github.com/aswedchain/aswed@v1.0.1/crypto/bls12381/field_element.go (about)

     1  // Copyright 2020 The go-ethereum Authors
     2  // This file is part of the go-ethereum library.
     3  //
     4  // The go-ethereum library is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Lesser General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // The go-ethereum library is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12  // GNU Lesser General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Lesser General Public License
    15  // along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
    16  
    17  package bls12381
    18  
    19  import (
    20  	"crypto/rand"
    21  	"encoding/hex"
    22  	"fmt"
    23  	"io"
    24  	"math/big"
    25  )
    26  
    27  // fe is base field element representation
    28  type fe [6]uint64
    29  
    30  // fe2 is element representation of 'fp2' which is quadratic extension of base field 'fp'
    31  // Representation follows c[0] + c[1] * u encoding order.
    32  type fe2 [2]fe
    33  
    34  // fe6 is element representation of 'fp6' field which is cubic extension of 'fp2'
    35  // Representation follows c[0] + c[1] * v + c[2] * v^2 encoding order.
    36  type fe6 [3]fe2
    37  
    38  // fe12 is element representation of 'fp12' field which is quadratic extension of 'fp6'
    39  // Representation follows c[0] + c[1] * w encoding order.
    40  type fe12 [2]fe6
    41  
    42  func (fe *fe) setBytes(in []byte) *fe {
    43  	size := 48
    44  	l := len(in)
    45  	if l >= size {
    46  		l = size
    47  	}
    48  	padded := make([]byte, size)
    49  	copy(padded[size-l:], in[:])
    50  	var a int
    51  	for i := 0; i < 6; i++ {
    52  		a = size - i*8
    53  		fe[i] = uint64(padded[a-1]) | uint64(padded[a-2])<<8 |
    54  			uint64(padded[a-3])<<16 | uint64(padded[a-4])<<24 |
    55  			uint64(padded[a-5])<<32 | uint64(padded[a-6])<<40 |
    56  			uint64(padded[a-7])<<48 | uint64(padded[a-8])<<56
    57  	}
    58  	return fe
    59  }
    60  
    61  func (fe *fe) setBig(a *big.Int) *fe {
    62  	return fe.setBytes(a.Bytes())
    63  }
    64  
    65  func (fe *fe) setString(s string) (*fe, error) {
    66  	if s[:2] == "0x" {
    67  		s = s[2:]
    68  	}
    69  	bytes, err := hex.DecodeString(s)
    70  	if err != nil {
    71  		return nil, err
    72  	}
    73  	return fe.setBytes(bytes), nil
    74  }
    75  
    76  func (fe *fe) set(fe2 *fe) *fe {
    77  	fe[0] = fe2[0]
    78  	fe[1] = fe2[1]
    79  	fe[2] = fe2[2]
    80  	fe[3] = fe2[3]
    81  	fe[4] = fe2[4]
    82  	fe[5] = fe2[5]
    83  	return fe
    84  }
    85  
    86  func (fe *fe) bytes() []byte {
    87  	out := make([]byte, 48)
    88  	var a int
    89  	for i := 0; i < 6; i++ {
    90  		a = 48 - i*8
    91  		out[a-1] = byte(fe[i])
    92  		out[a-2] = byte(fe[i] >> 8)
    93  		out[a-3] = byte(fe[i] >> 16)
    94  		out[a-4] = byte(fe[i] >> 24)
    95  		out[a-5] = byte(fe[i] >> 32)
    96  		out[a-6] = byte(fe[i] >> 40)
    97  		out[a-7] = byte(fe[i] >> 48)
    98  		out[a-8] = byte(fe[i] >> 56)
    99  	}
   100  	return out
   101  }
   102  
   103  func (fe *fe) big() *big.Int {
   104  	return new(big.Int).SetBytes(fe.bytes())
   105  }
   106  
   107  func (fe *fe) string() (s string) {
   108  	for i := 5; i >= 0; i-- {
   109  		s = fmt.Sprintf("%s%16.16x", s, fe[i])
   110  	}
   111  	return "0x" + s
   112  }
   113  
   114  func (fe *fe) zero() *fe {
   115  	fe[0] = 0
   116  	fe[1] = 0
   117  	fe[2] = 0
   118  	fe[3] = 0
   119  	fe[4] = 0
   120  	fe[5] = 0
   121  	return fe
   122  }
   123  
   124  func (fe *fe) one() *fe {
   125  	return fe.set(r1)
   126  }
   127  
   128  func (fe *fe) rand(r io.Reader) (*fe, error) {
   129  	bi, err := rand.Int(r, modulus.big())
   130  	if err != nil {
   131  		return nil, err
   132  	}
   133  	return fe.setBig(bi), nil
   134  }
   135  
   136  func (fe *fe) isValid() bool {
   137  	return fe.cmp(&modulus) < 0
   138  }
   139  
   140  func (fe *fe) isOdd() bool {
   141  	var mask uint64 = 1
   142  	return fe[0]&mask != 0
   143  }
   144  
   145  func (fe *fe) isEven() bool {
   146  	var mask uint64 = 1
   147  	return fe[0]&mask == 0
   148  }
   149  
   150  func (fe *fe) isZero() bool {
   151  	return (fe[5] | fe[4] | fe[3] | fe[2] | fe[1] | fe[0]) == 0
   152  }
   153  
   154  func (fe *fe) isOne() bool {
   155  	return fe.equal(r1)
   156  }
   157  
   158  func (fe *fe) cmp(fe2 *fe) int {
   159  	for i := 5; i >= 0; i-- {
   160  		if fe[i] > fe2[i] {
   161  			return 1
   162  		} else if fe[i] < fe2[i] {
   163  			return -1
   164  		}
   165  	}
   166  	return 0
   167  }
   168  
   169  func (fe *fe) equal(fe2 *fe) bool {
   170  	return fe2[0] == fe[0] && fe2[1] == fe[1] && fe2[2] == fe[2] && fe2[3] == fe[3] && fe2[4] == fe[4] && fe2[5] == fe[5]
   171  }
   172  
   173  func (e *fe) sign() bool {
   174  	r := new(fe)
   175  	fromMont(r, e)
   176  	return r[0]&1 == 0
   177  }
   178  
   179  func (fe *fe) div2(e uint64) {
   180  	fe[0] = fe[0]>>1 | fe[1]<<63
   181  	fe[1] = fe[1]>>1 | fe[2]<<63
   182  	fe[2] = fe[2]>>1 | fe[3]<<63
   183  	fe[3] = fe[3]>>1 | fe[4]<<63
   184  	fe[4] = fe[4]>>1 | fe[5]<<63
   185  	fe[5] = fe[5]>>1 | e<<63
   186  }
   187  
   188  func (fe *fe) mul2() uint64 {
   189  	e := fe[5] >> 63
   190  	fe[5] = fe[5]<<1 | fe[4]>>63
   191  	fe[4] = fe[4]<<1 | fe[3]>>63
   192  	fe[3] = fe[3]<<1 | fe[2]>>63
   193  	fe[2] = fe[2]<<1 | fe[1]>>63
   194  	fe[1] = fe[1]<<1 | fe[0]>>63
   195  	fe[0] = fe[0] << 1
   196  	return e
   197  }
   198  
   199  func (e *fe2) zero() *fe2 {
   200  	e[0].zero()
   201  	e[1].zero()
   202  	return e
   203  }
   204  
   205  func (e *fe2) one() *fe2 {
   206  	e[0].one()
   207  	e[1].zero()
   208  	return e
   209  }
   210  
   211  func (e *fe2) set(e2 *fe2) *fe2 {
   212  	e[0].set(&e2[0])
   213  	e[1].set(&e2[1])
   214  	return e
   215  }
   216  
   217  func (e *fe2) rand(r io.Reader) (*fe2, error) {
   218  	a0, err := new(fe).rand(r)
   219  	if err != nil {
   220  		return nil, err
   221  	}
   222  	a1, err := new(fe).rand(r)
   223  	if err != nil {
   224  		return nil, err
   225  	}
   226  	return &fe2{*a0, *a1}, nil
   227  }
   228  
   229  func (e *fe2) isOne() bool {
   230  	return e[0].isOne() && e[1].isZero()
   231  }
   232  
   233  func (e *fe2) isZero() bool {
   234  	return e[0].isZero() && e[1].isZero()
   235  }
   236  
   237  func (e *fe2) equal(e2 *fe2) bool {
   238  	return e[0].equal(&e2[0]) && e[1].equal(&e2[1])
   239  }
   240  
   241  func (e *fe2) sign() bool {
   242  	r := new(fe)
   243  	if !e[0].isZero() {
   244  		fromMont(r, &e[0])
   245  		return r[0]&1 == 0
   246  	}
   247  	fromMont(r, &e[1])
   248  	return r[0]&1 == 0
   249  }
   250  
   251  func (e *fe6) zero() *fe6 {
   252  	e[0].zero()
   253  	e[1].zero()
   254  	e[2].zero()
   255  	return e
   256  }
   257  
   258  func (e *fe6) one() *fe6 {
   259  	e[0].one()
   260  	e[1].zero()
   261  	e[2].zero()
   262  	return e
   263  }
   264  
   265  func (e *fe6) set(e2 *fe6) *fe6 {
   266  	e[0].set(&e2[0])
   267  	e[1].set(&e2[1])
   268  	e[2].set(&e2[2])
   269  	return e
   270  }
   271  
   272  func (e *fe6) rand(r io.Reader) (*fe6, error) {
   273  	a0, err := new(fe2).rand(r)
   274  	if err != nil {
   275  		return nil, err
   276  	}
   277  	a1, err := new(fe2).rand(r)
   278  	if err != nil {
   279  		return nil, err
   280  	}
   281  	a2, err := new(fe2).rand(r)
   282  	if err != nil {
   283  		return nil, err
   284  	}
   285  	return &fe6{*a0, *a1, *a2}, nil
   286  }
   287  
   288  func (e *fe6) isOne() bool {
   289  	return e[0].isOne() && e[1].isZero() && e[2].isZero()
   290  }
   291  
   292  func (e *fe6) isZero() bool {
   293  	return e[0].isZero() && e[1].isZero() && e[2].isZero()
   294  }
   295  
   296  func (e *fe6) equal(e2 *fe6) bool {
   297  	return e[0].equal(&e2[0]) && e[1].equal(&e2[1]) && e[2].equal(&e2[2])
   298  }
   299  
   300  func (e *fe12) zero() *fe12 {
   301  	e[0].zero()
   302  	e[1].zero()
   303  	return e
   304  }
   305  
   306  func (e *fe12) one() *fe12 {
   307  	e[0].one()
   308  	e[1].zero()
   309  	return e
   310  }
   311  
   312  func (e *fe12) set(e2 *fe12) *fe12 {
   313  	e[0].set(&e2[0])
   314  	e[1].set(&e2[1])
   315  	return e
   316  }
   317  
   318  func (e *fe12) rand(r io.Reader) (*fe12, error) {
   319  	a0, err := new(fe6).rand(r)
   320  	if err != nil {
   321  		return nil, err
   322  	}
   323  	a1, err := new(fe6).rand(r)
   324  	if err != nil {
   325  		return nil, err
   326  	}
   327  	return &fe12{*a0, *a1}, nil
   328  }
   329  
   330  func (e *fe12) isOne() bool {
   331  	return e[0].isOne() && e[1].isZero()
   332  }
   333  
   334  func (e *fe12) isZero() bool {
   335  	return e[0].isZero() && e[1].isZero()
   336  }
   337  
   338  func (e *fe12) equal(e2 *fe12) bool {
   339  	return e[0].equal(&e2[0]) && e[1].equal(&e2[1])
   340  }