use mulByCofactorBLS12fast

include/mcl/bn.hpp

@@ -11,6 +11,13 @@
 #include <mcl/fp_tower.hpp>
 #include <mcl/ec.hpp>
 #include <mcl/curve_type.h>
+namespace mcl { namespace local {
+
+// to export fast cofactor multiplication to mapto_wb19
+template<class T>
+void mulByCofactorBLS12fast(T& Q, const T& P);
+
+} } // mcl::local
 #include <mcl/mapto_wb19.hpp>
 #include <assert.h>
 #ifndef CYBOZU_DONT_USE_EXCEPTION
@@ -2255,4 +2262,11 @@ inline bool ethMsgToG2(G2& out, const void *msg, size_t msgSize, const void *dst
 
 } } // mcl::bn
 
+namespace mcl { namespace local {
+template<>
+inline void mulByCofactorBLS12fast(mcl::MCL_NAMESPACE_BN::G2& Q, const mcl::MCL_NAMESPACE_BN::G2& P)
+{
+	mcl::MCL_NAMESPACE_BN::BN::param.mapTo.mulByCofactorBLS12fast(Q, P);
+}
+} } // mcl::local
 #endif

include/mcl/mapto_wb19.hpp

@@ -327,6 +327,7 @@ struct MapToG2_WB19 {
 		}
 		assert(0);
 	}
+#if 0
 	void h2_chain(G2& out, const G2& P) const
 	{
 		G2 t[16];
@@ -387,19 +388,21 @@ struct MapToG2_WB19 {
 		}
 		Q = T;
 	}
+#endif
 	void clear_h2(G2& Q, const G2& P) const
 	{
-#if 0
+#if 1
-		bn::param.mapTo.mulByCofactorBLS12fast(Q, P);
+		// 1.9Mclk can be reduced
+		mcl::local::mulByCofactorBLS12fast(Q, P);
 #else
-		G2 work, work2;
+		G2 T0, T1;
-		h2_chain(work, P);
+		h2_chain(T0, P);
-		G2::dbl(work2, work);
+		G2::dbl(T1, T0);
-		G2::add(work2, work, work2);
+		G2::add(T1, T0, T1);
-		mx_chain(work, work2);
+		mx_chain(T0, T1);
-		mx_chain(work, work);
+		mx_chain(T0, T0);
-		G2::neg(work2, work2);
+		G2::neg(T1, T1);
-		G2::add(Q, work, work2);
+		G2::add(Q, T0, T1);
 #endif
 	}
 	template<class T>