180e54d4b3
group: Remove EncodedPoint::{into_affine, into_affine_unchecked}
...
Replaced by explicit APIs on the CurveAffine trait.
GroupDecodingError has been moved into pairing::bls12_381::ec, as it is
no longer used by the group traits.
2020-08-25 23:09:47 +01:00
32c85391dc
group: Add mixed-addition scalar multiplication bounds to CurveAffine
...
Replaces the explicit CurveAffine::mul trait method.
2020-08-25 23:09:47 +01:00
9c291bfb72
group: Return subtle::Choice from CurveAffine::is_identity
2020-08-25 23:09:47 +01:00
0ef1cc1034
group: Direct-to-affine CurveProjective::batch_normalize
...
Replaces the mutating CurveProjective::batch_normalization API, and
removes the need for CurveProjective::is_normalized.
The new temporary implementation in pairing::bls12_381::ec is adapted
from bls12_381::g1.
2020-08-25 23:09:47 +01:00
ac47effa05
group: Return subtle::Choice from Group::is_identity
2020-08-25 23:09:47 +01:00
b72d0935b4
group: Add scalar multiplication bounds to Group
...
The Scalar associated type is moved from CurveProjective to Group.
2020-08-25 23:09:47 +01:00
3f0efc3a66
group: Add Group::Subgroup associated type
...
For prime-order groups, this may be Self.
2020-08-25 23:09:47 +01:00
ac9b139d29
group: Move CurveProjective::double to Group
2020-08-25 23:09:47 +01:00
bca06de21c
group: Sum + for<'a> Sum<&'a Self> bounds for Group
2020-08-25 23:09:47 +01:00
78db26b713
group: Introduce Group and PrimeGroup traits
...
Group represents a cryptographic group with a large prime-order subgroup
and a small cofactor. PrimeGroup further constrains the group to have a
cofactor of one.
2020-08-25 23:09:47 +01:00
e75b850fe5
Remove Engine associated type from CurveAffine and CurveProjective
...
The type Curve*::Engine::Fr is equivalent to Curve*::Scalar, making
Engine a redundant associated type.
2020-08-25 23:09:47 +01:00
8db20b4466
Make CurveProjective::double take &self and return Self
2020-08-25 23:09:47 +01:00
3d1af5bed8
group: Rename zero and one to identity and generator
2020-08-25 23:09:47 +01:00
145747c08b
Remove explicit std::marker from Sized bound
...
Sized is always part of the prelude, and binding on std causes
compilation issues for no-std crates.
2020-08-25 23:09:47 +01:00
d7e727255c
ff: Rename PrimeField::into_repr -> PrimeField::to_repr
2020-08-25 23:09:47 +01:00
80a0c777bb
ff: Move pow_vartime back into Field trait
...
The only places we don't use constant u64 limbs, we use PrimeField::char
instead (except in a single test where we use a field element).
2020-08-25 23:09:47 +01:00
a0177b6108
ff: Remove Ord bound from PrimeField
...
ff_derive still implements Ord and PartialOrd for the fields it
implements, because pairing::bls12_381 internally assumes that those are
implemented. Once we delete that implementation, we will remove the Ord
and PartialOrd implementations from ff_derive.
2020-08-25 23:09:47 +01:00
9243a6d8bd
ff: Add PrimeField::ReprEndianness associated type
...
This enables generic code to reliably operate on the bits of an encoded
field element, by converting them to and from a known (little)
endianness.
The BitAnd and Shr bounds on PrimeField are now removed, as users can
perform these operations themselves as needed.
2020-08-25 23:09:47 +01:00
f8ed66ec97
ff: Remove frobenius_map from Field trait
...
It is only used internally in the bls12_381 crate, and field extensions
aren't exposed anywhere in the Zcash stack.
2020-08-25 23:09:47 +01:00
8318d2f481
ff: Remove SqrtField trait
...
The sqrt() function is now part of the Field trait. ff_derive returns an
error on fields for which it does not support generating a square root
function.
Note that Fq6 and Fq12 in pairing::bls12_381 leave the function
unimplemented. They will be dropped once the migration to the bls12_381
crate is complete. The equivalent structs in that crate are not exposed.
2020-08-25 23:09:47 +01:00
d6a1581f83
ff: Remove PrimeFieldRepr trait
...
The ff::PrimeField::Repr associated type now has the minimal necessary
bounds, which can be satisfied by a newtype around a byte array.
2020-08-25 23:09:47 +01:00
b269d6ab44
ff: Add Ord bound to PrimeField
2020-08-25 23:09:47 +01:00
dfea841123
ff: PrimeField: BitAnd<u64, Output = u64> + Shr<u32, Output = Self>
2020-08-25 23:09:46 +01:00
027cb982dc
ff: PrimeField::{is_even, is_odd}
2020-08-25 23:09:46 +01:00
43573a953b
ff: Rework BitIterator to work with both u8 and u64 limb sizes
...
This enables BitIterator to be used with both the byte encoding and limb
representation of scalars.
2020-08-25 23:09:46 +01:00
0f49ddc2c0
ff: Add PrimeField: From<u64> constraint
2020-08-25 23:09:46 +01:00
0980462d4b
ff: Move pow_vartime into a trait that is generic over the limb size
...
The trait is implemented by default for u8 and u64, allowing pow_vartime
to be used with both the byte encoding and limb representation of field
elements.
2020-08-25 23:09:46 +01:00
f067548b44
group: Rewrite wNAF to remove dependency on ff::PrimeFieldRepr
...
Adapted from Scalar::non_adjacent_form in curve25519-dalek.
2020-08-25 23:09:46 +01:00
5552955ab8
group: Take scalar by reference in CurveProjective::recommended_wnaf_for_scalar
2020-08-25 23:09:46 +01:00
1a54252784
Move from CurveProjective::add_assign_mixed to traits
2020-08-25 23:09:46 +01:00
23443c7e8d
Move from Curve*::negate to Neg operator
2020-08-25 23:09:46 +01:00
2013561f4c
Move additive CurveProjective operators to traits
2020-08-25 23:09:46 +01:00
6db281d137
no_std support for ff crate
2020-08-25 23:09:46 +01:00
2e8f08f09f
Improve Field::pow API and impl
...
Renamed to Field::pow_vartime to indicate it is still variable time with
respect to the exponent.
2020-08-25 23:09:46 +01:00
1b063b7b33
Constant-time field square root
...
WARNING: THIS IS NOT FULLY CONSTANT TIME YET!
This will be fixed once we migrate to the jubjub and bls12_381 crates.
2020-08-25 23:09:46 +01:00
46c992a8e7
Constant-time field inversion
...
WARNING: THIS IS NOT ACTUALLY CONSTANT TIME YET!
The jubjub and bls12_381 crates will replace our constant-time usages,
but we NEED to fix ff_derive because other users will expect it to
implement the Field trait correctly.
2020-08-25 23:09:46 +01:00
0b35c60341
impl ConditionallySelectable for Field
2020-08-25 23:09:46 +01:00
c716dfdd63
Make Field::square take &self and return Self
2020-08-25 23:09:46 +01:00
c84d48ec04
Make Field::double take &self and return Self
2020-08-25 23:09:46 +01:00
c0cea09d13
Move from Field::negate to Neg operator
2020-08-25 23:09:46 +01:00
c05b957e9d
Move Field operations to operator-backed traits
...
The ff_derive, pairing, zcash_primitives::jubjub, and bellman dummy_engine
changes are minimally implemented on top of the existing *_assign()
functions.
2020-08-25 23:09:46 +01:00
0aab37f418
Merge pull request #46 from zkcrypto/bellman-0.6.0
...
bellman 0.6.0
2020-04-30 15:31:18 +12:00
33a6b8cdbb
Version bump of all crates (except librustzcash)
2020-04-30 15:27:46 +12:00
d8a3a0da04
Remove Sized for RngCore
...
Co-authored-by: Weiliang Li <to.be.impressive@gmail.com>
2020-04-30 15:27:46 +12:00
2d8033ef95
Fix Field::random method declarations.
2020-04-30 15:27:46 +12:00
2279da422c
Merge pull request #38 from debris/docs
...
Remove documentation entry from Cargo.toml
2020-02-10 17:16:44 +00:00
2e571901e3
Remove documentation entry from Cargo.toml
2019-12-12 15:39:40 +01:00
346d540507
bellman 0.2.0
2019-10-08 17:43:33 +13:00
8d796652d9
Merge pull request #93 from defuse/qed-it-lrz
...
Bring in QED-it Tests
2019-10-08 13:47:36 +13:00
f50079f03d
Crate docs
2019-09-24 14:23:59 +01:00
Jack Grigg
str4d
Sean Bowe
debris