move HaveFrobenius to util

include/mcl/bls12.hpp

@@ -14,58 +14,6 @@ namespace mcl { namespace bls12 {
 using mcl::CurveParam;
 using mcl::getCurveParam;
 
-
-/*
-	twisted Frobenius for G2
-*/
-template<class G2>
-struct HaveFrobenius : public G2 {
-	typedef typename G2::Fp Fp2;
-	static Fp2 g2;
-	static Fp2 g3;
-	/*
-		BN254 is Dtype
-		BLS12-381 is Mtype
-	*/
-	static void init(bool isMtype)
-	{
-		g2 = Fp2::get_gTbl()[0];
-		g3 = Fp2::get_gTbl()[3];
-		if (isMtype) {
-			Fp2::inv(g2, g2);
-			Fp2::inv(g3, g3);
-		}
-	}
-	/*
-		FrobeniusOnTwist for Dtype
-		p mod 6 = 1, w^6 = xi
-		Frob(x', y') = phi Frob phi^-1(x', y')
-		= phi Frob (x' w^2, y' w^3)
-		= phi (x'^p w^2p, y'^p w^3p)
-		= (F(x') w^2(p - 1), F(y') w^3(p - 1))
-		= (F(x') g^2, F(y') g^3)
-
-		FrobeniusOnTwist for Dtype
-		use (1/g) instead of g
-	*/
-	static void Frobenius(G2& D, const G2& S)
-	{
-		Fp2::Frobenius(D.x, S.x);
-		Fp2::Frobenius(D.y, S.y);
-		Fp2::Frobenius(D.z, S.z);
-		D.x *= g2;
-		D.y *= g3;
-	}
-	static void Frobenius(HaveFrobenius& y, const HaveFrobenius& x)
-	{
-		Frobenius(static_cast<G2&>(y), static_cast<const G2&>(x));
-	}
-};
-template<class G2>
-typename G2::Fp HaveFrobenius<G2>::g2;
-template<class G2>
-typename G2::Fp HaveFrobenius<G2>::g3;
-
 template<class Fp>
 struct ParamT : public util::CommonParamT<Fp> {
 	typedef util::CommonParamT<Fp> Common;
@@ -86,7 +34,7 @@ struct BLS12T {
 	typedef mcl::Fp12T<Fp> Fp12;
 	typedef mcl::EcT<Fp> G1;
 	typedef mcl::EcT<Fp2> G2;
-	typedef HaveFrobenius<G2> G2withF;
+	typedef util::HaveFrobenius<G2> G2withF;
 	typedef mcl::FpDblT<Fp> FpDbl;
 	typedef mcl::Fp2DblT<Fp> Fp2Dbl;
 	typedef ParamT<Fp> Param;

include/mcl/bn.hpp

@@ -238,57 +238,6 @@ struct GLV1 {
 	}
 };
 
-/*
-	twisted Frobenius for G2
-*/
-template<class G2>
-struct HaveFrobenius : public G2 {
-	typedef typename G2::Fp Fp2;
-	static Fp2 g2;
-	static Fp2 g3;
-	/*
-		BN254 is Dtype
-		BLS12-381 is Mtype
-	*/
-	static void init(bool isMtype)
-	{
-		g2 = Fp2::get_gTbl()[0];
-		g3 = Fp2::get_gTbl()[3];
-		if (isMtype) {
-			Fp2::inv(g2, g2);
-			Fp2::inv(g3, g3);
-		}
-	}
-	/*
-		FrobeniusOnTwist for Dtype
-		p mod 6 = 1, w^6 = xi
-		Frob(x', y') = phi Frob phi^-1(x', y')
-		= phi Frob (x' w^2, y' w^3)
-		= phi (x'^p w^2p, y'^p w^3p)
-		= (F(x') w^2(p - 1), F(y') w^3(p - 1))
-		= (F(x') g^2, F(y') g^3)
-
-		FrobeniusOnTwist for Dtype
-		use (1/g) instead of g
-	*/
-	static void Frobenius(G2& D, const G2& S)
-	{
-		Fp2::Frobenius(D.x, S.x);
-		Fp2::Frobenius(D.y, S.y);
-		Fp2::Frobenius(D.z, S.z);
-		D.x *= g2;
-		D.y *= g3;
-	}
-	static void Frobenius(HaveFrobenius& y, const HaveFrobenius& x)
-	{
-		Frobenius(static_cast<G2&>(y), static_cast<const G2&>(x));
-	}
-};
-template<class G2>
-typename G2::Fp HaveFrobenius<G2>::g2;
-template<class G2>
-typename G2::Fp HaveFrobenius<G2>::g3;
-
 /*
 	GLV method for G2 and GT
 */
@@ -459,7 +408,7 @@ struct GLV2 {
 	}
 	void mul(G2& Q, const G2& P, mpz_class x, bool constTime = false) const
 	{
-		typedef HaveFrobenius<G2> G2withF;
+		typedef util::HaveFrobenius<G2> G2withF;
 		G2withF& QQ(static_cast<G2withF&>(Q));
 		const G2withF& PP(static_cast<const G2withF&>(P));
 		mul(QQ, PP, x, constTime);
@@ -499,7 +448,7 @@ struct BNT {
 	typedef mcl::Fp12T<Fp> Fp12;
 	typedef mcl::EcT<Fp> G1;
 	typedef mcl::EcT<Fp2> G2;
-	typedef HaveFrobenius<G2> G2withF;
+	typedef util::HaveFrobenius<G2> G2withF;
 	typedef mcl::FpDblT<Fp> FpDbl;
 	typedef mcl::Fp2DblT<Fp> Fp2Dbl;
 	typedef ParamT<Fp> Param;

include/mcl/ml-fe.hpp

@@ -456,7 +456,7 @@
 		z2c + z5b = (z2 + z5)(c + b) - z2b - z5c
 		z0c + z3b = (z0 + z3)(c + b) - z0b - z3c
 	*/
-	static void mul_024(Fp12& z, const Fp6& x)
+	static void mulSparse(Fp12& z, const Fp6& x)
 	{
 #ifdef MCL_USE_BLS12
 		mul_014(z, x);
@@ -464,10 +464,10 @@
 #endif
 		mul_025(z, x);
 	}
-	static void mul_024_024(Fp12& z, const Fp6& x, const Fp6& y)
+	static void mulSparse2(Fp12& z, const Fp6& x, const Fp6& y)
 	{
 		util::convertFp6toFp12(z, x);
-		mul_024(z, y);
+		mulSparse(z, y);
 	}
 #if 0
 	/*
@@ -679,18 +679,18 @@
 		G1 adjP = makeAdjP(P);
 		dblLine(d, T, adjP);
 		addLine(l, T, Q, P);
-		mul_024_024(f, d, l);
+		mulSparse2(f, d, l);
 		for (size_t i = 2; i < param.siTbl.size(); i++) {
 			dblLine(l, T, adjP);
 			Fp12::sqr(f, f);
-			mul_024(f, l);
+			mulSparse(f, l);
 			if (param.siTbl[i]) {
 				if (param.siTbl[i] > 0) {
 					addLine(l, T, Q, P);
 				} else {
 					addLine(l, T, negQ, P);
 				}
-				mul_024(f, l);
+				mulSparse(f, l);
 			}
 		}
 		if (param.z < 0) {
@@ -705,7 +705,7 @@
 		addLine(d, T, Q1, P);
 		addLine(e, T, Q2, P);
 		Fp12 ft;
-		mul_024_024(ft, d, e);
+		mulSparse2(ft, d, e);
 		f *= ft;
 #endif
 	}
@@ -786,16 +786,16 @@
 
 		mulFp6cb_by_G1xy(e, Qcoeff[idx], P);
 		idx++;
-		mul_024_024(f, d, e);
+		mulSparse2(f, d, e);
 		for (size_t i = 2; i < param.siTbl.size(); i++) {
 			mulFp6cb_by_G1xy(l, Qcoeff[idx], adjP);
 			idx++;
 			Fp12::sqr(f, f);
-			mul_024(f, l);
+			mulSparse(f, l);
 			if (param.siTbl[i]) {
 				mulFp6cb_by_G1xy(l, Qcoeff[idx], P);
 				idx++;
-				mul_024(f, l);
+				mulSparse(f, l);
 			}
 		}
 		if (param.z < 0) {
@@ -807,7 +807,7 @@
 		mulFp6cb_by_G1xy(e, Qcoeff[idx], P);
 		idx++;
 		Fp12 ft;
-		mul_024_024(ft, d, e);
+		mulSparse2(ft, d, e);
 		f *= ft;
 #endif
 	}
@@ -833,10 +833,10 @@
 
 		Fp12 f1, f2;
 		mulFp6cb_by_G1xy(e1, Q1coeff[idx], P1);
-		mul_024_024(f1, d1, e1);
+		mulSparse2(f1, d1, e1);
 
 		mulFp6cb_by_G1xy(e2, Q2coeff[idx], P2);
-		mul_024_024(f2, d2, e2);
+		mulSparse2(f2, d2, e2);
 		Fp12::mul(f, f1, f2);
 		idx++;
 		for (size_t i = 2; i < param.siTbl.size(); i++) {
@@ -844,13 +844,13 @@
 			mulFp6cb_by_G1xy(l2, Q2coeff[idx], adjP2);
 			idx++;
 			Fp12::sqr(f, f);
-			mul_024_024(f1, l1, l2);
+			mulSparse2(f1, l1, l2);
 			f *= f1;
 			if (param.siTbl[i]) {
 				mulFp6cb_by_G1xy(l1, Q1coeff[idx], P1);
 				mulFp6cb_by_G1xy(l2, Q2coeff[idx], P2);
 				idx++;
-				mul_024_024(f1, l1, l2);
+				mulSparse2(f1, l1, l2);
 				f *= f1;
 			}
 		}
@@ -864,8 +864,8 @@
 		mulFp6cb_by_G1xy(e1, Q1coeff[idx], P1);
 		mulFp6cb_by_G1xy(e2, Q2coeff[idx], P2);
 		idx++;
-		mul_024_024(f1, d1, e1);
-		mul_024_024(f2, d2, e2);
+		mulSparse2(f1, d1, e1);
+		mulSparse2(f2, d2, e2);
 		f *= f1;
 		f *= f2;
 #endif

include/mcl/pairing_util.hpp

@@ -263,6 +263,57 @@ void mul_b_div_xi(const Param& param, Fp2& y, const Fp2& x)
 	}
 }
 
+/*
+	twisted Frobenius for G2
+*/
+template<class G2>
+struct HaveFrobenius : public G2 {
+	typedef typename G2::Fp Fp2;
+	static Fp2 g2;
+	static Fp2 g3;
+	/*
+		BN254 is Dtype
+		BLS12-381 is Mtype
+	*/
+	static void init(bool isMtype)
+	{
+		g2 = Fp2::get_gTbl()[0];
+		g3 = Fp2::get_gTbl()[3];
+		if (isMtype) {
+			Fp2::inv(g2, g2);
+			Fp2::inv(g3, g3);
+		}
+	}
+	/*
+		FrobeniusOnTwist for Dtype
+		p mod 6 = 1, w^6 = xi
+		Frob(x', y') = phi Frob phi^-1(x', y')
+		= phi Frob (x' w^2, y' w^3)
+		= phi (x'^p w^2p, y'^p w^3p)
+		= (F(x') w^2(p - 1), F(y') w^3(p - 1))
+		= (F(x') g^2, F(y') g^3)
+
+		FrobeniusOnTwist for Dtype
+		use (1/g) instead of g
+	*/
+	static void Frobenius(G2& D, const G2& S)
+	{
+		Fp2::Frobenius(D.x, S.x);
+		Fp2::Frobenius(D.y, S.y);
+		Fp2::Frobenius(D.z, S.z);
+		D.x *= g2;
+		D.y *= g3;
+	}
+	static void Frobenius(HaveFrobenius& y, const HaveFrobenius& x)
+	{
+		Frobenius(static_cast<G2&>(y), static_cast<const G2&>(x));
+	}
+};
+template<class G2>
+typename G2::Fp HaveFrobenius<G2>::g2;
+template<class G2>
+typename G2::Fp HaveFrobenius<G2>::g3;
+
 } // mcl::util
 
 } // mcl

test/bls12_test.cpp

@@ -586,7 +586,7 @@ const char *f2Str =
 	l.c.setStr(l1Str, 16);
 	f.setStr(fStr, 16);
 	f2.setStr(f2Str, 16);
-	BLS12::mul_024(f, l);
+	BLS12::mulSparse(f, l);
 	CYBOZU_TEST_EQUAL(f, f2);
 }
 

test/bn_test.cpp

@@ -361,7 +361,7 @@ BN::Fp2Dbl D;
 	CYBOZU_BENCH_C("Fp2Dbl::mulPre", 100000, BN::Fp2Dbl::mulPre, D, x.a, x.b);
 	CYBOZU_BENCH_C("Fp6mul_01", 1000000, BN::Fp6mul_01, x, x, x.a, x.b);
 	CYBOZU_BENCH_C("mul_025", 1000000, BN::mul_025, z2,z2.a);
-	CYBOZU_BENCH_C("mul_024", 1000000, BN::mul_024, z2,z2.a);
+	CYBOZU_BENCH_C("mulSparse", 1000000, BN::mulSparse, z2,z2.a);
 	exit(1);
 }
 		const G1 P(ts.g1.a, ts.g1.b);