group: Rename zero and one to identity and generator
This commit is contained in:
parent
d7d49285d8
commit
4f2220fbb1
|
@ -218,7 +218,7 @@ impl<G: CurveProjective> Clone for Point<G> {
|
||||||
|
|
||||||
impl<G: CurveProjective> Group<G::Engine> for Point<G> {
|
impl<G: CurveProjective> Group<G::Engine> for Point<G> {
|
||||||
fn group_zero() -> Self {
|
fn group_zero() -> Self {
|
||||||
Point(G::zero())
|
Point(G::identity())
|
||||||
}
|
}
|
||||||
fn group_mul_assign(&mut self, by: &G::Scalar) {
|
fn group_mul_assign(&mut self, by: &G::Scalar) {
|
||||||
self.0.mul_assign(by.to_repr());
|
self.0.mul_assign(by.to_repr());
|
||||||
|
|
|
@ -234,7 +234,7 @@ where
|
||||||
|
|
||||||
let worker = Worker::new();
|
let worker = Worker::new();
|
||||||
|
|
||||||
let mut h = vec![E::G1::zero(); powers_of_tau.as_ref().len() - 1];
|
let mut h = vec![E::G1::identity(); powers_of_tau.as_ref().len() - 1];
|
||||||
{
|
{
|
||||||
// Compute powers of tau
|
// Compute powers of tau
|
||||||
{
|
{
|
||||||
|
@ -287,11 +287,11 @@ where
|
||||||
powers_of_tau.ifft(&worker);
|
powers_of_tau.ifft(&worker);
|
||||||
let powers_of_tau = powers_of_tau.into_coeffs();
|
let powers_of_tau = powers_of_tau.into_coeffs();
|
||||||
|
|
||||||
let mut a = vec![E::G1::zero(); assembly.num_inputs + assembly.num_aux];
|
let mut a = vec![E::G1::identity(); assembly.num_inputs + assembly.num_aux];
|
||||||
let mut b_g1 = vec![E::G1::zero(); assembly.num_inputs + assembly.num_aux];
|
let mut b_g1 = vec![E::G1::identity(); assembly.num_inputs + assembly.num_aux];
|
||||||
let mut b_g2 = vec![E::G2::zero(); assembly.num_inputs + assembly.num_aux];
|
let mut b_g2 = vec![E::G2::identity(); assembly.num_inputs + assembly.num_aux];
|
||||||
let mut ic = vec![E::G1::zero(); assembly.num_inputs];
|
let mut ic = vec![E::G1::identity(); assembly.num_inputs];
|
||||||
let mut l = vec![E::G1::zero(); assembly.num_aux];
|
let mut l = vec![E::G1::identity(); assembly.num_aux];
|
||||||
|
|
||||||
fn eval<E: Engine>(
|
fn eval<E: Engine>(
|
||||||
// wNAF window tables
|
// wNAF window tables
|
||||||
|
@ -446,7 +446,7 @@ where
|
||||||
// Don't allow any elements be unconstrained, so that
|
// Don't allow any elements be unconstrained, so that
|
||||||
// the L query is always fully dense.
|
// the L query is always fully dense.
|
||||||
for e in l.iter() {
|
for e in l.iter() {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
return Err(SynthesisError::UnconstrainedVariable);
|
return Err(SynthesisError::UnconstrainedVariable);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -472,19 +472,19 @@ where
|
||||||
// Filter points at infinity away from A/B queries
|
// Filter points at infinity away from A/B queries
|
||||||
a: Arc::new(
|
a: Arc::new(
|
||||||
a.into_iter()
|
a.into_iter()
|
||||||
.filter(|e| !e.is_zero())
|
.filter(|e| !e.is_identity())
|
||||||
.map(|e| e.into_affine())
|
.map(|e| e.into_affine())
|
||||||
.collect(),
|
.collect(),
|
||||||
),
|
),
|
||||||
b_g1: Arc::new(
|
b_g1: Arc::new(
|
||||||
b_g1.into_iter()
|
b_g1.into_iter()
|
||||||
.filter(|e| !e.is_zero())
|
.filter(|e| !e.is_identity())
|
||||||
.map(|e| e.into_affine())
|
.map(|e| e.into_affine())
|
||||||
.collect(),
|
.collect(),
|
||||||
),
|
),
|
||||||
b_g2: Arc::new(
|
b_g2: Arc::new(
|
||||||
b_g2.into_iter()
|
b_g2.into_iter()
|
||||||
.filter(|e| !e.is_zero())
|
.filter(|e| !e.is_identity())
|
||||||
.map(|e| e.into_affine())
|
.map(|e| e.into_affine())
|
||||||
.collect(),
|
.collect(),
|
||||||
),
|
),
|
||||||
|
|
|
@ -54,7 +54,7 @@ impl<E: Engine> Proof<E> {
|
||||||
.into_affine()
|
.into_affine()
|
||||||
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
||||||
.and_then(|e| {
|
.and_then(|e| {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
Err(io::Error::new(
|
Err(io::Error::new(
|
||||||
io::ErrorKind::InvalidData,
|
io::ErrorKind::InvalidData,
|
||||||
"point at infinity",
|
"point at infinity",
|
||||||
|
@ -69,7 +69,7 @@ impl<E: Engine> Proof<E> {
|
||||||
.into_affine()
|
.into_affine()
|
||||||
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
||||||
.and_then(|e| {
|
.and_then(|e| {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
Err(io::Error::new(
|
Err(io::Error::new(
|
||||||
io::ErrorKind::InvalidData,
|
io::ErrorKind::InvalidData,
|
||||||
"point at infinity",
|
"point at infinity",
|
||||||
|
@ -84,7 +84,7 @@ impl<E: Engine> Proof<E> {
|
||||||
.into_affine()
|
.into_affine()
|
||||||
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
||||||
.and_then(|e| {
|
.and_then(|e| {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
Err(io::Error::new(
|
Err(io::Error::new(
|
||||||
io::ErrorKind::InvalidData,
|
io::ErrorKind::InvalidData,
|
||||||
"point at infinity",
|
"point at infinity",
|
||||||
|
@ -198,7 +198,7 @@ impl<E: Engine> VerifyingKey<E> {
|
||||||
.into_affine()
|
.into_affine()
|
||||||
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
||||||
.and_then(|e| {
|
.and_then(|e| {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
Err(io::Error::new(
|
Err(io::Error::new(
|
||||||
io::ErrorKind::InvalidData,
|
io::ErrorKind::InvalidData,
|
||||||
"point at infinity",
|
"point at infinity",
|
||||||
|
@ -303,7 +303,7 @@ impl<E: Engine> Parameters<E> {
|
||||||
}
|
}
|
||||||
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
||||||
.and_then(|e| {
|
.and_then(|e| {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
Err(io::Error::new(
|
Err(io::Error::new(
|
||||||
io::ErrorKind::InvalidData,
|
io::ErrorKind::InvalidData,
|
||||||
"point at infinity",
|
"point at infinity",
|
||||||
|
@ -325,7 +325,7 @@ impl<E: Engine> Parameters<E> {
|
||||||
}
|
}
|
||||||
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
.map_err(|e| io::Error::new(io::ErrorKind::InvalidData, e))
|
||||||
.and_then(|e| {
|
.and_then(|e| {
|
||||||
if e.is_zero() {
|
if e.is_identity() {
|
||||||
Err(io::Error::new(
|
Err(io::Error::new(
|
||||||
io::ErrorKind::InvalidData,
|
io::ErrorKind::InvalidData,
|
||||||
"point at infinity",
|
"point at infinity",
|
||||||
|
|
|
@ -295,7 +295,7 @@ where
|
||||||
);
|
);
|
||||||
let b_g2_aux = multiexp(&worker, b_g2_aux_source, b_aux_density, aux_assignment);
|
let b_g2_aux = multiexp(&worker, b_g2_aux_source, b_aux_density, aux_assignment);
|
||||||
|
|
||||||
if vk.delta_g1.is_zero() || vk.delta_g2.is_zero() {
|
if vk.delta_g1.is_identity() || vk.delta_g2.is_identity() {
|
||||||
// If this element is zero, someone is trying to perform a
|
// If this element is zero, someone is trying to perform a
|
||||||
// subversion-CRS attack.
|
// subversion-CRS attack.
|
||||||
return Err(SynthesisError::UnexpectedIdentity);
|
return Err(SynthesisError::UnexpectedIdentity);
|
||||||
|
|
|
@ -362,15 +362,15 @@ impl CurveProjective for Fr {
|
||||||
<Fr as Field>::random(rng)
|
<Fr as Field>::random(rng)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn zero() -> Self {
|
fn identity() -> Self {
|
||||||
<Fr as Field>::zero()
|
<Fr as Field>::zero()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn one() -> Self {
|
fn generator() -> Self {
|
||||||
<Fr as Field>::one()
|
<Fr as Field>::one()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_zero(&self) -> bool {
|
fn is_identity(&self) -> bool {
|
||||||
<Fr as Field>::is_zero(self)
|
<Fr as Field>::is_zero(self)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -450,15 +450,15 @@ impl CurveAffine for Fr {
|
||||||
type Scalar = Fr;
|
type Scalar = Fr;
|
||||||
type Engine = DummyEngine;
|
type Engine = DummyEngine;
|
||||||
|
|
||||||
fn zero() -> Self {
|
fn identity() -> Self {
|
||||||
<Fr as Field>::zero()
|
<Fr as Field>::zero()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn one() -> Self {
|
fn generator() -> Self {
|
||||||
<Fr as Field>::one()
|
<Fr as Field>::one()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_zero(&self) -> bool {
|
fn is_identity(&self) -> bool {
|
||||||
<Fr as Field>::is_zero(self)
|
<Fr as Field>::is_zero(self)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -55,7 +55,7 @@ impl<G: CurveAffine> Source<G> for (Arc<Vec<G>>, usize) {
|
||||||
.into());
|
.into());
|
||||||
}
|
}
|
||||||
|
|
||||||
if self.0[self.1].is_zero() {
|
if self.0[self.1].is_identity() {
|
||||||
return Err(SynthesisError::UnexpectedIdentity);
|
return Err(SynthesisError::UnexpectedIdentity);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -173,13 +173,13 @@ where
|
||||||
|
|
||||||
pool.compute(move || {
|
pool.compute(move || {
|
||||||
// Accumulate the result
|
// Accumulate the result
|
||||||
let mut acc = G::zero();
|
let mut acc = G::identity();
|
||||||
|
|
||||||
// Build a source for the bases
|
// Build a source for the bases
|
||||||
let mut bases = bases.new();
|
let mut bases = bases.new();
|
||||||
|
|
||||||
// Create space for the buckets
|
// Create space for the buckets
|
||||||
let mut buckets = vec![G::zero(); (1 << c) - 1];
|
let mut buckets = vec![G::identity(); (1 << c) - 1];
|
||||||
|
|
||||||
let one = <G::Engine as ScalarEngine>::Fr::one();
|
let one = <G::Engine as ScalarEngine>::Fr::one();
|
||||||
|
|
||||||
|
@ -222,7 +222,7 @@ where
|
||||||
// e.g. 3a + 2b + 1c = a +
|
// e.g. 3a + 2b + 1c = a +
|
||||||
// (a) + b +
|
// (a) + b +
|
||||||
// ((a) + b) + c
|
// ((a) + b) + c
|
||||||
let mut running_sum = G::zero();
|
let mut running_sum = G::identity();
|
||||||
for exp in buckets.into_iter().rev() {
|
for exp in buckets.into_iter().rev() {
|
||||||
running_sum.add_assign(&exp);
|
running_sum.add_assign(&exp);
|
||||||
acc.add_assign(&running_sum);
|
acc.add_assign(&running_sum);
|
||||||
|
@ -302,7 +302,7 @@ fn test_with_bls12() {
|
||||||
) -> G {
|
) -> G {
|
||||||
assert_eq!(bases.len(), exponents.len());
|
assert_eq!(bases.len(), exponents.len());
|
||||||
|
|
||||||
let mut acc = G::zero();
|
let mut acc = G::identity();
|
||||||
|
|
||||||
for (base, exp) in bases.iter().zip(exponents.iter()) {
|
for (base, exp) in bases.iter().zip(exponents.iter()) {
|
||||||
AddAssign::<&G>::add_assign(&mut acc, &base.mul(exp.to_repr()));
|
AddAssign::<&G>::add_assign(&mut acc, &base.mul(exp.to_repr()));
|
||||||
|
|
|
@ -55,13 +55,13 @@ pub trait CurveProjective:
|
||||||
fn random<R: RngCore + ?Sized>(rng: &mut R) -> Self;
|
fn random<R: RngCore + ?Sized>(rng: &mut R) -> Self;
|
||||||
|
|
||||||
/// Returns the additive identity.
|
/// Returns the additive identity.
|
||||||
fn zero() -> Self;
|
fn identity() -> Self;
|
||||||
|
|
||||||
/// Returns a fixed generator of unknown exponent.
|
/// Returns a fixed generator of unknown exponent.
|
||||||
fn one() -> Self;
|
fn generator() -> Self;
|
||||||
|
|
||||||
/// Determines if this point is the point at infinity.
|
/// Determines if this point is the point at infinity.
|
||||||
fn is_zero(&self) -> bool;
|
fn is_identity(&self) -> bool;
|
||||||
|
|
||||||
/// Normalizes a slice of projective elements so that
|
/// Normalizes a slice of projective elements so that
|
||||||
/// conversion to affine is cheap.
|
/// conversion to affine is cheap.
|
||||||
|
@ -112,14 +112,14 @@ pub trait CurveAffine:
|
||||||
type Compressed: EncodedPoint<Affine = Self>;
|
type Compressed: EncodedPoint<Affine = Self>;
|
||||||
|
|
||||||
/// Returns the additive identity.
|
/// Returns the additive identity.
|
||||||
fn zero() -> Self;
|
fn identity() -> Self;
|
||||||
|
|
||||||
/// Returns a fixed generator of unknown exponent.
|
/// Returns a fixed generator of unknown exponent.
|
||||||
fn one() -> Self;
|
fn generator() -> Self;
|
||||||
|
|
||||||
/// Determines if this point represents the point at infinity; the
|
/// Determines if this point represents the point at infinity; the
|
||||||
/// additive identity.
|
/// additive identity.
|
||||||
fn is_zero(&self) -> bool;
|
fn is_identity(&self) -> bool;
|
||||||
|
|
||||||
/// Performs scalar multiplication of this element with mixed addition.
|
/// Performs scalar multiplication of this element with mixed addition.
|
||||||
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective;
|
fn mul<S: Into<<Self::Scalar as PrimeField>::Repr>>(&self, other: S) -> Self::Projective;
|
||||||
|
|
|
@ -11,33 +11,33 @@ pub fn curve_tests<G: CurveProjective>() {
|
||||||
0xe5,
|
0xe5,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
// Negation edge case with zero.
|
// Negation edge case with identity.
|
||||||
{
|
{
|
||||||
let z = G::zero().neg();
|
let z = G::identity().neg();
|
||||||
assert!(z.is_zero());
|
assert!(z.is_identity());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Doubling edge case with zero.
|
// Doubling edge case with identity.
|
||||||
{
|
{
|
||||||
let mut z = G::zero();
|
let mut z = G::identity();
|
||||||
z.double();
|
z.double();
|
||||||
assert!(z.is_zero());
|
assert!(z.is_identity());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Addition edge cases with zero
|
// Addition edge cases with identity
|
||||||
{
|
{
|
||||||
let mut r = G::random(&mut rng);
|
let mut r = G::random(&mut rng);
|
||||||
let rcopy = r;
|
let rcopy = r;
|
||||||
r.add_assign(&G::zero());
|
r.add_assign(&G::identity());
|
||||||
assert_eq!(r, rcopy);
|
assert_eq!(r, rcopy);
|
||||||
r.add_assign(&G::Affine::zero());
|
r.add_assign(&G::Affine::identity());
|
||||||
assert_eq!(r, rcopy);
|
assert_eq!(r, rcopy);
|
||||||
|
|
||||||
let mut z = G::zero();
|
let mut z = G::identity();
|
||||||
z.add_assign(&G::zero());
|
z.add_assign(&G::identity());
|
||||||
assert!(z.is_zero());
|
assert!(z.is_identity());
|
||||||
z.add_assign(&G::Affine::zero());
|
z.add_assign(&G::Affine::identity());
|
||||||
assert!(z.is_zero());
|
assert!(z.is_identity());
|
||||||
|
|
||||||
let mut z2 = z;
|
let mut z2 = z;
|
||||||
z2.add_assign(&r);
|
z2.add_assign(&r);
|
||||||
|
@ -209,11 +209,11 @@ fn random_negation_tests<G: CurveProjective>() {
|
||||||
|
|
||||||
let mut t3 = t1;
|
let mut t3 = t1;
|
||||||
t3.add_assign(&t2);
|
t3.add_assign(&t2);
|
||||||
assert!(t3.is_zero());
|
assert!(t3.is_identity());
|
||||||
|
|
||||||
let mut t4 = t1;
|
let mut t4 = t1;
|
||||||
t4.add_assign(&t2.into_affine());
|
t4.add_assign(&t2.into_affine());
|
||||||
assert!(t4.is_zero());
|
assert!(t4.is_identity());
|
||||||
|
|
||||||
assert_eq!(t1.neg(), t2);
|
assert_eq!(t1.neg(), t2);
|
||||||
}
|
}
|
||||||
|
@ -313,7 +313,7 @@ fn random_addition_tests<G: CurveProjective>() {
|
||||||
assert_eq!(aplusa, aplusamixed);
|
assert_eq!(aplusa, aplusamixed);
|
||||||
}
|
}
|
||||||
|
|
||||||
let mut tmp = vec![G::zero(); 6];
|
let mut tmp = vec![G::identity(); 6];
|
||||||
|
|
||||||
// (a + b) + c
|
// (a + b) + c
|
||||||
tmp[0] = a;
|
tmp[0] = a;
|
||||||
|
@ -390,7 +390,7 @@ fn random_transformation_tests<G: CurveProjective>() {
|
||||||
let between = Uniform::new(0, 1000);
|
let between = Uniform::new(0, 1000);
|
||||||
// Sprinkle in some normalized points
|
// Sprinkle in some normalized points
|
||||||
for _ in 0..5 {
|
for _ in 0..5 {
|
||||||
v[between.sample(&mut rng)] = G::zero();
|
v[between.sample(&mut rng)] = G::identity();
|
||||||
}
|
}
|
||||||
for _ in 0..5 {
|
for _ in 0..5 {
|
||||||
let s = between.sample(&mut rng);
|
let s = between.sample(&mut rng);
|
||||||
|
@ -418,13 +418,19 @@ fn random_encoding_tests<G: CurveProjective>() {
|
||||||
]);
|
]);
|
||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
G::Affine::zero().into_uncompressed().into_affine().unwrap(),
|
G::Affine::identity()
|
||||||
G::Affine::zero()
|
.into_uncompressed()
|
||||||
|
.into_affine()
|
||||||
|
.unwrap(),
|
||||||
|
G::Affine::identity()
|
||||||
);
|
);
|
||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
G::Affine::zero().into_compressed().into_affine().unwrap(),
|
G::Affine::identity()
|
||||||
G::Affine::zero()
|
.into_compressed()
|
||||||
|
.into_affine()
|
||||||
|
.unwrap(),
|
||||||
|
G::Affine::identity()
|
||||||
);
|
);
|
||||||
|
|
||||||
for _ in 0..1000 {
|
for _ in 0..1000 {
|
||||||
|
|
|
@ -80,7 +80,7 @@ pub(crate) fn wnaf_form<S: AsRef<[u8]>>(wnaf: &mut Vec<i64>, c: S, window: usize
|
||||||
/// This function must be provided a `table` and `wnaf` that were constructed with
|
/// This function must be provided a `table` and `wnaf` that were constructed with
|
||||||
/// the same window size; otherwise, it may panic or produce invalid results.
|
/// the same window size; otherwise, it may panic or produce invalid results.
|
||||||
pub(crate) fn wnaf_exp<G: CurveProjective>(table: &[G], wnaf: &[i64]) -> G {
|
pub(crate) fn wnaf_exp<G: CurveProjective>(table: &[G], wnaf: &[i64]) -> G {
|
||||||
let mut result = G::zero();
|
let mut result = G::identity();
|
||||||
|
|
||||||
let mut found_one = false;
|
let mut found_one = false;
|
||||||
|
|
||||||
|
|
|
@ -42,11 +42,11 @@ macro_rules! curve_impl {
|
||||||
|
|
||||||
impl PartialEq for $projective {
|
impl PartialEq for $projective {
|
||||||
fn eq(&self, other: &$projective) -> bool {
|
fn eq(&self, other: &$projective) -> bool {
|
||||||
if self.is_zero() {
|
if self.is_identity() {
|
||||||
return other.is_zero();
|
return other.is_identity();
|
||||||
}
|
}
|
||||||
|
|
||||||
if other.is_zero() {
|
if other.is_identity() {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -82,7 +82,7 @@ macro_rules! curve_impl {
|
||||||
|
|
||||||
impl $affine {
|
impl $affine {
|
||||||
fn mul_bits_u64<S: AsRef<[u64]>>(&self, bits: BitIterator<u64, S>) -> $projective {
|
fn mul_bits_u64<S: AsRef<[u64]>>(&self, bits: BitIterator<u64, S>) -> $projective {
|
||||||
let mut res = $projective::zero();
|
let mut res = $projective::identity();
|
||||||
for i in bits {
|
for i in bits {
|
||||||
res.double();
|
res.double();
|
||||||
if i {
|
if i {
|
||||||
|
@ -93,7 +93,7 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn mul_bits_u8<S: AsRef<[u8]>>(&self, bits: BitIterator<u8, S>) -> $projective {
|
fn mul_bits_u8<S: AsRef<[u8]>>(&self, bits: BitIterator<u8, S>) -> $projective {
|
||||||
let mut res = $projective::zero();
|
let mut res = $projective::identity();
|
||||||
for i in bits {
|
for i in bits {
|
||||||
res.double();
|
res.double();
|
||||||
if i {
|
if i {
|
||||||
|
@ -126,7 +126,7 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_on_curve(&self) -> bool {
|
fn is_on_curve(&self) -> bool {
|
||||||
if self.is_zero() {
|
if self.is_identity() {
|
||||||
true
|
true
|
||||||
} else {
|
} else {
|
||||||
// Check that the point is on the curve
|
// Check that the point is on the curve
|
||||||
|
@ -141,7 +141,7 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_in_correct_subgroup_assuming_on_curve(&self) -> bool {
|
fn is_in_correct_subgroup_assuming_on_curve(&self) -> bool {
|
||||||
self.mul($scalarfield::char()).is_zero()
|
self.mul($scalarfield::char()).is_identity()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -151,7 +151,7 @@ macro_rules! curve_impl {
|
||||||
#[inline]
|
#[inline]
|
||||||
fn neg(self) -> Self {
|
fn neg(self) -> Self {
|
||||||
let mut ret = self;
|
let mut ret = self;
|
||||||
if !ret.is_zero() {
|
if !ret.is_identity() {
|
||||||
ret.y = ret.y.neg();
|
ret.y = ret.y.neg();
|
||||||
}
|
}
|
||||||
ret
|
ret
|
||||||
|
@ -166,7 +166,7 @@ macro_rules! curve_impl {
|
||||||
type Uncompressed = $uncompressed;
|
type Uncompressed = $uncompressed;
|
||||||
type Compressed = $compressed;
|
type Compressed = $compressed;
|
||||||
|
|
||||||
fn zero() -> Self {
|
fn identity() -> Self {
|
||||||
$affine {
|
$affine {
|
||||||
x: $basefield::zero(),
|
x: $basefield::zero(),
|
||||||
y: $basefield::one(),
|
y: $basefield::one(),
|
||||||
|
@ -174,11 +174,11 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn one() -> Self {
|
fn generator() -> Self {
|
||||||
Self::get_generator()
|
Self::get_generator()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_zero(&self) -> bool {
|
fn is_identity(&self) -> bool {
|
||||||
self.infinity
|
self.infinity
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -212,7 +212,7 @@ macro_rules! curve_impl {
|
||||||
#[inline]
|
#[inline]
|
||||||
fn neg(self) -> Self {
|
fn neg(self) -> Self {
|
||||||
let mut ret = self;
|
let mut ret = self;
|
||||||
if !ret.is_zero() {
|
if !ret.is_identity() {
|
||||||
ret.y = ret.y.neg();
|
ret.y = ret.y.neg();
|
||||||
}
|
}
|
||||||
ret
|
ret
|
||||||
|
@ -241,12 +241,12 @@ macro_rules! curve_impl {
|
||||||
|
|
||||||
impl<'r> ::std::ops::AddAssign<&'r $projective> for $projective {
|
impl<'r> ::std::ops::AddAssign<&'r $projective> for $projective {
|
||||||
fn add_assign(&mut self, other: &Self) {
|
fn add_assign(&mut self, other: &Self) {
|
||||||
if self.is_zero() {
|
if self.is_identity() {
|
||||||
*self = *other;
|
*self = *other;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if other.is_zero() {
|
if other.is_identity() {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -390,11 +390,11 @@ macro_rules! curve_impl {
|
||||||
for $projective
|
for $projective
|
||||||
{
|
{
|
||||||
fn add_assign(&mut self, other: &<$projective as CurveProjective>::Affine) {
|
fn add_assign(&mut self, other: &<$projective as CurveProjective>::Affine) {
|
||||||
if other.is_zero() {
|
if other.is_identity() {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if self.is_zero() {
|
if self.is_identity() {
|
||||||
self.x = other.x;
|
self.x = other.x;
|
||||||
self.y = other.y;
|
self.y = other.y;
|
||||||
self.z = $basefield::one();
|
self.z = $basefield::one();
|
||||||
|
@ -524,7 +524,7 @@ macro_rules! curve_impl {
|
||||||
if p.is_some().into() {
|
if p.is_some().into() {
|
||||||
let p = p.unwrap().scale_by_cofactor();
|
let p = p.unwrap().scale_by_cofactor();
|
||||||
|
|
||||||
if !p.is_zero() {
|
if !p.is_identity() {
|
||||||
return p;
|
return p;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -533,7 +533,7 @@ macro_rules! curve_impl {
|
||||||
|
|
||||||
// The point at infinity is always represented by
|
// The point at infinity is always represented by
|
||||||
// Z = 0.
|
// Z = 0.
|
||||||
fn zero() -> Self {
|
fn identity() -> Self {
|
||||||
$projective {
|
$projective {
|
||||||
x: $basefield::zero(),
|
x: $basefield::zero(),
|
||||||
y: $basefield::one(),
|
y: $basefield::one(),
|
||||||
|
@ -541,18 +541,18 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn one() -> Self {
|
fn generator() -> Self {
|
||||||
$affine::one().into()
|
$affine::generator().into()
|
||||||
}
|
}
|
||||||
|
|
||||||
// The point at infinity is always represented by
|
// The point at infinity is always represented by
|
||||||
// Z = 0.
|
// Z = 0.
|
||||||
fn is_zero(&self) -> bool {
|
fn is_identity(&self) -> bool {
|
||||||
self.z.is_zero()
|
self.z.is_zero()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn is_normalized(&self) -> bool {
|
fn is_normalized(&self) -> bool {
|
||||||
self.is_zero() || self.z == $basefield::one()
|
self.is_identity() || self.z == $basefield::one()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn batch_normalization(v: &mut [Self]) {
|
fn batch_normalization(v: &mut [Self]) {
|
||||||
|
@ -609,7 +609,7 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn double(&mut self) {
|
fn double(&mut self) {
|
||||||
if self.is_zero() {
|
if self.is_identity() {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -662,7 +662,7 @@ macro_rules! curve_impl {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn mul_assign<S: Into<<Self::Scalar as PrimeField>::Repr>>(&mut self, other: S) {
|
fn mul_assign<S: Into<<Self::Scalar as PrimeField>::Repr>>(&mut self, other: S) {
|
||||||
let mut res = Self::zero();
|
let mut res = Self::identity();
|
||||||
|
|
||||||
let mut found_one = false;
|
let mut found_one = false;
|
||||||
|
|
||||||
|
@ -700,8 +700,8 @@ macro_rules! curve_impl {
|
||||||
// coordinates with Z = 1.
|
// coordinates with Z = 1.
|
||||||
impl From<$affine> for $projective {
|
impl From<$affine> for $projective {
|
||||||
fn from(p: $affine) -> $projective {
|
fn from(p: $affine) -> $projective {
|
||||||
if p.is_zero() {
|
if p.is_identity() {
|
||||||
$projective::zero()
|
$projective::identity()
|
||||||
} else {
|
} else {
|
||||||
$projective {
|
$projective {
|
||||||
x: p.x,
|
x: p.x,
|
||||||
|
@ -716,8 +716,8 @@ macro_rules! curve_impl {
|
||||||
// coordinates as X/Z^2, Y/Z^3.
|
// coordinates as X/Z^2, Y/Z^3.
|
||||||
impl From<$projective> for $affine {
|
impl From<$projective> for $affine {
|
||||||
fn from(p: $projective) -> $affine {
|
fn from(p: $projective) -> $affine {
|
||||||
if p.is_zero() {
|
if p.is_identity() {
|
||||||
$affine::zero()
|
$affine::identity()
|
||||||
} else if p.z == $basefield::one() {
|
} else if p.z == $basefield::one() {
|
||||||
// If Z is one, the point is already normalized.
|
// If Z is one, the point is already normalized.
|
||||||
$affine {
|
$affine {
|
||||||
|
@ -830,7 +830,7 @@ pub mod g1 {
|
||||||
copy[0] &= 0x3f;
|
copy[0] &= 0x3f;
|
||||||
|
|
||||||
if copy.iter().all(|b| *b == 0) {
|
if copy.iter().all(|b| *b == 0) {
|
||||||
Ok(G1Affine::zero())
|
Ok(G1Affine::identity())
|
||||||
} else {
|
} else {
|
||||||
Err(GroupDecodingError::UnexpectedInformation)
|
Err(GroupDecodingError::UnexpectedInformation)
|
||||||
}
|
}
|
||||||
|
@ -867,7 +867,7 @@ pub mod g1 {
|
||||||
fn from_affine(affine: G1Affine) -> Self {
|
fn from_affine(affine: G1Affine) -> Self {
|
||||||
let mut res = Self::empty();
|
let mut res = Self::empty();
|
||||||
|
|
||||||
if affine.is_zero() {
|
if affine.is_identity() {
|
||||||
// Set the second-most significant bit to indicate this point
|
// Set the second-most significant bit to indicate this point
|
||||||
// is at infinity.
|
// is at infinity.
|
||||||
res.0[0] |= 1 << 6;
|
res.0[0] |= 1 << 6;
|
||||||
|
@ -937,7 +937,7 @@ pub mod g1 {
|
||||||
copy[0] &= 0x3f;
|
copy[0] &= 0x3f;
|
||||||
|
|
||||||
if copy.iter().all(|b| *b == 0) {
|
if copy.iter().all(|b| *b == 0) {
|
||||||
Ok(G1Affine::zero())
|
Ok(G1Affine::identity())
|
||||||
} else {
|
} else {
|
||||||
Err(GroupDecodingError::UnexpectedInformation)
|
Err(GroupDecodingError::UnexpectedInformation)
|
||||||
}
|
}
|
||||||
|
@ -964,7 +964,7 @@ pub mod g1 {
|
||||||
fn from_affine(affine: G1Affine) -> Self {
|
fn from_affine(affine: G1Affine) -> Self {
|
||||||
let mut res = Self::empty();
|
let mut res = Self::empty();
|
||||||
|
|
||||||
if affine.is_zero() {
|
if affine.is_identity() {
|
||||||
// Set the second-most significant bit to indicate this point
|
// Set the second-most significant bit to indicate this point
|
||||||
// is at infinity.
|
// is at infinity.
|
||||||
res.0[0] |= 1 << 6;
|
res.0[0] |= 1 << 6;
|
||||||
|
@ -1043,8 +1043,8 @@ pub mod g1 {
|
||||||
pub struct G1Prepared(pub(crate) G1Affine);
|
pub struct G1Prepared(pub(crate) G1Affine);
|
||||||
|
|
||||||
impl G1Prepared {
|
impl G1Prepared {
|
||||||
pub fn is_zero(&self) -> bool {
|
pub fn is_identity(&self) -> bool {
|
||||||
self.0.is_zero()
|
self.0.is_identity()
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn from_affine(p: G1Affine) -> Self {
|
pub fn from_affine(p: G1Affine) -> Self {
|
||||||
|
@ -1075,13 +1075,13 @@ pub mod g1 {
|
||||||
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
||||||
|
|
||||||
let g1 = p.scale_by_cofactor();
|
let g1 = p.scale_by_cofactor();
|
||||||
if !g1.is_zero() {
|
if !g1.is_identity() {
|
||||||
assert_eq!(i, 4);
|
assert_eq!(i, 4);
|
||||||
let g1 = G1Affine::from(g1);
|
let g1 = G1Affine::from(g1);
|
||||||
|
|
||||||
assert!(g1.is_in_correct_subgroup_assuming_on_curve());
|
assert!(g1.is_in_correct_subgroup_assuming_on_curve());
|
||||||
|
|
||||||
assert_eq!(g1, G1Affine::one());
|
assert_eq!(g1, G1Affine::generator());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1440,7 +1440,7 @@ pub mod g2 {
|
||||||
copy[0] &= 0x3f;
|
copy[0] &= 0x3f;
|
||||||
|
|
||||||
if copy.iter().all(|b| *b == 0) {
|
if copy.iter().all(|b| *b == 0) {
|
||||||
Ok(G2Affine::zero())
|
Ok(G2Affine::identity())
|
||||||
} else {
|
} else {
|
||||||
Err(GroupDecodingError::UnexpectedInformation)
|
Err(GroupDecodingError::UnexpectedInformation)
|
||||||
}
|
}
|
||||||
|
@ -1489,7 +1489,7 @@ pub mod g2 {
|
||||||
fn from_affine(affine: G2Affine) -> Self {
|
fn from_affine(affine: G2Affine) -> Self {
|
||||||
let mut res = Self::empty();
|
let mut res = Self::empty();
|
||||||
|
|
||||||
if affine.is_zero() {
|
if affine.is_identity() {
|
||||||
// Set the second-most significant bit to indicate this point
|
// Set the second-most significant bit to indicate this point
|
||||||
// is at infinity.
|
// is at infinity.
|
||||||
res.0[0] |= 1 << 6;
|
res.0[0] |= 1 << 6;
|
||||||
|
@ -1561,7 +1561,7 @@ pub mod g2 {
|
||||||
copy[0] &= 0x3f;
|
copy[0] &= 0x3f;
|
||||||
|
|
||||||
if copy.iter().all(|b| *b == 0) {
|
if copy.iter().all(|b| *b == 0) {
|
||||||
Ok(G2Affine::zero())
|
Ok(G2Affine::identity())
|
||||||
} else {
|
} else {
|
||||||
Err(GroupDecodingError::UnexpectedInformation)
|
Err(GroupDecodingError::UnexpectedInformation)
|
||||||
}
|
}
|
||||||
|
@ -1603,7 +1603,7 @@ pub mod g2 {
|
||||||
fn from_affine(affine: G2Affine) -> Self {
|
fn from_affine(affine: G2Affine) -> Self {
|
||||||
let mut res = Self::empty();
|
let mut res = Self::empty();
|
||||||
|
|
||||||
if affine.is_zero() {
|
if affine.is_identity() {
|
||||||
// Set the second-most significant bit to indicate this point
|
// Set the second-most significant bit to indicate this point
|
||||||
// is at infinity.
|
// is at infinity.
|
||||||
res.0[0] |= 1 << 6;
|
res.0[0] |= 1 << 6;
|
||||||
|
@ -1728,12 +1728,12 @@ pub mod g2 {
|
||||||
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
assert!(!p.is_in_correct_subgroup_assuming_on_curve());
|
||||||
|
|
||||||
let g2 = p.scale_by_cofactor();
|
let g2 = p.scale_by_cofactor();
|
||||||
if !g2.is_zero() {
|
if !g2.is_identity() {
|
||||||
assert_eq!(i, 2);
|
assert_eq!(i, 2);
|
||||||
let g2 = G2Affine::from(g2);
|
let g2 = G2Affine::from(g2);
|
||||||
|
|
||||||
assert!(g2.is_in_correct_subgroup_assuming_on_curve());
|
assert!(g2.is_in_correct_subgroup_assuming_on_curve());
|
||||||
assert_eq!(g2, G2Affine::one());
|
assert_eq!(g2, G2Affine::generator());
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -59,7 +59,7 @@ impl Engine for Bls12 {
|
||||||
{
|
{
|
||||||
let mut pairs = vec![];
|
let mut pairs = vec![];
|
||||||
for &(p, q) in i {
|
for &(p, q) in i {
|
||||||
if !p.is_zero() && !q.is_zero() {
|
if !p.is_identity() && !q.is_identity() {
|
||||||
pairs.push((p, q.coeffs.iter()));
|
pairs.push((p, q.coeffs.iter()));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -168,12 +168,12 @@ impl Engine for Bls12 {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl G2Prepared {
|
impl G2Prepared {
|
||||||
pub fn is_zero(&self) -> bool {
|
pub fn is_identity(&self) -> bool {
|
||||||
self.infinity
|
self.infinity
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn from_affine(q: G2Affine) -> Self {
|
pub fn from_affine(q: G2Affine) -> Self {
|
||||||
if q.is_zero() {
|
if q.is_identity() {
|
||||||
return G2Prepared {
|
return G2Prepared {
|
||||||
coeffs: vec![],
|
coeffs: vec![],
|
||||||
infinity: true,
|
infinity: true,
|
||||||
|
|
|
@ -23,7 +23,7 @@ fn test_pairing_result_against_relic() {
|
||||||
0F41E58663BF08CF 068672CBD01A7EC7 3BACA4D72CA93544 DEFF686BFD6DF543 D48EAA24AFE47E1E FDE449383B676631
|
0F41E58663BF08CF 068672CBD01A7EC7 3BACA4D72CA93544 DEFF686BFD6DF543 D48EAA24AFE47E1E FDE449383B676631
|
||||||
*/
|
*/
|
||||||
|
|
||||||
assert_eq!(Bls12::pairing(G1::one(), G2::one()), Fq12 {
|
assert_eq!(Bls12::pairing(G1::generator(), G2::generator()), Fq12 {
|
||||||
c0: Fq6 {
|
c0: Fq6 {
|
||||||
c0: Fq2 {
|
c0: Fq2 {
|
||||||
c0: Fq::from_str("2819105605953691245277803056322684086884703000473961065716485506033588504203831029066448642358042597501014294104502").unwrap(),
|
c0: Fq::from_str("2819105605953691245277803056322684086884703000473961065716485506033588504203831029066448642358042597501014294104502").unwrap(),
|
||||||
|
@ -56,7 +56,7 @@ fn test_pairing_result_against_relic() {
|
||||||
}
|
}
|
||||||
|
|
||||||
fn test_vectors<G: CurveProjective, E: EncodedPoint<Affine = G::Affine>>(expected: &[u8]) {
|
fn test_vectors<G: CurveProjective, E: EncodedPoint<Affine = G::Affine>>(expected: &[u8]) {
|
||||||
let mut e = G::zero();
|
let mut e = G::identity();
|
||||||
|
|
||||||
let mut v = vec![];
|
let mut v = vec![];
|
||||||
{
|
{
|
||||||
|
@ -72,7 +72,7 @@ fn test_vectors<G: CurveProjective, E: EncodedPoint<Affine = G::Affine>>(expecte
|
||||||
let decoded = decoded.into_affine().unwrap();
|
let decoded = decoded.into_affine().unwrap();
|
||||||
assert_eq!(e_affine, decoded);
|
assert_eq!(e_affine, decoded);
|
||||||
|
|
||||||
e.add_assign(&G::one());
|
e.add_assign(&G::generator());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,7 +102,7 @@ fn test_g2_compressed_valid_vectors() {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_g1_uncompressed_invalid_vectors() {
|
fn test_g1_uncompressed_invalid_vectors() {
|
||||||
{
|
{
|
||||||
let z = G1Affine::zero().into_uncompressed();
|
let z = G1Affine::identity().into_uncompressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut z = z;
|
let mut z = z;
|
||||||
|
@ -135,7 +135,7 @@ fn test_g1_uncompressed_invalid_vectors() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let o = G1Affine::one().into_uncompressed();
|
let o = G1Affine::generator().into_uncompressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut o = o;
|
let mut o = o;
|
||||||
|
@ -218,7 +218,7 @@ fn test_g1_uncompressed_invalid_vectors() {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_g2_uncompressed_invalid_vectors() {
|
fn test_g2_uncompressed_invalid_vectors() {
|
||||||
{
|
{
|
||||||
let z = G2Affine::zero().into_uncompressed();
|
let z = G2Affine::identity().into_uncompressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut z = z;
|
let mut z = z;
|
||||||
|
@ -251,7 +251,7 @@ fn test_g2_uncompressed_invalid_vectors() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let o = G2Affine::one().into_uncompressed();
|
let o = G2Affine::generator().into_uncompressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut o = o;
|
let mut o = o;
|
||||||
|
@ -362,7 +362,7 @@ fn test_g2_uncompressed_invalid_vectors() {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_g1_compressed_invalid_vectors() {
|
fn test_g1_compressed_invalid_vectors() {
|
||||||
{
|
{
|
||||||
let z = G1Affine::zero().into_compressed();
|
let z = G1Affine::identity().into_compressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut z = z;
|
let mut z = z;
|
||||||
|
@ -395,7 +395,7 @@ fn test_g1_compressed_invalid_vectors() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let o = G1Affine::one().into_compressed();
|
let o = G1Affine::generator().into_compressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut o = o;
|
let mut o = o;
|
||||||
|
@ -476,7 +476,7 @@ fn test_g1_compressed_invalid_vectors() {
|
||||||
#[test]
|
#[test]
|
||||||
fn test_g2_compressed_invalid_vectors() {
|
fn test_g2_compressed_invalid_vectors() {
|
||||||
{
|
{
|
||||||
let z = G2Affine::zero().into_compressed();
|
let z = G2Affine::identity().into_compressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut z = z;
|
let mut z = z;
|
||||||
|
@ -509,7 +509,7 @@ fn test_g2_compressed_invalid_vectors() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let o = G2Affine::one().into_compressed();
|
let o = G2Affine::generator().into_compressed();
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut o = o;
|
let mut o = o;
|
||||||
|
|
|
@ -21,8 +21,8 @@ pub fn engine_tests<E: Engine>() {
|
||||||
}
|
}
|
||||||
|
|
||||||
for _ in 0..1000 {
|
for _ in 0..1000 {
|
||||||
let z1 = E::G1Affine::zero().prepare();
|
let z1 = E::G1Affine::identity().prepare();
|
||||||
let z2 = E::G2Affine::zero().prepare();
|
let z2 = E::G2Affine::identity().prepare();
|
||||||
|
|
||||||
let a = E::G1::random(&mut rng).into_affine().prepare();
|
let a = E::G1::random(&mut rng).into_affine().prepare();
|
||||||
let b = E::G2::random(&mut rng).into_affine().prepare();
|
let b = E::G2::random(&mut rng).into_affine().prepare();
|
||||||
|
|
Loading…
Reference in New Issue