haskell script to convert circomlib's constant to rust (untested)

constants/circomlib/.gitignore

@@ -0,0 +1,2 @@
+out
+.ghc.*

constants/circomlib/Circomlib.hs

@@ -1,9 +1,22 @@
 
+--
 -- these are copied directly from `circomlib` to ensure compatibility
 -- (the below generator seems overly complicated, it seemed easier to copy the numbers)
 --
 -- Parameters are generated by a reference script https://extgit.iaik.tugraz.at/krypto/hadeshash/-/blob/master/code/generate_parameters_grain.sage
 -- Used like so: sage generate_parameters_grain.sage 1 0 254 2 8 56 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001
+--
+-- >
+-- > poseidon_C :: Width -> [Integer]           -- round constants (t for external, 1 for internal, flattened)
+-- > poseidon_M :: Width -> [[Integer]]         -- external mixing matrices
+-- > poseidon_P :: Width -> [[Integer]]         -- internal mixing matrices
+-- > poseidon_S :: Width -> [Integer]           -- circomlib's optimization 
+-- >
+--
+
+module Circomlib where
+
+--------------------------------------------------------------------------------
 
 newtype Width = MkW Int deriving (Eq,Show)
 

constants/circomlib/Field.hs

@@ -0,0 +1,67 @@
+
+-- minimal code required to convert the Poseidon constants to the required format
+
+module Field where
+
+--------------------------------------------------------------------------------
+
+import Data.Word
+import Data.Bits
+import Data.List
+import Text.Printf
+
+--------------------------------------------------------------------------------
+
+u32_mask = 0x_FFFF_FFFF           :: Integer
+u64_mask = 0x_FFFF_FFFF_FFFF_FFFF :: Integer
+
+prime  = 21888242871839275222246405745257275088548364400416034343698204186575808495617
+
+-- r1 = 0x0e0a77c19a07df2f666ea36f7879462e36fc76959f60cd29ac96341c4ffffffb
+-- r2 = 0x0216d0b17f4e44a58c49833d53bb808553fe3ab1e35c59e31bb8e645ae216da7
+-- r3 = 0x0cf8594b7fcc657c893cc664a19fcfed2a489cbe1cfbb6b85e94d8e1b4bf0040
+
+--------------------------------------------------------------------------------
+
+modp :: Integer -> Integer
+modp x = mod x prime
+
+neg x   = modp (negate x)
+add x y = modp (x + y)
+sub x y = modp (x - y)
+mul x y = modp (x * y)
+
+hex :: Integer -> IO ()
+hex = printf "0x%x\n"
+
+--------------------------------------------------------------------------------
+
+showWord32 :: Word32 -> String
+showWord32 = printf "0x%08x" 
+
+showWords32 :: [Word32] -> String
+showWords32 xs = "[ " ++ intercalate " , " (map showWord32 xs) ++ " ]"
+
+printWords32 :: [Word32] -> IO ()
+printWords32 = putStrLn . showWords32
+
+toWords32 :: Integer -> [Word32]
+toWords32 = go 8 where
+  go 0 0 = []
+  go 0 _ = error "toWords: doesn't fit into 256 bits"
+  go k x = fromInteger (x .&. u32_mask) : go (k-1) (shiftR x 32)
+
+fromWords32 :: [Word32] -> Integer 
+fromWords32 = go where
+  go []     = 0
+  go (x:xs) = fromIntegral x + shiftL (go xs) 32
+
+--------------------------------------------------------------------------------
+
+toMontgomery :: Integer -> Integer
+toMontgomery x = modp (2^256 * x)
+
+toMontString32 :: Integer -> String
+toMontString32 = showWords32 . toWords32 . toMontgomery 
+
+--------------------------------------------------------------------------------

constants/circomlib/convert.hs

@@ -0,0 +1,104 @@
+
+-- script to convert the round constants to the desired format
+
+module Main where
+
+--------------------------------------------------------------------------------
+
+import Data.List
+import Control.Monad
+
+import System.FilePath
+import System.Directory
+
+import Field
+import Circomlib
+
+--------------------------------------------------------------------------------
+
+tgtDir :: FilePath
+tgtDir = "out"
+
+--------------------------------------------------------------------------------
+
+integerToRust32 :: Integer -> String
+integerToRust32 x = "Mont::unsafe_make( " ++ toMontString32 x ++ " )"
+
+listToRust32 :: [Integer] -> [String]
+listToRust32 xs = zipWith f prefixes xs ++ [close] where
+  f p x = p ++ integerToRust32 x
+  prefixes = "  [ " : repeat "  , "
+  close    = "  ];"
+
+--------------------------------------------------------------------------------
+
+const_C :: Width -> [String]
+const_C w = comment : def : ls where
+  comment = "// round constants (t for external, 1 for internal rounds; flattened)"
+  def     = "pub const CONST_C: [Mont; " ++ show len ++ "] = "
+  xs      = poseidon_C w
+  len     = length xs
+  ls      = listToRust32 xs
+
+const_M :: Width -> [String]
+const_M w = comment : def : ls where
+  comment = "// external mixing matrix (`t x t`, flattened)"
+  def     = "pub const CONST_M: [Mont; " ++ show len ++ "] = "
+  xs      = concat (poseidon_M w)
+  len     = length xs
+  ls      = listToRust32 xs
+
+const_P :: Width -> [String]
+const_P w = comment : def : ls where
+  comment = "// internal mixing matrix (`t x t`s, flattened)"
+  def     = "pub const CONST_P: [Mont; " ++ show len ++ "] = "
+  xs      = concat (poseidon_P w)
+  len     = length xs
+  ls      = listToRust32 xs
+
+const_S :: Width -> [String]
+const_S w = comment : def : ls where
+  comment = "// circomlib's optimization whatever"
+  def     = "pub const CONST_S: [Mont; " ++ show len ++ "] = "
+  xs      = poseidon_S w
+  len     = length xs
+  ls      = listToRust32 xs
+
+--------------------------------------------------------------------------------
+
+header :: Width -> [String]
+header (MkW t) =
+  [ ""
+  , "// circomlib's Poseidon constants for t=" ++ show t 
+  , ""
+  , "use crate::bn254::montgomery::*;"
+  , ""
+  ]
+
+sep :: [String] 
+sep = 
+  [ ""
+  , "//------------------------------------------------------------------------------"
+  , ""
+  ]
+
+rustSource :: Width -> String
+rustSource t = unlines $ concat
+  [ header  t , sep
+  , const_C t , sep
+  , const_M t , sep
+  , const_P t , sep
+  , const_S t , sep
+  ]
+
+writeRustConstants :: Width -> IO ()
+writeRustConstants w@(MkW t) = do
+  let fname = "t" ++ show t ++ ".rs"
+  writeFile (tgtDir </> fname) (rustSource w)
+
+main :: IO ()
+main = do
+  createDirectoryIfMissing False tgtDir
+  forM_ [2..5] $ \t -> writeRustConstants (MkW t)
+
+--------------------------------------------------------------------------------