From 737475faeaca06f65f1a95db810ba2aa6f83e422 Mon Sep 17 00:00:00 2001
From: MITSUNARI Shigeo <herumi@nifty.com>
Date: Fri, 14 Apr 2017 09:54:12 +0900
Subject: rename go/blscgo to go/bls

---
 .travis.yml        |   8 +-
 Makefile           |   4 +-
 go/bls/bls.go      | 366 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 go/bls/bls_test.go | 344 +++++++++++++++++++++++++++++++++++++++++++++++++
 go/blscgo/bls.go   | 366 -----------------------------------------------------
 go/main_test.go    | 214 -------------------------------
 6 files changed, 716 insertions(+), 586 deletions(-)
 create mode 100644 go/bls/bls.go
 create mode 100644 go/bls/bls_test.go
 delete mode 100644 go/blscgo/bls.go
 delete mode 100644 go/main_test.go

diff --git a/.travis.yml b/.travis.yml
index fe05a98..47b30bf 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -7,10 +7,10 @@ compiler:
 before_install:
   - sudo apt install -y libgmp-dev
 script:
-  - git clone https://github.com/herumi/cybozulib.git
-  - git clone https://github.com/herumi/xbyak.git
-  - git clone https://github.com/herumi/mcl.git
-  - git clone https://github.com/herumi/bls.git
+  - git clone --depth 1 https://github.com/herumi/cybozulib.git
+  - git clone --depth 1 https://github.com/herumi/xbyak.git
+  - git clone --depth 1 https://github.com/herumi/mcl.git
+  - git clone --depth 1 https://github.com/herumi/bls.git
   - cd bls
   - make UNIT=4 test run_go
   - make clean
diff --git a/Makefile b/Makefile
index d8bf027..1e2e216 100644
--- a/Makefile
+++ b/Makefile
@@ -65,8 +65,8 @@ test: $(TEST_EXE)
 	@sh -ec 'for i in $(TEST_EXE); do $$i|grep "ctest:name"; done' > result.txt
 	@grep -v "ng=0, exception=0" result.txt; if [ $$? -eq 1 ]; then echo "all unit tests succeed"; else exit 1; fi
 
-run_go: go/main_test.go $(BLS_LIB) $(BLS_IF_LIB)
-	cd go && go test -tags $(GO_TAG) -v .
+run_go: go/bls/bls.go go/bls/bls_test.go $(BLS_LIB) $(BLS_IF_LIB)
+	cd go/bls && go test -tags $(GO_TAG) -v .
 
 clean:
 	$(RM) $(BLS_LIB) $(OBJ_DIR)/*.d $(OBJ_DIR)/*.o $(EXE_DIR)/*.exe $(GEN_EXE) $(ASM_SRC) $(ASM_OBJ) $(LIB_OBJ) $(LLVM_SRC) $(BLS_IF_LIB)
diff --git a/go/bls/bls.go b/go/bls/bls.go
new file mode 100644
index 0000000..4dcd662
--- /dev/null
+++ b/go/bls/bls.go
@@ -0,0 +1,366 @@
+package bls
+
+/*
+#cgo CFLAGS:-I../../include -DBLS_MAX_OP_UNIT_SIZE=6
+#cgo bn256 CFLAGS:-UBLS_MAX_OP_UNIT_SIZE -DBLS_MAX_OP_UNIT_SIZE=4
+#cgo bn384 CFLAGS:-UBLS_MAX_OP_UNIT_SIZE -DBLS_MAX_OP_UNIT_SIZE=6
+#cgo LDFLAGS:-lbls -lbls_if -lmcl -lgmp -lgmpxx -L../lib -L../../lib -L../../../mcl/lib -L../../mcl/lib  -lstdc++ -lcrypto
+#include "bls_if.h"
+*/
+import "C"
+import "fmt"
+import "unsafe"
+
+// CurveFp254BNb -- 254 bit curve
+const CurveFp254BNb = 0
+
+// CurveFp382_1 -- 382 bit curve 1
+const CurveFp382_1 = 1
+
+// CurveFp382_2 -- 382 bit curve 2
+const CurveFp382_2 = 2
+
+// Init --
+func Init(curve int) {
+	C.blsInit(C.int(curve), C.BLS_MAX_OP_UNIT_SIZE)
+}
+
+// GetMaxOpUnitSize --
+func GetMaxOpUnitSize() int {
+	return int(C.BLS_MAX_OP_UNIT_SIZE)
+}
+
+// GetOpUnitSize --
+func GetOpUnitSize() int {
+	return int(C.blsGetOpUnitSize())
+}
+
+// ID --
+type ID struct {
+	v [C.BLS_MAX_OP_UNIT_SIZE]C.uint64_t
+}
+
+// getPointer --
+func (id *ID) getPointer() (p *C.blsId) {
+	// #nosec
+	return (*C.blsId)(unsafe.Pointer(&id.v[0]))
+}
+
+// String --
+func (id *ID) String() string {
+	buf := make([]byte, 1024)
+	// #nosec
+	n := C.blsIdGetStr(id.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n == 0 {
+		panic("implementation err. size of buf is small")
+	}
+	return string(buf[:n])
+}
+
+// SetStr --
+func (id *ID) SetStr(s string) error {
+	buf := []byte(s)
+	// #nosec
+	err := C.blsIdSetStr(id.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad string:%s", s)
+	}
+	return nil
+}
+
+// Set --
+func (id *ID) Set(v []uint64) {
+	expect := GetOpUnitSize()
+	if len(v) != expect {
+		panic(fmt.Errorf("bad size (%d), expected size %d", len(v), expect))
+	}
+	// #nosec
+	C.blsIdSet(id.getPointer(), (*C.uint64_t)(unsafe.Pointer(&v[0])))
+}
+
+// SecretKey --
+type SecretKey struct {
+	v [C.BLS_MAX_OP_UNIT_SIZE]C.uint64_t
+}
+
+// getPointer --
+func (sec *SecretKey) getPointer() (p *C.blsSecretKey) {
+	// #nosec
+	return (*C.blsSecretKey)(unsafe.Pointer(&sec.v[0]))
+}
+
+// String --
+func (sec *SecretKey) String() string {
+	buf := make([]byte, 1024)
+	// #nosec
+	n := C.blsSecretKeyGetStr(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n == 0 {
+		panic("implementation err. size of buf is small")
+	}
+	return string(buf[:n])
+}
+
+// SetStr -- The string passed in is a number and can be either hex or decimal
+func (sec *SecretKey) SetStr(s string) error {
+	buf := []byte(s)
+	// #nosec
+	err := C.blsSecretKeySetStr(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad string:%s", s)
+	}
+	return nil
+}
+
+// SetData --
+func (sec *SecretKey) SetData(buf []byte) error {
+	// #nosec
+	err := C.blsSecretKeySetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad buf:%s", buf)
+	}
+	return nil
+}
+
+// GetData --
+func (sec *SecretKey) GetData() []byte {
+	fpSize := GetOpUnitSize() * 8
+	buf := make([]byte, fpSize)
+	n := C.blsSecretKeyGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n != C.size_t(fpSize) {
+		panic("implementation err. size of buf is small")
+	}
+	return buf
+}
+
+// IsSame --
+func (lhs *SecretKey) IsSame(rhs *SecretKey) bool {
+	return C.blsSecretKeyIsSame(lhs.getPointer(), rhs.getPointer()) == 1
+}
+
+// SetArray --
+func (sec *SecretKey) SetArray(v []uint64) {
+	expect := GetOpUnitSize()
+	if len(v) != expect {
+		panic(fmt.Errorf("bad size (%d), expected size %d", len(v), expect))
+	}
+	// #nosec
+	C.blsSecretKeySetArray(sec.getPointer(), (*C.uint64_t)(unsafe.Pointer(&v[0])))
+}
+
+// Init --
+func (sec *SecretKey) Init() {
+	C.blsSecretKeyInit(sec.getPointer())
+}
+
+// Add --
+func (sec *SecretKey) Add(rhs *SecretKey) {
+	C.blsSecretKeyAdd(sec.getPointer(), rhs.getPointer())
+}
+
+// GetMasterSecretKey --
+func (sec *SecretKey) GetMasterSecretKey(k int) (msk []SecretKey) {
+	msk = make([]SecretKey, k)
+	msk[0] = *sec
+	for i := 1; i < k; i++ {
+		msk[i].Init()
+	}
+	return msk
+}
+
+// GetMasterPublicKey --
+func GetMasterPublicKey(msk []SecretKey) (mpk []PublicKey) {
+	n := len(msk)
+	mpk = make([]PublicKey, n)
+	for i := 0; i < n; i++ {
+		mpk[i] = *msk[i].GetPublicKey()
+	}
+	return mpk
+}
+
+// Set --
+func (sec *SecretKey) Set(msk []SecretKey, id *ID) {
+	C.blsSecretKeySet(sec.getPointer(), msk[0].getPointer(), C.size_t(len(msk)), id.getPointer())
+}
+
+// Recover --
+func (sec *SecretKey) Recover(secVec []SecretKey, idVec []ID) {
+	C.blsSecretKeyRecover(sec.getPointer(), secVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(secVec)))
+}
+
+// GetPop --
+func (sec *SecretKey) GetPop() (sign *Sign) {
+	sign = new(Sign)
+	C.blsSecretKeyGetPop(sec.getPointer(), sign.getPointer())
+	return sign
+}
+
+// PublicKey --
+type PublicKey struct {
+	v [C.BLS_MAX_OP_UNIT_SIZE * 2 * 3]C.uint64_t
+}
+
+// getPointer --
+func (pub *PublicKey) getPointer() (p *C.blsPublicKey) {
+	// #nosec
+	return (*C.blsPublicKey)(unsafe.Pointer(&pub.v[0]))
+}
+
+// String --
+func (pub *PublicKey) String() string {
+	buf := make([]byte, 1024)
+	// #nosec
+	n := C.blsPublicKeyGetStr(pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n == 0 {
+		panic("implementation err. size of buf is small")
+	}
+	return string(buf[:n])
+}
+
+// SetStr --
+func (pub *PublicKey) SetStr(s string) error {
+	buf := []byte(s)
+	// #nosec
+	err := C.blsPublicKeySetStr(pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad string:%s", s)
+	}
+	return nil
+}
+
+// SetData --
+func (sec *PublicKey) SetData(buf []byte) error {
+	// #nosec
+	err := C.blsPublicKeySetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad buf:%s", buf)
+	}
+	return nil
+}
+
+// GetData --
+func (sec *PublicKey) GetData() []byte {
+	fpSize := GetOpUnitSize() * 8
+	buf := make([]byte, fpSize*2)
+	n := C.blsPublicKeyGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n != C.size_t(fpSize*2) {
+		panic("implementation err. size of buf is small")
+	}
+	return buf
+}
+
+// IsSame --
+func (lhs *PublicKey) IsSame(rhs *PublicKey) bool {
+	return C.blsPublicKeyIsSame(lhs.getPointer(), rhs.getPointer()) == 1
+}
+
+// Add --
+func (pub *PublicKey) Add(rhs *PublicKey) {
+	C.blsPublicKeyAdd(pub.getPointer(), rhs.getPointer())
+}
+
+// Set --
+func (pub *PublicKey) Set(mpk []PublicKey, id *ID) {
+	C.blsPublicKeySet(pub.getPointer(), mpk[0].getPointer(), C.size_t(len(mpk)), id.getPointer())
+}
+
+// Recover --
+func (pub *PublicKey) Recover(pubVec []PublicKey, idVec []ID) {
+	C.blsPublicKeyRecover(pub.getPointer(), pubVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(pubVec)))
+}
+
+// Sign  --
+type Sign struct {
+	v [C.BLS_MAX_OP_UNIT_SIZE * 3]C.uint64_t
+}
+
+// getPointer --
+func (sign *Sign) getPointer() (p *C.blsSign) {
+	// #nosec
+	return (*C.blsSign)(unsafe.Pointer(&sign.v[0]))
+}
+
+// String --
+func (sign *Sign) String() string {
+	buf := make([]byte, 1024)
+	// #nosec
+	n := C.blsSignGetStr(sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n == 0 {
+		panic("implementation err. size of buf is small")
+	}
+	return string(buf[:n])
+}
+
+// SetStr --
+func (sign *Sign) SetStr(s string) error {
+	buf := []byte(s)
+	// #nosec
+	err := C.blsSignSetStr(sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad string:%s", s)
+	}
+	return nil
+}
+
+// SetData --
+func (sec *Sign) SetData(buf []byte) error {
+	// #nosec
+	err := C.blsSignSetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if err > 0 {
+		return fmt.Errorf("bad buf:%s", buf)
+	}
+	return nil
+}
+
+// GetData --
+func (sec *Sign) GetData() []byte {
+	fpSize := GetOpUnitSize() * 8
+	buf := make([]byte, fpSize)
+	n := C.blsSignGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	if n != C.size_t(fpSize) {
+		panic("implementation err. size of buf is small")
+	}
+	return buf
+}
+
+// IsSame --
+func (lhs *Sign) IsSame(rhs *Sign) bool {
+	return C.blsSignIsSame(lhs.getPointer(), rhs.getPointer()) == 1
+}
+
+// GetPublicKey --
+func (sec *SecretKey) GetPublicKey() (pub *PublicKey) {
+	pub = new(PublicKey)
+	C.blsSecretKeyGetPublicKey(sec.getPointer(), pub.getPointer())
+	return pub
+}
+
+// Sign -- Constant Time version
+func (sec *SecretKey) Sign(m string) (sign *Sign) {
+	sign = new(Sign)
+	buf := []byte(m)
+	// #nosec
+	C.blsSecretKeySign(sec.getPointer(), sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
+	return sign
+}
+
+// Add --
+func (sign *Sign) Add(rhs *Sign) {
+	C.blsSignAdd(sign.getPointer(), rhs.getPointer())
+}
+
+// Recover --
+func (sign *Sign) Recover(signVec []Sign, idVec []ID) {
+	C.blsSignRecover(sign.getPointer(), signVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(signVec)))
+}
+
+// Verify --
+func (sign *Sign) Verify(pub *PublicKey, m string) bool {
+	buf := []byte(m)
+	// #nosec
+	return C.blsSignVerify(sign.getPointer(), pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) == 1
+}
+
+// VerifyPop --
+func (sign *Sign) VerifyPop(pub *PublicKey) bool {
+	return C.blsSignVerifyPop(sign.getPointer(), pub.getPointer()) == 1
+}
diff --git a/go/bls/bls_test.go b/go/bls/bls_test.go
new file mode 100644
index 0000000..f2039fc
--- /dev/null
+++ b/go/bls/bls_test.go
@@ -0,0 +1,344 @@
+package bls
+
+import "testing"
+import "strconv"
+
+var curve = CurveFp382_1
+
+//var curve = CurveFp254BNb
+var unitN = 0
+
+func testPre(t *testing.T) {
+	t.Log("init")
+	var err error
+	{
+		var id ID
+		id.Set([]uint64{6, 5, 4, 3, 2, 1}[0:unitN])
+
+		t.Log("id :", id)
+		var id2 ID
+		err = id2.SetStr(id.String())
+		if err != nil {
+			t.Fatal(err)
+		}
+		t.Log("id2:", id2)
+	}
+	{
+		var sec SecretKey
+		sec.SetArray([]uint64{1, 2, 3, 4, 5, 6}[0:unitN])
+		t.Log("sec=", sec)
+	}
+
+	t.Log("create secret key")
+	m := "this is a bls sample for go"
+	var sec SecretKey
+	sec.Init()
+	t.Log("sec:", sec)
+	t.Log("create public key")
+	pub := sec.GetPublicKey()
+	t.Log("pub:", pub)
+	sign := sec.Sign(m)
+	t.Log("sign:", sign)
+	if !sign.Verify(pub, m) {
+		t.Error("Signature does not verify")
+	}
+
+	// How to make array of SecretKey
+	{
+		sec := make([]SecretKey, 3)
+		for i := 0; i < len(sec); i++ {
+			sec[i].Init()
+			t.Log("sec=", sec[i].String())
+		}
+	}
+}
+
+func testRecoverSecretKey(t *testing.T) {
+	t.Log("testRecoverSecretKey")
+	k := 3000
+	var sec SecretKey
+	sec.Init()
+
+	// make master secret key
+	msk := sec.GetMasterSecretKey(k)
+
+	n := k
+	secVec := make([]SecretKey, n)
+	idVec := make([]ID, n)
+	for i := 0; i < n; i++ {
+		idVec[i].Set([]uint64{uint64(i), 1, 2, 3, 4, 5}[0:unitN])
+		secVec[i].Set(msk, &idVec[i])
+	}
+	// recover sec2 from secVec and idVec
+	var sec2 SecretKey
+	sec2.Recover(secVec, idVec)
+	if sec.String() != sec2.String() {
+		t.Errorf("Mismatch in recovered secret key:\n  %s\n  %s.", sec.String(), sec2.String())
+	}
+}
+
+func testSign(t *testing.T) {
+	m := "testSign"
+	t.Log(m)
+
+	var sec0 SecretKey
+	sec0.Init()
+	pub0 := sec0.GetPublicKey()
+	s0 := sec0.Sign(m)
+	if !s0.Verify(pub0, m) {
+		t.Error("Signature does not verify")
+	}
+
+	k := 3
+	msk := sec0.GetMasterSecretKey(k)
+	mpk := GetMasterPublicKey(msk)
+
+	idTbl := []uint64{3, 5, 193, 22, 15}
+	n := len(idTbl)
+
+	secVec := make([]SecretKey, n)
+	pubVec := make([]PublicKey, n)
+	signVec := make([]Sign, n)
+	idVec := make([]ID, n)
+
+	for i := 0; i < n; i++ {
+		idVec[i].Set([]uint64{idTbl[i], 0, 0, 0, 0, 0}[0:unitN])
+		t.Logf("idVec[%d]=%s\n", i, idVec[i].String())
+
+		secVec[i].Set(msk, &idVec[i])
+
+		pubVec[i].Set(mpk, &idVec[i])
+		t.Logf("pubVec[%d]=%s\n", i, pubVec[i].String())
+
+		if pubVec[i].String() != secVec[i].GetPublicKey().String() {
+			t.Error("Pubkey derivation does not match")
+		}
+
+		signVec[i] = *secVec[i].Sign(m)
+		if !signVec[i].Verify(&pubVec[i], m) {
+			t.Error("Pubkey derivation does not match")
+		}
+	}
+	var sec1 SecretKey
+	sec1.Recover(secVec, idVec)
+	if sec0.String() != sec1.String() {
+		t.Error("Mismatch in recovered seckey.")
+	}
+	var pub1 PublicKey
+	pub1.Recover(pubVec, idVec)
+	if pub0.String() != pub1.String() {
+		t.Error("Mismatch in recovered pubkey.")
+	}
+	var s1 Sign
+	s1.Recover(signVec, idVec)
+	if s0.String() != s1.String() {
+		t.Error("Mismatch in recovered signature.")
+	}
+}
+
+func testAdd(t *testing.T) {
+	t.Log("testAdd")
+	var sec1 SecretKey
+	var sec2 SecretKey
+	sec1.Init()
+	sec2.Init()
+
+	pub1 := sec1.GetPublicKey()
+	pub2 := sec2.GetPublicKey()
+
+	m := "test test"
+	sign1 := sec1.Sign(m)
+	sign2 := sec2.Sign(m)
+
+	t.Log("sign1    :", sign1)
+	sign1.Add(sign2)
+	t.Log("sign1 add:", sign1)
+	pub1.Add(pub2)
+	if !sign1.Verify(pub1, m) {
+		t.Fail()
+	}
+}
+
+func testPop(t *testing.T) {
+	t.Log("testPop")
+	var sec SecretKey
+	sec.Init()
+	pop := sec.GetPop()
+	if !pop.VerifyPop(sec.GetPublicKey()) {
+		t.Errorf("Valid Pop does not verify")
+	}
+	sec.Init()
+	if pop.VerifyPop(sec.GetPublicKey()) {
+		t.Errorf("Invalid Pop verifies")
+	}
+}
+
+func testData(t *testing.T) {
+	t.Log("testData")
+	var sec1, sec2 SecretKey
+	sec1.Init()
+	s := sec1.GetData()
+	sec2.SetData(s)
+	if !sec1.IsSame(&sec2) {
+		t.Error("SecretKey not same")
+	}
+	pub1 := sec1.GetPublicKey()
+	s = pub1.GetData()
+	var pub2 PublicKey
+	pub2.SetData(s)
+	if !pub1.IsSame(&pub2) {
+		t.Error("PublicKey not same")
+	}
+	m := "doremi"
+	sign1 := sec1.Sign(m)
+	s = sign1.GetData()
+	var sign2 Sign
+	sign2.SetData(s)
+	if !sign1.IsSame(&sign2) {
+		t.Error("Sign not same")
+	}
+}
+
+func BenchmarkPubkeyFromSeckey(b *testing.B) {
+	b.StopTimer()
+	Init(curve)
+	var sec SecretKey
+	for n := 0; n < b.N; n++ {
+		sec.Init()
+		b.StartTimer()
+		sec.GetPublicKey()
+		b.StopTimer()
+	}
+}
+
+func BenchmarkSigning(b *testing.B) {
+	b.StopTimer()
+	Init(curve)
+	var sec SecretKey
+	for n := 0; n < b.N; n++ {
+		sec.Init()
+		b.StartTimer()
+		sec.Sign(strconv.Itoa(n))
+		b.StopTimer()
+	}
+}
+
+func BenchmarkValidation(b *testing.B) {
+	b.StopTimer()
+	Init(curve)
+	var sec SecretKey
+	for n := 0; n < b.N; n++ {
+		sec.Init()
+		pub := sec.GetPublicKey()
+		m := strconv.Itoa(n)
+		sig := sec.Sign(m)
+		b.StartTimer()
+		sig.Verify(pub, m)
+		b.StopTimer()
+	}
+}
+
+func benchmarkDeriveSeckeyShare(k int, b *testing.B) {
+	b.StopTimer()
+	Init(curve)
+	var sec SecretKey
+	sec.Init()
+	msk := sec.GetMasterSecretKey(k)
+	var id ID
+	for n := 0; n < b.N; n++ {
+		id.Set([]uint64{1, 2, 3, 4, 5, uint64(n)})
+		b.StartTimer()
+		sec.Set(msk, &id)
+		b.StopTimer()
+	}
+}
+
+//func BenchmarkDeriveSeckeyShare100(b *testing.B)  { benchmarkDeriveSeckeyShare(100, b) }
+//func BenchmarkDeriveSeckeyShare200(b *testing.B)  { benchmarkDeriveSeckeyShare(200, b) }
+func BenchmarkDeriveSeckeyShare500(b *testing.B) { benchmarkDeriveSeckeyShare(500, b) }
+
+//func BenchmarkDeriveSeckeyShare1000(b *testing.B) { benchmarkDeriveSeckeyShare(1000, b) }
+
+func benchmarkRecoverSeckey(k int, b *testing.B) {
+	b.StopTimer()
+	Init(curve)
+	var sec SecretKey
+	sec.Init()
+	msk := sec.GetMasterSecretKey(k)
+
+	// derive n shares
+	n := k
+	secVec := make([]SecretKey, n)
+	idVec := make([]ID, n)
+	for i := 0; i < n; i++ {
+		idVec[i].Set([]uint64{1, 2, 3, 4, 5, uint64(i)})
+		secVec[i].Set(msk, &idVec[i])
+	}
+
+	// recover from secVec and idVec
+	var sec2 SecretKey
+	b.StartTimer()
+	for n := 0; n < b.N; n++ {
+		sec2.Recover(secVec, idVec)
+	}
+}
+
+func BenchmarkRecoverSeckey100(b *testing.B)  { benchmarkRecoverSeckey(100, b) }
+func BenchmarkRecoverSeckey200(b *testing.B)  { benchmarkRecoverSeckey(200, b) }
+func BenchmarkRecoverSeckey500(b *testing.B)  { benchmarkRecoverSeckey(500, b) }
+func BenchmarkRecoverSeckey1000(b *testing.B) { benchmarkRecoverSeckey(1000, b) }
+
+func benchmarkRecoverSignature(k int, b *testing.B) {
+	b.StopTimer()
+	Init(curve)
+	var sec SecretKey
+	sec.Init()
+	msk := sec.GetMasterSecretKey(k)
+
+	// derive n shares
+	n := k
+	idVec := make([]ID, n)
+	secVec := make([]SecretKey, n)
+	signVec := make([]Sign, n)
+	for i := 0; i < n; i++ {
+		idVec[i].Set([]uint64{1, 2, 3, 4, 5, uint64(i)})
+		secVec[i].Set(msk, &idVec[i])
+		signVec[i] = *secVec[i].Sign("test message")
+	}
+
+	// recover signature
+	var sig Sign
+	b.StartTimer()
+	for n := 0; n < b.N; n++ {
+		sig.Recover(signVec, idVec)
+	}
+}
+
+func BenchmarkRecoverSignature100(b *testing.B)  { benchmarkRecoverSignature(100, b) }
+func BenchmarkRecoverSignature200(b *testing.B)  { benchmarkRecoverSignature(200, b) }
+func BenchmarkRecoverSignature500(b *testing.B)  { benchmarkRecoverSignature(500, b) }
+func BenchmarkRecoverSignature1000(b *testing.B) { benchmarkRecoverSignature(1000, b) }
+
+func test(t *testing.T, c int) {
+	Init(c)
+	unitN = GetOpUnitSize()
+	t.Logf("unitN=%d\n", unitN)
+	testPre(t)
+	testRecoverSecretKey(t)
+	testAdd(t)
+	testSign(t)
+	testPop(t)
+	testData(t)
+}
+
+func TestMain(t *testing.T) {
+	t.Logf("GetMaxOpUnitSize() = %d\n", GetMaxOpUnitSize())
+	t.Log("CurveFp254BNb")
+	test(t, CurveFp254BNb)
+	if GetMaxOpUnitSize() == 6 {
+		t.Log("CurveFp382_1")
+		test(t, CurveFp382_1)
+		t.Log("CurveFp382_1")
+		test(t, CurveFp382_2)
+	}
+}
diff --git a/go/blscgo/bls.go b/go/blscgo/bls.go
deleted file mode 100644
index ae16a4c..0000000
--- a/go/blscgo/bls.go
+++ /dev/null
@@ -1,366 +0,0 @@
-package blscgo
-
-/*
-#cgo CFLAGS:-I../../include -DBLS_MAX_OP_UNIT_SIZE=6
-#cgo bn256 CFLAGS:-UBLS_MAX_OP_UNIT_SIZE -DBLS_MAX_OP_UNIT_SIZE=4
-#cgo bn384 CFLAGS:-UBLS_MAX_OP_UNIT_SIZE -DBLS_MAX_OP_UNIT_SIZE=6
-#cgo LDFLAGS:-lbls -lbls_if -lmcl -lgmp -lgmpxx -L../lib -L../../lib -L../../../mcl/lib -L../../mcl/lib  -lstdc++ -lcrypto
-#include "bls_if.h"
-*/
-import "C"
-import "fmt"
-import "unsafe"
-
-// CurveFp254BNb -- 254 bit curve
-const CurveFp254BNb = 0
-
-// CurveFp382_1 -- 382 bit curve 1
-const CurveFp382_1 = 1
-
-// CurveFp382_2 -- 382 bit curve 2
-const CurveFp382_2 = 2
-
-// Init --
-func Init(curve int) {
-	C.blsInit(C.int(curve), C.BLS_MAX_OP_UNIT_SIZE)
-}
-
-// GetMaxOpUnitSize --
-func GetMaxOpUnitSize() int {
-	return int(C.BLS_MAX_OP_UNIT_SIZE)
-}
-
-// GetOpUnitSize --
-func GetOpUnitSize() int {
-	return int(C.blsGetOpUnitSize())
-}
-
-// ID --
-type ID struct {
-	v [C.BLS_MAX_OP_UNIT_SIZE]C.uint64_t
-}
-
-// getPointer --
-func (id *ID) getPointer() (p *C.blsId) {
-	// #nosec
-	return (*C.blsId)(unsafe.Pointer(&id.v[0]))
-}
-
-// String --
-func (id *ID) String() string {
-	buf := make([]byte, 1024)
-	// #nosec
-	n := C.blsIdGetStr(id.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n == 0 {
-		panic("implementation err. size of buf is small")
-	}
-	return string(buf[:n])
-}
-
-// SetStr --
-func (id *ID) SetStr(s string) error {
-	buf := []byte(s)
-	// #nosec
-	err := C.blsIdSetStr(id.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad string:%s", s)
-	}
-	return nil
-}
-
-// Set --
-func (id *ID) Set(v []uint64) {
-	expect := GetOpUnitSize()
-	if len(v) != expect {
-		panic(fmt.Errorf("bad size (%d), expected size %d", len(v), expect))
-	}
-	// #nosec
-	C.blsIdSet(id.getPointer(), (*C.uint64_t)(unsafe.Pointer(&v[0])))
-}
-
-// SecretKey --
-type SecretKey struct {
-	v [C.BLS_MAX_OP_UNIT_SIZE]C.uint64_t
-}
-
-// getPointer --
-func (sec *SecretKey) getPointer() (p *C.blsSecretKey) {
-	// #nosec
-	return (*C.blsSecretKey)(unsafe.Pointer(&sec.v[0]))
-}
-
-// String --
-func (sec *SecretKey) String() string {
-	buf := make([]byte, 1024)
-	// #nosec
-	n := C.blsSecretKeyGetStr(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n == 0 {
-		panic("implementation err. size of buf is small")
-	}
-	return string(buf[:n])
-}
-
-// SetStr -- The string passed in is a number and can be either hex or decimal
-func (sec *SecretKey) SetStr(s string) error {
-	buf := []byte(s)
-	// #nosec
-	err := C.blsSecretKeySetStr(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad string:%s", s)
-	}
-	return nil
-}
-
-// SetData --
-func (sec *SecretKey) SetData(buf []byte) error {
-	// #nosec
-	err := C.blsSecretKeySetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad buf:%s", buf)
-	}
-	return nil
-}
-
-// GetData --
-func (sec *SecretKey) GetData() []byte {
-	fpSize := GetOpUnitSize() * 8
-	buf := make([]byte, fpSize)
-	n := C.blsSecretKeyGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n != C.size_t(fpSize) {
-		panic("implementation err. size of buf is small")
-	}
-	return buf
-}
-
-// IsSame --
-func (lhs *SecretKey) IsSame(rhs *SecretKey) bool {
-	return C.blsSecretKeyIsSame(lhs.getPointer(), rhs.getPointer()) == 1
-}
-
-// SetArray --
-func (sec *SecretKey) SetArray(v []uint64) {
-	expect := GetOpUnitSize()
-	if len(v) != expect {
-		panic(fmt.Errorf("bad size (%d), expected size %d", len(v), expect))
-	}
-	// #nosec
-	C.blsSecretKeySetArray(sec.getPointer(), (*C.uint64_t)(unsafe.Pointer(&v[0])))
-}
-
-// Init --
-func (sec *SecretKey) Init() {
-	C.blsSecretKeyInit(sec.getPointer())
-}
-
-// Add --
-func (sec *SecretKey) Add(rhs *SecretKey) {
-	C.blsSecretKeyAdd(sec.getPointer(), rhs.getPointer())
-}
-
-// GetMasterSecretKey --
-func (sec *SecretKey) GetMasterSecretKey(k int) (msk []SecretKey) {
-	msk = make([]SecretKey, k)
-	msk[0] = *sec
-	for i := 1; i < k; i++ {
-		msk[i].Init()
-	}
-	return msk
-}
-
-// GetMasterPublicKey --
-func GetMasterPublicKey(msk []SecretKey) (mpk []PublicKey) {
-	n := len(msk)
-	mpk = make([]PublicKey, n)
-	for i := 0; i < n; i++ {
-		mpk[i] = *msk[i].GetPublicKey()
-	}
-	return mpk
-}
-
-// Set --
-func (sec *SecretKey) Set(msk []SecretKey, id *ID) {
-	C.blsSecretKeySet(sec.getPointer(), msk[0].getPointer(), C.size_t(len(msk)), id.getPointer())
-}
-
-// Recover --
-func (sec *SecretKey) Recover(secVec []SecretKey, idVec []ID) {
-	C.blsSecretKeyRecover(sec.getPointer(), secVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(secVec)))
-}
-
-// GetPop --
-func (sec *SecretKey) GetPop() (sign *Sign) {
-	sign = new(Sign)
-	C.blsSecretKeyGetPop(sec.getPointer(), sign.getPointer())
-	return sign
-}
-
-// PublicKey --
-type PublicKey struct {
-	v [C.BLS_MAX_OP_UNIT_SIZE * 2 * 3]C.uint64_t
-}
-
-// getPointer --
-func (pub *PublicKey) getPointer() (p *C.blsPublicKey) {
-	// #nosec
-	return (*C.blsPublicKey)(unsafe.Pointer(&pub.v[0]))
-}
-
-// String --
-func (pub *PublicKey) String() string {
-	buf := make([]byte, 1024)
-	// #nosec
-	n := C.blsPublicKeyGetStr(pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n == 0 {
-		panic("implementation err. size of buf is small")
-	}
-	return string(buf[:n])
-}
-
-// SetStr --
-func (pub *PublicKey) SetStr(s string) error {
-	buf := []byte(s)
-	// #nosec
-	err := C.blsPublicKeySetStr(pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad string:%s", s)
-	}
-	return nil
-}
-
-// SetData --
-func (sec *PublicKey) SetData(buf []byte) error {
-	// #nosec
-	err := C.blsPublicKeySetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad buf:%s", buf)
-	}
-	return nil
-}
-
-// GetData --
-func (sec *PublicKey) GetData() []byte {
-	fpSize := GetOpUnitSize() * 8
-	buf := make([]byte, fpSize*2)
-	n := C.blsPublicKeyGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n != C.size_t(fpSize*2) {
-		panic("implementation err. size of buf is small")
-	}
-	return buf
-}
-
-// IsSame --
-func (lhs *PublicKey) IsSame(rhs *PublicKey) bool {
-	return C.blsPublicKeyIsSame(lhs.getPointer(), rhs.getPointer()) == 1
-}
-
-// Add --
-func (pub *PublicKey) Add(rhs *PublicKey) {
-	C.blsPublicKeyAdd(pub.getPointer(), rhs.getPointer())
-}
-
-// Set --
-func (pub *PublicKey) Set(mpk []PublicKey, id *ID) {
-	C.blsPublicKeySet(pub.getPointer(), mpk[0].getPointer(), C.size_t(len(mpk)), id.getPointer())
-}
-
-// Recover --
-func (pub *PublicKey) Recover(pubVec []PublicKey, idVec []ID) {
-	C.blsPublicKeyRecover(pub.getPointer(), pubVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(pubVec)))
-}
-
-// Sign  --
-type Sign struct {
-	v [C.BLS_MAX_OP_UNIT_SIZE * 3]C.uint64_t
-}
-
-// getPointer --
-func (sign *Sign) getPointer() (p *C.blsSign) {
-	// #nosec
-	return (*C.blsSign)(unsafe.Pointer(&sign.v[0]))
-}
-
-// String --
-func (sign *Sign) String() string {
-	buf := make([]byte, 1024)
-	// #nosec
-	n := C.blsSignGetStr(sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n == 0 {
-		panic("implementation err. size of buf is small")
-	}
-	return string(buf[:n])
-}
-
-// SetStr --
-func (sign *Sign) SetStr(s string) error {
-	buf := []byte(s)
-	// #nosec
-	err := C.blsSignSetStr(sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad string:%s", s)
-	}
-	return nil
-}
-
-// SetData --
-func (sec *Sign) SetData(buf []byte) error {
-	// #nosec
-	err := C.blsSignSetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if err > 0 {
-		return fmt.Errorf("bad buf:%s", buf)
-	}
-	return nil
-}
-
-// GetData --
-func (sec *Sign) GetData() []byte {
-	fpSize := GetOpUnitSize() * 8
-	buf := make([]byte, fpSize)
-	n := C.blsSignGetData(sec.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	if n != C.size_t(fpSize) {
-		panic("implementation err. size of buf is small")
-	}
-	return buf
-}
-
-// IsSame --
-func (lhs *Sign) IsSame(rhs *Sign) bool {
-	return C.blsSignIsSame(lhs.getPointer(), rhs.getPointer()) == 1
-}
-
-// GetPublicKey --
-func (sec *SecretKey) GetPublicKey() (pub *PublicKey) {
-	pub = new(PublicKey)
-	C.blsSecretKeyGetPublicKey(sec.getPointer(), pub.getPointer())
-	return pub
-}
-
-// Sign -- Constant Time version
-func (sec *SecretKey) Sign(m string) (sign *Sign) {
-	sign = new(Sign)
-	buf := []byte(m)
-	// #nosec
-	C.blsSecretKeySign(sec.getPointer(), sign.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf)))
-	return sign
-}
-
-// Add --
-func (sign *Sign) Add(rhs *Sign) {
-	C.blsSignAdd(sign.getPointer(), rhs.getPointer())
-}
-
-// Recover --
-func (sign *Sign) Recover(signVec []Sign, idVec []ID) {
-	C.blsSignRecover(sign.getPointer(), signVec[0].getPointer(), idVec[0].getPointer(), C.size_t(len(signVec)))
-}
-
-// Verify --
-func (sign *Sign) Verify(pub *PublicKey, m string) bool {
-	buf := []byte(m)
-	// #nosec
-	return C.blsSignVerify(sign.getPointer(), pub.getPointer(), (*C.char)(unsafe.Pointer(&buf[0])), C.size_t(len(buf))) == 1
-}
-
-// VerifyPop --
-func (sign *Sign) VerifyPop(pub *PublicKey) bool {
-	return C.blsSignVerifyPop(sign.getPointer(), pub.getPointer()) == 1
-}
diff --git a/go/main_test.go b/go/main_test.go
deleted file mode 100644
index b5069c3..0000000
--- a/go/main_test.go
+++ /dev/null
@@ -1,214 +0,0 @@
-package main
-
-import "fmt"
-import "./blscgo"
-import "testing"
-
-//import "runtime"
-//import "time"
-
-var unitN = 0
-
-func verifyTrue(b bool) {
-	if !b {
-		fmt.Println("ERR")
-	}
-}
-func testRecoverSecretKey(t *testing.T) {
-	k := 3000
-	var sec blscgo.SecretKey
-	sec.Init()
-
-	// make master secret key
-	msk := sec.GetMasterSecretKey(k)
-
-	n := k
-	secVec := make([]blscgo.SecretKey, n)
-	idVec := make([]blscgo.ID, n)
-	for i := 0; i < n; i++ {
-		idVec[i].Set([]uint64{1, 2, 3, uint64(i), 4, 5}[0:unitN])
-		secVec[i].Set(msk, &idVec[i])
-	}
-	// recover sec2 from secVec and idVec
-	var sec2 blscgo.SecretKey
-	sec2.Recover(secVec, idVec)
-	if sec.String() != sec2.String() {
-		t.Fatal("sec err %s %s\n", sec, sec2)
-	}
-}
-
-func testSign(t *testing.T) {
-	m := "testSign"
-
-	var sec0 blscgo.SecretKey
-	sec0.Init()
-	pub0 := sec0.GetPublicKey()
-	s0 := sec0.Sign(m)
-	if !s0.Verify(pub0, m) {
-		t.Fatal("s0.Verify")
-	}
-
-	k := 3
-	msk := sec0.GetMasterSecretKey(k)
-	mpk := blscgo.GetMasterPublicKey(msk)
-
-	idTbl := []uint64{3, 5, 193, 22, 15}
-	n := len(idTbl)
-
-	secVec := make([]blscgo.SecretKey, n)
-	pubVec := make([]blscgo.PublicKey, n)
-	signVec := make([]blscgo.Sign, n)
-	idVec := make([]blscgo.ID, n)
-
-	for i := 0; i < n; i++ {
-		idVec[i].Set([]uint64{idTbl[i], 0, 0, 0, 0, 0}[0:unitN])
-
-		secVec[i].Set(msk, &idVec[i])
-
-		pubVec[i].Set(mpk, &idVec[i])
-
-		if pubVec[i].String() != secVec[i].GetPublicKey().String() {
-			t.Fatal("pubVec %d", i)
-		}
-
-		signVec[i] = *secVec[i].Sign(m)
-		if !signVec[i].Verify(&pubVec[i], m) {
-			t.Fatal("singVec %d", i)
-		}
-	}
-	var sec1 blscgo.SecretKey
-	sec1.Recover(secVec, idVec)
-	if sec0.String() != sec1.String() {
-		t.Fatal("sec0 sec1")
-	}
-	var pub1 blscgo.PublicKey
-	pub1.Recover(pubVec, idVec)
-	if pub0.String() != pub1.String() {
-		t.Fatal("pub0 pub1")
-	}
-	var s1 blscgo.Sign
-	s1.Recover(signVec, idVec)
-	if s0.String() != s1.String() {
-		t.Fatal("s0 s1")
-	}
-}
-
-func testAdd(t *testing.T) {
-	var sec1 blscgo.SecretKey
-	var sec2 blscgo.SecretKey
-	sec1.Init()
-	sec2.Init()
-
-	pub1 := sec1.GetPublicKey()
-	pub2 := sec2.GetPublicKey()
-
-	m := "test test"
-	sign1 := sec1.Sign(m)
-	sign2 := sec2.Sign(m)
-
-	sign1.Add(sign2)
-	pub1.Add(pub2)
-	if !sign1.Verify(pub1, m) {
-		t.Fatal("sign1.Verify")
-	}
-}
-
-func testPop(t *testing.T) {
-	var sec blscgo.SecretKey
-	sec.Init()
-	pop := sec.GetPop()
-	if !pop.VerifyPop(sec.GetPublicKey()) {
-		t.Fatal("pop.VerifyPop")
-	}
-	sec.Init()
-	if pop.VerifyPop(sec.GetPublicKey()) {
-		t.Fatal("pop.Verify another")
-	}
-}
-
-func testData(t *testing.T) {
-	var sec1, sec2 blscgo.SecretKey
-	sec1.Init()
-	s := sec1.GetData()
-	sec2.SetData(s)
-	if !sec1.IsSame(&sec2) {
-		t.Fatal("SecretKey not same")
-	}
-	pub1 := sec1.GetPublicKey()
-	s = pub1.GetData()
-	var pub2 blscgo.PublicKey
-	pub2.SetData(s)
-	if !pub1.IsSame(&pub2) {
-		t.Fatal("PublicKey not same")
-	}
-	m := "doremi"
-	sign1 := sec1.Sign(m)
-	s = sign1.GetData()
-	var sign2 blscgo.Sign
-	sign2.SetData(s)
-	if !sign1.IsSame(&sign2) {
-		t.Fatal("Sign not same")
-	}
-}
-
-func test(t *testing.T, cp int) {
-	blscgo.Init(cp)
-	unitN = blscgo.GetOpUnitSize()
-	{
-		var id blscgo.ID
-		id.Set([]uint64{6, 5, 4, 3, 2, 1}[0:unitN])
-		var id2 blscgo.ID
-		id2.SetStr(id.String())
-		if id.String() != id2.String() {
-			t.Fatal("id err %s %s", id, id2)
-		}
-	}
-	{
-		var sec blscgo.SecretKey
-		sec.SetArray([]uint64{1, 2, 3, 4, 5, 6}[0:unitN])
-	}
-
-	fmt.Println("create secret key")
-	m := "this is a blscgo sample for go"
-	var sec blscgo.SecretKey
-	sec.Init()
-	pub := sec.GetPublicKey()
-	sign := sec.Sign(m)
-	if !sign.Verify(pub, m) {
-		t.Fatal("sign.Verify")
-	}
-
-	// How to make array of SecretKey
-	{
-		sec := make([]blscgo.SecretKey, 3)
-		for i := 0; i < len(sec); i++ {
-			sec[i].Init()
-		}
-	}
-	testRecoverSecretKey(t)
-	testAdd(t)
-	testSign(t)
-	testPop(t)
-	testData(t)
-
-	// put memory status
-	/*
-		runtime.GC()
-		time.Sleep(2 * time.Second)
-		var mem runtime.MemStats
-		runtime.ReadMemStats(&mem)
-		fmt.Println("mem=", mem)
-	*/
-}
-
-func TestMain(t *testing.T) {
-	fmt.Printf("GetMaxOpUnitSize() = %d\n", blscgo.GetMaxOpUnitSize())
-	fmt.Println("CurveFp254BNb")
-	test(t, blscgo.CurveFp254BNb)
-	if blscgo.GetMaxOpUnitSize() == 6 {
-		fmt.Println("CurveFp382_1")
-		test(t, blscgo.CurveFp382_1)
-		fmt.Println("CurveFp382_1")
-		test(t, blscgo.CurveFp382_2)
-	}
-}
-- 
cgit v1.2.3