From 61e29716112677a5e560f60d596040f6f7c6d1d7 Mon Sep 17 00:00:00 2001 From: MITSUNARI Shigeo Date: Tue, 30 Jun 2020 12:17:44 +0900 Subject: [PATCH] add g1cofactor --- include/mcl/mapto_wb19.hpp | 17 +++++++++++++---- test/mapto_wb19_test.cpp | 22 ++++++++++++++++------ 2 files changed, 29 insertions(+), 10 deletions(-) diff --git a/include/mcl/mapto_wb19.hpp b/include/mcl/mapto_wb19.hpp index 42fd619..a35d79c 100644 --- a/include/mcl/mapto_wb19.hpp +++ b/include/mcl/mapto_wb19.hpp @@ -86,6 +86,7 @@ struct MapTo_WB19 { Fp g1xden[11]; Fp g1ynum[16]; Fp g1yden[16]; + mpz_class g1cofactor; int g1Z; int draftVersion_; void setDraftVersion(int draftVersion) @@ -156,6 +157,8 @@ struct MapTo_WB19 { g1c2.setStr(&b, c2); assert(b); (void)b; g1Z = 11; + gmp::setStr(&b, g1cofactor, "d201000000010001", 16); + assert(b); (void)b; } init_iso11(); } @@ -612,11 +615,9 @@ struct MapTo_WB19 { } map2curve_osswu2(out, msg, msgSize, dst, strlen(dst)); } - void msgToG1(G1& out, const void *msg, size_t msgSize) const + void msgToG1(G1& out, const void *msg, size_t msgSize, const char *dst, size_t dstSize) const { assert(draftVersion_ == 7); - const char *dst = "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_"; - const size_t dstSize = strlen(dst); uint8_t md[128]; mcl::fp::expand_message_xmd(md, sizeof(md), msg, msgSize, dst, dstSize); Fp u[2]; @@ -628,8 +629,16 @@ struct MapTo_WB19 { E1 P1, P2; sswuG1(P1, u[0]); sswuG1(P2, u[1]); - ec::addJacobi(P1, P1, P2); // ok + ec::addJacobi(P1, P1, P2); iso11(out, P1); + G1::mulGeneric(out, out, g1cofactor); + } + void msgToG1(G1& out, const void *msg, size_t msgSize) const + { + assert(draftVersion_ == 7); + const char *dst = "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_"; + const size_t dstSize = strlen(dst); + msgToG1(out, msg, msgSize, dst, dstSize); } }; diff --git a/test/mapto_wb19_test.cpp b/test/mapto_wb19_test.cpp index 1938cb9..cc278e1 100644 --- a/test/mapto_wb19_test.cpp +++ b/test/mapto_wb19_test.cpp @@ -1105,25 +1105,35 @@ void testMsgToG1(const T& mapto) { const struct { const char *msg; + const char *dst; const char *x; const char *y; - const char *z; } tbl[] = { { "asdf", - "14f99d14fa81bad3cc6232c0dee394235fb61287be4a262085604684a20790fbc7954ae6b2d545f05f967c9f624a116a", - "acfaebe113b047b38d8eb3a37bbdf77ed0d392289f642e6e7b1611305ae537fa0a574a8235042672b49f44f54d00646", - "1", + "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_POP_", + "bc73d15443009a8ff2ddce864136d892274dd8365c60d0d2d44cc543387348e366a8f1e1401427e37743c29ed2c939a", + "101e26428a1b78c05458cb1cc37d2d87876ad3437096d2827f376702d4451667fe1fa82e82795495d33d466133ed1862", }, + // https://www.ietf.org/id/draft-irtf-cfrg-hash-to-curve-09.txt + // H.9.1. BLS12381G1_XMD:SHA-256_SSWU_RO_ + { + "", + "QUUX-V01-CS02-with-BLS12381G1_XMD:SHA-256_SSWU_RO_", + "052926add2207b76ca4fa57a8734416c8dc95e24501772c814278700eed6d1e4e8cf62d9c09db0fac349612b759e79a1", + "08ba738453bfed09cb546dbb0783dbb3a5f1f566ed67bb6be0e8c67e2e81a4cc68ee29813bb7994998f3eae0c9c6a265", + } }; for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(tbl); i++) { const char *msg = tbl[i].msg; const size_t msgSize = strlen(msg); + const char *dst = tbl[i].dst; + const size_t dstSize = strlen(dst); G1 P, Q; - mapto.msgToG1(P, msg, msgSize); + mapto.msgToG1(P, msg, msgSize, dst, dstSize); Q.x.setStr(tbl[i].x, 16); Q.y.setStr(tbl[i].y, 16); - Q.z.setStr(tbl[i].z, 16); + Q.z = 1; CYBOZU_TEST_EQUAL(P, Q); } }