From 0980462d4b5bd184c2cec242c516512e0f944b36 Mon Sep 17 00:00:00 2001
From: Jack Grigg <jack@z.cash>
Date: Fri, 27 Mar 2020 22:35:55 +1300
Subject: [PATCH] ff: Move pow_vartime into a trait that is generic over the
 limb size

The trait is implemented by default for u8 and u64, allowing pow_vartime
to be used with both the byte encoding and limb representation of field
elements.
---
 src/domain.rs                     |  2 +-
 src/gadgets/multieq.rs            |  2 +-
 src/gadgets/test/mod.rs           |  2 +-
 src/groth16/generator.rs          |  2 +-
 src/groth16/tests/dummy_engine.rs |  8 +++++---
 src/groth16/tests/mod.rs          | 12 ++++++------
 6 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/domain.rs b/src/domain.rs
index 0e9192e..f1c2592 100644
--- a/src/domain.rs
+++ b/src/domain.rs
@@ -11,7 +11,7 @@
 //! [`EvaluationDomain`]: crate::domain::EvaluationDomain
 //! [Groth16]: https://eprint.iacr.org/2016/260
 
-use ff::{Field, PrimeField, ScalarEngine};
+use ff::{Field, PowVartime, PrimeField, ScalarEngine};
 use group::CurveProjective;
 use std::ops::{AddAssign, MulAssign, SubAssign};
 
diff --git a/src/gadgets/multieq.rs b/src/gadgets/multieq.rs
index 37b2d94..890eb7c 100644
--- a/src/gadgets/multieq.rs
+++ b/src/gadgets/multieq.rs
@@ -1,4 +1,4 @@
-use ff::{Field, PrimeField, ScalarEngine};
+use ff::{PowVartime, PrimeField, ScalarEngine};
 
 use crate::{ConstraintSystem, LinearCombination, SynthesisError, Variable};
 
diff --git a/src/gadgets/test/mod.rs b/src/gadgets/test/mod.rs
index 0a37cd1..a803acc 100644
--- a/src/gadgets/test/mod.rs
+++ b/src/gadgets/test/mod.rs
@@ -1,6 +1,6 @@
 //! Helpers for testing circuit implementations.
 
-use ff::{Field, PrimeField, PrimeFieldRepr, ScalarEngine};
+use ff::{Field, PowVartime, PrimeField, PrimeFieldRepr, ScalarEngine};
 
 use crate::{ConstraintSystem, Index, LinearCombination, SynthesisError, Variable};
 
diff --git a/src/groth16/generator.rs b/src/groth16/generator.rs
index 02efc21..1d86992 100644
--- a/src/groth16/generator.rs
+++ b/src/groth16/generator.rs
@@ -2,7 +2,7 @@ use rand_core::RngCore;
 use std::ops::{AddAssign, MulAssign};
 use std::sync::Arc;
 
-use ff::Field;
+use ff::{Field, PowVartime};
 use group::{CurveAffine, CurveProjective, Wnaf};
 use pairing::Engine;
 
diff --git a/src/groth16/tests/dummy_engine.rs b/src/groth16/tests/dummy_engine.rs
index 21322d8..4693aaa 100644
--- a/src/groth16/tests/dummy_engine.rs
+++ b/src/groth16/tests/dummy_engine.rs
@@ -1,4 +1,6 @@
-use ff::{Field, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr, ScalarEngine, SqrtField};
+use ff::{
+    Field, PowVartime, PrimeField, PrimeFieldDecodingError, PrimeFieldRepr, ScalarEngine, SqrtField,
+};
 use group::{CurveAffine, CurveProjective, EncodedPoint, GroupDecodingError};
 use pairing::{Engine, PairingCurveAffine};
 
@@ -190,9 +192,9 @@ impl SqrtField for Fr {
         // https://eprint.iacr.org/2012/685.pdf (page 12, algorithm 5)
         let mut c = Fr::root_of_unity();
         // r = self^((t + 1) // 2)
-        let mut r = self.pow_vartime([32]);
+        let mut r = self.pow_vartime([32u64]);
         // t = self^t
-        let mut t = self.pow_vartime([63]);
+        let mut t = self.pow_vartime([63u64]);
         let mut m = Fr::S;
 
         while t != <Fr as Field>::one() {
diff --git a/src/groth16/tests/mod.rs b/src/groth16/tests/mod.rs
index 5c2f02d..2914bf2 100644
--- a/src/groth16/tests/mod.rs
+++ b/src/groth16/tests/mod.rs
@@ -1,4 +1,4 @@
-use ff::{Field, PrimeField};
+use ff::{Field, PowVartime, PrimeField};
 use pairing::Engine;
 
 mod dummy_engine;
@@ -127,22 +127,22 @@ fn test_xordemo() {
     let mut root_of_unity = Fr::root_of_unity();
 
     // We expect this to be a 2^10 root of unity
-    assert_eq!(Fr::one(), root_of_unity.pow_vartime(&[1 << 10]));
+    assert_eq!(Fr::one(), root_of_unity.pow_vartime(&[1u64 << 10]));
 
     // Let's turn it into a 2^3 root of unity.
-    root_of_unity = root_of_unity.pow_vartime(&[1 << 7]);
-    assert_eq!(Fr::one(), root_of_unity.pow_vartime(&[1 << 3]));
+    root_of_unity = root_of_unity.pow_vartime(&[1u64 << 7]);
+    assert_eq!(Fr::one(), root_of_unity.pow_vartime(&[1u64 << 3]));
     assert_eq!(Fr::from_str("20201").unwrap(), root_of_unity);
 
     // Let's compute all the points in our evaluation domain.
     let mut points = Vec::with_capacity(8);
-    for i in 0..8 {
+    for i in 0u64..8 {
         points.push(root_of_unity.pow_vartime(&[i]));
     }
 
     // Let's compute t(tau) = (tau - p_0)(tau - p_1)...
     //                      = tau^8 - 1
-    let mut t_at_tau = tau.pow_vartime(&[8]);
+    let mut t_at_tau = tau.pow_vartime(&[8u64]);
     t_at_tau.sub_assign(&Fr::one());
     {
         let mut tmp = Fr::one();