From 55568b4d6ed248fc708f4632bac7dfd6bd52cf32 Mon Sep 17 00:00:00 2001 From: Jack Grigg Date: Fri, 1 May 2020 14:01:43 +1200 Subject: [PATCH] ff: Remove frobenius_map from Field trait It is only used internally in the bls12_381 crate, and field extensions aren't exposed anywhere in the Zcash stack. --- bellman/src/groth16/tests/dummy_engine.rs | 4 ---- ff/ff_derive/src/lib.rs | 5 ----- ff/src/lib.rs | 4 ---- pairing/src/bls12_381/fq.rs | 1 - pairing/src/bls12_381/fq12.rs | 21 +++++++++------------ pairing/src/bls12_381/fq2.rs | 11 ++++------- pairing/src/bls12_381/fq6.rs | 21 +++++++++------------ pairing/src/bls12_381/fr.rs | 1 - pairing/src/tests/field.rs | 23 +---------------------- zcash_primitives/src/jubjub/fs.rs | 5 ----- 10 files changed, 23 insertions(+), 73 deletions(-) diff --git a/bellman/src/groth16/tests/dummy_engine.rs b/bellman/src/groth16/tests/dummy_engine.rs index 5c552e8a0..712d44b35 100644 --- a/bellman/src/groth16/tests/dummy_engine.rs +++ b/bellman/src/groth16/tests/dummy_engine.rs @@ -214,10 +214,6 @@ impl Field for Fr { } } - fn frobenius_map(&mut self, _: usize) { - // identity - } - fn sqrt(&self) -> CtOption { // Tonelli-Shank's algorithm for q mod 16 = 1 // https://eprint.iacr.org/2012/685.pdf (page 12, algorithm 5) diff --git a/ff/ff_derive/src/lib.rs b/ff/ff_derive/src/lib.rs index 89b4afb46..410732cc8 100644 --- a/ff/ff_derive/src/lib.rs +++ b/ff/ff_derive/src/lib.rs @@ -1266,11 +1266,6 @@ fn prime_field_impl( #invert_impl } - #[inline(always)] - fn frobenius_map(&mut self, _: usize) { - // This has no effect in a prime field. - } - #[inline] fn square(&self) -> Self { diff --git a/ff/src/lib.rs b/ff/src/lib.rs index e5b09f47c..4296cff09 100644 --- a/ff/src/lib.rs +++ b/ff/src/lib.rs @@ -72,10 +72,6 @@ pub trait Field: /// failing if the element is zero. fn invert(&self) -> CtOption; - /// Exponentiates this element by a power of the base prime modulus via - /// the Frobenius automorphism. - fn frobenius_map(&mut self, power: usize); - /// Returns the square root of the field element, if it is /// quadratic residue. fn sqrt(&self) -> CtOption; diff --git a/pairing/src/bls12_381/fq.rs b/pairing/src/bls12_381/fq.rs index 0c2120eb0..4e1ee2cdb 100644 --- a/pairing/src/bls12_381/fq.rs +++ b/pairing/src/bls12_381/fq.rs @@ -1865,7 +1865,6 @@ fn test_fq_root_of_unity() { fn fq_field_tests() { crate::tests::field::random_field_tests::(); crate::tests::field::random_sqrt_tests::(); - crate::tests::field::random_frobenius_tests::(Fq::char(), 13); crate::tests::field::from_str_tests::(); } diff --git a/pairing/src/bls12_381/fq12.rs b/pairing/src/bls12_381/fq12.rs index 75b086001..3cab598cf 100644 --- a/pairing/src/bls12_381/fq12.rs +++ b/pairing/src/bls12_381/fq12.rs @@ -39,6 +39,15 @@ impl Fq12 { self.c0.mul_by_nonresidue(); self.c0.add_assign(&aa); } + + pub fn frobenius_map(&mut self, power: usize) { + self.c0.frobenius_map(power); + self.c1.frobenius_map(power); + + self.c1.c0.mul_assign(&FROBENIUS_COEFF_FQ12_C1[power % 12]); + self.c1.c1.mul_assign(&FROBENIUS_COEFF_FQ12_C1[power % 12]); + self.c1.c2.mul_assign(&FROBENIUS_COEFF_FQ12_C1[power % 12]); + } } impl ConditionallySelectable for Fq12 { @@ -200,15 +209,6 @@ impl Field for Fq12 { } } - fn frobenius_map(&mut self, power: usize) { - self.c0.frobenius_map(power); - self.c1.frobenius_map(power); - - self.c1.c0.mul_assign(&FROBENIUS_COEFF_FQ12_C1[power % 12]); - self.c1.c1.mul_assign(&FROBENIUS_COEFF_FQ12_C1[power % 12]); - self.c1.c2.mul_assign(&FROBENIUS_COEFF_FQ12_C1[power % 12]); - } - fn square(&self) -> Self { let mut ab = self.c0; ab.mul_assign(&self.c1); @@ -282,8 +282,5 @@ fn test_fq12_mul_by_014() { #[test] fn fq12_field_tests() { - use ff::PrimeField; - crate::tests::field::random_field_tests::(); - crate::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); } diff --git a/pairing/src/bls12_381/fq2.rs b/pairing/src/bls12_381/fq2.rs index ce415abe7..473753e40 100644 --- a/pairing/src/bls12_381/fq2.rs +++ b/pairing/src/bls12_381/fq2.rs @@ -53,6 +53,10 @@ impl Fq2 { t1 } + + pub fn frobenius_map(&mut self, power: usize) { + self.c1.mul_assign(&FROBENIUS_COEFF_FQ2_C1[power % 2]); + } } impl ConditionallySelectable for Fq2 { @@ -238,10 +242,6 @@ impl Field for Fq2 { }) } - fn frobenius_map(&mut self, power: usize) { - self.c1.mul_assign(&FROBENIUS_COEFF_FQ2_C1[power % 2]); - } - /// WARNING: THIS IS NOT ACTUALLY CONSTANT TIME YET! /// THIS WILL BE REPLACED BY THE bls12_381 CRATE, WHICH IS CONSTANT TIME! fn sqrt(&self) -> CtOption { @@ -920,9 +920,6 @@ fn test_fq2_mul_nonresidue() { #[test] fn fq2_field_tests() { - use ff::PrimeField; - crate::tests::field::random_field_tests::(); crate::tests::field::random_sqrt_tests::(); - crate::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); } diff --git a/pairing/src/bls12_381/fq6.rs b/pairing/src/bls12_381/fq6.rs index 2aa73ff77..b0183df87 100644 --- a/pairing/src/bls12_381/fq6.rs +++ b/pairing/src/bls12_381/fq6.rs @@ -99,6 +99,15 @@ impl Fq6 { self.c1 = t2; self.c2 = t3; } + + pub fn frobenius_map(&mut self, power: usize) { + self.c0.frobenius_map(power); + self.c1.frobenius_map(power); + self.c2.frobenius_map(power); + + self.c1.mul_assign(&FROBENIUS_COEFF_FQ6_C1[power % 6]); + self.c2.mul_assign(&FROBENIUS_COEFF_FQ6_C2[power % 6]); + } } impl ConditionallySelectable for Fq6 { @@ -305,15 +314,6 @@ impl Field for Fq6 { } } - fn frobenius_map(&mut self, power: usize) { - self.c0.frobenius_map(power); - self.c1.frobenius_map(power); - self.c2.frobenius_map(power); - - self.c1.mul_assign(&FROBENIUS_COEFF_FQ6_C1[power % 6]); - self.c2.mul_assign(&FROBENIUS_COEFF_FQ6_C2[power % 6]); - } - fn square(&self) -> Self { let s0 = self.c0.square(); let mut ab = self.c0; @@ -474,8 +474,5 @@ fn test_fq6_mul_by_01() { #[test] fn fq6_field_tests() { - use ff::PrimeField; - crate::tests::field::random_field_tests::(); - crate::tests::field::random_frobenius_tests::(super::fq::Fq::char(), 13); } diff --git a/pairing/src/bls12_381/fr.rs b/pairing/src/bls12_381/fr.rs index 1ffc741bf..886319ea7 100644 --- a/pairing/src/bls12_381/fr.rs +++ b/pairing/src/bls12_381/fr.rs @@ -645,7 +645,6 @@ fn test_fr_root_of_unity() { fn fr_field_tests() { crate::tests::field::random_field_tests::(); crate::tests::field::random_sqrt_tests::(); - crate::tests::field::random_frobenius_tests::(Fr::char(), 13); crate::tests::field::from_str_tests::(); } diff --git a/pairing/src/tests/field.rs b/pairing/src/tests/field.rs index 0b924abd0..eb2c8fee6 100644 --- a/pairing/src/tests/field.rs +++ b/pairing/src/tests/field.rs @@ -1,28 +1,7 @@ -use ff::{Field, PowVartime, PrimeField}; +use ff::{Field, PrimeField}; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; -pub fn random_frobenius_tests>(characteristic: C, maxpower: usize) { - let mut rng = XorShiftRng::from_seed([ - 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, - 0xe5, - ]); - - for _ in 0..100 { - for i in 0..=maxpower { - let mut a = F::random(&mut rng); - let mut b = a; - - for _ in 0..i { - a = a.pow_vartime(&characteristic); - } - b.frobenius_map(i); - - assert_eq!(a, b); - } - } -} - pub fn random_sqrt_tests() { let mut rng = XorShiftRng::from_seed([ 0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc, diff --git a/zcash_primitives/src/jubjub/fs.rs b/zcash_primitives/src/jubjub/fs.rs index 38771ba95..731a3d11b 100644 --- a/zcash_primitives/src/jubjub/fs.rs +++ b/zcash_primitives/src/jubjub/fs.rs @@ -499,11 +499,6 @@ impl Field for Fs { CtOption::new(inverse, Choice::from(if self.is_zero() { 0 } else { 1 })) } - #[inline(always)] - fn frobenius_map(&mut self, _: usize) { - // This has no effect in a prime field. - } - #[inline] fn square(&self) -> Self { let mut carry = 0;