diff --git a/src/bls12_381/ec.rs b/src/bls12_381/ec.rs index 5cd5091..37fcbba 100644 --- a/src/bls12_381/ec.rs +++ b/src/bls12_381/ec.rs @@ -623,12 +623,10 @@ macro_rules! curve_impl { pub mod g1 { use super::super::{Bls12, Fq, Fq12, FqRepr, Fr, FrRepr}; use super::g2::G2Affine; + use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr, SqrtField}; use rand::{Rand, Rng}; use std::fmt; - use { - BitIterator, CurveAffine, CurveProjective, EncodedPoint, Engine, Field, GroupDecodingError, - PrimeField, PrimeFieldRepr, SqrtField, - }; + use {CurveAffine, CurveProjective, EncodedPoint, Engine, GroupDecodingError}; curve_impl!( "G1", @@ -1270,12 +1268,10 @@ pub mod g1 { pub mod g2 { use super::super::{Bls12, Fq, Fq12, Fq2, FqRepr, Fr, FrRepr}; use super::g1::G1Affine; + use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr, SqrtField}; use rand::{Rand, Rng}; use std::fmt; - use { - BitIterator, CurveAffine, CurveProjective, EncodedPoint, Engine, Field, GroupDecodingError, - PrimeField, PrimeFieldRepr, SqrtField, - }; + use {CurveAffine, CurveProjective, EncodedPoint, Engine, GroupDecodingError}; curve_impl!( "G2", diff --git a/src/bls12_381/fq.rs b/src/bls12_381/fq.rs index 738da38..e109294 100644 --- a/src/bls12_381/fq.rs +++ b/src/bls12_381/fq.rs @@ -682,7 +682,7 @@ impl PrimeFieldRepr for FqRepr { let mut carry = 0; for (a, b) in self.0.iter_mut().zip(other.0.iter()) { - *a = ::adc(*a, *b, &mut carry); + *a = ::ff::adc(*a, *b, &mut carry); } } @@ -691,7 +691,7 @@ impl PrimeFieldRepr for FqRepr { let mut borrow = 0; for (a, b) in self.0.iter_mut().zip(other.0.iter()) { - *a = ::sbb(*a, *b, &mut borrow); + *a = ::ff::sbb(*a, *b, &mut borrow); } } } @@ -909,52 +909,52 @@ impl Field for Fq { #[inline] fn mul_assign(&mut self, other: &Fq) { let mut carry = 0; - let r0 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[0], &mut carry); - let r1 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[1], &mut carry); - let r2 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[2], &mut carry); - let r3 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[3], &mut carry); - let r4 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[4], &mut carry); - let r5 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[5], &mut carry); + let r0 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[0], &mut carry); + let r1 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[1], &mut carry); + let r2 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[2], &mut carry); + let r3 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[3], &mut carry); + let r4 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[4], &mut carry); + let r5 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[5], &mut carry); let r6 = carry; let mut carry = 0; - let r1 = ::mac_with_carry(r1, (self.0).0[1], (other.0).0[0], &mut carry); - let r2 = ::mac_with_carry(r2, (self.0).0[1], (other.0).0[1], &mut carry); - let r3 = ::mac_with_carry(r3, (self.0).0[1], (other.0).0[2], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[1], (other.0).0[3], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[1], (other.0).0[4], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[1], (other.0).0[5], &mut carry); + let r1 = ::ff::mac_with_carry(r1, (self.0).0[1], (other.0).0[0], &mut carry); + let r2 = ::ff::mac_with_carry(r2, (self.0).0[1], (other.0).0[1], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[1], (other.0).0[2], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[1], (other.0).0[3], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[1], (other.0).0[4], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[1], (other.0).0[5], &mut carry); let r7 = carry; let mut carry = 0; - let r2 = ::mac_with_carry(r2, (self.0).0[2], (other.0).0[0], &mut carry); - let r3 = ::mac_with_carry(r3, (self.0).0[2], (other.0).0[1], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[2], (other.0).0[2], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[2], (other.0).0[3], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[2], (other.0).0[4], &mut carry); - let r7 = ::mac_with_carry(r7, (self.0).0[2], (other.0).0[5], &mut carry); + let r2 = ::ff::mac_with_carry(r2, (self.0).0[2], (other.0).0[0], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[2], (other.0).0[1], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[2], (other.0).0[2], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[2], (other.0).0[3], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[2], (other.0).0[4], &mut carry); + let r7 = ::ff::mac_with_carry(r7, (self.0).0[2], (other.0).0[5], &mut carry); let r8 = carry; let mut carry = 0; - let r3 = ::mac_with_carry(r3, (self.0).0[3], (other.0).0[0], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[3], (other.0).0[1], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[3], (other.0).0[2], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[3], (other.0).0[3], &mut carry); - let r7 = ::mac_with_carry(r7, (self.0).0[3], (other.0).0[4], &mut carry); - let r8 = ::mac_with_carry(r8, (self.0).0[3], (other.0).0[5], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[3], (other.0).0[0], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[3], (other.0).0[1], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[3], (other.0).0[2], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[3], (other.0).0[3], &mut carry); + let r7 = ::ff::mac_with_carry(r7, (self.0).0[3], (other.0).0[4], &mut carry); + let r8 = ::ff::mac_with_carry(r8, (self.0).0[3], (other.0).0[5], &mut carry); let r9 = carry; let mut carry = 0; - let r4 = ::mac_with_carry(r4, (self.0).0[4], (other.0).0[0], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[4], (other.0).0[1], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[4], (other.0).0[2], &mut carry); - let r7 = ::mac_with_carry(r7, (self.0).0[4], (other.0).0[3], &mut carry); - let r8 = ::mac_with_carry(r8, (self.0).0[4], (other.0).0[4], &mut carry); - let r9 = ::mac_with_carry(r9, (self.0).0[4], (other.0).0[5], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[4], (other.0).0[0], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[4], (other.0).0[1], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[4], (other.0).0[2], &mut carry); + let r7 = ::ff::mac_with_carry(r7, (self.0).0[4], (other.0).0[3], &mut carry); + let r8 = ::ff::mac_with_carry(r8, (self.0).0[4], (other.0).0[4], &mut carry); + let r9 = ::ff::mac_with_carry(r9, (self.0).0[4], (other.0).0[5], &mut carry); let r10 = carry; let mut carry = 0; - let r5 = ::mac_with_carry(r5, (self.0).0[5], (other.0).0[0], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[5], (other.0).0[1], &mut carry); - let r7 = ::mac_with_carry(r7, (self.0).0[5], (other.0).0[2], &mut carry); - let r8 = ::mac_with_carry(r8, (self.0).0[5], (other.0).0[3], &mut carry); - let r9 = ::mac_with_carry(r9, (self.0).0[5], (other.0).0[4], &mut carry); - let r10 = ::mac_with_carry(r10, (self.0).0[5], (other.0).0[5], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[5], (other.0).0[0], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[5], (other.0).0[1], &mut carry); + let r7 = ::ff::mac_with_carry(r7, (self.0).0[5], (other.0).0[2], &mut carry); + let r8 = ::ff::mac_with_carry(r8, (self.0).0[5], (other.0).0[3], &mut carry); + let r9 = ::ff::mac_with_carry(r9, (self.0).0[5], (other.0).0[4], &mut carry); + let r10 = ::ff::mac_with_carry(r10, (self.0).0[5], (other.0).0[5], &mut carry); let r11 = carry; self.mont_reduce(r0, r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11); } @@ -962,29 +962,29 @@ impl Field for Fq { #[inline] fn square(&mut self) { let mut carry = 0; - let r1 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[1], &mut carry); - let r2 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[2], &mut carry); - let r3 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[3], &mut carry); - let r4 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[4], &mut carry); - let r5 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[5], &mut carry); + let r1 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[1], &mut carry); + let r2 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[2], &mut carry); + let r3 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[3], &mut carry); + let r4 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[4], &mut carry); + let r5 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[5], &mut carry); let r6 = carry; let mut carry = 0; - let r3 = ::mac_with_carry(r3, (self.0).0[1], (self.0).0[2], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[1], (self.0).0[3], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[1], (self.0).0[4], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[1], (self.0).0[5], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[1], (self.0).0[2], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[1], (self.0).0[3], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[1], (self.0).0[4], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[1], (self.0).0[5], &mut carry); let r7 = carry; let mut carry = 0; - let r5 = ::mac_with_carry(r5, (self.0).0[2], (self.0).0[3], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[2], (self.0).0[4], &mut carry); - let r7 = ::mac_with_carry(r7, (self.0).0[2], (self.0).0[5], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[2], (self.0).0[3], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[2], (self.0).0[4], &mut carry); + let r7 = ::ff::mac_with_carry(r7, (self.0).0[2], (self.0).0[5], &mut carry); let r8 = carry; let mut carry = 0; - let r7 = ::mac_with_carry(r7, (self.0).0[3], (self.0).0[4], &mut carry); - let r8 = ::mac_with_carry(r8, (self.0).0[3], (self.0).0[5], &mut carry); + let r7 = ::ff::mac_with_carry(r7, (self.0).0[3], (self.0).0[4], &mut carry); + let r8 = ::ff::mac_with_carry(r8, (self.0).0[3], (self.0).0[5], &mut carry); let r9 = carry; let mut carry = 0; - let r9 = ::mac_with_carry(r9, (self.0).0[4], (self.0).0[5], &mut carry); + let r9 = ::ff::mac_with_carry(r9, (self.0).0[4], (self.0).0[5], &mut carry); let r10 = carry; let r11 = r10 >> 63; @@ -1000,18 +1000,18 @@ impl Field for Fq { let r1 = r1 << 1; let mut carry = 0; - let r0 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[0], &mut carry); - let r1 = ::adc(r1, 0, &mut carry); - let r2 = ::mac_with_carry(r2, (self.0).0[1], (self.0).0[1], &mut carry); - let r3 = ::adc(r3, 0, &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[2], (self.0).0[2], &mut carry); - let r5 = ::adc(r5, 0, &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[3], (self.0).0[3], &mut carry); - let r7 = ::adc(r7, 0, &mut carry); - let r8 = ::mac_with_carry(r8, (self.0).0[4], (self.0).0[4], &mut carry); - let r9 = ::adc(r9, 0, &mut carry); - let r10 = ::mac_with_carry(r10, (self.0).0[5], (self.0).0[5], &mut carry); - let r11 = ::adc(r11, 0, &mut carry); + let r0 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[0], &mut carry); + let r1 = ::ff::adc(r1, 0, &mut carry); + let r2 = ::ff::mac_with_carry(r2, (self.0).0[1], (self.0).0[1], &mut carry); + let r3 = ::ff::adc(r3, 0, &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[2], (self.0).0[2], &mut carry); + let r5 = ::ff::adc(r5, 0, &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[3], (self.0).0[3], &mut carry); + let r7 = ::ff::adc(r7, 0, &mut carry); + let r8 = ::ff::mac_with_carry(r8, (self.0).0[4], (self.0).0[4], &mut carry); + let r9 = ::ff::adc(r9, 0, &mut carry); + let r10 = ::ff::mac_with_carry(r10, (self.0).0[5], (self.0).0[5], &mut carry); + let r11 = ::ff::adc(r11, 0, &mut carry); self.mont_reduce(r0, r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11); } } @@ -1055,63 +1055,63 @@ impl Fq { let k = r0.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r0, k, MODULUS.0[0], &mut carry); - r1 = ::mac_with_carry(r1, k, MODULUS.0[1], &mut carry); - r2 = ::mac_with_carry(r2, k, MODULUS.0[2], &mut carry); - r3 = ::mac_with_carry(r3, k, MODULUS.0[3], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[4], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[5], &mut carry); - r6 = ::adc(r6, 0, &mut carry); + ::ff::mac_with_carry(r0, k, MODULUS.0[0], &mut carry); + r1 = ::ff::mac_with_carry(r1, k, MODULUS.0[1], &mut carry); + r2 = ::ff::mac_with_carry(r2, k, MODULUS.0[2], &mut carry); + r3 = ::ff::mac_with_carry(r3, k, MODULUS.0[3], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[4], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[5], &mut carry); + r6 = ::ff::adc(r6, 0, &mut carry); let carry2 = carry; let k = r1.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r1, k, MODULUS.0[0], &mut carry); - r2 = ::mac_with_carry(r2, k, MODULUS.0[1], &mut carry); - r3 = ::mac_with_carry(r3, k, MODULUS.0[2], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[3], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[4], &mut carry); - r6 = ::mac_with_carry(r6, k, MODULUS.0[5], &mut carry); - r7 = ::adc(r7, carry2, &mut carry); + ::ff::mac_with_carry(r1, k, MODULUS.0[0], &mut carry); + r2 = ::ff::mac_with_carry(r2, k, MODULUS.0[1], &mut carry); + r3 = ::ff::mac_with_carry(r3, k, MODULUS.0[2], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[3], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[4], &mut carry); + r6 = ::ff::mac_with_carry(r6, k, MODULUS.0[5], &mut carry); + r7 = ::ff::adc(r7, carry2, &mut carry); let carry2 = carry; let k = r2.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r2, k, MODULUS.0[0], &mut carry); - r3 = ::mac_with_carry(r3, k, MODULUS.0[1], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[2], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[3], &mut carry); - r6 = ::mac_with_carry(r6, k, MODULUS.0[4], &mut carry); - r7 = ::mac_with_carry(r7, k, MODULUS.0[5], &mut carry); - r8 = ::adc(r8, carry2, &mut carry); + ::ff::mac_with_carry(r2, k, MODULUS.0[0], &mut carry); + r3 = ::ff::mac_with_carry(r3, k, MODULUS.0[1], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[2], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[3], &mut carry); + r6 = ::ff::mac_with_carry(r6, k, MODULUS.0[4], &mut carry); + r7 = ::ff::mac_with_carry(r7, k, MODULUS.0[5], &mut carry); + r8 = ::ff::adc(r8, carry2, &mut carry); let carry2 = carry; let k = r3.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r3, k, MODULUS.0[0], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[1], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[2], &mut carry); - r6 = ::mac_with_carry(r6, k, MODULUS.0[3], &mut carry); - r7 = ::mac_with_carry(r7, k, MODULUS.0[4], &mut carry); - r8 = ::mac_with_carry(r8, k, MODULUS.0[5], &mut carry); - r9 = ::adc(r9, carry2, &mut carry); + ::ff::mac_with_carry(r3, k, MODULUS.0[0], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[1], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[2], &mut carry); + r6 = ::ff::mac_with_carry(r6, k, MODULUS.0[3], &mut carry); + r7 = ::ff::mac_with_carry(r7, k, MODULUS.0[4], &mut carry); + r8 = ::ff::mac_with_carry(r8, k, MODULUS.0[5], &mut carry); + r9 = ::ff::adc(r9, carry2, &mut carry); let carry2 = carry; let k = r4.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r4, k, MODULUS.0[0], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[1], &mut carry); - r6 = ::mac_with_carry(r6, k, MODULUS.0[2], &mut carry); - r7 = ::mac_with_carry(r7, k, MODULUS.0[3], &mut carry); - r8 = ::mac_with_carry(r8, k, MODULUS.0[4], &mut carry); - r9 = ::mac_with_carry(r9, k, MODULUS.0[5], &mut carry); - r10 = ::adc(r10, carry2, &mut carry); + ::ff::mac_with_carry(r4, k, MODULUS.0[0], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[1], &mut carry); + r6 = ::ff::mac_with_carry(r6, k, MODULUS.0[2], &mut carry); + r7 = ::ff::mac_with_carry(r7, k, MODULUS.0[3], &mut carry); + r8 = ::ff::mac_with_carry(r8, k, MODULUS.0[4], &mut carry); + r9 = ::ff::mac_with_carry(r9, k, MODULUS.0[5], &mut carry); + r10 = ::ff::adc(r10, carry2, &mut carry); let carry2 = carry; let k = r5.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r5, k, MODULUS.0[0], &mut carry); - r6 = ::mac_with_carry(r6, k, MODULUS.0[1], &mut carry); - r7 = ::mac_with_carry(r7, k, MODULUS.0[2], &mut carry); - r8 = ::mac_with_carry(r8, k, MODULUS.0[3], &mut carry); - r9 = ::mac_with_carry(r9, k, MODULUS.0[4], &mut carry); - r10 = ::mac_with_carry(r10, k, MODULUS.0[5], &mut carry); - r11 = ::adc(r11, carry2, &mut carry); + ::ff::mac_with_carry(r5, k, MODULUS.0[0], &mut carry); + r6 = ::ff::mac_with_carry(r6, k, MODULUS.0[1], &mut carry); + r7 = ::ff::mac_with_carry(r7, k, MODULUS.0[2], &mut carry); + r8 = ::ff::mac_with_carry(r8, k, MODULUS.0[3], &mut carry); + r9 = ::ff::mac_with_carry(r9, k, MODULUS.0[4], &mut carry); + r10 = ::ff::mac_with_carry(r10, k, MODULUS.0[5], &mut carry); + r11 = ::ff::adc(r11, carry2, &mut carry); (self.0).0[0] = r6; (self.0).0[1] = r7; (self.0).0[2] = r8; @@ -1123,9 +1123,7 @@ impl Fq { } impl SqrtField for Fq { - fn legendre(&self) -> ::LegendreSymbol { - use LegendreSymbol::*; - + fn legendre(&self) -> ::ff::LegendreSymbol { // s = self^((q - 1) // 2) let s = self.pow([ 0xdcff7fffffffd555, @@ -1136,11 +1134,11 @@ impl SqrtField for Fq { 0xd0088f51cbff34d, ]); if s == Fq::zero() { - Zero + ::ff::LegendreSymbol::Zero } else if s == Fq::one() { - QuadraticResidue + ::ff::LegendreSymbol::QuadraticResidue } else { - QuadraticNonResidue + ::ff::LegendreSymbol::QuadraticNonResidue } } @@ -2924,7 +2922,7 @@ fn fq_repr_tests() { #[test] fn test_fq_legendre() { - use LegendreSymbol::*; + use ff::LegendreSymbol::*; assert_eq!(QuadraticResidue, Fq::one().legendre()); assert_eq!(Zero, Fq::zero().legendre()); diff --git a/src/bls12_381/fq2.rs b/src/bls12_381/fq2.rs index 18cd580..1f3cd6f 100644 --- a/src/bls12_381/fq2.rs +++ b/src/bls12_381/fq2.rs @@ -160,7 +160,7 @@ impl Field for Fq2 { } impl SqrtField for Fq2 { - fn legendre(&self) -> ::LegendreSymbol { + fn legendre(&self) -> ::ff::LegendreSymbol { self.norm().legendre() } @@ -865,7 +865,7 @@ fn test_fq2_sqrt() { #[test] fn test_fq2_legendre() { - use LegendreSymbol::*; + use ff::LegendreSymbol::*; assert_eq!(Zero, Fq2::zero().legendre()); // i^2 = -1 diff --git a/src/bls12_381/fr.rs b/src/bls12_381/fr.rs index 4e9d6ab..e9eee24 100644 --- a/src/bls12_381/fr.rs +++ b/src/bls12_381/fr.rs @@ -1,5 +1,4 @@ -use LegendreSymbol::*; -use {Field, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr, SqrtField}; +use ff::{Field, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr, SqrtField}; // r = 52435875175126190479447740508185965837690552500527637822603658699938581184513 const MODULUS: FrRepr = FrRepr([ @@ -229,7 +228,7 @@ impl PrimeFieldRepr for FrRepr { let mut carry = 0; for (a, b) in self.0.iter_mut().zip(other.0.iter()) { - *a = ::adc(*a, *b, &mut carry); + *a = ::ff::adc(*a, *b, &mut carry); } } @@ -238,7 +237,7 @@ impl PrimeFieldRepr for FrRepr { let mut borrow = 0; for (a, b) in self.0.iter_mut().zip(other.0.iter()) { - *a = ::sbb(*a, *b, &mut borrow); + *a = ::ff::sbb(*a, *b, &mut borrow); } } } @@ -437,28 +436,28 @@ impl Field for Fr { #[inline] fn mul_assign(&mut self, other: &Fr) { let mut carry = 0; - let r0 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[0], &mut carry); - let r1 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[1], &mut carry); - let r2 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[2], &mut carry); - let r3 = ::mac_with_carry(0, (self.0).0[0], (other.0).0[3], &mut carry); + let r0 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[0], &mut carry); + let r1 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[1], &mut carry); + let r2 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[2], &mut carry); + let r3 = ::ff::mac_with_carry(0, (self.0).0[0], (other.0).0[3], &mut carry); let r4 = carry; let mut carry = 0; - let r1 = ::mac_with_carry(r1, (self.0).0[1], (other.0).0[0], &mut carry); - let r2 = ::mac_with_carry(r2, (self.0).0[1], (other.0).0[1], &mut carry); - let r3 = ::mac_with_carry(r3, (self.0).0[1], (other.0).0[2], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[1], (other.0).0[3], &mut carry); + let r1 = ::ff::mac_with_carry(r1, (self.0).0[1], (other.0).0[0], &mut carry); + let r2 = ::ff::mac_with_carry(r2, (self.0).0[1], (other.0).0[1], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[1], (other.0).0[2], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[1], (other.0).0[3], &mut carry); let r5 = carry; let mut carry = 0; - let r2 = ::mac_with_carry(r2, (self.0).0[2], (other.0).0[0], &mut carry); - let r3 = ::mac_with_carry(r3, (self.0).0[2], (other.0).0[1], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[2], (other.0).0[2], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[2], (other.0).0[3], &mut carry); + let r2 = ::ff::mac_with_carry(r2, (self.0).0[2], (other.0).0[0], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[2], (other.0).0[1], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[2], (other.0).0[2], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[2], (other.0).0[3], &mut carry); let r6 = carry; let mut carry = 0; - let r3 = ::mac_with_carry(r3, (self.0).0[3], (other.0).0[0], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[3], (other.0).0[1], &mut carry); - let r5 = ::mac_with_carry(r5, (self.0).0[3], (other.0).0[2], &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[3], (other.0).0[3], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[3], (other.0).0[0], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[3], (other.0).0[1], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[3], (other.0).0[2], &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[3], (other.0).0[3], &mut carry); let r7 = carry; self.mont_reduce(r0, r1, r2, r3, r4, r5, r6, r7); } @@ -466,16 +465,16 @@ impl Field for Fr { #[inline] fn square(&mut self) { let mut carry = 0; - let r1 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[1], &mut carry); - let r2 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[2], &mut carry); - let r3 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[3], &mut carry); + let r1 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[1], &mut carry); + let r2 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[2], &mut carry); + let r3 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[3], &mut carry); let r4 = carry; let mut carry = 0; - let r3 = ::mac_with_carry(r3, (self.0).0[1], (self.0).0[2], &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[1], (self.0).0[3], &mut carry); + let r3 = ::ff::mac_with_carry(r3, (self.0).0[1], (self.0).0[2], &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[1], (self.0).0[3], &mut carry); let r5 = carry; let mut carry = 0; - let r5 = ::mac_with_carry(r5, (self.0).0[2], (self.0).0[3], &mut carry); + let r5 = ::ff::mac_with_carry(r5, (self.0).0[2], (self.0).0[3], &mut carry); let r6 = carry; let r7 = r6 >> 63; @@ -487,14 +486,14 @@ impl Field for Fr { let r1 = r1 << 1; let mut carry = 0; - let r0 = ::mac_with_carry(0, (self.0).0[0], (self.0).0[0], &mut carry); - let r1 = ::adc(r1, 0, &mut carry); - let r2 = ::mac_with_carry(r2, (self.0).0[1], (self.0).0[1], &mut carry); - let r3 = ::adc(r3, 0, &mut carry); - let r4 = ::mac_with_carry(r4, (self.0).0[2], (self.0).0[2], &mut carry); - let r5 = ::adc(r5, 0, &mut carry); - let r6 = ::mac_with_carry(r6, (self.0).0[3], (self.0).0[3], &mut carry); - let r7 = ::adc(r7, 0, &mut carry); + let r0 = ::ff::mac_with_carry(0, (self.0).0[0], (self.0).0[0], &mut carry); + let r1 = ::ff::adc(r1, 0, &mut carry); + let r2 = ::ff::mac_with_carry(r2, (self.0).0[1], (self.0).0[1], &mut carry); + let r3 = ::ff::adc(r3, 0, &mut carry); + let r4 = ::ff::mac_with_carry(r4, (self.0).0[2], (self.0).0[2], &mut carry); + let r5 = ::ff::adc(r5, 0, &mut carry); + let r6 = ::ff::mac_with_carry(r6, (self.0).0[3], (self.0).0[3], &mut carry); + let r7 = ::ff::adc(r7, 0, &mut carry); self.mont_reduce(r0, r1, r2, r3, r4, r5, r6, r7); } } @@ -534,35 +533,35 @@ impl Fr { let k = r0.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r0, k, MODULUS.0[0], &mut carry); - r1 = ::mac_with_carry(r1, k, MODULUS.0[1], &mut carry); - r2 = ::mac_with_carry(r2, k, MODULUS.0[2], &mut carry); - r3 = ::mac_with_carry(r3, k, MODULUS.0[3], &mut carry); - r4 = ::adc(r4, 0, &mut carry); + ::ff::mac_with_carry(r0, k, MODULUS.0[0], &mut carry); + r1 = ::ff::mac_with_carry(r1, k, MODULUS.0[1], &mut carry); + r2 = ::ff::mac_with_carry(r2, k, MODULUS.0[2], &mut carry); + r3 = ::ff::mac_with_carry(r3, k, MODULUS.0[3], &mut carry); + r4 = ::ff::adc(r4, 0, &mut carry); let carry2 = carry; let k = r1.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r1, k, MODULUS.0[0], &mut carry); - r2 = ::mac_with_carry(r2, k, MODULUS.0[1], &mut carry); - r3 = ::mac_with_carry(r3, k, MODULUS.0[2], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[3], &mut carry); - r5 = ::adc(r5, carry2, &mut carry); + ::ff::mac_with_carry(r1, k, MODULUS.0[0], &mut carry); + r2 = ::ff::mac_with_carry(r2, k, MODULUS.0[1], &mut carry); + r3 = ::ff::mac_with_carry(r3, k, MODULUS.0[2], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[3], &mut carry); + r5 = ::ff::adc(r5, carry2, &mut carry); let carry2 = carry; let k = r2.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r2, k, MODULUS.0[0], &mut carry); - r3 = ::mac_with_carry(r3, k, MODULUS.0[1], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[2], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[3], &mut carry); - r6 = ::adc(r6, carry2, &mut carry); + ::ff::mac_with_carry(r2, k, MODULUS.0[0], &mut carry); + r3 = ::ff::mac_with_carry(r3, k, MODULUS.0[1], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[2], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[3], &mut carry); + r6 = ::ff::adc(r6, carry2, &mut carry); let carry2 = carry; let k = r3.wrapping_mul(INV); let mut carry = 0; - ::mac_with_carry(r3, k, MODULUS.0[0], &mut carry); - r4 = ::mac_with_carry(r4, k, MODULUS.0[1], &mut carry); - r5 = ::mac_with_carry(r5, k, MODULUS.0[2], &mut carry); - r6 = ::mac_with_carry(r6, k, MODULUS.0[3], &mut carry); - r7 = ::adc(r7, carry2, &mut carry); + ::ff::mac_with_carry(r3, k, MODULUS.0[0], &mut carry); + r4 = ::ff::mac_with_carry(r4, k, MODULUS.0[1], &mut carry); + r5 = ::ff::mac_with_carry(r5, k, MODULUS.0[2], &mut carry); + r6 = ::ff::mac_with_carry(r6, k, MODULUS.0[3], &mut carry); + r7 = ::ff::adc(r7, carry2, &mut carry); (self.0).0[0] = r4; (self.0).0[1] = r5; (self.0).0[2] = r6; @@ -572,7 +571,7 @@ impl Fr { } impl SqrtField for Fr { - fn legendre(&self) -> ::LegendreSymbol { + fn legendre(&self) -> ::ff::LegendreSymbol { // s = self^((r - 1) // 2) let s = self.pow([ 0x7fffffff80000000, @@ -581,11 +580,11 @@ impl SqrtField for Fr { 0x39f6d3a994cebea4, ]); if s == Self::zero() { - Zero + ::ff::LegendreSymbol::Zero } else if s == Self::one() { - QuadraticResidue + ::ff::LegendreSymbol::QuadraticResidue } else { - QuadraticNonResidue + ::ff::LegendreSymbol::QuadraticNonResidue } } @@ -593,9 +592,9 @@ impl SqrtField for Fr { // Tonelli-Shank's algorithm for q mod 16 = 1 // https://eprint.iacr.org/2012/685.pdf (page 12, algorithm 5) match self.legendre() { - Zero => Some(*self), - QuadraticNonResidue => None, - QuadraticResidue => { + ::ff::LegendreSymbol::Zero => Some(*self), + ::ff::LegendreSymbol::QuadraticNonResidue => None, + ::ff::LegendreSymbol::QuadraticResidue => { let mut c = Fr(ROOT_OF_UNITY); // r = self^((t + 1) // 2) let mut r = self.pow([ @@ -909,6 +908,8 @@ fn test_fr_repr_sub_noborrow() { #[test] fn test_fr_legendre() { + use ff::LegendreSymbol::*; + assert_eq!(QuadraticResidue, Fr::one().legendre()); assert_eq!(Zero, Fr::zero().legendre()); diff --git a/src/bls12_381/mod.rs b/src/bls12_381/mod.rs index a5db4b5..c6c13c5 100644 --- a/src/bls12_381/mod.rs +++ b/src/bls12_381/mod.rs @@ -18,7 +18,9 @@ pub use self::fq2::Fq2; pub use self::fq6::Fq6; pub use self::fr::{Fr, FrRepr}; -use super::{BitIterator, CurveAffine, Engine, Field}; +use super::{CurveAffine, Engine}; + +use ff::{BitIterator, Field}; // The BLS parameter x for BLS12-381 is -0xd201000000010000 const BLS_X: u64 = 0xd201000000010000; diff --git a/src/lib.rs b/src/lib.rs index effc050..0c336ed 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -25,7 +25,7 @@ pub mod bls12_381; mod wnaf; pub use self::wnaf::Wnaf; -use ff::*; +use ff::{Field, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr, SqrtField}; use std::error::Error; use std::fmt; diff --git a/src/tests/field.rs b/src/tests/field.rs index 74422fd..55396a7 100644 --- a/src/tests/field.rs +++ b/src/tests/field.rs @@ -1,5 +1,5 @@ +use ff::{Field, LegendreSymbol, PrimeField, SqrtField}; use rand::{Rng, SeedableRng, XorShiftRng}; -use {Field, LegendreSymbol, PrimeField, SqrtField}; pub fn random_frobenius_tests>(characteristic: C, maxpower: usize) { let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]);