void bn254_fp2_xi_mul(Element z, const Element x) { Element* t = field(z)->base->tmp; bn254_fp_add(t[0], rep1(x), rep1(x)); bn254_fp_add(t[0], t[0], t[0]); bn254_fp_add(t[0], t[0], rep1(x)); bn254_fp_set(rep1(z), rep0(x)); bn254_fp_neg(rep0(z), t[0]); }
void bn254_fp2_xi_mul(Element z, const Element x) { Element* t = field(z)->base->tmp; if (strcmp(x->field->field_name, "bn254_fp2a") == 0) { bn254_fp_add(t[0], rep1(x), rep1(x)); bn254_fp_add(t[0], t[0], t[0]); bn254_fp_add(t[0], t[0], rep1(x)); bn254_fp_set(rep1(z), rep0(x)); bn254_fp_neg(rep0(z), t[0]); } if (strcmp(x->field->field_name, "bn254_fp2b") == 0) { bn254_fp_sub(t[0], rep0(x), rep1(x)); bn254_fp_add(t[1], rep0(x), rep1(x)); bn254_fp_set(rep0(z), t[0]); bn254_fp_set(rep1(z), t[1]); } }
void bn254_fp6_muln(Element z, const Element x, const Element y) { Element *t = field(z)->base->tmp; bn254_fp2_muln(t[0], rep0(x), rep0(y)); // t0 = a0*b0 bn254_fp2_muln(t[1], rep1(x), rep1(y)); // t1 = a1*b1 bn254_fp2_muln(t[2], rep2(x), rep2(y)); // t2 = a2*b2 bn254_fp2_OP1_2(t[0], t[0]); bn254_fp2_OP1_2(t[1], t[1]); bn254_fp2_OP1_2(t[2], t[2]); bn254_fp2_addn(t[8], rep1(x), rep2(x)); // t8 = a1+a2 bn254_fp2_addn(t[9], rep1(y), rep2(y)); // t9 = b1+b2 bn254_fp2_muln(t[3], t[8], t[9]); // t3 = t8*t9 bn254_fp2_OP2(t[3], t[3]); bn254_fp2_addn(t[4], t[1], t[2]); // t4 = t1+t2 bn254_fp_sub(rep0(t[3]), rep0(t[3]), rep0(t[4])); bn254_fp_OP2(rep0(t[3]), rep0(t[3])); bn254_fp_subn(rep1(t[3]), rep1(t[3]), rep1(t[4])); bn254_fp2_xi_mul(t[4], t[3]); // t4 = xi*t3 bn254_fp2_OP2(t[4], t[4]); bn254_fp2_add(rep0(z), t[4], t[0]); // t5 = t4+t0 bn254_fp2_OP2(rep0(z), rep0(z)); bn254_fp2_addn(t[8], rep0(x), rep1(x)); // t8 = a0+a1 bn254_fp2_addn(t[9], rep0(y), rep1(y)); // t9 = b0+b1 bn254_fp2_muln(t[3], t[8], t[9]); // t3 = t8*t9 bn254_fp2_OP2(t[3], t[3]); bn254_fp2_addn(t[4], t[0], t[1]); // t4 = t0+t1 bn254_fp_sub(rep0(t[3]), rep0(t[3]), rep0(t[4])); bn254_fp_OP2(rep0(t[3]), rep0(t[3])); bn254_fp_subn(rep1(t[3]), rep1(t[3]), rep1(t[4])); bn254_fp_sub(rep0(t[4]), rep0(t[2]), rep1(t[2])); bn254_fp_OP1_1(rep0(t[4]), rep0(t[4])); bn254_fp_addn(rep1(t[4]), rep0(t[2]), rep1(t[2])); bn254_fp2_add(rep1(z), t[3], t[4]); // t6 = t3+t4 bn254_fp2_OP2(rep1(z), rep1(z)); bn254_fp2_addn(t[8], rep0(x), rep2(x)); // t8 = a0+a2 bn254_fp2_addn(t[9], rep0(y), rep2(y)); // t9 = b0+b2 bn254_fp2_muln(t[3], t[8], t[9]); // t3 = t8*t9 bn254_fp2_OP2(t[3], t[3]); bn254_fp2_addn(t[4], t[0], t[2]); // t4 = t0+t1 bn254_fp_sub(rep0(t[3]), rep0(t[3]), rep0(t[4])); bn254_fp_OP2(rep0(t[3]), rep0(t[3])); bn254_fp_subn(rep1(t[3]), rep1(t[3]), rep1(t[4])); bn254_fp_add(rep0(rep2(z)), rep0(t[3]), rep0(t[1])); bn254_fp_OP2(rep0(rep2(z)), rep0(rep2(z))); bn254_fp_addn(rep1(rep2(z)), rep1(t[3]), rep1(t[1])); }
int bn254_fp2_is_sqr(const Element x) { int hr = FALSE; Element *t = field(x)->base->tmp; if (element_is_zero(x)) { return FALSE; } bn254_fp_inv(t[0], rep1(x)); bn254_fp_mul(t[0], t[0], rep0(x)); bn254_fp_sqr(t[0], t[0]); bn254_fp_add(t[0], t[0], field(x)->irre_poly[0]); hr = bn254_fp_is_sqr(t[0]); return hr; }
//------------------------------------------- // arithmetic operation //------------------------------------------- void bn254_fp2_add(Element z, const Element x, const Element y) { bn254_fp_add(rep0(z), rep0(x), rep0(y)); bn254_fp_add(rep1(z), rep1(x), rep1(y)); }