Home | History | Annotate | Download | only in src 
      1 /*############################################################################
      2 # Copyright 2017 Intel Corporation
      3 #
      4 # Licensed under the Apache License, Version 2.0 (the "License");
      5 # you may not use this file except in compliance with the License.
      6 # You may obtain a copy of the License at
      7 #
      8 #     http://www.apache.org/licenses/LICENSE-2.0
      9 #
     10 # Unless required by applicable law or agreed to in writing, software
     11 # distributed under the License is distributed on an "AS IS" BASIS,
     12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 # See the License for the specific language governing permissions and
     14 # limitations under the License.
     15 ############################################################################*/
     16 /// Implementation of Fq6 math
     17 /*! \file */
     18 
     19 #include "epid/member/tiny/math/fq6.h"
     20 
     21 #include "epid/member/tiny/math/fq2.h"
     22 #include "epid/member/tiny/math/mathtypes.h"
     23 
     24 void Fq6Add(Fq6Elem* result, Fq6Elem const* left, Fq6Elem const* right) {
     25   Fq2Add(&result->y0, &left->y0, &right->y0);
     26   Fq2Add(&result->y1, &left->y1, &right->y1);
     27   Fq2Add(&result->y2, &left->y2, &right->y2);
     28 }
     29 
     30 void Fq6Sub(Fq6Elem* result, Fq6Elem const* left, Fq6Elem const* right) {
     31   Fq2Sub(&result->y0, &left->y0, &right->y0);
     32   Fq2Sub(&result->y1, &left->y1, &right->y1);
     33   Fq2Sub(&result->y2, &left->y2, &right->y2);
     34 }
     35 
     36 void Fq6Mul(Fq6Elem* result, Fq6Elem const* left, Fq6Elem const* right) {
     37   Fq2Elem tmpa;
     38   Fq2Elem tmpb;
     39   Fq2Elem tmpc;
     40   Fq2Elem tmpd;
     41   Fq2Elem tmpe;
     42   Fq2Elem* temp_a = &tmpa;
     43   Fq2Elem* temp_b = &tmpb;
     44   Fq2Elem* temp_c = &tmpc;
     45   Fq2Elem* temp_d = &tmpd;
     46   Fq2Elem* temp_e = &tmpe;
     47   Fq2Mul(temp_a, &left->y0, &right->y0);   // temp_a = t0 = a[0] * b[0]
     48   Fq2Mul(temp_b, &left->y1, &right->y1);   // temp_b = t1
     49   Fq2Mul(temp_c, &left->y2, &right->y2);   // temp_c = t2
     50   Fq2Add(temp_d, &left->y1, &left->y2);    // temp_d = t3
     51   Fq2Add(temp_e, &right->y1, &right->y2);  // temp_e = t4
     52   Fq2Mul(temp_d, temp_d, temp_e);          // temp_d = t3
     53   Fq2Sub(temp_d, temp_d, temp_b);
     54   Fq2Sub(temp_d, temp_d, temp_c);
     55   Fq2MulXi(temp_e, temp_d);
     56   Fq2Add(temp_d, &left->y0, &left->y1);
     57   Fq2Add(&result->y1, &right->y0, &right->y1);  // &result->y1 = t4
     58   Fq2Mul(temp_d, temp_d, &result->y1);
     59   Fq2MulXi(&result->y1, temp_c);  // result->y1 = Fq2.mulXi(t2)
     60   Fq2Add(&result->y1, &result->y1, temp_d);
     61   Fq2Sub(&result->y1, &result->y1, temp_a);
     62   Fq2Sub(&result->y1, &result->y1, temp_b);
     63   Fq2Add(temp_d, &left->y0, &left->y2);
     64   Fq2Sub(temp_b, temp_b, temp_c);
     65   Fq2Add(temp_c, &right->y0, &right->y2);
     66   Fq2Add(&result->y0, temp_e, temp_a);  // temp_e = e[0], reordered instruction
     67   Fq2Mul(temp_d, temp_d, temp_c);
     68   Fq2Sub(temp_d, temp_d, temp_a);
     69   Fq2Add(&result->y2, temp_d, temp_b);
     70 }
     71 
     72 void Fq6Inv(Fq6Elem* result, Fq6Elem const* in) {
     73   Fq2Elem tmpa;
     74   Fq2Elem tmpb;
     75   Fq2Elem tmpc;
     76   Fq2Elem tmpd;
     77   Fq2Elem* temp_a = &tmpa;
     78   Fq2Elem* temp_b = &tmpb;
     79   Fq2Elem* temp_c = &tmpc;
     80   Fq2Elem* temp_d = &tmpd;
     81   Fq2Square(temp_a, &in->y0);
     82   Fq2Mul(temp_d, &in->y1, &in->y2);
     83   Fq2MulXi(temp_d, temp_d);
     84   Fq2Sub(temp_a, temp_a, temp_d);
     85   Fq2Square(temp_b, &in->y2);
     86   Fq2Mul(temp_d, &in->y0, &in->y1);
     87   Fq2MulXi(temp_b, temp_b);
     88   Fq2Sub(temp_b, temp_b, temp_d);
     89   Fq2Square(temp_c, &in->y1);
     90   Fq2Mul(temp_d, &in->y0, &in->y2);
     91   Fq2Sub(temp_c, temp_c, temp_d);
     92   // using the results as temporary variables
     93   Fq2Mul(&result->y0, &in->y0, temp_a);
     94   Fq2Mul(&result->y1, &in->y1, temp_c);
     95   Fq2Mul(&result->y2, &in->y2, temp_b);
     96   Fq2MulXi(&result->y1, &result->y1);
     97   Fq2MulXi(&result->y2, &result->y2);
     98   Fq2Add(temp_d, &result->y0, &result->y1);
     99   Fq2Add(temp_d, temp_d, &result->y2);
    100   Fq2Inv(temp_d, temp_d);
    101   Fq2Mul(&result->y0, temp_a, temp_d);
    102   Fq2Mul(&result->y1, temp_b, temp_d);
    103   Fq2Mul(&result->y2, temp_c, temp_d);
    104 }
    105 
    106 void Fq6Neg(Fq6Elem* result, Fq6Elem const* in) {
    107   Fq2Neg(&result->y0, &in->y0);
    108   Fq2Neg(&result->y1, &in->y1);
    109   Fq2Neg(&result->y2, &in->y2);
    110 }
    111 
    112 void Fq6Clear(Fq6Elem* result) {
    113   Fq2Clear(&result->y0);
    114   Fq2Clear(&result->y1);
    115   Fq2Clear(&result->y2);
    116 }
    117 
    118 void Fq6MulScalar(Fq6Elem* result, Fq6Elem const* in, Fq2Elem const* scalar) {
    119   Fq2Mul(&result->y0, &in->y0, scalar);
    120   Fq2Mul(&result->y1, &in->y1, scalar);
    121   Fq2Mul(&result->y2, &in->y2, scalar);
    122 }
    123 
    124 void Fq6MulV(Fq6Elem* result, Fq6Elem const* in) {
    125   Fq2Elem tmp;
    126   Fq2Elem* temp = &tmp;
    127   Fq2MulXi(temp, &in->y2);
    128   Fq2Cp(&result->y2, &in->y1);
    129   Fq2Cp(&result->y1, &in->y0);
    130   Fq2Cp(&result->y0, temp);
    131 }
    132 
    133 int Fq6Eq(Fq6Elem const* left, Fq6Elem const* right) {
    134   return Fq2Eq(&left->y0, &right->y0) && Fq2Eq(&left->y1, &right->y1) &&
    135          Fq2Eq(&left->y2, &right->y2);
    136 }
    137 
    138 int Fq6IsZero(Fq6Elem const* in) {
    139   return Fq2IsZero(&in->y0) && Fq2IsZero(&in->y1) && Fq2IsZero(&in->y2);
    140 }
    141 
    142 void Fq6Square(Fq6Elem* result, Fq6Elem const* in) {
    143   Fq2Elem T0;
    144   Fq2Elem T2;
    145   Fq2Elem T3;
    146   Fq2Elem* t0 = &T0;
    147   Fq2Elem* t1 = &result->y1;
    148   Fq2Elem* t2 = &T2;
    149   Fq2Elem* t3 = &T3;
    150   Fq2Add(t0, &in->y1, &in->y2);
    151   Fq2Square(t3, &in->y1);
    152   Fq2Add(t1, &in->y0, &in->y1);
    153   Fq2Add(t2, &in->y0, &in->y2);
    154   Fq2Square(t0, t0);
    155   Fq2Square(t1, t1);
    156   Fq2Square(t2, t2);
    157 
    158   // using result from Fq2Square(t3, in->y1):
    159   Fq2Sub(t0, t0, t3);
    160   Fq2Sub(t1, t1, t3);
    161   Fq2Add(t2, t2, t3);
    162 
    163   Fq2Square(t3, &in->y2);
    164   Fq2Sub(t0, t0, t3);
    165   Fq2Sub(t2, t2, t3);
    166   Fq2MulXi(t3, t3);
    167   Fq2Add(t1, t1, t3);
    168 
    169   Fq2Square(t3, &in->y0);
    170   Fq2MulXi(t0, t0);
    171   Fq2Add(&result->y0, t0, t3);
    172   Fq2Sub(&result->y1, t1, t3);
    173   Fq2Sub(&result->y2, t2, t3);
    174 }
    175 
    176 void Fq6Cp(Fq6Elem* result, Fq6Elem const* in) {
    177   Fq2Cp(&result->y0, &in->y0);
    178   Fq2Cp(&result->y1, &in->y1);
    179   Fq2Cp(&result->y2, &in->y2);
    180 }
    181 
    182 void Fq6CondSet(Fq6Elem* result, Fq6Elem const* true_val,
    183                 Fq6Elem const* false_val, int truth_val) {
    184   Fq2CondSet(&result->y0, &true_val->y0, &false_val->y0, truth_val);
    185   Fq2CondSet(&result->y1, &true_val->y1, &false_val->y1, truth_val);
    186   Fq2CondSet(&result->y2, &true_val->y2, &false_val->y2, truth_val);
    187 }
    188 
    189 void Fq6Set(Fq6Elem* result, uint32_t in) {
    190   Fq6Clear(result);
    191   Fq2Set(&result->y0, in);
    192 }
    193