G1/G2 rand() should produce elements of unknown exponent.
This commit is contained in:
Sean Bowe
parent
044256c2f7
commit
12b9606b9c
|
|
@ -85,7 +85,6 @@ macro_rules! curve_impl {
|
|||
}
|
||||
|
||||
impl $affine {
|
||||
|
||||
fn mul_bits<S: AsRef<[u64]>>(&self, bits: BitIterator<S>) -> $projective {
|
||||
let mut res = $projective::zero();
|
||||
for i in bits {
|
||||
|
|
@ -95,7 +94,6 @@ macro_rules! curve_impl {
|
|||
res
|
||||
}
|
||||
|
||||
|
||||
/// Attempts to construct an affine point given an x-coordinate. The
|
||||
/// point is not guaranteed to be in the prime order subgroup.
|
||||
///
|
||||
|
|
@ -200,7 +198,18 @@ macro_rules! curve_impl {
|
|||
|
||||
impl Rand for $projective {
|
||||
fn rand<R: Rng>(rng: &mut R) -> Self {
|
||||
$affine::one().mul($scalarfield::rand(rng))
|
||||
loop {
|
||||
let x = rng.gen();
|
||||
let greatest = rng.gen();
|
||||
|
||||
if let Some(p) = $affine::get_point_from_x(x, greatest) {
|
||||
let p = p.scale_by_cofactor();
|
||||
|
||||
if !p.is_zero() {
|
||||
return p;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -845,7 +854,6 @@ pub mod g1 {
|
|||
}
|
||||
|
||||
impl G1Affine {
|
||||
#[allow(dead_code)]
|
||||
fn scale_by_cofactor(&self) -> G1 {
|
||||
// G1 cofactor = (x - 1)^2 / 3 = 76329603384216526031706109802092473003
|
||||
let cofactor = BitIterator::new([0x8c00aaab0000aaab, 0x396c8c005555e156]);
|
||||
|
|
@ -1359,7 +1367,6 @@ pub mod g2 {
|
|||
}
|
||||
}
|
||||
|
||||
#[allow(dead_code)]
|
||||
fn scale_by_cofactor(&self) -> G2 {
|
||||
// G2 cofactor = (x^8 - 4 x^7 + 5 x^6) - (4 x^4 + 6 x^3 - 4 x^2 - 4 x + 13) // 9
|
||||
// 0x5d543a95414e7f1091d50792876a202cd91de4547085abaa68a205b2e5a7ddfa628f1cb4d9e82ef21537e293a6691ae1616ec6e786f0c70cf1c38e31c7238e5
|
||||
|
|
|
|||
Loading…
Reference in New Issue