp6_bn254_snarks.nim index a078f37..642a68e 100644 --- a/tests/t_fp6_bn254_snarks.nim +++ b/tests/backend/t_fp6_bn254_snarks.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp6_bw6_761.nim b/tests/backend/t_fp6_bw6_761.nim similarity index 90% rename from tests/t_fp6_bw6_761.nim rename to tests/backend/t_fp6_bw6_761.nim index 34b41c9..0a4b0c5 100644 --- a/tests/t_fp6_bw6_761.nim +++ b/tests/backend/t_fp6_bw6_761.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_template diff --git a/tests/t_fp6_frobenius.nim b/tests/backend/t_fp6_frobenius.nim similarity index 91% rename from tests/t_fp6_frobenius.nim rename to tests/backend/t_fp6_frobenius.nim index a7c5423..87a697f 100644 --- a/tests/t_fp6_frobenius.nim +++ b/tests/backend/t_fp6_frobenius.nim @@ -8,8 +8,8 @@ import # Internals - ../constantine/towers, - ../constantine/config/curves, + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, # Test utilities ./t_fp_tower_frobenius_template diff --git a/tests/t_fp_cubic_root.nim b/tests/backend/t_fp_cubic_root.nim similarity index 83% rename from tests/t_fp_cubic_root.nim rename to tests/backend/t_fp_cubic_root.nim index 6133358..8e4f6cb 100644 --- a/tests/t_fp_cubic_root.nim +++ b/tests/backend/t_fp_cubic_root.nim @@ -7,10 +7,10 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/unittest, - ../constantine/config/common, - ../constantine/arithmetic, - ../constantine/config/curves, - ../constantine/curves/zoo_endomorphisms + ../../constantine/backend/config/common, + ../../constantine/backend/arithmetic, + ../../constantine/backend/config/curves, + ../../constantine/backend/curves/zoo_endomorphisms echo "\n------------------------------------------------------\n" diff --git a/tests/t_fp_tower_frobenius_template.nim b/tests/backend/t_fp_tower_frobenius_template.nim similarity index 95% rename from tests/t_fp_tower_frobenius_template.nim rename to tests/backend/t_fp_tower_frobenius_template.nim index 4e4e986..0971c17 100644 --- a/tests/t_fp_tower_frobenius_template.nim +++ b/tests/backend/t_fp_tower_frobenius_template.nim @@ -17,12 +17,12 @@ import # Standard library std/[unittest, times], # Internals - ../constantine/towers, - ../constantine/config/[common, curves], - ../constantine/arithmetic, - ../constantine/isogeny/frobenius, + ../../constantine/backend/towers, + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/arithmetic, + ../../constantine/backend/isogeny/frobenius, # Test utilities - ../helpers/[prng_unsafe, static_for] + ../../helpers/[prng_unsafe, static_for] echo "\n------------------------------------------------------\n" diff --git a/tests/t_fp_tower_template.nim b/tests/backend/t_fp_tower_template.nim similarity index 98% rename from tests/t_fp_tower_template.nim rename to tests/backend/t_fp_tower_template.nim index 3750d29..cd73757 100644 --- a/tests/t_fp_tower_template.nim +++ b/tests/backend/t_fp_tower_template.nim @@ -17,12 +17,12 @@ import # Standard library std/[unittest, times], # Internals - ../constantine/towers, - ../constantine/config/[common, curves], - ../constantine/arithmetic, - ../constantine/io/io_towers, + ../../constantine/backend/towers, + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/arithmetic, + ../../constantine/backend/io/io_towers, # Test utilities - ../helpers/[prng_unsafe, static_for] + ../../helpers/[prng_unsafe, static_for] echo "\n------------------------------------------------------\n" diff --git a/tests/t_fr.nim b/tests/backend/t_fr.nim similarity index 94% rename from tests/t_fr.nim rename to tests/backend/t_fr.nim index de1e47a..2b6a900 100644 --- a/tests/t_fr.nim +++ b/tests/backend/t_fr.nim @@ -10,11 +10,11 @@ import # Standard library std/[unittest, times], # Internal - ../constantine/arithmetic, - ../constantine/io/[io_bigints, io_fields], - ../constantine/config/[curves, common, type_bigint], + ../../constantine/backend/arithmetic, + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/config/[curves, common, type_bigint], # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe const Iters = 24 diff --git a/tests/t_hash_to_curve.nim b/tests/backend/t_hash_to_curve.nim similarity index 94% rename from tests/t_hash_to_curve.nim rename to tests/backend/t_hash_to_curve.nim index 9d07f71..149d255 100644 --- a/tests/t_hash_to_curve.nim +++ b/tests/backend/t_hash_to_curve.nim @@ -12,13 +12,13 @@ import # 3rd party jsony, # Internals - ../constantine/config/[common, curves, type_bigint, type_ff], - ../constantine/[towers, hashes], - ../constantine/io/[io_bigints, io_ec], - ../constantine/elliptic/[ + ../../constantine/backend/config/[common, curves, type_bigint, type_ff], + ../../constantine/backend/[towers, hashes], + ../../constantine/backend/io/[io_bigints, io_ec], + ../../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective], - ../constantine/hash_to_curve/hash_to_curve + ../../constantine/backend/hash_to_curve/hash_to_curve # Serialization # -------------------------------------------------------------------------- diff --git a/tests/t_hash_to_field.nim b/tests/backend/t_hash_to_field.nim similarity index 96% rename from tests/t_hash_to_field.nim rename to tests/backend/t_hash_to_field.nim index 5f2e6c6..68a11f5 100644 --- a/tests/t_hash_to_field.nim +++ b/tests/backend/t_hash_to_field.nim @@ -7,12 +7,12 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/hashes, - ../constantine/hash_to_curve/h2c_hash_to_field, - ../constantine/config/[curves_declaration, type_ff], - ../constantine/tower_field_extensions/extension_fields, + ../../constantine/backend/hashes, + ../../constantine/backend/hash_to_curve/h2c_hash_to_field, + ../../constantine/backend/config/[curves_declaration, type_ff], + ../../constantine/backend/tower_field_extensions/extension_fields, - ../constantine/io/[io_fields, io_towers], + ../../constantine/backend/io/[io_fields, io_towers], # Third-party stew/byteutils diff --git a/tests/t_io_bigints.nim b/tests/backend/t_io_bigints.nim similarity index 96% rename from tests/t_io_bigints.nim rename to tests/backend/t_io_bigints.nim index d31bbb0..aa6b405 100644 --- a/tests/t_io_bigints.nim +++ b/tests/backend/t_io_bigints.nim @@ -7,10 +7,10 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/[unittest,times], - ../constantine/io/io_bigints, - ../constantine/config/common, - ../constantine/arithmetic, - ../helpers/prng_unsafe + ../../constantine/backend/io/io_bigints, + ../../constantine/backend/config/common, + ../../constantine/backend/arithmetic, + ../../helpers/prng_unsafe # Random seed for reproducibility var rng: RngState diff --git a/tests/t_io_fields.nim b/tests/backend/t_io_fields.nim similarity index 95% rename from tests/t_io_fields.nim rename to tests/backend/t_io_fields.nim index 520eb2f..68cc5b3 100644 --- a/tests/t_io_fields.nim +++ b/tests/backend/t_io_fields.nim @@ -7,11 +7,11 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/[unittest, times], - ../constantine/io/[io_bigints, io_fields], - ../constantine/config/curves, - ../constantine/config/common, - ../constantine/arithmetic, - ../helpers/prng_unsafe + ../../constantine/backend/io/[io_bigints, io_fields], + ../../constantine/backend/config/curves, + ../../constantine/backend/config/common, + ../../constantine/backend/arithmetic, + ../../helpers/prng_unsafe # Random seed for reproducibility var rng: RngState diff --git a/tests/t_io_fields.nim.cfg b/tests/backend/t_io_fields.nim.cfg similarity index 100% rename from tests/t_io_fields.nim.cfg rename to tests/backend/t_io_fields.nim.cfg diff --git a/tests/t_io_unsaturated.nim b/tests/backend/t_io_unsaturated.nim similarity index 91% rename from tests/t_io_unsaturated.nim rename to tests/backend/t_io_unsaturated.nim index c426d4a..520c012 100644 --- a/tests/t_io_unsaturated.nim +++ b/tests/backend/t_io_unsaturated.nim @@ -7,11 +7,11 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/[unittest,times], - ../constantine/config/[common, curves], - ../constantine/arithmetic, - ../constantine/arithmetic/limbs_unsaturated, - ../constantine/io/io_bigints, - ../helpers/prng_unsafe + ../../constantine/backend/config/[common, curves], + ../../constantine/backend/arithmetic, + ../../constantine/backend/arithmetic/limbs_unsaturated, + ../../constantine/backend/io/io_bigints, + ../../helpers/prng_unsafe # Random seed for reproducibility var rng: RngState diff --git a/tests/t_pairing_bls12_377_gt_subgroup.nim b/tests/backend/t_pairing_bls12_377_gt_subgroup.nim similarity index 81% rename from tests/t_pairing_bls12_377_gt_subgroup.nim rename to tests/backend/t_pairing_bls12_377_gt_subgroup.nim index 120fe58..abc481b 100644 --- a/tests/t_pairing_bls12_377_gt_subgroup.nim +++ b/tests/backend/t_pairing_bls12_377_gt_subgroup.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bls12, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bls12, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bls12_377_line_functions.nim b/tests/backend/t_pairing_bls12_377_line_functions.nim similarity index 92% rename from tests/t_pairing_bls12_377_line_functions.nim rename to tests/backend/t_pairing_bls12_377_line_functions.nim index 1e50b0b..613d13b 100644 --- a/tests/t_pairing_bls12_377_line_functions.nim +++ b/tests/backend/t_pairing_bls12_377_line_functions.nim @@ -10,16 +10,16 @@ import # Standard library std/[tables, unittest, times], # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/io_towers, - ../constantine/elliptic/[ + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/io_towers, + ../../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul], - ../constantine/pairing/lines_eval, + ../../constantine/backend/pairing/lines_eval, # Test utilities ../helpers/[prng_unsafe, static_for] diff --git a/tests/t_pairing_bls12_377_optate.nim b/tests/backend/t_pairing_bls12_377_optate.nim similarity index 83% rename from tests/t_pairing_bls12_377_optate.nim rename to tests/backend/t_pairing_bls12_377_optate.nim index 4909a60..edc1b5a 100644 --- a/tests/t_pairing_bls12_377_optate.nim +++ b/tests/backend/t_pairing_bls12_377_optate.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bls12, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bls12, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bls12_381_gt_subgroup.nim b/tests/backend/t_pairing_bls12_381_gt_subgroup.nim similarity index 81% rename from tests/t_pairing_bls12_381_gt_subgroup.nim rename to tests/backend/t_pairing_bls12_381_gt_subgroup.nim index 3e73f22..bffae46 100644 --- a/tests/t_pairing_bls12_381_gt_subgroup.nim +++ b/tests/backend/t_pairing_bls12_381_gt_subgroup.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bls12, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bls12, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bls12_381_line_functions.nim b/tests/backend/t_pairing_bls12_381_line_functions.nim similarity index 92% rename from tests/t_pairing_bls12_381_line_functions.nim rename to tests/backend/t_pairing_bls12_381_line_functions.nim index 840b2a7..2e752e4 100644 --- a/tests/t_pairing_bls12_381_line_functions.nim +++ b/tests/backend/t_pairing_bls12_381_line_functions.nim @@ -10,16 +10,16 @@ import # Standard library std/[tables, unittest, times], # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/io_towers, - ../constantine/elliptic/[ + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/io_towers, + ../../constantine/backend/elliptic/[ ec_shortweierstrass_affine, ec_shortweierstrass_projective, ec_scalar_mul], - ../constantine/pairing/lines_eval, + ../../constantine/backend/pairing/lines_eval, # Test utilities ../helpers/[prng_unsafe, static_for] diff --git a/tests/t_pairing_bls12_381_multi.nim b/tests/backend/t_pairing_bls12_381_multi.nim similarity index 89% rename from tests/t_pairing_bls12_381_multi.nim rename to tests/backend/t_pairing_bls12_381_multi.nim index 8e0557e..b806d77 100644 --- a/tests/t_pairing_bls12_381_multi.nim +++ b/tests/backend/t_pairing_bls12_381_multi.nim @@ -10,16 +10,16 @@ import # Standard library std/[os, times, strformat], # Internals - ../constantine/config/common, - ../constantine/[ + ../../constantine/backend/config/common, + ../../constantine/backend/[ arithmetic, primitives, towers, ec_shortweierstrass ], - ../constantine/io/io_towers, - ../constantine/config/curves, - ../constantine/pairing/pairing_bls12, + ../../constantine/backend/io/io_towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bls12, # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe # Testing multipairing # ---------------------------------------------- diff --git a/tests/t_pairing_bls12_381_optate.nim b/tests/backend/t_pairing_bls12_381_optate.nim similarity index 83% rename from tests/t_pairing_bls12_381_optate.nim rename to tests/backend/t_pairing_bls12_381_optate.nim index 49834ef..0831b0f 100644 --- a/tests/t_pairing_bls12_381_optate.nim +++ b/tests/backend/t_pairing_bls12_381_optate.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bls12, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bls12, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bn254_nogami_gt_subgroup.nim b/tests/backend/t_pairing_bn254_nogami_gt_subgroup.nim similarity index 82% rename from tests/t_pairing_bn254_nogami_gt_subgroup.nim rename to tests/backend/t_pairing_bn254_nogami_gt_subgroup.nim index 16c8f7c..58e90ed 100644 --- a/tests/t_pairing_bn254_nogami_gt_subgroup.nim +++ b/tests/backend/t_pairing_bn254_nogami_gt_subgroup.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bn, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bn, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bn254_nogami_optate.nim b/tests/backend/t_pairing_bn254_nogami_optate.nim similarity index 84% rename from tests/t_pairing_bn254_nogami_optate.nim rename to tests/backend/t_pairing_bn254_nogami_optate.nim index 4cb399a..339b2e7 100644 --- a/tests/t_pairing_bn254_nogami_optate.nim +++ b/tests/backend/t_pairing_bn254_nogami_optate.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bn, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bn, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bn254_snarks_gt_subgroup.nim b/tests/backend/t_pairing_bn254_snarks_gt_subgroup.nim similarity index 82% rename from tests/t_pairing_bn254_snarks_gt_subgroup.nim rename to tests/backend/t_pairing_bn254_snarks_gt_subgroup.nim index b163b53..02a64e6 100644 --- a/tests/t_pairing_bn254_snarks_gt_subgroup.nim +++ b/tests/backend/t_pairing_bn254_snarks_gt_subgroup.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bn, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bn, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bn254_snarks_optate.nim b/tests/backend/t_pairing_bn254_snarks_optate.nim similarity index 84% rename from tests/t_pairing_bn254_snarks_optate.nim rename to tests/backend/t_pairing_bn254_snarks_optate.nim index dfe11a7..0c8303f 100644 --- a/tests/t_pairing_bn254_snarks_optate.nim +++ b/tests/backend/t_pairing_bn254_snarks_optate.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bn, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bn, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bw6_761_gt_subgroup.nim b/tests/backend/t_pairing_bw6_761_gt_subgroup.nim similarity index 81% rename from tests/t_pairing_bw6_761_gt_subgroup.nim rename to tests/backend/t_pairing_bw6_761_gt_subgroup.nim index 454dcad..1ea80dd 100644 --- a/tests/t_pairing_bw6_761_gt_subgroup.nim +++ b/tests/backend/t_pairing_bw6_761_gt_subgroup.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bw6_761, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bw6_761, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_bw6_761_optate.nim b/tests/backend/t_pairing_bw6_761_optate.nim similarity index 83% rename from tests/t_pairing_bw6_761_optate.nim rename to tests/backend/t_pairing_bw6_761_optate.nim index dfc9dcc..8c0d06a 100644 --- a/tests/t_pairing_bw6_761_optate.nim +++ b/tests/backend/t_pairing_bw6_761_optate.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import - ../constantine/config/common, - ../constantine/config/curves, - ../constantine/pairing/pairing_bw6_761, + ../../constantine/backend/config/common, + ../../constantine/backend/config/curves, + ../../constantine/backend/pairing/pairing_bw6_761, # Test utilities ./t_pairing_template diff --git a/tests/t_pairing_cyclotomic_subgroup.nim b/tests/backend/t_pairing_cyclotomic_subgroup.nim similarity index 93% rename from tests/t_pairing_cyclotomic_subgroup.nim rename to tests/backend/t_pairing_cyclotomic_subgroup.nim index e3e4c77..35d749c 100644 --- a/tests/t_pairing_cyclotomic_subgroup.nim +++ b/tests/backend/t_pairing_cyclotomic_subgroup.nim @@ -10,15 +10,15 @@ import # Standard library std/[tables, unittest, times], # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/[io_bigints, io_towers], - ../constantine/pairing/cyclotomic_subgroup, - ../constantine/isogeny/frobenius, + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/[io_bigints, io_towers], + ../../constantine/backend/pairing/cyclotomic_subgroup, + ../../constantine/backend/isogeny/frobenius, # Test utilities - ../helpers/[prng_unsafe, static_for] + ../../helpers/[prng_unsafe, static_for] const Iters = 4 diff --git a/tests/t_pairing_mul_fp12_by_lines.nim b/tests/backend/t_pairing_mul_fp12_by_lines.nim similarity index 97% rename from tests/t_pairing_mul_fp12_by_lines.nim rename to tests/backend/t_pairing_mul_fp12_by_lines.nim index 6563df0..c3b3900 100644 --- a/tests/t_pairing_mul_fp12_by_lines.nim +++ b/tests/backend/t_pairing_mul_fp12_by_lines.nim @@ -10,14 +10,14 @@ import # Standard library std/[tables, unittest, times], # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/io/io_towers, - ../constantine/pairing/lines_eval, + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/io/io_towers, + ../../constantine/backend/pairing/lines_eval, # Test utilities - ../helpers/[prng_unsafe, static_for] + ../../helpers/[prng_unsafe, static_for] const Iters = 8 diff --git a/tests/t_pairing_template.nim b/tests/backend/t_pairing_template.nim similarity index 90% rename from tests/t_pairing_template.nim rename to tests/backend/t_pairing_template.nim index 3804027..5f318ab 100644 --- a/tests/t_pairing_template.nim +++ b/tests/backend/t_pairing_template.nim @@ -10,17 +10,17 @@ import # Standard library std/unittest, times, # Internals - ../constantine/config/common, - ../constantine/[arithmetic, primitives], - ../constantine/towers, - ../constantine/config/curves, - ../constantine/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective], - ../constantine/curves/[zoo_subgroups, zoo_pairings], - ../constantine/pairing/cyclotomic_subgroup, - ../constantine/io/io_towers, + ../../constantine/backend/config/common, + ../../constantine/backend/[arithmetic, primitives], + ../../constantine/backend/towers, + ../../constantine/backend/config/curves, + ../../constantine/backend/elliptic/[ec_shortweierstrass_affine, ec_shortweierstrass_projective], + ../../constantine/backend/curves/[zoo_subgroups, zoo_pairings], + ../../constantine/backend/pairing/cyclotomic_subgroup, + ../../constantine/backend/io/io_towers, # Test utilities - ../helpers/prng_unsafe + ../../helpers/prng_unsafe export prng_unsafe, times, unittest, diff --git a/tests/t_primitives.nim b/tests/backend/t_primitives.nim similarity index 98% rename from tests/t_primitives.nim rename to tests/backend/t_primitives.nim index 9631510..eecfb38 100644 --- a/tests/t_primitives.nim +++ b/tests/backend/t_primitives.nim @@ -7,9 +7,9 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import std/[unittest, times, math], - ../constantine/config/common, - ../constantine/primitives, - ../helpers/prng_unsafe + ../../constantine/backend/config/common, + ../../constantine/backend/primitives, + ../../helpers/prng_unsafe # Random seed for reproducibility var rng: RngState diff --git a/tests/t_primitives_extended_precision.nim b/tests/backend/t_primitives_extended_precision.nim similarity index 94% rename from tests/t_primitives_extended_precision.nim rename to tests/backend/t_primitives_extended_precision.nim index 6af1483..c127dce 100644 --- a/tests/t_primitives_extended_precision.nim +++ b/tests/backend/t_primitives_extended_precision.nim @@ -9,9 +9,9 @@ import std/[unittest, times, math], - ../constantine/config/common, - ../constantine/primitives, - ../helpers/prng_unsafe + ../../constantine/backend/config/common, + ../../constantine/backend/primitives, + ../../helpers/prng_unsafe suite "Extended precision bugs": test $uint32 & " sanity check": diff --git a/tests/vectors/tv_BLS12_377_scalar_mul_G1.json b/tests/backend/vectors/tv_BLS12_377_scalar_mul_G1.json similarity index 100% rename from tests/vectors/tv_BLS12_377_scalar_mul_G1.json rename to tests/backend/vectors/tv_BLS12_377_scalar_mul_G1.json diff --git a/tests/vectors/tv_BLS12_377_scalar_mul_G2.json b/tests/backend/vectors/tv_BLS12_377_scalar_mul_G2.json similarity index 100% rename from tests/vectors/tv_BLS12_377_scalar_mul_G2.json rename to tests/backend/vectors/tv_BLS12_377_scalar_mul_G2.json diff --git a/tests/vectors/tv_BLS12_381_scalar_mul_G1.json b/tests/backend/vectors/tv_BLS12_381_scalar_mul_G1.json similarity index 100% rename from tests/vectors/tv_BLS12_381_scalar_mul_G1.json rename to tests/backend/vectors/tv_BLS12_381_scalar_mul_G1.json diff --git a/tests/vectors/tv_BLS12_381_scalar_mul_G2.json b/tests/backend/vectors/tv_BLS12_381_scalar_mul_G2.json similarity index 100% rename from tests/vectors/tv_BLS12_381_scalar_mul_G2.json rename to tests/backend/vectors/tv_BLS12_381_scalar_mul_G2.json diff --git a/tests/vectors/tv_BN254_Nogami_scalar_mul_G1.json b/tests/backend/vectors/tv_BN254_Nogami_scalar_mul_G1.json similarity index 100% rename from tests/vectors/tv_BN254_Nogami_scalar_mul_G1.json rename to tests/backend/vectors/tv_BN254_Nogami_scalar_mul_G1.json diff --git a/tests/vectors/tv_BN254_Nogami_scalar_mul_G2.json b/tests/backend/vectors/tv_BN254_Nogami_scalar_mul_G2.json similarity index 100% rename from tests/vectors/tv_BN254_Nogami_scalar_mul_G2.json rename to tests/backend/vectors/tv_BN254_Nogami_scalar_mul_G2.json diff --git a/tests/vectors/tv_BN254_Snarks_scalar_mul_G1.json b/tests/backend/vectors/tv_BN254_Snarks_scalar_mul_G1.json similarity index 100% rename from tests/vectors/tv_BN254_Snarks_scalar_mul_G1.json rename to tests/backend/vectors/tv_BN254_Snarks_scalar_mul_G1.json diff --git a/tests/vectors/tv_BN254_Snarks_scalar_mul_G2.json b/tests/backend/vectors/tv_BN254_Snarks_scalar_mul_G2.json similarity index 100% rename from tests/vectors/tv_BN254_Snarks_scalar_mul_G2.json rename to tests/backend/vectors/tv_BN254_Snarks_scalar_mul_G2.json diff --git a/tests/vectors/tv_BW6_761_scalar_mul_G1.json b/tests/backend/vectors/tv_BW6_761_scalar_mul_G1.json similarity index 100% rename from tests/vectors/tv_BW6_761_scalar_mul_G1.json rename to tests/backend/vectors/tv_BW6_761_scalar_mul_G1.json diff --git a/tests/vectors/tv_BW6_761_scalar_mul_G2.json b/tests/backend/vectors/tv_BW6_761_scalar_mul_G2.json similarity index 100% rename from tests/vectors/tv_BW6_761_scalar_mul_G2.json rename to tests/backend/vectors/tv_BW6_761_scalar_mul_G2.json diff --git a/tests/vectors/tv_h2c_v7_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json b/tests/backend/vectors/tv_h2c_v7_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json similarity index 100% rename from tests/vectors/tv_h2c_v7_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json rename to tests/backend/vectors/tv_h2c_v7_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json diff --git a/tests/vectors/tv_h2c_v8_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json b/tests/backend/vectors/tv_h2c_v8_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json similarity index 100% rename from tests/vectors/tv_h2c_v8_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json rename to tests/backend/vectors/tv_h2c_v8_BLS12_381_hash_to_G2_SHA256_SSWU_RO.json diff --git a/tests/protocols/ethereum_evm_precompiles/bn256Add.json b/tests/protocol_ethereum_evm_precompiles/bn256Add.json similarity index 100% rename from tests/protocols/ethereum_evm_precompiles/bn256Add.json rename to tests/protocol_ethereum_evm_precompiles/bn256Add.json diff --git a/tests/protocols/ethereum_evm_precompiles/bn256mul.json b/tests/protocol_ethereum_evm_precompiles/bn256mul.json similarity index 100% rename from tests/protocols/ethereum_evm_precompiles/bn256mul.json rename to tests/protocol_ethereum_evm_precompiles/bn256mul.json diff --git a/tests/protocols/ethereum_evm_precompiles/pairing.json b/tests/protocol_ethereum_evm_precompiles/pairing.json similarity index 100% rename from tests/protocols/ethereum_evm_precompiles/pairing.json rename to tests/protocol_ethereum_evm_precompiles/pairing.json diff --git a/tests/protocols/t_ethereum_evm_precompiles.nim b/tests/t_ethereum_evm_precompiles.nim similarity index 91% rename from tests/protocols/t_ethereum_evm_precompiles.nim rename to tests/t_ethereum_evm_precompiles.nim index be1acfa..bd246d3 100644 --- a/tests/protocols/t_ethereum_evm_precompiles.nim +++ b/tests/t_ethereum_evm_precompiles.nim @@ -8,14 +8,14 @@ import # Standard library - std/[unittest, times, os, strutils, macros], + std/[times, os, strutils, macros], # Status stew/byteutils, # 3rd party jsony, # Internals - ../../constantine/io/io_bigints, - ../../constantine/protocols/ethereum_evm_precompiles + ../constantine/backend/io/io_bigints, + ../constantine/ethereum_evm_precompiles type BN256Tests = object @@ -34,7 +34,7 @@ type const TestVectorsDir* = - currentSourcePath.rsplit(DirSep, 1)[0] / "ethereum_evm_precompiles" + currentSourcePath.rsplit(DirSep, 1)[0] / "protocol_ethereum_evm_precompiles" proc loadVectors(TestType: typedesc, filename: string): TestType = let content = readFile(TestVectorsDir/filename) diff --git a/tests/t_hash_sha256_vs_openssl.nim b/tests/t_hash_sha256_vs_openssl.nim index def82c3..ade7d35 100644 --- a/tests/t_hash_sha256_vs_openssl.nim +++ b/tests/t_hash_sha256_vs_openssl.nim @@ -1,6 +1,6 @@ import # Internals - ../constantine/hashes, + ../constantine/backend/hashes, # Helpers ../helpers/prng_unsafe, # Third-party diff --git a/tests/t_sig_bls_lowlevel.nim b/tests/t_sig_bls_lowlevel.nim index 0c03bb3..64546b0 100644 --- a/tests/t_sig_bls_lowlevel.nim +++ b/tests/t_sig_bls_lowlevel.nim @@ -10,18 +10,18 @@ import # Standard library std/[os, times], # Internals - ../constantine/config/common, - ../constantine/[ + ../constantine/backend/config/common, + ../constantine/backend/[ arithmetic, primitives, towers, ec_shortweierstrass, hashes ], - ../constantine/elliptic/ec_scalar_mul, - ../constantine/io/[io_fields, io_towers, io_ec], - ../constantine/config/curves, - ../constantine/curves/zoo_subgroups, - ../constantine/hash_to_curve/hash_to_curve, - ../constantine/pairing/pairing_bls12, + ../constantine/backend/elliptic/ec_scalar_mul, + ../constantine/backend/io/[io_fields, io_towers, io_ec], + ../constantine/backend/config/curves, + ../constantine/backend/curves/zoo_subgroups, + ../constantine/backend/hash_to_curve/hash_to_curve, + ../constantine/backend/pairing/pairing_bls12, # Test utilities ../helpers/prng_unsafe