// The final powering, where we standardize the coset representative.
static void cc_tatepower(element_ptr out, element_ptr in, pairing_t pairing) {
pptr p = pairing->data;
#define qpower(sign) { \
polymod_const_mul(e2, inre[1], p->xpowq); \
element_set(e0re, e2); \
polymod_const_mul(e2, inre[2], p->xpowq2); \
element_add(e0re, e0re, e2); \
element_add(e0re0, e0re0, inre[0]); \
\
if (sign > 0) { \
polymod_const_mul(e2, inim[1], p->xpowq); \
element_set(e0im, e2); \
polymod_const_mul(e2, inim[2], p->xpowq2); \
element_add(e0im, e0im, e2); \
element_add(e0im0, e0im0, inim[0]); \
} else { \
polymod_const_mul(e2, inim[1], p->xpowq); \
element_neg(e0im, e2); \
polymod_const_mul(e2, inim[2], p->xpowq2); \
element_sub(e0im, e0im, e2); \
element_sub(e0im0, e0im0, inim[0]); \
} \
}
if (p->k == 6) {
// See thesis, section 6.9, "The Final Powering", which gives a formula
// for the first step of the final powering when Fq6 has been implemented
// as a quadratic extension on top of a cubic extension.
element_t e0, e2, e3;
element_init(e0, p->Fqk);
element_init(e2, p->Fqd);
element_init(e3, p->Fqk);
element_ptr e0re = element_x(e0);
element_ptr e0im = element_y(e0);
element_ptr e0re0 = ((element_t *) e0re->data)[0];
element_ptr e0im0 = ((element_t *) e0im->data)[0];
element_t *inre = element_x(in)->data;
element_t *inim = element_y(in)->data;
// Expressions in the formula are similar, hence the following function.
qpower(1);
element_set(e3, e0);
element_set(e0re, element_x(in));
element_neg(e0im, element_y(in));
element_mul(e3, e3, e0);
qpower(-1);
element_mul(e0, e0, in);
element_invert(e0, e0);
element_mul(in, e3, e0);
element_set(e0, in);
// We use Lucas sequences to complete the final powering.
lucas_even(out, e0, pairing->phikonr);
element_clear(e0);
element_clear(e2);
element_clear(e3);
} else {
element_pow_mpz(out, in, p->tateexp);
}
#undef qpower
}
//c_iとk_iをペアリングする関数
//¬記号で別々の処理する
//(v_i - x_t)も必要→とりあえず置いておこう……→一応できた?
Element *pairing_c_k(EC_PAIRING p, rho_i *rho, EC_POINT *c, EC_POINT *k, mpz_t *alpha_i) {
int i;
Element *result;
result = (Element*)malloc(sizeof(Element));
Element egg, tempegg1, tempegg2;
element_init(egg, p->g3);
element_init(tempegg1, p->g3);
element_init(tempegg2, p->g3);
element_init(*result, p->g3);
mpz_t temp1;
mpz_init(temp1);
mpz_t temp2;
mpz_init(temp2);
mpz_t order;
mpz_init(order);
mpz_set(order, *pairing_get_order(p));
element_set_one(*result);
if (alpha_i == NULL && rho == NULL) { //e(c_0, k_0)
for (i = 0; i < 5; i++) {
pairing_map(tempegg1, c[i], k[i], p);
element_mul(tempegg2, tempegg1, *result);
element_set(*result, tempegg2);
}
}
else if (mpz_cmp_ui(*alpha_i, 0) == 0) {//return 1
}
else if (rho->is_negated == FALSE) {
for (i = 0; i < 7; i++) {
pairing_map(tempegg1, c[i], k[i], p);
element_mul(tempegg2, tempegg1, *result);
element_set(*result, tempegg2);
}
element_pow(tempegg1, *result, *alpha_i);
element_set(*result, tempegg1);
}
else { //is_negated == TRUE
for (i = 0; i < 7; i++) {
pairing_map(tempegg1, c[i], k[i], p);
element_mul(tempegg2, tempegg1, *result);
element_set(*result, tempegg2);
}
mpz_set_ui(temp1, rho->v_t[0]); //v_i - x_t
mpz_invert(temp2, temp1, order);
mpz_mul(temp1, temp2, *alpha_i); // alpha_i / (v_i - x_t)
mpz_mod(*alpha_i, temp1, order);
element_pow(tempegg1, *result, *alpha_i);
element_set(*result, tempegg1);
}
mpz_clear(order);
mpz_clear(temp2);
mpz_clear(temp1);
element_clear(egg);
element_clear(tempegg1);
element_clear(tempegg2);
return result;
}
void bb_free_pk(bb_public_key_t pk)
{
element_clear(pk->g1);
element_clear(pk->g2);
element_clear(pk->u);
element_clear(pk->v);
element_clear(pk->z);
}
void bbs_free_gsk(bbs_group_private_key_t *gsk, int n)
{
int i = 0;
for(i = 0; i < n; i++) {
element_clear(gsk[i]->A);
element_clear(gsk[i]->x);
element_clear(gsk[i]->pr_A_g2);
}
}
static void sn_add(element_t c, element_t a, element_t b) {
point_ptr r = c->data;
point_ptr p = a->data;
point_ptr q = b->data;
if (p->inf_flag) {
sn_set(c, b);
return;
}
if (q->inf_flag) {
sn_set(c, a);
return;
}
if (!element_cmp(p->x, q->x)) {
if (!element_cmp(p->y, q->y)) {
if (element_is0(p->y)) {
r->inf_flag = 1;
return;
} else {
sn_double_no_check(r, p);
return;
}
}
//points are inverses of each other
r->inf_flag = 1;
return;
} else {
element_t lambda, e0, e1;
element_init(lambda, p->x->field);
element_init(e0, p->x->field);
element_init(e1, p->x->field);
//lambda = (y2-y1)/(x2-x1)
element_sub(e0, q->x, p->x);
element_invert(e0, e0);
element_sub(lambda, q->y, p->y);
element_mul(lambda, lambda, e0);
//x3 = lambda^2 - x1 - x2 - 1
element_square(e0, lambda);
element_sub(e0, e0, p->x);
element_sub(e0, e0, q->x);
element_set1(e1);
element_sub(e0, e0, e1);
//y3 = (x1-x3)lambda - y1
element_sub(e1, p->x, e0);
element_mul(e1, e1, lambda);
element_sub(e1, e1, p->y);
element_set(r->x, e0);
element_set(r->y, e1);
r->inf_flag = 0;
element_clear(lambda);
element_clear(e0);
element_clear(e1);
}
}
void
pbgp_ibe_signature_clear(ibe_signature_t *s)
{
if (s) {
element_clear(s->u);
element_clear(s->v);
element_clear(s->w);
xfree(s);
}
}
void FreeCT(ct_t myct)
{
if(!myct) {
printf("error: null pointer passed to freeCT\n");
return;
}
element_clear(myct->C0);
element_clear(myct->C1);
return;
}
static void GT_random(element_ptr e) {
element_t a, b;
element_init(a, e->field->pairing->G1);
element_init(b, e->field->pairing->G1);
element_random(a);
element_random(b);
element_pairing(e, a, b);
element_clear(a);
element_clear(b);
}
static void curve_mul(element_ptr c, element_ptr a, element_ptr b) {
curve_data_ptr cdp = (curve_data_ptr)a->field->data;
point_ptr r = (point_ptr)c->data, p = (point_ptr)a->data, q = (point_ptr)b->data;
if (p->inf_flag) {
curve_set(c, b);
return;
}
if (q->inf_flag) {
curve_set(c, a);
return;
}
if (!element_cmp(p->x, q->x)) {
if (!element_cmp(p->y, q->y)) {
if (element_is0(p->y)) {
r->inf_flag = 1;
return;
} else {
double_no_check(r, p, cdp->a);
return;
}
}
//points are inverses of each other
r->inf_flag = 1;
return;
} else {
element_t lambda, e0, e1;
element_init(lambda, cdp->field);
element_init(e0, cdp->field);
element_init(e1, cdp->field);
//lambda = (y2-y1)/(x2-x1)
element_sub(e0, q->x, p->x);
element_invert(e0, e0);
element_sub(lambda, q->y, p->y);
element_mul(lambda, lambda, e0);
//x3 = lambda^2 - x1 - x2
element_square(e0, lambda);
element_sub(e0, e0, p->x);
element_sub(e0, e0, q->x);
//y3 = (x1-x3)lambda - y1
element_sub(e1, p->x, e0);
element_mul(e1, e1, lambda);
element_sub(e1, e1, p->y);
element_set(r->x, e0);
element_set(r->y, e1);
r->inf_flag = 0;
element_clear(lambda);
element_clear(e0);
element_clear(e1);
}
}
int main(int argc, char ** argv) {
pbc_param_t ec_params;
pairing_t pairing;
unsigned int rbits = 40, qbits = 128;
element_t *g1, *g2, *gt;
for (int s = 10; s <= 1000; s += 10) {
while (qbits <= 4096) {
fprintf(stderr, "%d", qbits);
pbc_param_init_a_gen(ec_params, rbits, qbits);
pairing_init_pbc_param(pairing, ec_params);
element_init_G1(g1, pairing);
element_init_G2(g2, pairing);
element_init_GT(gt, pairing);
struct timeval tv1, tv2;
int bc = element_length_in_bytes(g1);
for (int i = 0; i < 100; i++) {
if (0 == i % 10)
fprintf(stderr, ".");
element_random(g1);
element_random(g2);
gettimeofday(&tv1, NULL);
pairing_apply(gt, g1, g2, pairing);
gettimeofday(&tv2, NULL);
double time = tv2.tv_sec - tv1.tv_sec;
time *= (1000 * 1000);
time += tv2.tv_usec - tv1.tv_usec;
fprintf(stdout, "%d %d %d %d %d\n", bc, rbits, qbits, i, ((int) time));
}
for (int j = 0; j < s; j++) {
element_clear(g1[j]);
element_clear(g2[j]);
element_clear(gt[j]);
}
rbits *= 2;
qbits *= 2;
fprintf(stderr, "\n");
}
free(g1);
free(g2);
free(g3);
}
}
void FreeBCS(broadcast_system_t bcs)
{
if(!bcs) {
printf("error: null pointer passed to freeBCS\n");
return;
}
element_clear(bcs->encr_prod);
element_clear(bcs->pub_key);
element_clear(bcs->priv_key);
return;
}
void miller(element_t z, element_t PR, element_t R, element_t P, element_t Q)
{
int m = mpz_sizeinbase(order, 2) - 2;
element_t Z;
element_t z1;
element_t x1;
element_init_same_as(Z, PR);
element_set(Z, P);
element_set1(z);
element_init_same_as(z1, z);
element_init_same_as(x1, z);
do_vert(x1, PR, Q);
element_printf("vert(P+R) %B\n", x1);
do_line(z1, P, R, Q);
element_printf("line(P,R) %B\n", z1);
element_div(x1, x1, z1);
element_printf("x1 %B\n", x1);
element_set(z, x1);
for (;;) {
printf("iteration %d: %d\n", m, mpz_tstbit(order,m));
element_square(z, z);
element_printf("squared: %B\n", z);
do_tangent(z1, Z, Q);
element_mul(z, z, z1);
element_double(Z, Z);
do_vert(z1, Z, Q);
element_div(z, z, z1);
element_printf("pre-if: %B\n", z);
if (mpz_tstbit(order, m)) {
element_mul(z, z, x1);
do_vert(z1, P, Q);
element_mul(z, z, z1);
element_printf("done %B\n", z);
/*
do_line(z1, Z, P, Q);
element_mul(z, z, z1);
element_add(Z, Z, P);
do_vert(z1, Z, Q);
element_div(z, z, z1);
*/
}
if (!m) break;
m--;
}
element_clear(x1);
element_clear(z1);
}
void bn254_fp2_clear(Element x)
{
if (x->data != NULL)
{
element_clear(rep0(x));
element_clear(rep1(x));
free(x->data);
x->data = NULL;
}
}
void FreePK(priv_key_t key)
{
if(!key) {
printf("error: null pointer passed to freePK\n");
return;
}
element_clear(key->g_i_gamma);
element_clear(key->g_i);
element_clear(key->decr_prod);
return;
}
void
pbgp_ibe_keypair_clear(ibe_keypair_t *keys)
{
if (keys) {
element_clear(keys->pub0);
element_clear(keys->priv0);
element_clear(keys->pub1);
element_clear(keys->priv1);
xfree(keys);
}
}
static void do_line(element_ptr z, element_ptr V, element_ptr P, element_ptr Q)
{
element_ptr Vx = curve_x_coord(V);
element_ptr Vy = curve_y_coord(V);
element_ptr Px = curve_x_coord(P);
element_ptr Py = curve_y_coord(P);
element_ptr Qx = curve_x_coord(Q);
element_ptr Qy = curve_y_coord(Q);
element_t a, b, c, e0;
element_init_same_as(a, Vx);
element_init_same_as(b, Vx);
element_init_same_as(c, Vx);
element_init_same_as(e0, Vx);
//a = -(B.y - A.y) / (B.x - A.x);
//b = 1;
//c = -(A.y + a * A.x);
element_sub(a, Py, Vy);
element_sub(b, Vx, Px);
element_div(a, a, b);
element_set1(b);
element_mul(c, a, Vx);
element_add(c, c, Vy);
element_neg(c, c);
/*
//but we could multiply by B.x - A.x to avoid division, so
//a = -(By - Ay)
//b = Bx - Ax
//c = -(Ay b + a Ax);
element_sub(a, Vy, Py);
element_sub(b, Px, Vx);
element_mul(c, Vx, Py);
element_mul(e0, Vy, Px);
element_sub(c, c, e0);
//
//actually no, since fasterweil won't work if we do this
*/
element_printf("line at %B: %B %B %B\n", V, a, b, c);
element_mul(a, a, Qx);
element_mul(b, b, Qy);
element_add(c, c, a);
element_add(z, c, b);
element_printf(" = %B\n", z);
element_clear(a);
element_clear(b);
element_clear(c);
element_clear(e0);
}
/* $e <- a^{-1}$ */
static void gf33m_invert(element_t e, element_t a) {
element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, e0 =
GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
field_ptr base = BASE(e);
element_t a02, a12, a22;
element_init(a02, base);
element_init(a12, base);
element_init(a22, base);
element_mul(a02, a0, a0);
element_mul(a12, a1, a1);
element_mul(a22, a2, a2);
element_t v0;
element_init(v0, base);
element_sub(v0, a0, a2); // v0 == a0-a2
element_t delta;
element_init(delta, base);
element_mul(delta, v0, a02); // delta = (a0-a2)*(a0^2), free
element_sub(v0, a1, a0); // v0 == a1-a0
element_t c0;
element_init(c0, base);
element_mul(c0, v0, a12); // c0 == (a1-a0)*(a1^2)
element_add(delta, delta, c0); // delta = (a0-a2)*(a0^2) + (a1-a0)*(a1^2)
element_sub(v0, a2, v0); // v0 == a2-(a1-a0) = a0-a1+a2
element_t c1;
element_init(c1, base);
element_mul(c1, v0, a22); // c1 == (a0-a1+a2)*(a2^2)
element_add(delta, delta, c1); // delta = (a0-a2)*(a0^2) + (a1-a0)*(a1^2) + (a0-a1+a2)*(a2^2)
element_invert(delta, delta); // delta = [(a0-a2)*(a0^2) + (a1-a0)*(a1^2) + (a0-a1+a2)*(a2^2)] ^ {-1}
element_add(v0, a02, a22); // v0 == a0^2+a2^2
element_t c2;
element_init(c2, base);
element_mul(c2, a0, a2); // c2 == a0*a2
element_sub(c0, v0, c2); // c0 == a0^2+a2^2-a0*a2
element_add(v0, a1, a2); // v0 == a1+a2
element_t c3;
element_init(c3, base);
element_mul(c3, a1, v0); // c3 == a1*(a1+a2)
element_sub(c0, c0, c3); // c0 == a0^2+a2^2-a0*a2-a1*(a1+a2)
element_mul(c0, c0, delta); // c0 *= delta
element_mul(c1, a0, a1); // c1 == a0*a1
element_sub(c1, a22, c1); // c1 == a2^2-a0*a1
element_mul(c1, c1, delta); // c1 *= delta
element_sub(c2, a12, c2); // c2 == a1^2-a0*a2
element_sub(c2, c2, a22); // c2 == a1^2-a0*a2-a2^2
element_mul(c2, c2, delta); // c2 *= delta
element_set(e0, c0);
element_set(e1, c1);
element_set(e2, c2);
element_clear(a02);
element_clear(a12);
element_clear(a22);
element_clear(v0);
element_clear(delta);
element_clear(c0);
element_clear(c1);
element_clear(c2);
element_clear(c3);
}
/* $c <- a*b$ */
static void gf33m_mult(element_t e, element_t a, element_t b) {
element_ptr a0 = GF33M(a)->_0, a1 = GF33M(a)->_1, a2 = GF33M(a)->_2, b0 =
GF33M(b)->_0, b1 = GF33M(b)->_1, b2 = GF33M(b)->_2, e0 =
GF33M(e)->_0, e1 = GF33M(e)->_1, e2 = GF33M(e)->_2;
field_ptr base = BASE(e);
element_t t0, t1, c1, a0b0, a1b1, a2b2;
element_init(t0, base);
element_init(t1, base);
element_init(c1, base);
element_init(a0b0, base);
element_init(a1b1, base);
element_init(a2b2, base);
element_mul(a0b0, a0, b0);
element_mul(a1b1, a1, b1);
element_mul(a2b2, a2, b2);
element_ptr d0 = a0b0;
element_add(t0, a1, a0);
element_add(t1, b1, b0);
element_t d1;
element_init(d1, base);
element_mul(d1, t0, t1);
element_sub(d1, d1, a1b1);
element_sub(d1, d1, a0b0);
element_add(t0, a2, a0);
element_add(t1, b2, b0);
element_t d2;
element_init(d2, base);
element_mul(d2, t0, t1);
element_add(d2, d2, a1b1);
element_sub(d2, d2, a2b2);
element_sub(d2, d2, a0b0);
element_add(t0, a2, a1);
element_add(t1, b2, b1);
element_t d3;
element_init(d3, base);
element_mul(d3, t0, t1);
element_sub(d3, d3, a2b2);
element_sub(d3, d3, a1b1);
element_ptr d4 = a2b2;
element_add(t0, d0, d3);
element_ptr c0 = t0;
element_add(c1, d1, d3);
element_add(c1, c1, d4);
element_add(t1, d2, d4);
element_ptr c2 = t1;
element_set(e0, c0);
element_set(e1, c1);
element_set(e2, c2);
element_clear(t0);
element_clear(t1);
element_clear(c1);
element_clear(a0b0);
element_clear(a1b1);
element_clear(a2b2);
element_clear(d1);
element_clear(d2);
element_clear(d3);
}
void FreeCT(ct CT)
{
if(!CT) {
printf("error: null pointer passed to freeCT\n");
return;
}
element_clear(CT->OC0);
element_clear(CT->OC1);
element_clear(CT->C0);
element_clear(CT->C1);
pbc_free(CT);
return;
}
void bbs_free_gpk(bbs_group_public_key_ptr gpk)
{
element_clear(gpk->g1);
element_clear(gpk->g2);
element_clear(gpk->h);
element_clear(gpk->u);
element_clear(gpk->v);
element_clear(gpk->w);
element_clear(gpk->pr_g1_g2);
element_clear(gpk->pr_h_g2);
element_clear(gpk->pr_h_w);
element_clear(gpk->pr_g1_g2_inv);
}
/* $e <- a^3$ */
static void gf32m_cubic(element_t e, element_t a) {
element_ptr a0 = GF32M(a)->_0, a1 = GF32M(a)->_1, e0 = GF32M(e)->_0, e1 =
GF32M(e)->_1;
field_ptr base = BASE(a);
element_t c0, c1;
element_init(c0, base);
element_init(c1, base);
element_cubic(c0, a0);
element_cubic(c1, a1);
element_neg(c1, c1); // c1 == -(a1^3)
element_set(e0, c0);
element_set(e1, c1);
element_clear(c0);
element_clear(c1);
}
static void do_tangent(element_ptr z, element_ptr V, element_ptr Q)
{
element_ptr Vx = curve_x_coord(V);
element_ptr Vy = curve_y_coord(V);
element_ptr Qx = curve_x_coord(Q);
element_ptr Qy = curve_y_coord(Q);
element_t a, b, c;
element_init_same_as(a, Vx);
element_init_same_as(b, Vx);
element_init_same_as(c, Vx);
//a = -slope_tangent(V.x, V.y);
//b = 1;
//c = -(V.y + aV.x);
/*
//we could multiply by -2*V.y to avoid division so:
//a = -(3 Vx^2 + cc->a)
//b = 2 * Vy
//c = -(2 Vy^2 + a Vx);
//
//actually no, since fasterweil won't work if we do this
*/
element_square(a, Vx);
//element_mul_si(a, a, 3);
element_add(b, a, a);
element_add(a, b, a);
element_set1(b);
element_add(a, a, b);
element_neg(a, a);
element_double(b, Vy);
element_div(a, a, b);
element_set1(b);
element_mul(c, a, Vx);
element_add(c, c, Vy);
element_neg(c, c);
element_printf("tan at %B: %B %B %B\n", V, a, b, c);
element_mul(a, a, Qx);
element_mul(b, b, Qy);
element_add(c, c, a);
element_add(z, c, b);
element_printf("tan eval = %B\n", z);
element_clear(a);
element_clear(b);
element_clear(c);
}
static void d_pairing_pp_clear(pairing_pp_t p) {
// TODO: Better to store a sentinel value in p->data?
mpz_ptr q = p->pairing->r;
mp_bitcnt_t m = (mp_bitcnt_t)mpz_sizeinbase(q, 2) + mpz_popcount(q);
m = (m > 3 ? m - 3 : 0);
mp_bitcnt_t i;
pp_coeff_t *coeff = (pp_coeff_t *) p->data;
pp_coeff_ptr pp;
for (i=0; i<m; i++) {
pp = coeff[i];
element_clear(pp->a);
element_clear(pp->b);
element_clear(pp->c);
}
pbc_free(p->data);
}
void field_init_curve_ab_map(field_t cnew, field_t c,
fieldmap map, field_ptr mapdest,
mpz_t ordernew, mpz_t cofacnew) {
element_t a, b;
curve_data_ptr cdp = (curve_data_ptr)c->data;
element_init(a, mapdest);
element_init(b, mapdest);
map(a, cdp->a);
map(b, cdp->b);
field_init_curve_ab(cnew, a, b, ordernew, cofacnew);
element_clear(a);
element_clear(b);
}
void Hmki(element_t* out, public_key pk, element_t* key) {
// pk and key check
element_init_Zr(*out, pairing);
int len = (pk.level + 1) * sizeof(unsigned int) / sizeof(char);
element_t x;
element_init_G1(x,pairing);
element_from_hash(x, pk.ID_tuple, len);
len = element_length_in_bytes(x);
unsigned char* str = (unsigned char* ) malloc(len);
element_to_bytes(str, x);
int len1 = element_length_in_bytes(*key);
unsigned char* key_str = (unsigned char*) malloc(len1);
element_to_bytes(key_str, *key);
unsigned char* sum = (unsigned char*) malloc(len1 + len);
memcpy(sum, str, len);
memcpy(sum + len, key_str, len1);
element_clear(x);
free(str);
free(key_str);
unsigned char o[MD5_DIGEST_LENGTH + 1];
MD5(sum, len + len1, o);
o[MD5_DIGEST_LENGTH] = '\0';
element_from_hash(*out, o, MD5_DIGEST_LENGTH);
/////////////////////////
}
void field_init_curve_b(field_ptr f, element_ptr b, mpz_t order, mpz_t cofac) {
element_t a;
element_init(a, b->field);
field_init_curve_ab(f, a, b, order, cofac);
element_clear(a);
}
static val_ptr v_field_cast(val_ptr v, tree_ptr t) {
// TODO: Check args, x is an element.
val_ptr x = tree_eval((tree_ptr)darray_at(t->child, 0));
element_ptr e = x->elem;
if (e->field == M) {
if (v->field == M) return x;
element_ptr e2 = element_new(v->field);
if (element_is0(e)) // if 'set0' is not 'set1' in base field of GT, but we hope 'GT(0)' calls 'set1', we may directly call 'element_set0' here
element_set0(e2);
else if (element_is1(e)) // reason is same as above
element_set1(e2);
else
element_set_multiz(e2, (multiz)e->data);
x->elem = e2;
return x;
}
if (v->field == M) {
// Map to/from integer. TODO: Map to/from multiz instead.
mpz_t z;
mpz_init(z);
element_to_mpz(z, e);
element_clear(e);
element_init(e, v->field);
element_set_mpz(e, z);
mpz_clear(z);
}
return x;
}
static int fq_is_sqr(element_ptr e) {
//x + y sqrt(nqr) is a square iff x^2 - nqr y^2 is (in the base field)
eptr p = e->data;
element_t e0, e1;
element_ptr nqr = fq_nqr(e->field);
int result;
element_init(e0, p->x->field);
element_init(e1, e0->field);
element_square(e0, p->x);
element_square(e1, p->y);
element_mul(e1, e1, nqr);
element_sub(e0, e0, e1);
result = element_is_sqr(e0);
element_clear(e0);
element_clear(e1);
return result;
}
static void field_clear_curve(field_t f) {
curve_data_ptr cdp;
cdp = (curve_data_ptr)f->data;
element_clear(cdp->gen);
element_clear(cdp->gen_no_cofac);
if (cdp->cofac) {
mpz_clear(cdp->cofac);
pbc_free(cdp->cofac);
}
if (cdp->quotient_cmp) {
mpz_clear(cdp->quotient_cmp);
pbc_free(cdp->quotient_cmp);
}
element_clear(cdp->a);
element_clear(cdp->b);
pbc_free(cdp);
}
void FreeGBP(global_broadcast_params_t gbp)
{
if(!gbp) {
printf("error: null pointer passed to freeGBP\n");
return;
}
//do something about the pairing
pbc_free(gbp->pairFileName);
element_clear(gbp->g);
int i;
for(i = 0; i < gbp->num_users; i++) {
if(i == gbp->num_users) continue;
element_clear(gbp->gs[i]);
}
pbc_free(gbp->gs);
return;
}