dirty hack of multi curve instance

include/mcl/bn.hpp

@@ -1,4 +1,6 @@
-#pragma once
+#ifndef MCL_INCLUDE_MCL_BN_HPP
+#define MCL_INCLUDE_MCL_BN_HPP
+// use MCL_INCLUDE_MCL_BN_HPP instead of #pragma once to be able to include twice
 /**
 	@file
 	@brief optimal ate pairing over BN-curve / BLS12-curve
@@ -9,6 +11,7 @@
 #include <mcl/fp_tower.hpp>
 #include <mcl/ec.hpp>
 #include <mcl/curve_type.h>
+#include <mcl/mapto_wb19.hpp>
 #include <assert.h>
 #ifndef CYBOZU_DONT_USE_EXCEPTION
 #include <vector>
@@ -24,58 +27,12 @@
 #ifndef MCL_MAX_FR_BIT_SIZE
 	#define MCL_MAX_FR_BIT_SIZE MCL_MAX_FP_BIT_SIZE
 #endif
+#ifndef MCL_NAMESPACE_BN
+	#define MCL_NAMESPACE_BN bn
+#endif
 namespace mcl {
 
-struct CurveParam {
-	/*
-		y^2 = x^3 + b
-		i^2 = -1
-		xi = xi_a + i
-		v^3 = xi
-		w^2 = v
-	*/
-	const char *z;
-	int b; // y^2 = x^3 + b
-	int xi_a; // xi = xi_a + i
-	/*
-		BN254, BN381 : Dtype
-		BLS12-381 : Mtype
-	*/
-	bool isMtype;
-	int curveType; // same in curve_type.h
-	bool operator==(const CurveParam& rhs) const
-	{
-		return strcmp(z, rhs.z) == 0 && b == rhs.b && xi_a == rhs.xi_a && isMtype == rhs.isMtype;
-	}
-	bool operator!=(const CurveParam& rhs) const { return !operator==(rhs); }
-};
-
-const CurveParam BN254 = { "-0x4080000000000001", 2, 1, false, MCL_BN254 }; // -(2^62 + 2^55 + 1)
-// provisional(experimental) param with maxBitSize = 384
-const CurveParam BN381_1 = { "-0x400011000000000000000001", 2, 1, false, MCL_BN381_1 }; // -(2^94 + 2^76 + 2^72 + 1) // A Family of Implementation-Friendly BN Elliptic Curves
-const CurveParam BN381_2 = { "-0x400040090001000000000001", 2, 1, false, MCL_BN381_2 }; // -(2^94 + 2^78 + 2^67 + 2^64 + 2^48 + 1) // used in relic-toolkit
-const CurveParam BN462 = { "0x4001fffffffffffffffffffffbfff", 5, 2, false, MCL_BN462 }; // 2^114 + 2^101 - 2^14 - 1 // https://eprint.iacr.org/2017/334
-const CurveParam BN_SNARK1 = { "4965661367192848881", 3, 9, false, MCL_BN_SNARK1 };
-const CurveParam BLS12_381 = { "-0xd201000000010000", 4, 1, true, MCL_BLS12_381 };
-const CurveParam BN160 = { "0x4000000031", 3, 4, false, MCL_BN160 };
-
-inline const CurveParam& getCurveParam(int type)
-{
-	switch (type) {
-	case MCL_BN254: return mcl::BN254;
-	case MCL_BN381_1: return mcl::BN381_1;
-	case MCL_BN381_2: return mcl::BN381_2;
-	case MCL_BN462: return mcl::BN462;
-	case MCL_BN_SNARK1: return mcl::BN_SNARK1;
-	case MCL_BLS12_381: return mcl::BLS12_381;
-	case MCL_BN160: return mcl::BN160;
-	default:
-		assert(0);
-		return mcl::BN254;
-	}
-}
-
-namespace bn {
+namespace MCL_NAMESPACE_BN {
 
 namespace local {
 struct FpTag;
@@ -314,7 +271,6 @@ public:
 	}
 };
 
-#include <mcl/mapto_wb19.hpp>
 
 struct MapTo {
 	enum {
@@ -332,7 +288,7 @@ struct MapTo {
 	int type_;
 	int mapToMode_;
 	bool useOriginalG2cofactor_;
-	MapToG2_WB19 mapToG2_WB19_;
+	MapToG2_WB19<Fp, Fp2, G2> mapToG2_WB19_;
 	MapTo()
 		: type_(0)
 		, mapToMode_(MCL_MAP_TO_MODE_ORIGINAL)
@@ -2320,7 +2276,7 @@ inline const Fr& getG2cofactorAdjInv()
 inline bool ethMsgToFp2(Fp2& out, const void *msg, size_t msgSize, uint8_t ctr, const void *dst, size_t dstSize)
 {
 	if (!BN::param.isBLS12) return false;
-	BN::local::hashToFp2(out, msg, msgSize, ctr, dst, dstSize);
+	hashToFp2(out, msg, msgSize, ctr, dst, dstSize);
 	return true;
 }
 
@@ -2340,3 +2296,4 @@ inline bool ethMsgToG2(G2& out, const void *msg, size_t msgSize, const void *dst
 
 } } // mcl::bn
 
+#endif

include/mcl/curve_type.h

@@ -42,3 +42,62 @@ enum {
 	MCL_MAP_TO_MODE_ETH2, // old eth2.0 spec
 	MCL_MAP_TO_MODE_WB19 // used in new eth2.0 spec
 };
+
+#ifdef __cplusplus
+
+#include <string.h>
+#include <assert.h>
+
+namespace mcl {
+
+struct CurveParam {
+	/*
+		y^2 = x^3 + b
+		i^2 = -1
+		xi = xi_a + i
+		v^3 = xi
+		w^2 = v
+	*/
+	const char *z;
+	int b; // y^2 = x^3 + b
+	int xi_a; // xi = xi_a + i
+	/*
+		BN254, BN381 : Dtype
+		BLS12-381 : Mtype
+	*/
+	bool isMtype;
+	int curveType; // same in curve_type.h
+	bool operator==(const CurveParam& rhs) const
+	{
+		return strcmp(z, rhs.z) == 0 && b == rhs.b && xi_a == rhs.xi_a && isMtype == rhs.isMtype;
+	}
+	bool operator!=(const CurveParam& rhs) const { return !operator==(rhs); }
+};
+
+const CurveParam BN254 = { "-0x4080000000000001", 2, 1, false, MCL_BN254 }; // -(2^62 + 2^55 + 1)
+// provisional(experimental) param with maxBitSize = 384
+const CurveParam BN381_1 = { "-0x400011000000000000000001", 2, 1, false, MCL_BN381_1 }; // -(2^94 + 2^76 + 2^72 + 1) // A Family of Implementation-Friendly BN Elliptic Curves
+const CurveParam BN381_2 = { "-0x400040090001000000000001", 2, 1, false, MCL_BN381_2 }; // -(2^94 + 2^78 + 2^67 + 2^64 + 2^48 + 1) // used in relic-toolkit
+const CurveParam BN462 = { "0x4001fffffffffffffffffffffbfff", 5, 2, false, MCL_BN462 }; // 2^114 + 2^101 - 2^14 - 1 // https://eprint.iacr.org/2017/334
+const CurveParam BN_SNARK1 = { "4965661367192848881", 3, 9, false, MCL_BN_SNARK1 };
+const CurveParam BLS12_381 = { "-0xd201000000010000", 4, 1, true, MCL_BLS12_381 };
+const CurveParam BN160 = { "0x4000000031", 3, 4, false, MCL_BN160 };
+
+inline const CurveParam& getCurveParam(int type)
+{
+	switch (type) {
+	case MCL_BN254: return mcl::BN254;
+	case MCL_BN381_1: return mcl::BN381_1;
+	case MCL_BN381_2: return mcl::BN381_2;
+	case MCL_BN462: return mcl::BN462;
+	case MCL_BN_SNARK1: return mcl::BN_SNARK1;
+	case MCL_BLS12_381: return mcl::BLS12_381;
+	case MCL_BN160: return mcl::BN160;
+	default:
+		assert(0);
+		return mcl::BN254;
+	}
+}
+
+} // mcl
+#endif

include/mcl/mapto_wb19.hpp

@@ -7,8 +7,10 @@
 	http://opensource.org/licenses/BSD-3-Clause
 	ref. https://eprint.iacr.org/2019/403 , https://github.com/algorand/bls_sigs_ref
 */
+namespace mcl {
 
 // ctr = 0 or 1 or 2
+template<class Fp2>
 inline void hashToFp2(Fp2& out, const void *msg, size_t msgSize, uint8_t ctr, const void *dst, size_t dstSize)
 {
 	const bool addZeroByte = true; // append zero byte to msg
@@ -35,6 +37,7 @@ inline void hashToFp2(Fp2& out, const void *msg, size_t msgSize, uint8_t ctr, co
 	}
 }
 
+template<class Fp, class Fp2, class G2>
 struct MapToG2_WB19 {
 	Fp2 xi;
 	Fp2 Ell2p_a;
@@ -667,3 +670,5 @@ struct MapToG2_WB19 {
 	}
 };
 
+} // mcl
+

sample/multi.cpp

@@ -0,0 +1,65 @@
+/*
+	dirty hack to make multi instance of pairing functions
+*/
+#include <iostream>
+// BLS12-381 ; sizeof(Fp) = 48, sizeof(Fr) = 32
+#define MCL_MAX_FP_BIT_SIZE 384
+#define MCL_MAX_FR_BIT_SIZE 256
+#include <mcl/bn.hpp>
+// remove include gurad of bn.hpp
+#undef MCL_INCLUDE_MCL_BN_HPP
+// define other fp size
+// BN254 ; sizeof(Fp) = 32, sizeof(Fr) = 32
+#undef MCL_MAX_FP_BIT_SIZE
+#define MCL_MAX_FP_BIT_SIZE 256
+// define another namespace instead of bn
+#undef MCL_NAMESPACE_BN
+#define MCL_NAMESPACE_BN bn2
+#include <mcl/bn.hpp>
+
+#define PUT(x) std::cout << #x "=" << (x) << std::endl;
+int main()
+	try
+{
+	using namespace mcl;
+	mpz_class a = 123;
+	mpz_class b = 456;
+	bn::initPairing(mcl::BLS12_381);
+	bn2::initPairing(mcl::BN254);
+
+	bn::G1 P1;
+	bn::G2 Q1;
+	bn::GT e1, f1;
+
+	bn2::G1 P2;
+	bn2::G2 Q2;
+	bn2::GT e2, f2;
+
+	bn::hashAndMapToG1(P1, "abc", 3);
+	bn2::hashAndMapToG1(P2, "abc", 3);
+	PUT(P1);
+	PUT(P2);
+
+	bn::hashAndMapToG2(Q1, "abc", 3);
+	bn2::hashAndMapToG2(Q2, "abc", 3);
+
+	PUT(Q1);
+	PUT(Q2);
+	P1 += P1;
+	Q2 += Q2;
+
+	bn::pairing(e1, P1, Q1);
+	bn2::pairing(e2, P2, Q2);
+	P1 *= a;
+	Q1 *= b;
+	P2 *= a;
+	Q2 *= b;
+	bn::pairing(f1, P1, Q1);
+	bn2::pairing(f2, P2, Q2);
+	bn::GT::pow(e1, e1, a * b);
+	bn2::GT::pow(e2, e2, a * b);
+	printf("eq %d %d\n", e1 == f1, e2 == f2);
+} catch (std::exception& e) {
+	printf("err %s\n", e.what());
+	return 1;
+}

test/mapto_wb19_test.cpp

@@ -10,7 +10,7 @@
 using namespace mcl;
 using namespace mcl::bn;
 
-typedef mcl::bn::local::MapToG2_WB19 MapTo;
+typedef mcl::MapToG2_WB19<Fp, Fp2, G2> MapTo;
 typedef MapTo::Point Point;
 
 void dump(const void *msg, size_t msgSize)
@@ -634,7 +634,7 @@ CYBOZU_TEST_AUTO(test)
 	initPairing(mcl::BLS12_381);
 	Fp::setETHserialization(true);
 	bn::setMapToMode(MCL_MAP_TO_MODE_WB19);
-	const mcl::bn::local::MapToG2_WB19& mapto = BN::param.mapTo.mapToG2_WB19_;
+	const MapTo& mapto = BN::param.mapTo.mapToG2_WB19_;
 	py_eccTest(mapto);
 	py_eccTest2(mapto);
 	osswu2_helpTest(mapto);