mirror of
https://github.com/arnaucube/ark-curves-cherry-picked.git
synced 2026-01-27 14:13:46 +01:00
2118e14b6a
* implementation of the fast subgroup check for bls12_381 * add a bench * subgroup check for g1 * subgroup check modifications * remove useless test * fmt * need the last version of arkworks/algebra * remove Parameters0 * using projective points is more efficient * use of projective coordinates in G2 * fmt * documentation on the constants and the psi function * references for algorithms of eprint 2021/1130 * fmt * sed ^ ** * minor improvement * fmt * fix Cargo toml * nits * some cleanup for g1 * add the beta test back * fmt * g2 * changelog * add a note on the Cargo.toml * nits * avoid variable name conflicts * add the early-out optimization Co-authored-by: weikeng <w.k@berkeley.edu>
174 lines
4.5 KiB
Rust
174 lines
4.5 KiB
Rust
#![allow(unused_imports)]
|
|
use ark_ec::{
|
|
models::SWModelParameters,
|
|
short_weierstrass_jacobian::{GroupAffine, GroupProjective},
|
|
AffineCurve, PairingEngine, ProjectiveCurve,
|
|
};
|
|
use ark_ff::{
|
|
fields::{Field, FpParameters, PrimeField, SquareRootField},
|
|
BitIteratorBE, One, UniformRand, Zero,
|
|
};
|
|
use ark_serialize::CanonicalSerialize;
|
|
use ark_std::rand::Rng;
|
|
use ark_std::test_rng;
|
|
use core::ops::{AddAssign, MulAssign};
|
|
|
|
use crate::{g1, g2, Bls12_381, Fq, Fq12, Fq2, Fr, G1Affine, G1Projective, G2Affine, G2Projective};
|
|
use ark_algebra_test_templates::{curves::*, groups::*};
|
|
use ark_ec::group::Group;
|
|
|
|
#[test]
|
|
fn test_g1_projective_curve() {
|
|
curve_tests::<G1Projective>();
|
|
|
|
sw_tests::<g1::Parameters>();
|
|
}
|
|
|
|
#[test]
|
|
fn test_g1_projective_group() {
|
|
let mut rng = test_rng();
|
|
let a: G1Projective = rng.gen();
|
|
let b: G1Projective = rng.gen();
|
|
group_test(a, b);
|
|
}
|
|
|
|
#[test]
|
|
fn test_g1_generator() {
|
|
let generator = G1Affine::prime_subgroup_generator();
|
|
assert!(generator.is_on_curve());
|
|
assert!(generator.is_in_correct_subgroup_assuming_on_curve());
|
|
}
|
|
|
|
#[test]
|
|
fn test_g2_projective_curve() {
|
|
curve_tests::<G2Projective>();
|
|
|
|
sw_tests::<g2::Parameters>();
|
|
}
|
|
|
|
#[test]
|
|
fn test_g2_projective_group() {
|
|
let mut rng = test_rng();
|
|
let a: G2Projective = rng.gen();
|
|
let b: G2Projective = rng.gen();
|
|
group_test(a, b);
|
|
}
|
|
|
|
#[test]
|
|
fn test_g2_generator() {
|
|
let generator = G2Affine::prime_subgroup_generator();
|
|
assert!(generator.is_on_curve());
|
|
assert!(generator.is_in_correct_subgroup_assuming_on_curve());
|
|
}
|
|
|
|
#[test]
|
|
fn test_bilinearity() {
|
|
let mut rng = test_rng();
|
|
let a: G1Projective = rng.gen();
|
|
let b: G2Projective = rng.gen();
|
|
let s: Fr = rng.gen();
|
|
|
|
let mut sa = a;
|
|
sa.mul_assign(s);
|
|
let mut sb = b;
|
|
sb.mul_assign(s);
|
|
|
|
let ans1 = Bls12_381::pairing(sa, b);
|
|
let ans2 = Bls12_381::pairing(a, sb);
|
|
let ans3 = Bls12_381::pairing(a, b).pow(s.into_repr());
|
|
|
|
assert_eq!(ans1, ans2);
|
|
assert_eq!(ans2, ans3);
|
|
|
|
assert_ne!(ans1, Fq12::one());
|
|
assert_ne!(ans2, Fq12::one());
|
|
assert_ne!(ans3, Fq12::one());
|
|
|
|
assert_eq!(ans1.pow(Fr::characteristic()), Fq12::one());
|
|
assert_eq!(ans2.pow(Fr::characteristic()), Fq12::one());
|
|
assert_eq!(ans3.pow(Fr::characteristic()), Fq12::one());
|
|
}
|
|
|
|
#[test]
|
|
fn test_g1_generator_raw() {
|
|
let mut x = Fq::zero();
|
|
let mut i = 0;
|
|
loop {
|
|
// y^2 = x^3 + b
|
|
let mut rhs = x;
|
|
rhs.square_in_place();
|
|
rhs.mul_assign(&x);
|
|
rhs.add_assign(&g1::Parameters::COEFF_B);
|
|
|
|
if let Some(y) = rhs.sqrt() {
|
|
let p = G1Affine::new(x, if y < -y { y } else { -y }, false);
|
|
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
|
|
|
let g1 = p.scale_by_cofactor();
|
|
if !g1.is_zero() {
|
|
assert_eq!(i, 4);
|
|
let g1 = G1Affine::from(g1);
|
|
|
|
assert!(g1.is_in_correct_subgroup_assuming_on_curve());
|
|
|
|
assert_eq!(g1, G1Affine::prime_subgroup_generator());
|
|
break;
|
|
}
|
|
}
|
|
|
|
i += 1;
|
|
x.add_assign(&Fq::one());
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn test_g1_endomorphism_beta() {
|
|
assert!(g1::BETA.pow(&[3u64]).is_one());
|
|
}
|
|
|
|
#[test]
|
|
fn test_g1_subgroup_membership_via_endomorphism() {
|
|
let mut rng = test_rng();
|
|
let generator = G1Projective::rand(&mut rng).into_affine();
|
|
assert!(generator.is_in_correct_subgroup_assuming_on_curve());
|
|
}
|
|
|
|
#[test]
|
|
fn test_g1_subgroup_non_membership_via_endomorphism() {
|
|
let mut rng = test_rng();
|
|
loop {
|
|
let x = Fq::rand(&mut rng);
|
|
let greatest = rng.gen();
|
|
|
|
if let Some(p) = G1Affine::get_point_from_x(x, greatest) {
|
|
if !p.into_projective().mul(Fr::characteristic()).is_zero() {
|
|
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
#[test]
|
|
fn test_g2_subgroup_membership_via_endomorphism() {
|
|
let mut rng = test_rng();
|
|
let generator = G2Projective::rand(&mut rng).into_affine();
|
|
assert!(generator.is_in_correct_subgroup_assuming_on_curve());
|
|
}
|
|
|
|
#[test]
|
|
fn test_g2_subgroup_non_membership_via_endomorphism() {
|
|
let mut rng = test_rng();
|
|
loop {
|
|
let x = Fq2::rand(&mut rng);
|
|
let greatest = rng.gen();
|
|
|
|
if let Some(p) = G2Affine::get_point_from_x(x, greatest) {
|
|
if !p.into_projective().mul(Fr::characteristic()).is_zero() {
|
|
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
}
|