From ed7b141f6ef2701712becc59d6e987b1ab6a1785 Mon Sep 17 00:00:00 2001 From: MITSUNARI Shigeo Date: Thu, 5 Apr 2018 21:44:13 +0900 Subject: BLS signature supports BLS12-381 --- go/bls/bls_test.go | 7 +++++-- go/bls/mcl.go | 4 +++- src/bls.cpp | 14 +++++++------- test/bls_c384_test.cpp | 38 ++++++++++++++++++++------------------ test/bls_test.cpp | 19 ++++++++++--------- 5 files changed, 45 insertions(+), 37 deletions(-) diff --git a/go/bls/bls_test.go b/go/bls/bls_test.go index 5d5d432..400f90d 100644 --- a/go/bls/bls_test.go +++ b/go/bls/bls_test.go @@ -292,6 +292,9 @@ func testOrder(t *testing.T, c int) { } else if c == CurveFp382_2 { curve = "5541245505022739011583672869577435255026888277144126952448297309161979278754528049907713682488818304329661351460877" field = "5541245505022739011583672869577435255026888277144126952450651294188487038640194767986566260919128250811286032482323" + } else if c == BLS12_381 { + curve = "52435875175126190479447740508185965837690552500527637822603658699938581184513" + field = "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787" } else { t.Fatal("bad c", c) } @@ -343,8 +346,8 @@ func TestMain(t *testing.T) { if GetMaxOpUnitSize() == 6 { t.Log("CurveFp382_1") test(t, CurveFp382_1) - t.Log("CurveFp382_2") - test(t, CurveFp382_2) + t.Log("BLS12_381") + test(t, BLS12_381) } } diff --git a/go/bls/mcl.go b/go/bls/mcl.go index 504fc7c..00feebc 100644 --- a/go/bls/mcl.go +++ b/go/bls/mcl.go @@ -3,7 +3,6 @@ package bls /* #cgo CFLAGS:-DMCLBN_FP_UNIT_SIZE=6 #include -#include */ import "C" import "fmt" @@ -18,6 +17,9 @@ const CurveFp382_1 = C.mclBn_CurveFp382_1 // CurveFp382_2 -- 382 bit curve 2 const CurveFp382_2 = C.mclBn_CurveFp382_2 +// BLS12_381 +const BLS12_381 = C.MCL_BLS12_381 + // GetMaxOpUnitSize -- func GetMaxOpUnitSize() int { return int(C.MCLBN_FP_UNIT_SIZE) diff --git a/src/bls.cpp b/src/bls.cpp index cc67186..71bcb3b 100644 --- a/src/bls.cpp +++ b/src/bls.cpp @@ -156,17 +156,17 @@ std::ostream& writeAsHex(std::ostream& os, const T& t) void init(int curve, int maxUnitSize) { if (maxUnitSize != MCLBN_FP_UNIT_SIZE) throw cybozu::Exception("bls:init:bad maxUnitSize") << maxUnitSize << MCLBN_FP_UNIT_SIZE; - mcl::bn::CurveParam cp; + mcl::CurveParam cp; switch (curve) { - case mclBn_CurveFp254BNb: - cp = mcl::bn::CurveFp254BNb; + case MCL_BN254: + cp = mcl::BN254; break; #if MCLBN_FP_UNIT_SIZE == 6 - case mclBn_CurveFp382_1: - cp = mcl::bn::CurveFp382_1; + case MCL_BN381_1: + cp = mcl::BN381_1; break; - case mclBn_CurveFp382_2: - cp = mcl::bn::CurveFp382_2; + case MCL_BLS12_381: + cp = mcl::BLS12_381; break; #endif default: diff --git a/test/bls_c384_test.cpp b/test/bls_c384_test.cpp index 744a1ca..428fff7 100644 --- a/test/bls_c384_test.cpp +++ b/test/bls_c384_test.cpp @@ -24,21 +24,22 @@ void blsDataTest() { const char *msg = "test test"; const size_t msgSize = strlen(msg); - const size_t fpSize = blsGetOpUnitSize() * sizeof(uint64_t); + const size_t FrSize = mclBn_getFrByteSize(); + const size_t FpSize = mclBn_getG1ByteSize(); blsSecretKey sec1, sec2; blsSecretKeySetByCSPRNG(&sec1); char buf[1024]; size_t n; int ret; n = blsSecretKeyGetHexStr(buf, sizeof(buf), &sec1); - CYBOZU_TEST_ASSERT(0 < n && n <= fpSize * 2); + CYBOZU_TEST_ASSERT(0 < n && n <= FrSize * 2); ret = blsSecretKeySetHexStr(&sec2, buf, n); CYBOZU_TEST_EQUAL(ret, 0); CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); memset(&sec2, 0, sizeof(sec2)); n = blsSecretKeySerialize(buf, sizeof(buf), &sec1); - CYBOZU_TEST_EQUAL(n, fpSize); + CYBOZU_TEST_EQUAL(n, FrSize); ret = blsSecretKeyDeserialize(&sec2, buf, n); CYBOZU_TEST_EQUAL(ret, n); CYBOZU_TEST_ASSERT(blsSecretKeyIsEqual(&sec1, &sec2)); @@ -46,14 +47,14 @@ void blsDataTest() blsPublicKey pub1, pub2; blsGetPublicKey(&pub1, &sec1); n = blsPublicKeySerialize(buf, sizeof(buf), &pub1); - CYBOZU_TEST_EQUAL(n, fpSize * 2); + CYBOZU_TEST_EQUAL(n, FpSize * 2); ret = blsPublicKeyDeserialize(&pub2, buf, n); CYBOZU_TEST_EQUAL(ret, n); CYBOZU_TEST_ASSERT(blsPublicKeyIsEqual(&pub1, &pub2)); blsSignature sig1, sig2; blsSign(&sig1, &sec1, msg, msgSize); n = blsSignatureSerialize(buf, sizeof(buf), &sig1); - CYBOZU_TEST_EQUAL(n, fpSize); + CYBOZU_TEST_EQUAL(n, FpSize); ret = blsSignatureDeserialize(&sig2, buf, n); CYBOZU_TEST_EQUAL(ret, n); CYBOZU_TEST_ASSERT(blsSignatureIsEqual(&sig1, &sig2)); @@ -95,7 +96,7 @@ CYBOZU_TEST_AUTO(multipleInit) { std::vector vt(n); for (size_t i = 0; i < n; i++) { - vt[i].run(blsInit, mclBn_CurveFp254BNb, MCLBN_FP_UNIT_SIZE); + vt[i].run(blsInit, MCL_BN254, MCLBN_FP_UNIT_SIZE); } } CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 4u); @@ -103,7 +104,7 @@ CYBOZU_TEST_AUTO(multipleInit) { std::vector vt(n); for (size_t i = 0; i < n; i++) { - vt[i].run(blsInit, mclBn_CurveFp382_1, MCLBN_FP_UNIT_SIZE); + vt[i].run(blsInit, MCL_BLS12_381, MCLBN_FP_UNIT_SIZE); } } CYBOZU_TEST_EQUAL(blsGetOpUnitSize(), 6u); @@ -113,8 +114,9 @@ CYBOZU_TEST_AUTO(multipleInit) void blsSerializeTest() { - const size_t opUnitSize = mclBn_getOpUnitSize(); - printf("opUnitSize=%d\n", (int)opUnitSize); + const size_t FrSize = mclBn_getFrByteSize(); + const size_t FpSize = mclBn_getG1ByteSize(); + printf("FrSize=%d, FpSize=%d\n", (int)FrSize, (int)FpSize); blsId id1, id2; blsSecretKey sec1, sec2; blsPublicKey pub1, pub2; @@ -126,7 +128,7 @@ void blsSerializeTest() const char dummyChar = '1'; // Id - expectSize = opUnitSize * 8; + expectSize = FrSize; blsIdSetInt(&id1, -1); n = blsIdSerialize(buf, sizeof(buf), &id1); CYBOZU_TEST_EQUAL(n, expectSize); @@ -148,7 +150,7 @@ void blsSerializeTest() CYBOZU_TEST_EQUAL(n, expectSize); // SecretKey - expectSize = opUnitSize * 8; + expectSize = FrSize; blsSecretKeySetDecStr(&sec1, "-1", 2); n = blsSecretKeySerialize(buf, sizeof(buf), &sec1); CYBOZU_TEST_EQUAL(n, expectSize); @@ -170,7 +172,7 @@ void blsSerializeTest() CYBOZU_TEST_EQUAL(n, expectSize); // PublicKey - expectSize = opUnitSize * 8 * 2; + expectSize = FpSize * 2; blsGetPublicKey(&pub1, &sec1); n = blsPublicKeySerialize(buf, sizeof(buf), &pub1); CYBOZU_TEST_EQUAL(n, expectSize); @@ -192,7 +194,7 @@ void blsSerializeTest() CYBOZU_TEST_EQUAL(n, expectSize); // Signature - expectSize = opUnitSize * 8; + expectSize = FpSize; blsSign(&sig1, &sec1, "abc", 3); n = blsSignatureSerialize(buf, sizeof(buf), &sig1); CYBOZU_TEST_EQUAL(n, expectSize); @@ -217,21 +219,21 @@ void blsSerializeTest() CYBOZU_TEST_AUTO(all) { const int tbl[] = { - mclBn_CurveFp254BNb, + MCL_BN254, #if MCLBN_FP_UNIT_SIZE == 6 - mclBn_CurveFp382_1, - mclBn_CurveFp382_2 + MCL_BN381_1, + MCL_BLS12_381, #endif }; const char *curveOrderTbl[] = { "16798108731015832284940804142231733909759579603404752749028378864165570215949", "5540996953667913971058039301942914304734176495422447785042938606876043190415948413757785063597439175372845535461389", - "5541245505022739011583672869577435255026888277144126952448297309161979278754528049907713682488818304329661351460877", + "52435875175126190479447740508185965837690552500527637822603658699938581184513", }; const char *fieldOrderTbl[] = { "16798108731015832284940804142231733909889187121439069848933715426072753864723", "5540996953667913971058039301942914304734176495422447785045292539108217242186829586959562222833658991069414454984723", - "5541245505022739011583672869577435255026888277144126952450651294188487038640194767986566260919128250811286032482323", + "4002409555221667393417789825735904156556882819939007885332058136124031650490837864442687629129015664037894272559787", }; for (size_t i = 0; i < sizeof(tbl) / sizeof(tbl[0]); i++) { printf("i=%d\n", (int)i); diff --git a/test/bls_test.cpp b/test/bls_test.cpp index c81a41a..f97d9a7 100644 --- a/test/bls_test.cpp +++ b/test/bls_test.cpp @@ -66,7 +66,7 @@ void SecretKeyTestBN256() CYBOZU_TEST_AUTO(bn256) { - bls::init(mclBn_CurveFp254BNb); + bls::init(MCL_BN254); IdTestBN256(); SecretKeyTestBN256(); CYBOZU_TEST_EQUAL(bls::getOpUnitSize(), 4); @@ -367,13 +367,14 @@ void aggregateTest() void dataTest() { - const size_t size = bls::getOpUnitSize() * sizeof(uint64_t); + const size_t FrSize = mclBn_getFrByteSize(); + const size_t FpSize = mclBn_getG1ByteSize(); bls::SecretKey sec; sec.init(); std::string str; sec.getStr(str, bls::IoFixedByteSeq); { - CYBOZU_TEST_EQUAL(str.size(), size); + CYBOZU_TEST_EQUAL(str.size(), FrSize); bls::SecretKey sec2; sec2.setStr(str, bls::IoFixedByteSeq); CYBOZU_TEST_EQUAL(sec, sec2); @@ -382,7 +383,7 @@ void dataTest() sec.getPublicKey(pub); pub.getStr(str, bls::IoFixedByteSeq); { - CYBOZU_TEST_EQUAL(str.size(), size * 2); + CYBOZU_TEST_EQUAL(str.size(), FpSize * 2); bls::PublicKey pub2; pub2.setStr(str, bls::IoFixedByteSeq); CYBOZU_TEST_EQUAL(pub, pub2); @@ -392,7 +393,7 @@ void dataTest() sec.sign(sign, m); sign.getStr(str, bls::IoFixedByteSeq); { - CYBOZU_TEST_EQUAL(str.size(), size); + CYBOZU_TEST_EQUAL(str.size(), FpSize); bls::Signature sign2; sign2.setStr(str, bls::IoFixedByteSeq); CYBOZU_TEST_EQUAL(sign, sign2); @@ -402,7 +403,7 @@ void dataTest() id.set(v); id.getStr(str, bls::IoFixedByteSeq); { - CYBOZU_TEST_EQUAL(str.size(), size); + CYBOZU_TEST_EQUAL(str.size(), FrSize); bls::Id id2; id2.setStr(str, bls::IoFixedByteSeq); CYBOZU_TEST_EQUAL(id, id2); @@ -424,10 +425,10 @@ CYBOZU_TEST_AUTO(all) int type; const char *name; } tbl[] = { - { mclBn_CurveFp254BNb, "Fp254" }, + { MCL_BN254, "BN254" }, #if MCLBN_FP_UNIT_SIZE == 6 - { mclBn_CurveFp382_1, "Fp382_1" }, - { mclBn_CurveFp382_2, "Fp382_2" }, + { MCL_BN381_1, "BN381_1" }, + { MCL_BLS12_381, "BLS12_381" }, #endif }; for (size_t i = 0; i < CYBOZU_NUM_OF_ARRAY(tbl); i++) { -- cgit v1.2.3