From cfd56e2576f55a5e22804e3612b4004c0d6d9ef3 Mon Sep 17 00:00:00 2001
From: MITSUNARI Shigeo <herumi@nifty.com>
Date: Sat, 15 Sep 2018 22:03:40 +0900
Subject: remove duplicated C++ code and libbls.a

---
 src/bls_c_impl.hpp | 414 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 414 insertions(+)
 create mode 100644 src/bls_c_impl.hpp

(limited to 'src/bls_c_impl.hpp')

diff --git a/src/bls_c_impl.hpp b/src/bls_c_impl.hpp
new file mode 100644
index 0000000..75e5a44
--- /dev/null
+++ b/src/bls_c_impl.hpp
@@ -0,0 +1,414 @@
+#define MCLBN_DONT_EXPORT
+#define BLS_DLL_EXPORT
+
+#include <bls/bls.h>
+
+#include "../mcl/src/bn_c_impl.hpp"
+
+/*
+	BLS signature
+	e : G1 x G2 -> Fp12
+	Q in G2 ; fixed global parameter
+	H : {str} -> G1
+	s : secret key
+	sQ ; public key
+	s H(m) ; signature of m
+	verify ; e(sQ, H(m)) = e(Q, s H(m))
+*/
+
+static G2 g_Q;
+const size_t maxQcoeffN = 128;
+static mcl::FixedArray<Fp6, maxQcoeffN> g_Qcoeff; // precomputed Q
+inline const G2& getQ() { return g_Q; }
+inline const mcl::FixedArray<Fp6, maxQcoeffN>& getQcoeff() { return g_Qcoeff; }
+
+int blsInitNotThreadSafe(int curve, int maxUnitSize)
+{
+	int ret = mclBn_init(curve, maxUnitSize);
+	if (ret < 0) return ret;
+	bool b;
+
+	if (curve == MCL_BN254) {
+		const char *Qx_BN254 = "11ccb44e77ac2c5dc32a6009594dbe331ec85a61290d6bbac8cc7ebb2dceb128 f204a14bbdac4a05be9a25176de827f2e60085668becdd4fc5fa914c9ee0d9a";
+		const char *Qy_BN254 = "7c13d8487903ee3c1c5ea327a3a52b6cc74796b1760d5ba20ed802624ed19c8 8f9642bbaacb73d8c89492528f58932f2de9ac3e80c7b0e41f1a84f1c40182";
+		g_Q.x.setStr(&b, Qx_BN254, 16);
+		g_Q.y.setStr(&b, Qy_BN254, 16);
+		g_Q.z = 1;
+	} else {
+		mapToG2(&b, g_Q, 1);
+	}
+	if (!b) return -100;
+	if (curve == MCL_BN254) {
+		#include "./qcoeff-bn254.hpp"
+		g_Qcoeff.resize(BN::param.precomputedQcoeffSize);
+		assert(g_Qcoeff.size() == CYBOZU_NUM_OF_ARRAY(tbl));
+		for (size_t i = 0; i < g_Qcoeff.size(); i++) {
+			Fp6& x6 = g_Qcoeff[i];
+			for (size_t j = 0; j < 6; j++) {
+				Fp& x = x6.getFp0()[j];
+				mcl::fp::Unit *p = const_cast<mcl::fp::Unit*>(x.getUnit());
+				for (size_t k = 0; k < 4; k++) {
+					p[k] = QcoeffTblBN254[i][j][k];
+				}
+			}
+		}
+	} else {
+		precomputeG2(&b, g_Qcoeff, getQ());
+	}
+	if (!b) return -101;
+	return 0;
+}
+
+#ifdef __EMSCRIPTEN__
+extern "C" BLS_DLL_API void *blsMalloc(size_t n)
+{
+	return malloc(n);
+}
+extern "C" BLS_DLL_API void blsFree(void *p)
+{
+	free(p);
+}
+#endif
+
+#if !defined(__EMSCRIPTEN__) && !defined(__wasm__)
+	#if defined(CYBOZU_CPP_VERSION) && CYBOZU_CPP_VERSION >= CYBOZU_CPP_VERSION_CPP11
+	#include <mutex>
+		#define USE_STD_MUTEX
+	#else
+	#include <cybozu/mutex.hpp>
+		#define USE_CYBOZU_MUTEX
+	#endif
+#endif
+
+int blsInit(int curve, int maxUnitSize)
+{
+	int ret = 0;
+#ifdef USE_STD_MUTEX
+	static std::mutex m;
+	std::lock_guard<std::mutex> lock(m);
+#elif defined(USE_CYBOZU_MUTEX)
+	static cybozu::Mutex m;
+	cybozu::AutoLock lock(m);
+#endif
+	static int g_curve = -1;
+	if (g_curve != curve) {
+		ret = blsInitNotThreadSafe(curve, maxUnitSize);
+		g_curve = curve;
+	}
+	return ret;
+}
+
+static inline const mclBnG1 *cast(const G1* x) { return (const mclBnG1*)x; }
+static inline const mclBnG2 *cast(const G2* x) { return (const mclBnG2*)x; }
+
+void blsIdSetInt(blsId *id, int x)
+{
+	mclBnFr_setInt(&id->v, x);
+}
+
+int blsSecretKeySetLittleEndian(blsSecretKey *sec, const void *buf, mclSize bufSize)
+{
+	return mclBnFr_setLittleEndian(&sec->v, buf, bufSize);
+}
+
+void blsGetPublicKey(blsPublicKey *pub, const blsSecretKey *sec)
+{
+	mclBnG2_mul(&pub->v, cast(&getQ()), &sec->v);
+}
+
+void blsSign(blsSignature *sig, const blsSecretKey *sec, const void *m, mclSize size)
+{
+	G1 Hm;
+	hashAndMapToG1(Hm, m, size);
+	mclBnG1_mulCT(&sig->v, cast(&Hm), &sec->v);
+}
+
+/*
+	e(P1, Q1) == e(P2, Q2)
+	<=> finalExp(ML(P1, Q1)) == finalExp(ML(P2, Q2))
+	<=> finalExp(ML(P1, Q1) / ML(P2, Q2)) == 1
+	<=> finalExp(ML(P1, Q1) * ML(-P2, Q2)) == 1
+	Q1 is precomputed
+*/
+bool isEqualTwoPairings(const G1& P1, const Fp6* Q1coeff, const G1& P2, const G2& Q2)
+{
+	Fp12 e;
+	precomputedMillerLoop2mixed(e, P2, Q2, -P1, Q1coeff);
+	finalExp(e, e);
+	return e.isOne();
+}
+
+int blsVerify(const blsSignature *sig, const blsPublicKey *pub, const void *m, mclSize size)
+{
+	G1 Hm;
+	hashAndMapToG1(Hm, m, size);
+	/*
+		e(sHm, Q) = e(Hm, sQ)
+		e(sig, Q) = e(Hm, pub)
+	*/
+	return isEqualTwoPairings(*cast(&sig->v), getQcoeff().data(), Hm, *cast(&pub->v));
+}
+
+mclSize blsIdSerialize(void *buf, mclSize maxBufSize, const blsId *id)
+{
+	return mclBnFr_serialize(buf, maxBufSize, &id->v);
+}
+
+mclSize blsSecretKeySerialize(void *buf, mclSize maxBufSize, const blsSecretKey *sec)
+{
+	return mclBnFr_serialize(buf, maxBufSize, &sec->v);
+}
+
+mclSize blsPublicKeySerialize(void *buf, mclSize maxBufSize, const blsPublicKey *pub)
+{
+	return mclBnG2_serialize(buf, maxBufSize, &pub->v);
+}
+
+mclSize blsSignatureSerialize(void *buf, mclSize maxBufSize, const blsSignature *sig)
+{
+	return mclBnG1_serialize(buf, maxBufSize, &sig->v);
+}
+
+mclSize blsIdDeserialize(blsId *id, const void *buf, mclSize bufSize)
+{
+	return mclBnFr_deserialize(&id->v, buf, bufSize);
+}
+
+mclSize blsSecretKeyDeserialize(blsSecretKey *sig, const void *buf, mclSize bufSize)
+{
+	return mclBnFr_deserialize(&sig->v, buf, bufSize);
+}
+
+mclSize blsPublicKeyDeserialize(blsPublicKey *pub, const void *buf, mclSize bufSize)
+{
+	return mclBnG2_deserialize(&pub->v, buf, bufSize);
+}
+
+mclSize blsSignatureDeserialize(blsSignature *sig, const void *buf, mclSize bufSize)
+{
+	return mclBnG1_deserialize(&sig->v, buf, bufSize);
+}
+
+int blsIdIsEqual(const blsId *lhs, const blsId *rhs)
+{
+	return mclBnFr_isEqual(&lhs->v, &rhs->v);
+}
+
+int blsSecretKeyIsEqual(const blsSecretKey *lhs, const blsSecretKey *rhs)
+{
+	return mclBnFr_isEqual(&lhs->v, &rhs->v);
+}
+
+int blsPublicKeyIsEqual(const blsPublicKey *lhs, const blsPublicKey *rhs)
+{
+	return mclBnG2_isEqual(&lhs->v, &rhs->v);
+}
+
+int blsSignatureIsEqual(const blsSignature *lhs, const blsSignature *rhs)
+{
+	return mclBnG1_isEqual(&lhs->v, &rhs->v);
+}
+
+int blsSecretKeyShare(blsSecretKey *sec, const blsSecretKey* msk, mclSize k, const blsId *id)
+{
+	return mclBn_FrEvaluatePolynomial(&sec->v, &msk->v, k, &id->v);
+}
+
+int blsPublicKeyShare(blsPublicKey *pub, const blsPublicKey *mpk, mclSize k, const blsId *id)
+{
+	return mclBn_G2EvaluatePolynomial(&pub->v, &mpk->v, k, &id->v);
+}
+
+int blsSecretKeyRecover(blsSecretKey *sec, const blsSecretKey *secVec, const blsId *idVec, mclSize n)
+{
+	return mclBn_FrLagrangeInterpolation(&sec->v, &idVec->v, &secVec->v, n);
+}
+
+int blsPublicKeyRecover(blsPublicKey *pub, const blsPublicKey *pubVec, const blsId *idVec, mclSize n)
+{
+	return mclBn_G2LagrangeInterpolation(&pub->v, &idVec->v, &pubVec->v, n);
+}
+
+int blsSignatureRecover(blsSignature *sig, const blsSignature *sigVec, const blsId *idVec, mclSize n)
+{
+	return mclBn_G1LagrangeInterpolation(&sig->v, &idVec->v, &sigVec->v, n);
+}
+
+void blsSecretKeyAdd(blsSecretKey *sec, const blsSecretKey *rhs)
+{
+	mclBnFr_add(&sec->v, &sec->v, &rhs->v);
+}
+
+void blsPublicKeyAdd(blsPublicKey *pub, const blsPublicKey *rhs)
+{
+	mclBnG2_add(&pub->v, &pub->v, &rhs->v);
+}
+
+void blsSignatureAdd(blsSignature *sig, const blsSignature *rhs)
+{
+	mclBnG1_add(&sig->v, &sig->v, &rhs->v);
+}
+
+void blsSignatureVerifyOrder(int doVerify)
+{
+	mclBn_verifyOrderG1(doVerify);
+}
+void blsPublicKeyVerifyOrder(int doVerify)
+{
+	mclBn_verifyOrderG2(doVerify);
+}
+int blsSignatureIsValidOrder(const blsSignature *sig)
+{
+	return mclBnG1_isValidOrder(&sig->v);
+}
+int blsPublicKeyIsValidOrder(const blsPublicKey *pub)
+{
+	return mclBnG2_isValidOrder(&pub->v);
+}
+
+#ifndef BLS_MINIMUM_API
+void blsSecretKeySub(blsSecretKey *sec, const blsSecretKey *rhs)
+{
+	mclBnFr_sub(&sec->v, &sec->v, &rhs->v);
+}
+
+void blsPublicKeySub(blsPublicKey *pub, const blsPublicKey *rhs)
+{
+	mclBnG2_sub(&pub->v, &pub->v, &rhs->v);
+}
+
+void blsSignatureSub(blsSignature *sig, const blsSignature *rhs)
+{
+	mclBnG1_sub(&sig->v, &sig->v, &rhs->v);
+}
+mclSize blsGetOpUnitSize() // FpUint64Size
+{
+	return Fp::getUnitSize() * sizeof(mcl::fp::Unit) / sizeof(uint64_t);
+}
+
+int blsGetCurveOrder(char *buf, mclSize maxBufSize)
+{
+	return (int)Fr::getModulo(buf, maxBufSize);
+}
+
+int blsGetFieldOrder(char *buf, mclSize maxBufSize)
+{
+	return (int)Fp::getModulo(buf, maxBufSize);
+}
+
+int blsGetG1ByteSize()
+{
+	return mclBn_getG1ByteSize();
+}
+
+int blsGetFrByteSize()
+{
+	return mclBn_getFrByteSize();
+}
+
+void blsGetGeneratorOfG2(blsPublicKey *pub)
+{
+	*(G2*)pub = getQ();
+}
+
+int blsIdSetDecStr(blsId *id, const char *buf, mclSize bufSize)
+{
+	return mclBnFr_setStr(&id->v, buf, bufSize, 10);
+}
+int blsIdSetHexStr(blsId *id, const char *buf, mclSize bufSize)
+{
+	return mclBnFr_setStr(&id->v, buf, bufSize, 16);
+}
+
+int blsIdSetLittleEndian(blsId *id, const void *buf, mclSize bufSize)
+{
+	return mclBnFr_setLittleEndian(&id->v, buf, bufSize);
+}
+
+mclSize blsIdGetDecStr(char *buf, mclSize maxBufSize, const blsId *id)
+{
+	return mclBnFr_getStr(buf, maxBufSize, &id->v, 10);
+}
+
+mclSize blsIdGetHexStr(char *buf, mclSize maxBufSize, const blsId *id)
+{
+	return mclBnFr_getStr(buf, maxBufSize, &id->v, 16);
+}
+
+int blsHashToSecretKey(blsSecretKey *sec, const void *buf, mclSize bufSize)
+{
+	return mclBnFr_setHashOf(&sec->v, buf, bufSize);
+}
+
+#ifndef MCL_DONT_USE_CSPRNG
+int blsSecretKeySetByCSPRNG(blsSecretKey *sec)
+{
+	return mclBnFr_setByCSPRNG(&sec->v);
+}
+#endif
+
+void blsGetPop(blsSignature *sig, const blsSecretKey *sec)
+{
+	blsPublicKey pub;
+	blsGetPublicKey(&pub, sec);
+	char buf[1024];
+	mclSize n = mclBnG2_serialize(buf, sizeof(buf), &pub.v);
+	assert(n);
+	blsSign(sig, sec, buf, n);
+}
+
+int blsVerifyPop(const blsSignature *sig, const blsPublicKey *pub)
+{
+	char buf[1024];
+	mclSize n = mclBnG2_serialize(buf, sizeof(buf), &pub->v);
+	if (n == 0) return 0;
+	return blsVerify(sig, pub, buf, n);
+}
+
+mclSize blsIdGetLittleEndian(void *buf, mclSize maxBufSize, const blsId *id)
+{
+	return mclBnFr_serialize(buf, maxBufSize, &id->v);
+}
+int blsSecretKeySetDecStr(blsSecretKey *sec, const char *buf, mclSize bufSize)
+{
+	return mclBnFr_setStr(&sec->v, buf, bufSize, 10);
+}
+int blsSecretKeySetHexStr(blsSecretKey *sec, const char *buf, mclSize bufSize)
+{
+	return mclBnFr_setStr(&sec->v, buf, bufSize, 16);
+}
+mclSize blsSecretKeyGetLittleEndian(void *buf, mclSize maxBufSize, const blsSecretKey *sec)
+{
+	return mclBnFr_serialize(buf, maxBufSize, &sec->v);
+}
+mclSize blsSecretKeyGetDecStr(char *buf, mclSize maxBufSize, const blsSecretKey *sec)
+{
+	return mclBnFr_getStr(buf, maxBufSize, &sec->v, 10);
+}
+mclSize blsSecretKeyGetHexStr(char *buf, mclSize maxBufSize, const blsSecretKey *sec)
+{
+	return mclBnFr_getStr(buf, maxBufSize, &sec->v, 16);
+}
+int blsPublicKeySetHexStr(blsPublicKey *pub, const char *buf, mclSize bufSize)
+{
+	return mclBnG2_setStr(&pub->v, buf, bufSize, 16);
+}
+mclSize blsPublicKeyGetHexStr(char *buf, mclSize maxBufSize, const blsPublicKey *pub)
+{
+	return mclBnG2_getStr(buf, maxBufSize, &pub->v, 16);
+}
+int blsSignatureSetHexStr(blsSignature *sig, const char *buf, mclSize bufSize)
+{
+	return mclBnG1_setStr(&sig->v, buf, bufSize, 16);
+}
+mclSize blsSignatureGetHexStr(char *buf, mclSize maxBufSize, const blsSignature *sig)
+{
+	return mclBnG1_getStr(buf, maxBufSize, &sig->v, 16);
+}
+void blsDHKeyExchange(blsPublicKey *out, const blsSecretKey *sec, const blsPublicKey *pub)
+{
+	mclBnG2_mulCT(&out->v, &pub->v, &sec->v);
+}
+
+#endif
+
-- 
cgit v1.2.3