rename bnXXXinit to initPairing()

Makefile

@@ -15,7 +15,7 @@ ifeq ($(CPU),x86-64)
     TEST_SRC+=fp_generator_test.cpp
   endif
 endif
-SAMPLE_SRC=bench.cpp ecdh.cpp random.cpp rawbench.cpp vote.cpp pairing.cpp large.cpp tri-dh.cpp bls_sig.cpp pairing_c.c bgn_smpl.cpp
+SAMPLE_SRC=bench.cpp ecdh.cpp random.cpp rawbench.cpp vote.cpp pairing.cpp large.cpp tri-dh.cpp bls_sig.cpp pairing_c.c she_smpl.cpp
 
 ifneq ($(MCL_MAX_BIT_SIZE),)
   CFLAGS+=-DMCL_MAX_BIT_SIZE=$(MCL_MAX_BIT_SIZE)

docs/demo/exported-mcl.js

@@ -1,6 +1,6 @@
 function define_exported_mcl(mod) {
 mclBn_setErrFile = mod.cwrap('mclBn_setErrFile', 'number', ['number', ])
-mclBn_init = mod.cwrap('mclBn_init', 'number', ['number', 'number', ])
+_mclBn_init = mod.cwrap('mclBn_init', 'number', ['number', 'number', ])
 mclBn_getOpUnitSize = mod.cwrap('mclBn_getOpUnitSize', 'number', [])
 mclBn_getCurveOrder = mod.cwrap('mclBn_getCurveOrder', 'number', ['number', 'number', ])
 mclBn_getFieldOrder = mod.cwrap('mclBn_getFieldOrder', 'number', ['number', 'number', ])

docs/demo/pairing.html

@@ -9,6 +9,9 @@
 </script>
 </head>
 <body>
+<h1>
+See <a href="https://herumi.github.io/bls/demo/bls.html">BLS signature demo</a>. This page is obsolete.
+</h1>
 <div>
 library status <span name="status">initializing...</span>
 </div>

docs/demo/pairing.js

@@ -25,7 +25,7 @@ var MCLBN_FP_UNIT_SIZE = 4
 var module = setupWasm('mclbn.wasm', null, function(mod, ns) {
 	define_exported_mcl(mod)
 	define_extra_functions(mod)
-	var r = mclBn_init(0, MCLBN_FP_UNIT_SIZE)
+	var r = mclBn_init(0)
 	setText('status', r ? 'err:' + r : 'ok')
 })
 
@@ -99,6 +99,9 @@ function define_extra_functions(mod) {
 		}
 	}
 	///////////////////////////////////////////////////////////////
+	mclBn_init = function(curveType) {
+		_mclBn_init(curveType, MCLBN_FP_UNIT_SIZE)
+	}
 	mclBnFr_malloc = function() {
 		return mod._malloc(MCLBN_FP_UNIT_SIZE * 8)
 	}

ffi/js/export-functions.py

@@ -2,7 +2,7 @@ import sys, re
 
 #RE_PROTOTYPE = re.compile(r'MCLBN_DLL_API\s\w\s\w\([^)]*\);')
 RE_PROTOTYPE = re.compile(r'\w*\s(\w*)\s(\w*)\(([^)]*)\);')
-RE_SPECIAL_FUNCTION_NAME = re.compile(r'(setStr|getStr|[sS]erialize|setLittleEndian|setHashOf|hashAndMapTo|DecStr|HexStr|HashTo|blsSign|blsVerify|GetCurveOrder|GetFieldOrder|KeyShare|KeyRecover|blsSignatureRecover)')
+RE_SPECIAL_FUNCTION_NAME = re.compile(r'(mclBn_init|setStr|getStr|[sS]erialize|setLittleEndian|setHashOf|hashAndMapTo|DecStr|HexStr|HashTo|blsSign|blsVerify|GetCurveOrder|GetFieldOrder|KeyShare|KeyRecover|blsSignatureRecover|blsInit)')
 def export_functions(modName, fileNames):
 	if modName:
 		print 'function define_exported_' + modName + '(mod) {'

include/mcl/bn.h

@@ -73,7 +73,8 @@ MCLBN_DLL_API int mclBn_setErrFile(const char *name);
 enum {
 	mclBn_CurveFp254BNb = 0,
 	mclBn_CurveFp382_1 = 1,
-	mclBn_CurveFp382_2 = 2
+	mclBn_CurveFp382_2 = 2,
+	mclBn_CurveFp462 = 3
 };
 
 /*

include/mcl/bn.hpp

@@ -33,6 +33,7 @@ const CurveParam CurveFp254BNb = { "-0x4080000000000001", 2, 1 }; // -(2^62 + 2^
 // provisional(experimental) param with maxBitSize = 384
 const CurveParam CurveFp382_1 = { "-0x400011000000000000000001", 2, 1 }; // -(2^94 + 2^76 + 2^72 + 1) // A Family of Implementation-Friendly BN Elliptic Curves
 const CurveParam CurveFp382_2 = { "-0x400040090001000000000001", 2, 1 }; // -(2^94 + 2^78 + 2^67 + 2^64 + 2^48 + 1) // used in relic-toolkit
+const CurveParam CurveFp462 = { "0x4001fffffffffffffffffffffbfff", -4, 1 }; // 2^114 + 2^101 - 2^14 - 1 // https://eprint.iacr.org/2017/334
 
 template<class Fp>
 struct MapToT {

include/mcl/bn256.hpp

@@ -27,7 +27,7 @@ typedef BN::Fp12 GT;
 /* the order of G1 is r */
 typedef mcl::FpT<local::FrTag, 256> Fr;
 
-static inline void bn256init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp254BNb, fp::Mode mode = fp::FP_AUTO)
+static inline void initPairing(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp254BNb, fp::Mode mode = fp::FP_AUTO)
 {
 	BN::init(cp, mode);
 	G1::setCompressedExpression();
@@ -35,5 +35,10 @@ static inline void bn256init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp254
 	Fr::init(BN::param.r);
 }
 
+static inline void bn256init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp254BNb, fp::Mode mode = fp::FP_AUTO)
+{
+	initPairing(cp, mode);
+}
+
 } } // mcl::bn256
 

include/mcl/bn384.hpp

@@ -27,7 +27,7 @@ typedef BN::Fp12 GT;
 /* the order of G1 is r */
 typedef mcl::FpT<local::FrTag, 384> Fr;
 
-static inline void bn384init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp382_2, fp::Mode mode = fp::FP_AUTO)
+static inline void initPairing(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp382_2, fp::Mode mode = fp::FP_AUTO)
 {
 	BN::init(cp, mode);
 	G1::setCompressedExpression();
@@ -35,5 +35,10 @@ static inline void bn384init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp382
 	Fr::init(BN::param.r);
 }
 
+static inline void bn384init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp382_2, fp::Mode mode = fp::FP_AUTO)
+{
+	initPairing(cp, mode);
+}
+
 } } // mcl::bn384
 

include/mcl/she.hpp

@@ -17,11 +17,20 @@
 */
 #include <vector>
 #include <iosfwd>
+#if !defined(MCL_USE_BN256) && !defined(MCL_USE_BN384) && !defined(MCL_USE_BN512)
+	#define MCL_USE_BN256
+#endif
+#ifdef MCL_USE_BN256
+#include <mcl/bn256.hpp>
+namespace bn_current = mcl::bn256;
+#endif
 #ifdef MCL_USE_BN384
 #include <mcl/bn384.hpp>
-#else
-#include <mcl/bn256.hpp>
-#define MCL_USE_BN256
+namespace bn_current = mcl::bn384;
+#endif
+#ifdef MCL_USE_BN512
+#include <mcl/bn512.hpp>
+namespace bn_current = mcl::bn512;
 #endif
 
 #if CYBOZU_CPP_VERSION >= CYBOZU_CPP_VERSION_CPP11
@@ -382,11 +391,7 @@ private:
 	static void doubleMillerLoop(GT& g1, GT& g2, const G1& P1, const G1& P2, const G2& Q)
 	{
 #if 1
-#ifdef MCL_USE_BN384
-		std::vector<bn384::Fp6> Qcoeff;
-#else
-		std::vector<bn256::Fp6> Qcoeff;
-#endif
+		std::vector<bn_current::Fp6> Qcoeff;
 		BN::precomputeG2(Qcoeff, Q);
 		BN::precomputedMillerLoop(g1, P1, Qcoeff);
 		BN::precomputedMillerLoop(g2, P2, Qcoeff);
@@ -410,12 +415,7 @@ public:
 
 	static void init(const mcl::bn::CurveParam& cp = mcl::bn::CurveFp254BNb)
 	{
-#ifdef MCL_USE_BN256
-		mcl::bn256::bn256init(cp);
-#endif
-#ifdef MCL_USE_BN384
-		mcl::bn384::bn384init(cp);
-#endif
+		bn_current::initPairing(cp);
 		BN::hashAndMapToG1(P, "0");
 		BN::hashAndMapToG2(Q, "0");
 		BN::pairing(ePQ, P, Q);
@@ -1025,11 +1025,7 @@ template<class BN, class Fr> typename BN::G2 SHET<BN, Fr>::Q;
 template<class BN, class Fr> typename BN::Fp12 SHET<BN, Fr>::ePQ;
 template<class BN, class Fr> local::HashTable<typename BN::G1> SHET<BN, Fr>::g1HashTbl;
 template<class BN, class Fr> local::HashTable<typename BN::Fp12, false> SHET<BN, Fr>::gtHashTbl;
-#ifdef MCL_USE_BN384
-typedef mcl::she::SHET<mcl::bn384::BN, mcl::bn256::Fr> SHE;
-#else
-typedef mcl::she::SHET<mcl::bn256::BN, mcl::bn256::Fr> SHE;
-#endif
+typedef mcl::she::SHET<bn_current::BN, bn_current::Fr> SHE;
 typedef SHE::SecretKey SecretKey;
 typedef SHE::PublicKey PublicKey;
 typedef SHE::CipherTextG1 CipherTextG1;

java/bn256_impl.hpp

@@ -4,7 +4,7 @@
 
 void SystemInit() throw(std::exception)
 {
-	mcl::bn256::bn256init();
+	mcl::bn256::initPairing();
 }
 
 class G1;

readme.md

@@ -139,11 +139,11 @@ finalExp 546.259Kclk
 If you want to remove '_dy` of so files, then `makeSHARE_BASENAME_SUF=`.
 
 # How to initialize pairing library
-Call `mcl::bn256::bn256init` before calling any operations.
+Call `mcl::bn256::initPairing` before calling any operations.
 ```
 #include <mcl/bn256.hpp>
 mcl::bn::CurveParam cp = mcl::bn::CurveFp254BNb; // or mcl::bn::CurveSNARK1
-mcl::bn256::bn256init(cp);
+mcl::bn256::initPairing(cp);
 mcl::bn256::G1 P(...);
 mcl::bn256::G2 Q(...);
 mcl::bn256::Fp12 e;

sample/bls_sig.cpp

@@ -54,7 +54,7 @@ int main(int argc, char *argv[])
 	std::string m = argc == 1 ? "hello mcl" : argv[1];
 
 	// setup parameter
-	bn256init();
+	initPairing();
 	G2 Q;
 	BN::mapToG2(Q, 1);
 

sample/pairing.cpp

@@ -45,7 +45,7 @@ int main()
 	const char *ba = "13891744915211034074451795021214165905772212241412891944830863846330766296736";
 	const char *bb = "7937318970632701341203597196594272556916396164729705624521405069090520231616";
 
-	bn256init();
+	initPairing();
 	G2 Q(Fp2(aa, ab), Fp2(ba, bb));
 	G1 P(-1, 1);
 

sample/she_smpl.cpp

@@ -1,16 +1,16 @@
 /*
-	sample of somewhat homomorphic encryption(SHE) by BGN with prime order group
+	sample of somewhat homomorphic encryption(SHE)
 */
 #define PUT(x) std::cout << #x << "=" << (x) << std::endl;
 #include <cybozu/benchmark.hpp>
-#include <mcl/bgn.hpp>
+#include <mcl/she.hpp>
 
-using namespace mcl::bgn;
+using namespace mcl::she;
 
 void miniSample()
 {
 	// init library
-	BGN::init();
+	SHE::init();
 
 	SecretKey sec;
 
@@ -18,7 +18,7 @@ void miniSample()
 	sec.setByCSPRNG();
 
 	// set range to decode GT DLP
-	sec.setRangeForGTDLP(1000);
+	SHE::setRangeForGTDLP(1000);
 
 	PublicKey pub;
 	// get public key
@@ -61,7 +61,7 @@ void miniSample()
 void usePrimitiveCipherText()
 {
 	// init library
-	BGN::init();
+	SHE::init();
 
 	SecretKey sec;
 
@@ -69,7 +69,7 @@ void usePrimitiveCipherText()
 	sec.setByCSPRNG();
 
 	// set range to decode GT DLP
-	sec.setRangeForGTDLP(1000);
+	SHE::setRangeForGTDLP(100);
 
 	PublicKey pub;
 	// get public key

sample/tri-dh.cpp

@@ -25,7 +25,7 @@ void keygen(const std::string& user)
 	const char *bb = "7937318970632701341203597196594272556916396164729705624521405069090520231616";
 
 
-	bn256init();
+	initPairing();
 	G2 Q(Fp2(aa, ab), Fp2(ba, bb));
 	G1 P(-1, 1);
 
@@ -54,7 +54,7 @@ void load(G1& P, G2& Q, const std::string& fileName)
 
 void share(const std::string& skFile, const std::string& pk1File, const std::string& pk2File)
 {
-	bn256init();
+	initPairing();
 	Fr s;
 	G1 P1, P2;
 	G2 Q1, Q2;

src/bn_c_impl.hpp

@@ -11,9 +11,12 @@ static cybozu::RandomGenerator g_rg;
 #if MCLBN_FP_UNIT_SIZE == 4
 #include <mcl/bn256.hpp>
 using namespace mcl::bn256;
-#else
+#elif MCLBN_FP_UNIT_SIZE == 6
 #include <mcl/bn384.hpp>
 using namespace mcl::bn384;
+#elif MCLBN_FP_UNIT_SIZE == 8
+#include <mcl/bn512.hpp>
+using namespace mcl::bn512;
 #endif
 #include <mcl/lagrange.hpp>
 
@@ -116,23 +119,24 @@ int mclBn_init(int curve, int maxUnitSize)
 	case mclBn_CurveFp254BNb:
 		cp = mcl::bn::CurveFp254BNb;
 		break;
-#if MCLBN_FP_UNIT_SIZE == 6
+#if MCLBN_FP_UNIT_SIZE >= 6
 	case mclBn_CurveFp382_1:
 		cp = mcl::bn::CurveFp382_1;
 		break;
 	case mclBn_CurveFp382_2:
 		cp = mcl::bn::CurveFp382_2;
 		break;
+#endif
+#if MCLBN_FP_UNIT_SIZE >= 8
+	case mclBn_CurveFp462:
+		cp = mcl::bn::CurveFp462;
+		break;
 #endif
 	default:
 		if (g_fp) fprintf(g_fp, "MCLBN_init:not supported curve %d\n", curve);
 		return -1;
 	}
-#if MCLBN_FP_UNIT_SIZE == 4
-	bn256init(cp);
-#else
-	bn384init(cp);
-#endif
+	initPairing(cp);
 	return 0;
 } catch (std::exception& e) {
 	if (g_fp) fprintf(g_fp, "%s\n", e.what());

test/bn384_test.cpp

@@ -12,7 +12,7 @@ mcl::fp::Mode g_mode;
 
 void testCurve(const mcl::bn::CurveParam& cp)
 {
-	bn384init(cp, g_mode);
+	initPairing(cp, g_mode);
 	G1 P;
 	G2 Q;
 	BN::mapToG1(P, 1);

test/bn_test.cpp

@@ -357,7 +357,7 @@ CYBOZU_TEST_AUTO(naive)
 	for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(g_testSetTbl); i++) {
 		const TestSet& ts = g_testSetTbl[i];
 		printf("curve=%s\n", ts.name);
-		bn256init(ts.cp, g_mode);
+		initPairing(ts.cp, g_mode);
 		G1 P(ts.g1.a, ts.g1.b);
 		G2 Q(Fp2(ts.g2.aa, ts.g2.ab), Fp2(ts.g2.ba, ts.g2.bb));
 		testFp12pow(P, Q);

test/glv_test.cpp

@@ -194,7 +194,7 @@ CYBOZU_TEST_AUTO(glv)
 	};
 	for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(tbl); i++) {
 		const mcl::bn::CurveParam& cp = tbl[i];
-		bn384init(cp);
+		initPairing(cp);
 		testGLV1();
 		testGLV2();
 	}