diff options
Diffstat (limited to 'moon-abe/pbc-0.5.14/include/pbc_pairing.h')
-rw-r--r-- | moon-abe/pbc-0.5.14/include/pbc_pairing.h | 280 |
1 files changed, 280 insertions, 0 deletions
diff --git a/moon-abe/pbc-0.5.14/include/pbc_pairing.h b/moon-abe/pbc-0.5.14/include/pbc_pairing.h new file mode 100644 index 00000000..1f127fb1 --- /dev/null +++ b/moon-abe/pbc-0.5.14/include/pbc_pairing.h @@ -0,0 +1,280 @@ +// Requires: +// * stdio.h +// * gmp.h +// * utils.h +// * field.h +// * param.h +#ifndef __PBC_PAIRING_H__ +#define __PBC_PAIRING_H__ + +struct pairing_pp_s { + struct pairing_s *pairing; + void *data; +}; +typedef struct pairing_pp_s pairing_pp_t[1]; +typedef struct pairing_pp_s *pairing_pp_ptr; + +struct pairing_s { + mpz_t r; // order of G1, G2, GT + field_t Zr; // the field Z_r + field_ptr G1, G2; + field_t GT; // group of rth roots of unity + + mpz_t phikonr; + // Phi_k(q)/r where Phi_k is the kth cyclotomic polynomial, + // q as in F_q, is the base field + + void (*phi)(element_ptr out, element_ptr in, struct pairing_s *pairing); //isomorphism G2 --> G1 + void (*map)(element_ptr out, element_ptr in1, element_ptr in2, + struct pairing_s *p); + void (*prod_pairings)(element_ptr out, element_t in1[], element_t in2[], int n_prod, + struct pairing_s *p); //calculate a product of pairings at one time. + // is_almost coddh returns true given (g, g^x, h, h^x) or (g, g^x, h, h^-x) + // order is important: a, b are from G1, c, d are from G2 + int (*is_almost_coddh)(element_ptr a, element_ptr b, + element_ptr c, element_ptr d, + struct pairing_s *p); + void (*clear_func)(struct pairing_s *); + void (*pp_init)(pairing_pp_t p, element_t in1, struct pairing_s *); + void (*pp_clear)(pairing_pp_t p); + void (*pp_apply)(element_t out, element_t in2, pairing_pp_t p); + void (*finalpow)(element_t e); + void (*option_set)(struct pairing_s *, char *key, char *value); + void *data; +}; + +typedef struct pairing_s pairing_t[1]; +typedef struct pairing_s *pairing_ptr; + +// TODO: The 'pairing' argument is redundant. +/*@manual pairing_apply +Get ready to perform a pairing whose first input is 'in1', +and store the results of time-saving precomputation in 'p'. +*/ +static inline void pairing_pp_init(pairing_pp_t p, element_t in1, pairing_t pairing) { + if (element_is0(in1)) { + p->pairing = NULL; + return; + } + p->pairing = pairing; + pairing->pp_init(p, in1, pairing); +} + +/*@manual pairing_apply +Clear 'p'. This should be called after 'p' is no longer needed. +*/ +static inline void pairing_pp_clear(pairing_pp_t p) { + if (!p->pairing) { + // happens when p was initialized with identity + return; + } + p->pairing->pp_clear(p); +} + +/*@manual pairing_apply +Compute a pairing using 'in2' and the preprocessed information stored in 'p' +and store the output in 'out'. The inputs to the pairing are the element +previously used to initialize 'p' and the element 'in2'. +*/ +static inline void pairing_pp_apply(element_t out, element_t in2, pairing_pp_t p) { + if (!p->pairing) { + element_set0(out); + return; + } + if (element_is0(in2)) { + element_set0(out); + return; + } + p->pairing->pp_apply((element_ptr) out->data, in2, p); +} + +/*@manual pairing_init +Initialize pairing from parameters in a ASCIIZ string 'str' +Returns 0 on success, 1 on failure. +*/ +int pairing_init_set_str(pairing_t pairing, const char *s); + +/*@manual pairing_init +Same, but read at most 'len' bytes. +If 'len' is 0, it behaves as the previous function. +Returns 0 on success, 1 on failure. +*/ +int pairing_init_set_buf(pairing_t pairing, const char *s, size_t len); + +/*@manual pairing_init +Initialize a pairing with pairing parameters 'p'. +*/ +void pairing_init_pbc_param(struct pairing_s *pairing, pbc_param_ptr p); + +/*@manual pairing_init +Free the space occupied by 'pairing'. Call +whenever a +pairing_t+ variable is no longer needed. +Only call this after all elements associated with 'pairing' +have been cleared, as they need information stored in the 'pairing' +structure. +*/ +void pairing_clear(pairing_t pairing); + +static inline void pairing_apply(element_t out, element_t in1, element_t in2, + pairing_t pairing) { + PBC_ASSERT(pairing->GT == out->field, "pairing output mismatch"); + PBC_ASSERT(pairing->G1 == in1->field, "pairing 1st input mismatch"); + PBC_ASSERT(pairing->G2 == in2->field, "pairing 2nd input mismatch"); + if (element_is0(in1)) { + element_set0(out); + return; + } + if (element_is0(in2)) { + element_set0(out); + return; + } + // TODO: 'out' is an element of a multiplicative subgroup, but the + // pairing routine expects it to be an element of the full group, hence + // the 'out->data'. I should make this clearer. + pairing->map((element_ptr) out->data, in1, in2, pairing); +} + +/*@manual pairing_apply +Computes a pairing: 'out' = 'e'('in1', 'in2'), +where 'in1', 'in2', 'out' must be in the groups G1, G2, GT. +*/ +static inline void element_pairing(element_t out, element_t in1, element_t in2) { + pairing_ptr pairing = out->field->pairing; + PBC_ASSERT(pairing != NULL, "pairing output mismatch"); + pairing_apply(out, in1, in2, pairing); +} + +/*@manual pairing_apply +Computes the product of pairings, that is +'out' = 'e'('in1'[0], 'in2'[0]) ... 'e'('in1'[n-1], 'in2'[n-1]). +The arrays 'in1', 'in2' must have at least 'n' elements belonging to +the groups G1, G2 respectively, and 'out' must belong to the group GT. +*/ +static inline void element_prod_pairing( + element_t out, element_t in1[], element_t in2[], int n) { + pairing_ptr pairing = out->field->pairing; + int i; + PBC_ASSERT(pairing->GT == out->field, "pairing output mismatch"); + for(i = 0; i < n; i++) { + PBC_ASSERT(pairing->G1 == in1[i]->field, "pairing 1st input mismatch"); + PBC_ASSERT(pairing->G2 == in2[i]->field, "pairing 2nd input mismatch"); + if (element_is0(in1[i])) { + element_set0(out); + return; + } + if (element_is0(in2[i])) { + element_set0(out); + return; + } + } + pairing->prod_pairings((element_ptr) out->data, in1, in2, n, pairing); +} + +/*@manual pairing_op +Returns true if G1 and G2 are the same group. +*/ +static inline int pairing_is_symmetric(pairing_t pairing) { + return pairing->G1 == pairing->G2; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent an element of G1. +*/ +static inline int pairing_length_in_bytes_G1(pairing_t pairing) { + return pairing->G1->fixed_length_in_bytes; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent the x-coordinate of +an element of G1. +*/ +static inline int pairing_length_in_bytes_x_only_G1(pairing_t pairing) { + return pairing->G1->fixed_length_in_bytes / 2; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent a compressed form of +an element of G1. There is some overhead in decompressing. +*/ +static inline int pairing_length_in_bytes_compressed_G1(pairing_t pairing) { + return pairing->G1->fixed_length_in_bytes / 2 + 1; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent an element of G2. +*/ +static inline int pairing_length_in_bytes_G2(pairing_t pairing) { + return pairing->G2->fixed_length_in_bytes; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent a compressed form of +an element of G2. There is some overhead in decompressing. +*/ +static inline int pairing_length_in_bytes_compressed_G2(pairing_t pairing) { + return pairing->G2->fixed_length_in_bytes / 2 + 1; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent the x-coordinate of +an element of G2. +*/ +static inline int pairing_length_in_bytes_x_only_G2(pairing_t pairing) { + return pairing->G2->fixed_length_in_bytes / 2; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent an element of GT. +*/ +static inline int pairing_length_in_bytes_GT(pairing_t pairing) { + return pairing->GT->fixed_length_in_bytes; +} + +/*@manual pairing_op +Returns the length in bytes needed to represent an element of Zr. +*/ +static inline int pairing_length_in_bytes_Zr(pairing_t pairing) { + return pairing->Zr->fixed_length_in_bytes; +} + +static inline int is_almost_coddh(element_t a, element_t b, + element_t c, element_t d, pairing_t pairing) { + return pairing->is_almost_coddh(a, b, c, d, pairing); +} + +/*@manual einit.1 +*/ +static inline void element_init_G1(element_t e, pairing_t pairing) { + element_init(e, pairing->G1); +} + +/*@manual einit.1 +*/ +static inline void element_init_G2(element_t e, pairing_t pairing) { + element_init(e, pairing->G2); +} + +/*@manual einit.1 +Initialize 'e' to be an element of the group G1, G2 or GT of 'pairing'. +*/ +static inline void element_init_GT(element_t e, pairing_t pairing) { + element_init(e, pairing->GT); +} + +/*@manual einit.1 +Initialize 'e' to be an element of the ring Z_r of 'pairing'. +r is the order of the groups G1, G2 and GT that are involved in the pairing. +*/ +static inline void element_init_Zr(element_t e, pairing_t pairing) { + element_init(e, pairing->Zr); +} + +static inline void pairing_option_set(pairing_t pairing, char *key, char *value) { + pairing->option_set(pairing, key, value); +} + +// Initialize GT = group of rth roots of unity in f. +// Requires pairing->r has been set. +void pairing_GT_init(pairing_ptr pairing, field_t f); + +#endif //__PBC_PAIRING_H__ |