/* Galbraith & Scott Method */
static void gs(BIG u[4],BIG e)
{
int i,j;
BIG v[4],t,q;
DBIG d;
BIG_rcopy(q,CURVE_Order);
for (i=0;i<4;i++)
{
BIG_rcopy(t,CURVE_WB[i]);
BIG_mul(d,t,e);
BIG_ddiv(v[i],d,q);
BIG_zero(u[i]);
}
BIG_copy(u[0],e);
for (i=0;i<4;i++)
for (j=0;j<4;j++)
{
BIG_rcopy(t,CURVE_BB[j][i]);
BIG_modmul(t,v[j],t,q);
BIG_add(u[i],u[i],q);
BIG_sub(u[i],u[i],t);
BIG_mod(u[i],q);
}
return;
}
/* GLV method */
static void glv(BIG u[2],BIG e)
{
#if CHOICE<BLS_CURVES
int i,j;
BIG v[2],t,q;
DBIG d;
BIG_rcopy(q,CURVE_Order);
for (i=0; i<2; i++)
{
BIG_rcopy(t,CURVE_W[i]);
//BIG_norm(t); BIG_norm(e);
BIG_mul(d,t,e);
BIG_ddiv(v[i],d,q);
BIG_zero(u[i]);
}
BIG_copy(u[0],e);
for (i=0; i<2; i++)
for (j=0; j<2; j++)
{
BIG_rcopy(t,CURVE_SB[j][i]);
BIG_modmul(t,v[j],t,q);
BIG_add(u[i],u[i],q);
BIG_sub(u[i],u[i],t);
BIG_mod(u[i],q);
}
#else
// -(x^2).P = (Beta.x,y)
BIG x,x2,q;
BIG_rcopy(x,CURVE_Bnx);
BIG_smul(x2,x,x);
BIG_copy(u[0],e);
BIG_mod(u[0],x2);
BIG_copy(u[1],e);
BIG_sdiv(u[1],x2);
BIG_rcopy(q,CURVE_Order);
BIG_sub(u[1],q,u[1]);
#endif
return;
}
/* Galbraith & Scott Method */
static void gs(BIG u[4],BIG e)
{
int i;
#if CHOICE<BLS_CURVES
int j;
BIG v[4],t,q;
DBIG d;
BIG_rcopy(q,CURVE_Order);
for (i=0; i<4; i++)
{
BIG_rcopy(t,CURVE_WB[i]);
//BIG_norm(t); BIG_norm(e);
BIG_mul(d,t,e);
BIG_ddiv(v[i],d,q);
BIG_zero(u[i]);
}
BIG_copy(u[0],e);
for (i=0; i<4; i++)
for (j=0; j<4; j++)
{
BIG_rcopy(t,CURVE_BB[j][i]);
BIG_modmul(t,v[j],t,q);
BIG_add(u[i],u[i],q);
BIG_sub(u[i],u[i],t);
BIG_mod(u[i],q);
}
#else
BIG x,w;
BIG_rcopy(x,CURVE_Bnx);
BIG_copy(w,e);
for (i=0; i<4; i++)
{
BIG_copy(u[i],w);
BIG_mod(u[i],x);
BIG_sdiv(w,x);
}
#endif
return;
}
/* r=ck^a.cl^n using XTR double exponentiation method on traces of FP12s. See Stam thesis. */
void FP4_xtr_pow2(FP4 *r,FP4 *ck,FP4 *cl,FP4 *ckml,FP4 *ckm2l,BIG a,BIG b)
{
int i,f2,nb;
BIG d,e,w;
FP4 t,cu,cv,cumv,cum2v;
BIG_norm(a);
BIG_norm(b);
BIG_copy(e,a);
BIG_copy(d,b);
FP4_copy(&cu,ck);
FP4_copy(&cv,cl);
FP4_copy(&cumv,ckml);
FP4_copy(&cum2v,ckm2l);
f2=0;
while (BIG_parity(d)==0 && BIG_parity(e)==0)
{
BIG_shr(d,1);
BIG_shr(e,1);
f2++;
}
while (BIG_comp(d,e)!=0)
{
if (BIG_comp(d,e)>0)
{
BIG_imul(w,e,4); BIG_norm(w);
if (BIG_comp(d,w)<=0)
{
BIG_copy(w,d);
BIG_copy(d,e);
BIG_sub(e,w,e); BIG_norm(e);
FP4_xtr_A(&t,&cu,&cv,&cumv,&cum2v);
FP4_conj(&cum2v,&cumv);
FP4_copy(&cumv,&cv);
FP4_copy(&cv,&cu);
FP4_copy(&cu,&t);
}
else if (BIG_parity(d)==0)
{
BIG_shr(d,1);
FP4_conj(r,&cum2v);
FP4_xtr_A(&t,&cu,&cumv,&cv,r);
FP4_xtr_D(&cum2v,&cumv);
FP4_copy(&cumv,&t);
FP4_xtr_D(&cu,&cu);
}
else if (BIG_parity(e)==1)
{
BIG_sub(d,d,e); BIG_norm(d);
BIG_shr(d,1);
FP4_xtr_A(&t,&cu,&cv,&cumv,&cum2v);
FP4_xtr_D(&cu,&cu);
FP4_xtr_D(&cum2v,&cv);
FP4_conj(&cum2v,&cum2v);
FP4_copy(&cv,&t);
}
else
{
BIG_copy(w,d);
BIG_copy(d,e); BIG_shr(d,1);
BIG_copy(e,w);
FP4_xtr_D(&t,&cumv);
FP4_conj(&cumv,&cum2v);
FP4_conj(&cum2v,&t);
FP4_xtr_D(&t,&cv);
FP4_copy(&cv,&cu);
FP4_copy(&cu,&t);
}
}
if (BIG_comp(d,e)<0)
{
BIG_imul(w,d,4); BIG_norm(w);
if (BIG_comp(e,w)<=0)
{
BIG_sub(e,e,d); BIG_norm(e);
FP4_xtr_A(&t,&cu,&cv,&cumv,&cum2v);
FP4_copy(&cum2v,&cumv);
FP4_copy(&cumv,&cu);
FP4_copy(&cu,&t);
}
else if (BIG_parity(e)==0)
{
BIG_copy(w,d);
BIG_copy(d,e); BIG_shr(d,1);
BIG_copy(e,w);
FP4_xtr_D(&t,&cumv);
FP4_conj(&cumv,&cum2v);
FP4_conj(&cum2v,&t);
FP4_xtr_D(&t,&cv);
FP4_copy(&cv,&cu);
FP4_copy(&cu,&t);
}
else if (BIG_parity(d)==1)
{
BIG_copy(w,e);
BIG_copy(e,d);
BIG_sub(w,w,d); BIG_norm(w);
BIG_copy(d,w); BIG_shr(d,1);
FP4_xtr_A(&t,&cu,&cv,&cumv,&cum2v);
FP4_conj(&cumv,&cumv);
FP4_xtr_D(&cum2v,&cu);
FP4_conj(&cum2v,&cum2v);
FP4_xtr_D(&cu,&cv);
FP4_copy(&cv,&t);
}
else
{
BIG_shr(d,1);
FP4_conj(r,&cum2v);
FP4_xtr_A(&t,&cu,&cumv,&cv,r);
FP4_xtr_D(&cum2v,&cumv);
FP4_copy(&cumv,&t);
FP4_xtr_D(&cu,&cu);
}
}
}
FP4_xtr_A(r,&cu,&cv,&cumv,&cum2v);
for (i=0;i<f2;i++) FP4_xtr_D(r,r);
FP4_xtr_pow(r,r,d);
}
